Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
File:                     3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json)
Hash identifier:          /xtYYK7W9psW9rOuc9frlCsdOhD4GjbPzKjsy1PEpJc=
Subject key identifier:   E0:AD:87:72:8F:C9:B9:CC:C8:5F:A8:06:20:70:F0:0F:29:B1:5A:7C
Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9
Certificate issuer:       /CN=dd1738311581228ad28753944be8bcf2169faba9
Certificate serial:       01974C68B371173A72A45942E031759270D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
Manifest number:          0D1F
Signing time:             Sat 07 Jun 2025 22:00:19 +0000
Manifest this update:     Sat 07 Jun 2025 22:00:19 +0000
Manifest next update:     Sun 08 Jun 2025 22:00:19 +0000
Files and hashes:         1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: NqMGAEvL+0AV+1R6MtUSkMZMHDE4I7wCl2JrWb99uy4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:68:b3:71:17:3a:72:a4:59:42:e0:31:75:92:70:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9
        Validity
            Not Before: Jun  7 22:00:19 2025 GMT
            Not After : Jun  8 22:00:19 2025 GMT
        Subject: CN=e0ad87728fc9b9ccc85fa8062070f00f29b15a7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:e5:59:1b:bf:45:e0:9b:9f:f4:f3:05:f2:b1:
                    a9:f2:e9:94:9d:a0:86:77:d0:12:93:68:ac:da:64:
                    e6:d9:8a:c4:e3:8e:fb:36:16:2b:07:c4:b9:f8:05:
                    14:6f:f9:ee:82:8e:b8:af:d9:11:62:5a:06:66:89:
                    98:60:36:50:91:66:22:31:16:eb:a9:bb:bb:eb:50:
                    a4:5c:d5:d6:eb:e4:49:a3:bc:80:fd:6d:de:93:d4:
                    89:39:03:f6:5f:87:db:a5:c5:ff:80:0d:cd:3f:47:
                    e5:3b:58:26:f1:c3:45:5c:33:e6:26:ca:fe:07:1f:
                    d1:33:df:c2:2b:87:ba:86:f9:ae:08:e1:88:be:0b:
                    78:a7:bc:ee:86:99:7f:64:80:52:e1:55:3d:77:53:
                    f1:3a:cf:de:50:cd:a4:b1:24:c0:e3:be:f7:fa:b0:
                    23:88:05:31:04:77:ce:82:73:b7:f5:fc:2b:1d:61:
                    91:74:e5:39:45:29:c6:4d:ee:9a:d7:da:ac:6e:36:
                    96:0b:7c:42:3d:46:97:ab:82:42:a7:4d:8b:0a:fb:
                    bd:46:bc:74:92:f2:b6:11:f2:ed:ca:a3:61:21:de:
                    e2:38:5a:9c:9b:2b:6e:ea:be:37:6a:fe:ee:13:3a:
                    3b:cd:65:55:6e:81:7b:93:e9:7a:98:0f:9e:6d:e8:
                    0b:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:AD:87:72:8F:C9:B9:CC:C8:5F:A8:06:20:70:F0:0F:29:B1:5A:7C
            X509v3 Authority Key Identifier:
                keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:95:e2:69:77:2f:ac:b7:07:98:aa:75:70:ab:e0:70:70:99:
         44:bf:0a:6d:d4:c2:d9:28:d8:73:cf:b7:5d:89:41:46:e3:cb:
         64:a1:9b:f4:2e:86:2e:87:9a:4b:56:e7:61:65:1d:79:81:98:
         f2:94:ad:33:61:09:3b:07:ce:27:87:ef:0b:54:08:ed:86:31:
         5e:a3:aa:87:0d:c5:a4:17:53:3a:9f:55:6a:d1:71:d2:5a:2c:
         71:80:2c:f2:e2:c4:5c:47:31:d6:0e:b2:31:98:3a:d1:9f:14:
         ce:29:c9:88:41:bb:09:b4:7d:5c:82:3a:20:3a:a5:28:2e:82:
         67:6c:2b:ff:fa:d6:fe:a2:ca:99:0b:bb:c4:8b:4e:fc:63:fb:
         e8:9b:4d:8d:32:4b:70:eb:8d:32:8c:aa:76:21:7a:51:ad:11:
         a7:bc:05:de:2f:c2:09:9d:b8:c6:c9:58:11:51:8c:b0:a2:5b:
         53:a5:0e:fe:e0:db:0f:49:4c:e8:a0:fe:89:dc:93:34:0d:a4:
         b5:0e:58:07:bf:4c:c0:39:1f:0d:79:bf:7b:90:b3:60:46:8f:
         6f:a9:1c:92:59:2a:da:7c:34:d7:67:22:d7:2c:2f:20:66:12:
         38:f5:1f:9f:ae:8c:93:22:27:c8:d5:b4:59:98:f6:bc:53:98:
         fa:bf:25:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaLNxFzpypFlC4DF1knDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5
ZmFiYTkwHhcNMjUwNjA3MjIwMDE5WhcNMjUwNjA4MjIwMDE5WjAzMTEwLwYDVQQD
EyhlMGFkODc3MjhmYzliOWNjYzg1ZmE4MDYyMDcwZjAwZjI5YjE1YTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uVZG79F4Juf9PMF8rGp8umUnaCG
d9ASk2is2mTm2YrE4477NhYrB8S5+AUUb/nugo64r9kRYloGZomYYDZQkWYiMRbr
qbu761CkXNXW6+RJo7yA/W3ek9SJOQP2X4fbpcX/gA3NP0flO1gm8cNFXDPmJsr+
Bx/RM9/CK4e6hvmuCOGIvgt4p7zuhpl/ZIBS4VU9d1PxOs/eUM2ksSTA4773+rAj
iAUxBHfOgnO39fwrHWGRdOU5RSnGTe6a19qsbjaWC3xCPUaXq4JCp02LCvu9Rrx0
kvK2EfLtyqNhId7iOFqcmytu6r43av7uEzo7zWVVboF7k+l6mA+ebegLGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOCth3KPybnMyF+oBiBw8A8psVp8MB8GA1UdIwQY
MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt
YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm
LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHJXiaXcv
rLcHmKp1cKvgcHCZRL8KbdTC2SjYc8+3XYlBRuPLZKGb9C6GLoeaS1bnYWUdeYGY
8pStM2EJOwfOJ4fvC1QI7YYxXqOqhw3FpBdTOp9VatFx0loscYAs8uLEXEcx1g6y
MZg60Z8UzinJiEG7CbR9XII6IDqlKC6CZ2wr//rW/qLKmQu7xItO/GP76JtNjTJL
cOuNMoyqdiF6Ua0Rp7wF3i/CCZ24xslYEVGMsKJbU6UO/uDbD0lM6KD+idyTNA2k
tQ5YB79MwDkfDXm/e5CzYEaPb6kcklkq2nw012ci1ywvIGYSOPUfn66MkyInyNW0
WZj2vFOY+r8lGg==
-----END CERTIFICATE-----