Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft
File:                     N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft (raw, json)
Hash identifier:          0sgF+uvCOkkbq6LQxAMwXYwNKrFpneZXoOZC6v9srKI=
Subject key identifier:   1E:94:69:A3:EC:E9:95:77:40:F4:57:38:08:0E:B3:DF:60:49:3C:38
Authority key identifier: 37:71:BD:6E:2D:DA:5F:A3:05:7C:4B:C2:83:FA:F7:13:A9:15:A5:D9
Certificate issuer:       /CN=3771bd6e2dda5fa3057c4bc283faf713a915a5d9
Certificate serial:       01974A7AE16AE94B852ED3214C4FD8608EA5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N3G9bi3aX6MFfEvCg_r3E6kVpdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft
Manifest number:          0A87
Signing time:             Sat 07 Jun 2025 13:00:56 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:56 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:56 +0000
Files and hashes:         1: N3G9bi3aX6MFfEvCg_r3E6kVpdk.crl (hash: fhL7ZKa4LCXv8tnbYvVnxTKk9Z/wvzajTZpi2v6rAWU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N3G9bi3aX6MFfEvCg_r3E6kVpdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 13:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:e1:6a:e9:4b:85:2e:d3:21:4c:4f:d8:60:8e:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3771bd6e2dda5fa3057c4bc283faf713a915a5d9
        Validity
            Not Before: Jun  7 13:00:56 2025 GMT
            Not After : Jun  8 13:00:56 2025 GMT
        Subject: CN=1e9469a3ece9957740f45738080eb3df60493c38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:c4:eb:89:db:69:51:3a:93:4d:13:6c:2b:d3:
                    ba:eb:54:6e:3a:e1:55:ac:b4:7f:21:ea:5e:f2:bb:
                    9e:13:6f:6a:21:ae:5e:4b:eb:7c:18:e8:28:26:4d:
                    15:d6:44:08:cc:21:37:6f:e6:3c:34:5f:c1:23:e5:
                    3b:fa:c8:81:fa:38:df:06:df:6f:19:4a:a2:f7:3e:
                    fb:ec:cc:74:0d:ff:b7:fa:2e:37:e8:e0:1f:23:54:
                    0b:29:5a:f3:87:1b:b3:a9:6b:f8:01:27:3f:1b:43:
                    06:75:a4:7e:b9:8b:f6:b2:1d:4b:24:e0:ce:ad:b9:
                    43:ba:0d:36:ba:c6:05:c3:9a:ed:27:6f:3c:28:29:
                    4a:ec:a6:92:a4:5a:50:35:09:d6:59:31:0a:20:78:
                    33:98:a6:35:23:97:00:79:cf:1d:bf:dc:f1:c7:73:
                    44:d4:ac:50:e5:a1:a1:e7:f7:9b:27:01:a9:81:bf:
                    f4:79:18:65:2d:98:c1:fa:ac:eb:5a:1b:f7:0b:00:
                    ea:69:d4:c3:e7:0a:8f:94:69:c7:68:d2:55:72:1e:
                    8f:62:6f:9a:00:60:a7:65:1c:7f:32:94:1c:1f:e6:
                    03:83:3f:20:c0:ad:88:6f:5d:5e:ea:0a:ca:b5:26:
                    bb:d2:3a:99:64:df:5f:c6:ad:20:ff:ed:e7:c8:62:
                    7b:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:94:69:A3:EC:E9:95:77:40:F4:57:38:08:0E:B3:DF:60:49:3C:38
