Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/4ac162-e16e-406e-b985-5ef56f86ab83/1/3DZjHKIOyS0ZXBao1wpj83LlnyQ.mft
File:                     3DZjHKIOyS0ZXBao1wpj83LlnyQ.mft (raw, json)
Hash identifier:          Y3cfN/DX4+a0b9IbDG4+Mi3LUREKWn8Ru8UbqgEGE+o=
Subject key identifier:   64:17:DF:8D:90:26:D4:6D:1D:80:A8:C8:8D:5D:BC:99:EC:2B:BB:76
Authority key identifier: DC:36:63:1C:A2:0E:C9:2D:19:5C:16:A8:D7:0A:63:F3:72:E5:9F:24
Certificate issuer:       /CN=dc36631ca20ec92d195c16a8d70a63f372e59f24
Certificate serial:       0197470B7C26A27EA942A81CFE9FA2CAF217
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DZjHKIOyS0ZXBao1wpj83LlnyQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/4ac162-e16e-406e-b985-5ef56f86ab83/1/3DZjHKIOyS0ZXBao1wpj83LlnyQ.mft
Manifest number:          04B2
Signing time:             Fri 06 Jun 2025 21:00:24 +0000
Manifest this update:     Fri 06 Jun 2025 21:00:24 +0000
Manifest next update:     Sat 07 Jun 2025 21:00:24 +0000
Files and hashes:         1: 3DZjHKIOyS0ZXBao1wpj83LlnyQ.crl (hash: w48xDSZ6UCN/428cJc8n58kOPHAsgi0Rt+l2Tqq6PEE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/4ac162-e16e-406e-b985-5ef56f86ab83/1/3DZjHKIOyS0ZXBao1wpj83LlnyQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/4ac162-e16e-406e-b985-5ef56f86ab83/1/3DZjHKIOyS0ZXBao1wpj83LlnyQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DZjHKIOyS0ZXBao1wpj83LlnyQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:0b:7c:26:a2:7e:a9:42:a8:1c:fe:9f:a2:ca:f2:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc36631ca20ec92d195c16a8d70a63f372e59f24
        Validity
            Not Before: Jun  6 21:00:24 2025 GMT
            Not After : Jun  7 21:00:24 2025 GMT
        Subject: CN=6417df8d9026d46d1d80a8c88d5dbc99ec2bbb76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:6e:67:23:2f:95:2a:19:6a:00:95:60:43:36:
                    12:08:21:72:55:d1:ee:1d:f3:f0:7b:6d:af:70:c8:
                    1b:6e:b2:41:63:f3:06:81:f4:65:01:8d:6e:c7:f3:
                    38:d9:2e:1f:1f:c4:8d:f6:c8:cc:49:11:88:a5:85:
                    7c:0b:69:e3:07:65:09:7d:a4:be:76:fc:67:d2:24:
                    92:74:a0:e6:b3:a8:0c:fb:a4:dd:c1:10:76:fe:6b:
                    92:ad:17:b8:d2:86:cf:4f:c6:4a:89:4d:78:3f:bd:
                    f6:68:03:43:3b:d8:fa:37:2d:68:aa:64:f0:7b:30:
                    7e:21:46:5d:eb:65:12:f1:d2:ef:e6:62:d8:cb:25:
                    9f:52:95:3f:6c:cc:ea:45:96:de:76:0a:4b:43:33:
                    b5:a3:02:e4:23:0f:fb:c9:4f:68:48:c9:f2:c4:72:
                    b1:00:f9:1c:5c:7f:e6:82:55:cd:0c:c6:06:57:ff:
                    aa:c9:f8:b1:73:0e:8a:b8:a4:64:b3:8a:7f:7f:4f:
                    ff:fe:2c:ac:de:05:2a:d0:0f:b6:a5:48:34:b8:43:
                    80:18:a9:33:46:bf:d0:c7:a1:d7:e6:5e:dc:19:b0:
                    fa:0f:c9:08:44:c2:91:9f:31:11:43:50:41:a4:54:
                    61:42:8e:c1:94:6c:1f:40:1c:42:6c:60:d0:ef:5e:
                    22:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:17:DF:8D:90:26:D4:6D:1D:80:A8:C8:8D:5D:BC:99:EC:2B:BB:76
