Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.mft
File:                     3tRskpaCjJwCVTCqaEFgmt8FaaA.mft (raw, json)
Hash identifier:          5xQgMvIi0P/gKaBgbgUGPBT/sOEcmTKy4URMUeCBe+c=
Subject key identifier:   8F:B0:F3:B7:85:F3:BC:F4:4C:C0:CE:45:93:3B:B2:6C:9B:4F:1C:23
Authority key identifier: DE:D4:6C:92:96:82:8C:9C:02:55:30:AA:68:41:60:9A:DF:05:69:A0
Certificate issuer:       /CN=ded46c9296828c9c025530aa6841609adf0569a0
Certificate serial:       019747B0818DB3497AB0520DAE24A141E964
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3tRskpaCjJwCVTCqaEFgmt8FaaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.mft
Manifest number:          0293
Signing time:             Sat 07 Jun 2025 00:00:39 +0000
Manifest this update:     Sat 07 Jun 2025 00:00:39 +0000
Manifest next update:     Sun 08 Jun 2025 00:00:39 +0000
Files and hashes:         1: 3tRskpaCjJwCVTCqaEFgmt8FaaA.crl (hash: xputt0fla08RxA0gKI+S7Cpj0kbQniyCrfOb97XkC7E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3tRskpaCjJwCVTCqaEFgmt8FaaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:b0:81:8d:b3:49:7a:b0:52:0d:ae:24:a1:41:e9:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ded46c9296828c9c025530aa6841609adf0569a0
        Validity
            Not Before: Jun  7 00:00:39 2025 GMT
            Not After : Jun  8 00:00:39 2025 GMT
        Subject: CN=8fb0f3b785f3bcf44cc0ce45933bb26c9b4f1c23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:42:66:5a:26:c3:d7:bd:04:e2:9f:6e:cc:57:
                    16:c3:73:02:c4:17:35:e9:82:17:ca:f4:16:bc:03:
                    02:9f:78:a2:9b:37:d5:a1:3c:14:f7:e7:2b:43:35:
                    ac:30:31:09:7e:f2:a9:94:44:d5:5f:5d:ec:b9:73:
                    96:25:98:b6:df:c3:ed:e6:25:97:8d:d3:93:1e:bb:
                    99:45:30:35:50:6d:d9:16:13:2c:01:b0:10:87:57:
                    40:84:8a:96:d1:c9:93:c6:24:26:09:f3:84:d8:43:
                    5d:fc:70:20:a8:2f:b2:07:9f:d1:4f:c5:cd:85:d9:
                    96:ef:71:86:ae:99:fa:7e:32:54:15:e8:71:bf:8a:
                    e7:f6:93:e3:ab:34:e2:2a:1b:bd:27:a4:80:96:58:
                    6f:d7:14:48:9d:a9:d0:d2:f3:b4:b9:a9:ed:ce:32:
                    f3:8e:e5:c5:9f:59:93:a4:d5:4b:36:6b:5a:dc:85:
                    2f:2d:1a:31:f3:0d:44:26:7d:b9:77:dd:98:be:56:
                    4f:79:2c:22:54:03:58:bd:09:eb:04:df:e0:a7:ba:
                    ce:34:b5:a2:b9:ee:28:cc:c0:50:07:0b:44:3c:27:
                    3d:fb:0a:f0:e6:04:5f:f0:9f:a1:37:1c:82:7d:a4:
                    3a:f3:30:bc:bc:9b:1e:a4:09:79:51:fb:7d:2d:19:
                    31:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:B0:F3:B7:85:F3:BC:F4:4C:C0:CE:45:93:3B:B2:6C:9B:4F:1C:23
            X509v3 Authority Key Identifier:
