Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
File:                     3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json)
Hash identifier:          mSKFsq4ZJjCqRkmi6us2O9vIVfZ9cIR0cNa2hsWEvfE=
Subject key identifier:   83:0E:18:74:4C:19:F4:C8:81:E8:38:8D:29:3D:E6:92:CE:1C:5E:9C
Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52
Certificate issuer:       /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
Certificate serial:       0197CBDEEE72652B879C4C1E2FEED0197427
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
Manifest number:          0651
Signing time:             Wed 02 Jul 2025 16:01:14 +0000
Manifest this update:     Wed 02 Jul 2025 16:01:14 +0000
Manifest next update:     Thu 03 Jul 2025 16:01:14 +0000
Files and hashes:         1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: cV4D8NXcIWT8YFukC14NhEowbgY4cxQHIXJ9waKqPZA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 16:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:cb:de:ee:72:65:2b:87:9c:4c:1e:2f:ee:d0:19:74:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
        Validity
            Not Before: Jul  2 16:01:14 2025 GMT
            Not After : Jul  3 16:01:14 2025 GMT
        Subject: CN=830e18744c19f4c881e8388d293de692ce1c5e9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:15:95:bc:09:34:bc:d6:fe:fd:75:7d:5c:d0:
                    ea:0c:77:c4:d7:9d:9c:91:6e:1a:fe:d3:78:04:a8:
                    45:11:71:f3:a7:57:3b:fc:9f:ae:bd:0e:9a:f3:e7:
                    66:9f:92:86:1e:36:55:4f:52:0d:cf:fa:f5:52:65:
                    c9:6a:9c:92:9a:19:d1:a7:9f:54:fe:8c:86:96:b9:
                    b1:5d:65:99:c7:78:d0:ea:b8:67:38:eb:ad:65:4e:
                    04:04:78:96:43:06:50:09:83:51:05:8b:a1:b5:bf:
                    2d:73:fb:54:cf:1c:16:93:32:1d:99:42:9b:e1:90:
                    30:6c:aa:f5:2c:ea:dc:72:06:ba:e9:d6:ff:08:31:
                    17:38:21:9b:7b:8d:e4:67:b4:30:bc:ee:95:e9:eb:
                    6c:f1:e4:c5:06:40:aa:eb:f9:7e:93:27:ea:ae:51:
                    1b:33:4f:8e:7d:0f:36:98:66:2e:5b:3b:c7:d8:f7:
                    6a:66:e7:be:72:39:4d:49:ec:42:62:0f:53:d0:3f:
                    d5:6e:4a:53:1e:5f:f3:c0:05:bc:68:a1:ae:5f:96:
                    d2:9c:7d:53:06:7b:d2:ed:a9:98:d6:b9:21:96:62:
                    45:74:d3:36:01:9d:48:b7:e6:c6:b4:5e:2d:14:94:
                    6d:e7:2f:bb:39:9d:36:7e:15:4b:92:9e:43:54:53:
                    13:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:0E:18:74:4C:19:F4:C8:81:E8:38:8D:29:3D:E6:92:CE:1C:5E:9C
            X509v3 Authority Key Identifier:
                keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:f1:0f:47:e5:eb:88:a2:c4:1d:cb:f8:08:de:b9:ab:27:12:
         59:66:bb:5f:d3:36:25:ed:dc:d7:47:f8:16:c6:aa:d3:c7:2e:
         a5:0f:1c:26:95:92:d8:db:43:5e:40:98:78:de:6d:81:59:11:
         75:ff:04:f3:13:8d:9d:8e:0e:80:8d:93:e9:6a:66:73:34:47:
         25:ac:57:fa:48:01:d7:5c:13:55:0b:7e:4b:a7:28:81:3c:08:
         b3:0f:c8:ed:bd:fb:c0:6c:2b:6c:d8:0a:67:32:96:e5:c2:95:
         1c:1f:60:9f:b4:e6:39:29:c5:52:36:c0:fd:e0:1d:4c:8c:b4:
         52:9f:db:62:41:48:14:3a:6f:60:55:10:31:54:88:17:d6:18:
         88:89:dd:ae:bd:25:86:5b:4d:c1:0a:5f:3c:46:71:65:23:fa:
         6a:00:69:c9:36:74:0c:8b:e1:45:83:74:00:50:16:ca:e0:46:
         e0:ef:3b:a2:88:c1:93:e7:17:05:09:a7:fe:64:bd:d3:d2:a5:
         eb:27:38:6f:52:26:ce:ed:1a:d2:5c:7a:3e:e8:44:46:4a:5f:
         a3:80:b9:d9:7d:6a:84:c5:10:4c:f1:c0:d9:78:58:7f:99:73:
         b9:e6:05:57:04:1d:60:71:76:f5:54:f1:f1:a7:b3:e7:43:ac:
         89:ff:a4:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfL3u5yZSuHnEweL+7QGXQnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh
OTIxNTIwHhcNMjUwNzAyMTYwMTE0WhcNMjUwNzAzMTYwMTE0WjAzMTEwLwYDVQQD
Eyg4MzBlMTg3NDRjMTlmNGM4ODFlODM4OGQyOTNkZTY5MmNlMWM1ZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhWVvAk0vNb+/XV9XNDqDHfE152c
kW4a/tN4BKhFEXHzp1c7/J+uvQ6a8+dmn5KGHjZVT1INz/r1UmXJapySmhnRp59U
/oyGlrmxXWWZx3jQ6rhnOOutZU4EBHiWQwZQCYNRBYuhtb8tc/tUzxwWkzIdmUKb
4ZAwbKr1LOrccga66db/CDEXOCGbe43kZ7QwvO6V6ets8eTFBkCq6/l+kyfqrlEb
M0+OfQ82mGYuWzvH2PdqZue+cjlNSexCYg9T0D/VbkpTHl/zwAW8aKGuX5bSnH1T
BnvS7amY1rkhlmJFdNM2AZ1It+bGtF4tFJRt5y+7OZ02fhVLkp5DVFMT0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIMOGHRMGfTIgeg4jSk95pLOHF6cMB8GA1UdIwQY
MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It
YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz
LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsvEPR+Xr
iKLEHcv4CN65qycSWWa7X9M2Je3c10f4Fsaq08cupQ8cJpWS2NtDXkCYeN5tgVkR
df8E8xONnY4OgI2T6WpmczRHJaxX+kgB11wTVQt+S6cogTwIsw/I7b37wGwrbNgK
ZzKW5cKVHB9gn7TmOSnFUjbA/eAdTIy0Up/bYkFIFDpvYFUQMVSIF9YYiIndrr0l
hltNwQpfPEZxZSP6agBpyTZ0DIvhRYN0AFAWyuBG4O87oojBk+cXBQmn/mS909Kl
6yc4b1Imzu0a0lx6PuhERkpfo4C52X1qhMUQTPHA2XhYf5lzueYFVwQdYHF29VTx
8aez50Osif+kOw==
-----END CERTIFICATE-----