            X509v3 Authority Key Identifier:
                keyid:37:71:BD:6E:2D:DA:5F:A3:05:7C:4B:C2:83:FA:F7:13:A9:15:A5:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N3G9bi3aX6MFfEvCg_r3E6kVpdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:d2:ab:d6:92:c3:1c:9f:da:d9:a6:eb:d1:66:d7:22:a5:d9:
         5a:00:42:b0:50:e5:f6:a1:13:e6:a0:c0:18:9d:8c:87:55:22:
         60:d4:f9:51:57:02:c7:40:4b:e6:c1:a6:cd:b6:ee:ae:eb:14:
         59:33:84:2c:ff:bd:c2:c2:76:e1:dd:df:d8:bd:d6:6d:21:26:
         77:d3:7b:53:68:e7:16:e0:db:e1:8d:e1:e3:9b:df:7b:9c:ce:
         6d:d3:f6:bc:ed:9d:4b:16:17:8b:b3:db:d9:22:a3:0b:08:6e:
         b9:8d:e1:c3:a3:f1:82:2a:59:85:2f:4d:d3:cf:d9:f8:b9:86:
         f7:e0:22:71:b9:f8:a1:a6:21:21:b2:39:4e:44:c0:87:c2:d3:
         0b:bf:85:8d:8c:da:1f:d6:b7:27:d8:a4:9c:69:ec:b8:fc:43:
         93:75:57:38:94:5a:c0:2b:7a:bd:30:be:53:58:cb:24:7b:34:
         48:75:3e:bb:05:c2:74:43:e0:65:64:04:26:94:36:5d:ed:25:
         ef:1d:55:78:ce:ce:67:d3:d7:db:be:12:92:78:50:b5:3a:52:
         9c:b4:9e:3e:a6:8e:37:a5:2f:f9:c2:51:e1:25:36:ab:1a:d3:
         58:95:1b:28:fe:20:dd:67:d0:ba:e3:9e:52:30:63:4f:3b:cf:
         a8:b2:16:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKeuFq6UuFLtMhTE/YYI6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NzFiZDZlMmRkYTVmYTMwNTdjNGJjMjgzZmFmNzEzYTkx
NWE1ZDkwHhcNMjUwNjA3MTMwMDU2WhcNMjUwNjA4MTMwMDU2WjAzMTEwLwYDVQQD
EygxZTk0NjlhM2VjZTk5NTc3NDBmNDU3MzgwODBlYjNkZjYwNDkzYzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8TridtpUTqTTRNsK9O661RuOuFV
rLR/Iepe8rueE29qIa5eS+t8GOgoJk0V1kQIzCE3b+Y8NF/BI+U7+siB+jjfBt9v
GUqi9z777Mx0Df+3+i436OAfI1QLKVrzhxuzqWv4ASc/G0MGdaR+uYv2sh1LJODO
rblDug02usYFw5rtJ288KClK7KaSpFpQNQnWWTEKIHgzmKY1I5cAec8dv9zxx3NE
1KxQ5aGh5/ebJwGpgb/0eRhlLZjB+qzrWhv3CwDqadTD5wqPlGnHaNJVch6PYm+a
AGCnZRx/MpQcH+YDgz8gwK2Ib11e6grKtSa70jqZZN9fxq0g/+3nyGJ7ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB6UaaPs6ZV3QPRXOAgOs99gSTw4MB8GA1UdIwQY
MBaAFDdxvW4t2l+jBXxLwoP69xOpFaXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjNHOWJpM2FYNk1GZkV2Q2dfcjNFNmtWcGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC84NmY5M2ItY2Q5ZC00ZTgyLWJlZjAt
OWRjZjZiM2MwNzk3LzEvTjNHOWJpM2FYNk1GZkV2Q2dfcjNFNmtWcGRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC84NmY5M2ItY2Q5ZC00ZTgyLWJlZjAtOWRjZjZiM2MwNzk3
LzEvTjNHOWJpM2FYNk1GZkV2Q2dfcjNFNmtWcGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAitKr1pLD
HJ/a2abr0WbXIqXZWgBCsFDl9qET5qDAGJ2Mh1UiYNT5UVcCx0BL5sGmzbburusU
WTOELP+9wsJ24d3f2L3WbSEmd9N7U2jnFuDb4Y3h45vfe5zObdP2vO2dSxYXi7Pb
2SKjCwhuuY3hw6PxgipZhS9N08/Z+LmG9+Aicbn4oaYhIbI5TkTAh8LTC7+FjYza
H9a3J9iknGnsuPxDk3VXOJRawCt6vTC+U1jLJHs0SHU+uwXCdEPgZWQEJpQ2Xe0l
7x1VeM7OZ9PX274SknhQtTpSnLSePqaON6Uv+cJR4SU2qxrTWJUbKP4g3WfQuuOe
UjBjTzvPqLIW8g==
-----END CERTIFICATE-----