Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
File:                     04G3AXBRkLnOnRsYRTU4TnHKMWU.mft (raw, json)
Hash identifier:          NKtpx4E0zWQ4XXlJUlt1kXIk0ecZ7tMTnmxX9m7AixM=
Subject key identifier:   38:EF:C4:06:6B:64:05:15:82:21:F2:E6:CC:FE:81:90:57:45:63:02
Authority key identifier: D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65
Certificate issuer:       /CN=d381b701705190b9ce9d1b184535384e71ca3165
Certificate serial:       0197469DDBA6EE923038F5B30DF0A5D4792A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
Manifest number:          1579
Signing time:             Fri 06 Jun 2025 19:00:39 +0000
Manifest this update:     Fri 06 Jun 2025 19:00:39 +0000
Manifest next update:     Sat 07 Jun 2025 19:00:39 +0000
Files and hashes:         1: 04G3AXBRkLnOnRsYRTU4TnHKMWU.crl (hash: k7A/MR9P3Z+DfIyk6sssFjWvYcLmXmjsirMoS+3XNVs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 19:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9d:db:a6:ee:92:30:38:f5:b3:0d:f0:a5:d4:79:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d381b701705190b9ce9d1b184535384e71ca3165
        Validity
            Not Before: Jun  6 19:00:39 2025 GMT
            Not After : Jun  7 19:00:39 2025 GMT
        Subject: CN=38efc4066b6405158221f2e6ccfe819057456302
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:0d:06:e9:83:f9:89:69:64:03:a1:0e:25:cf:
                    bd:a8:87:87:cd:c6:df:02:9f:02:9e:d2:b9:f8:e8:
                    05:a5:10:a3:1e:81:25:e3:5f:52:dd:b5:c6:91:49:
                    f6:49:60:ab:04:5a:10:3d:46:67:0e:f9:97:0c:35:
                    6c:85:ee:42:0f:a2:44:67:7b:f4:5a:56:88:ff:17:
                    45:92:7f:39:8d:dd:a2:77:b6:c3:97:2e:f9:dd:37:
                    15:de:81:56:cc:89:c9:b1:57:ce:ca:b0:77:70:47:
                    ad:5a:37:18:45:1f:be:38:38:56:29:ef:3e:21:71:
                    d6:26:1d:f4:a5:45:df:64:cb:49:27:c2:d9:2b:8f:
                    a7:57:39:ba:8d:4d:5c:c2:e2:3c:ff:d1:90:22:52:
                    0a:0d:c8:b6:ca:79:cc:00:7b:8e:ad:60:3e:6a:70:
                    7d:ee:3f:a7:68:cc:6f:ec:6f:58:b9:b2:aa:a6:e3:
                    94:a2:ad:19:f1:06:4a:a4:f9:33:d8:8a:0d:08:e3:
                    5f:1e:c5:41:ff:6e:63:e8:26:f9:98:ac:76:89:4a:
                    11:de:89:82:6e:82:cc:d4:ae:80:fa:c1:9f:f1:a1:
                    a4:d9:d2:39:1c:88:f6:f2:2a:3b:a8:2c:11:92:6b:
                    19:a5:5b:f8:17:34:ec:92:8b:14:7d:95:88:e6:93:
                    62:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:EF:C4:06:6B:64:05:15:82:21:F2:E6:CC:FE:81:90:57:45:63:02
            X509v3 Authority Key Identifier:
                keyid:D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:7b:76:bc:8f:69:35:8b:73:75:de:63:2d:e0:00:a7:25:0d:
         ff:ed:6a:a9:53:f4:56:75:15:7e:79:c1:d2:f1:0e:2f:36:1e:
         bf:9c:0f:ce:47:67:3e:bb:2d:08:fc:4a:ee:58:90:90:9f:01:
         0b:47:ed:99:9c:f9:3a:75:70:99:c5:a0:59:ca:e3:af:55:f6:
         1e:1d:34:33:62:0c:f6:e0:06:ad:f2:79:83:27:ee:a3:8d:07:
         ff:b1:db:b9:01:73:c4:4e:74:7a:6e:8f:99:56:71:4a:7b:02:
         cc:6b:c9:f5:a6:e4:41:01:5f:16:36:19:b1:95:9a:8e:f9:da:
         11:f6:ac:94:e1:37:cd:8a:27:32:1c:20:01:63:a7:47:f9:dd:
         d8:94:3c:bf:6a:6e:d0:06:19:79:b3:47:b9:7d:a4:80:3e:a3:
         f6:5d:b7:89:37:1e:2a:7d:35:96:27:ed:e4:74:5e:b3:d4:04:
         09:51:fe:7a:e6:65:2a:37:a8:90:29:69:ed:1b:3e:78:f2:3a:
         32:aa:81:de:8a:d9:b1:8a:50:00:8b:5a:16:b7:92:7c:96:6b:
         49:ae:7d:37:1e:9c:7d:d7:fa:ca:1d:65:c0:54:9a:dd:ff:15:
         8f:95:55:f2:88:c9:72:03:a0:41:a2:33:a0:66:dd:61:4b:e5:
         28:af:84:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGndum7pIwOPWzDfCl1HkqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODFiNzAxNzA1MTkwYjljZTlkMWIxODQ1MzUzODRlNzFj
YTMxNjUwHhcNMjUwNjA2MTkwMDM5WhcNMjUwNjA3MTkwMDM5WjAzMTEwLwYDVQQD
EygzOGVmYzQwNjZiNjQwNTE1ODIyMWYyZTZjY2ZlODE5MDU3NDU2MzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2A0G6YP5iWlkA6EOJc+9qIeHzcbf
Ap8CntK5+OgFpRCjHoEl419S3bXGkUn2SWCrBFoQPUZnDvmXDDVshe5CD6JEZ3v0
WlaI/xdFkn85jd2id7bDly753TcV3oFWzInJsVfOyrB3cEetWjcYRR++ODhWKe8+
IXHWJh30pUXfZMtJJ8LZK4+nVzm6jU1cwuI8/9GQIlIKDci2ynnMAHuOrWA+anB9
7j+naMxv7G9YubKqpuOUoq0Z8QZKpPkz2IoNCONfHsVB/25j6Cb5mKx2iUoR3omC
boLM1K6A+sGf8aGk2dI5HIj28io7qCwRkmsZpVv4FzTskosUfZWI5pNiswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDjvxAZrZAUVgiHy5sz+gZBXRWMCMB8GA1UdIwQY
MBaAFNOBtwFwUZC5zp0bGEU1OE5xyjFlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTct
NzA1NGViMmM0YzAwLzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTctNzA1NGViMmM0YzAw
LzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhHt2vI9p
NYtzdd5jLeAApyUN/+1qqVP0VnUVfnnB0vEOLzYev5wPzkdnPrstCPxK7liQkJ8B
C0ftmZz5OnVwmcWgWcrjr1X2Hh00M2IM9uAGrfJ5gyfuo40H/7HbuQFzxE50em6P
mVZxSnsCzGvJ9abkQQFfFjYZsZWajvnaEfaslOE3zYonMhwgAWOnR/nd2JQ8v2pu
0AYZebNHuX2kgD6j9l23iTceKn01lift5HRes9QECVH+euZlKjeokClp7Rs+ePI6
MqqB3orZsYpQAItaFreSfJZrSa59Nx6cfdf6yh1lwFSa3f8Vj5VV8ojJcgOgQaIz
oGbdYUvlKK+EWg==
-----END CERTIFICATE-----