                keyid:DE:D4:6C:92:96:82:8C:9C:02:55:30:AA:68:41:60:9A:DF:05:69:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tRskpaCjJwCVTCqaEFgmt8FaaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:33:62:47:d1:3d:c7:fe:bc:7e:95:ff:f4:33:92:56:e5:69:
         56:68:70:bc:37:71:77:90:36:3c:3e:65:37:bb:3d:ce:5a:6b:
         df:ab:b7:5e:3a:61:a1:73:96:d8:5b:a9:31:08:c1:39:8a:19:
         8d:e4:56:07:d5:db:59:36:17:4c:92:ea:14:16:92:26:77:9d:
         a1:92:49:4a:a7:9c:1c:07:03:1c:4a:f6:f5:1b:1b:8e:4a:0c:
         08:52:4c:75:91:b8:7d:56:b4:ad:30:33:ac:8a:99:ef:21:7c:
         46:ed:44:dd:c4:c8:f0:09:17:8e:a6:72:66:71:b7:05:9c:6b:
         c4:63:22:15:10:dd:fd:20:0c:39:5d:25:73:19:d2:57:d8:87:
         f2:70:80:b3:7e:91:e2:ac:06:74:69:61:ac:07:63:ec:5a:9f:
         cd:47:81:38:ea:1d:18:2f:41:5c:a1:b4:7e:93:6f:db:37:2f:
         26:a7:88:9a:44:02:bc:04:51:aa:b8:c1:cc:c7:aa:05:d7:1e:
         2c:01:b5:af:8f:49:49:b3:ad:a0:14:ef:15:2a:b4:8e:29:53:
         28:00:9f:0a:3c:ae:82:f5:d0:99:97:eb:a1:f0:f8:c7:e7:b8:
         e8:44:44:f2:6f:39:fd:0c:a7:bd:bd:06:89:f5:0d:f5:fd:ab:
         42:07:7b:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHsIGNs0l6sFINriShQelkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZDQ2YzkyOTY4MjhjOWMwMjU1MzBhYTY4NDE2MDlhZGYw
NTY5YTAwHhcNMjUwNjA3MDAwMDM5WhcNMjUwNjA4MDAwMDM5WjAzMTEwLwYDVQQD
Eyg4ZmIwZjNiNzg1ZjNiY2Y0NGNjMGNlNDU5MzNiYjI2YzliNGYxYzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukJmWibD170E4p9uzFcWw3MCxBc1
6YIXyvQWvAMCn3iimzfVoTwU9+crQzWsMDEJfvKplETVX13suXOWJZi238Pt5iWX
jdOTHruZRTA1UG3ZFhMsAbAQh1dAhIqW0cmTxiQmCfOE2ENd/HAgqC+yB5/RT8XN
hdmW73GGrpn6fjJUFehxv4rn9pPjqzTiKhu9J6SAllhv1xRInanQ0vO0uantzjLz
juXFn1mTpNVLNmta3IUvLRox8w1EJn25d92YvlZPeSwiVANYvQnrBN/gp7rONLWi
ue4ozMBQBwtEPCc9+wrw5gRf8J+hNxyCfaQ68zC8vJsepAl5Uft9LRkxjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI+w87eF87z0TMDORZM7smybTxwjMB8GA1UdIwQY
MBaAFN7UbJKWgoycAlUwqmhBYJrfBWmgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3RSc2twYUNqSndDVlRDcWFFRmdtdDhGYWFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC85MzZmOTMtMDkyMi00ZjVkLThlM2Et
YTAwMDdiZDVhY2U3LzEvM3RSc2twYUNqSndDVlRDcWFFRmdtdDhGYWFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC85MzZmOTMtMDkyMi00ZjVkLThlM2EtYTAwMDdiZDVhY2U3
LzEvM3RSc2twYUNqSndDVlRDcWFFRmdtdDhGYWFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWDNiR9E9
x/68fpX/9DOSVuVpVmhwvDdxd5A2PD5lN7s9zlpr36u3XjphoXOW2FupMQjBOYoZ
jeRWB9XbWTYXTJLqFBaSJnedoZJJSqecHAcDHEr29RsbjkoMCFJMdZG4fVa0rTAz
rIqZ7yF8Ru1E3cTI8AkXjqZyZnG3BZxrxGMiFRDd/SAMOV0lcxnSV9iH8nCAs36R
4qwGdGlhrAdj7FqfzUeBOOodGC9BXKG0fpNv2zcvJqeImkQCvARRqrjBzMeqBdce
LAG1r49JSbOtoBTvFSq0jilTKACfCjyugvXQmZfrofD4x+e46ERE8m85/Qynvb0G
ifUN9f2rQgd7+A==
-----END CERTIFICATE-----