            X509v3 Authority Key Identifier:
                keyid:DC:36:63:1C:A2:0E:C9:2D:19:5C:16:A8:D7:0A:63:F3:72:E5:9F:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DZjHKIOyS0ZXBao1wpj83LlnyQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/4ac162-e16e-406e-b985-5ef56f86ab83/1/3DZjHKIOyS0ZXBao1wpj83LlnyQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/4ac162-e16e-406e-b985-5ef56f86ab83/1/3DZjHKIOyS0ZXBao1wpj83LlnyQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:79:73:10:94:4b:ae:6a:a3:a6:91:4a:ad:d5:c2:fb:88:ac:
         49:74:45:fd:ef:48:a7:6c:e6:98:39:6f:72:31:25:5a:ec:85:
         d5:7b:25:fb:3a:fb:6c:ab:cf:54:bb:27:2d:ab:0d:da:18:72:
         ba:d8:74:3e:3d:de:90:4b:48:61:35:d7:7e:53:81:46:14:5c:
         d3:47:46:f6:3d:d6:67:d9:24:4e:e3:b9:9e:99:86:a5:2f:7a:
         52:14:15:d1:01:a3:44:3d:64:69:2b:23:ab:1f:e3:4e:ca:92:
         93:46:c1:3c:64:a8:d6:34:af:50:17:fd:88:ce:1d:84:64:38:
         00:26:22:c7:f3:ab:7a:24:29:b2:5d:05:8b:3d:97:6a:3d:1d:
         f4:4a:20:d7:8e:39:1a:77:ba:e7:34:7c:c0:51:eb:42:a8:61:
         40:ae:97:ce:0d:1e:b9:d0:37:83:00:aa:99:ea:58:b2:5c:10:
         30:d6:10:fa:ca:3d:7c:b0:8a:e3:34:15:cc:84:8b:2e:81:5a:
         97:e9:5f:90:8c:5b:9d:82:85:b6:34:7b:40:ae:29:31:76:c3:
         7c:5b:49:af:10:c0:b6:9b:8f:fd:67:14:5e:02:01:18:ab:8d:
         1a:44:45:52:86:8f:78:6d:5c:64:95:35:3b:f6:ba:51:cf:f3:
         de:3c:b5:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHC3wmon6pQqgc/p+iyvIXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzY2MzFjYTIwZWM5MmQxOTVjMTZhOGQ3MGE2M2YzNzJl
NTlmMjQwHhcNMjUwNjA2MjEwMDI0WhcNMjUwNjA3MjEwMDI0WjAzMTEwLwYDVQQD
Eyg2NDE3ZGY4ZDkwMjZkNDZkMWQ4MGE4Yzg4ZDVkYmM5OWVjMmJiYjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs25nIy+VKhlqAJVgQzYSCCFyVdHu
HfPwe22vcMgbbrJBY/MGgfRlAY1ux/M42S4fH8SN9sjMSRGIpYV8C2njB2UJfaS+
dvxn0iSSdKDms6gM+6TdwRB2/muSrRe40obPT8ZKiU14P732aANDO9j6Ny1oqmTw
ezB+IUZd62US8dLv5mLYyyWfUpU/bMzqRZbedgpLQzO1owLkIw/7yU9oSMnyxHKx
APkcXH/mglXNDMYGV/+qyfixcw6KuKRks4p/f0///iys3gUq0A+2pUg0uEOAGKkz
Rr/Qx6HX5l7cGbD6D8kIRMKRnzERQ1BBpFRhQo7BlGwfQBxCbGDQ714i/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGQX342QJtRtHYCoyI1dvJnsK7t2MB8GA1UdIwQY
MBaAFNw2YxyiDsktGVwWqNcKY/Ny5Z8kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RaakhLSU95UzBaWEJhbzF3cGo4M0xsbnlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80YWMxNjItZTE2ZS00MDZlLWI5ODUt
NWVmNTZmODZhYjgzLzEvM0RaakhLSU95UzBaWEJhbzF3cGo4M0xsbnlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80YWMxNjItZTE2ZS00MDZlLWI5ODUtNWVmNTZmODZhYjgz
LzEvM0RaakhLSU95UzBaWEJhbzF3cGo4M0xsbnlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAHlzEJRL
rmqjppFKrdXC+4isSXRF/e9Ip2zmmDlvcjElWuyF1Xsl+zr7bKvPVLsnLasN2hhy
uth0Pj3ekEtIYTXXflOBRhRc00dG9j3WZ9kkTuO5npmGpS96UhQV0QGjRD1kaSsj
qx/jTsqSk0bBPGSo1jSvUBf9iM4dhGQ4ACYix/OreiQpsl0Fiz2Xaj0d9Eog1445
Gne65zR8wFHrQqhhQK6Xzg0eudA3gwCqmepYslwQMNYQ+so9fLCK4zQVzISLLoFa
l+lfkIxbnYKFtjR7QK4pMXbDfFtJrxDAtpuP/WcUXgIBGKuNGkRFUoaPeG1cZJU1
O/a6Uc/z3jy1YA==
-----END CERTIFICATE-----