Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
File:                     3VShBsGZ81M-VritvPpLGsPmkJ8.mft (raw, json)
Hash identifier:          mxGBsr7lwqu/n4QPzR7pNkrLHz7QVAD5uBwEIwXPJp8=
Subject key identifier:   3D:CC:16:08:9B:76:B0:6D:B6:21:BA:DC:DA:EA:27:06:E2:89:8D:9D
Authority key identifier: DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F
Certificate issuer:       /CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
Certificate serial:       0197D1A9E4530B71713199800F826917D624
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
Manifest number:          088F
Signing time:             Thu 03 Jul 2025 19:01:01 +0000
Manifest this update:     Thu 03 Jul 2025 19:01:01 +0000
Manifest next update:     Fri 04 Jul 2025 19:01:01 +0000
Files and hashes:         1: 3VShBsGZ81M-VritvPpLGsPmkJ8.crl (hash: MdEuxPOX03HR0JHMD/68iP9MqQxhpQ4wuhN9PSzqMvg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 04 Jul 2025 19:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:d1:a9:e4:53:0b:71:71:31:99:80:0f:82:69:17:d6:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
        Validity
            Not Before: Jul  3 19:01:01 2025 GMT
            Not After : Jul  4 19:01:01 2025 GMT
        Subject: CN=3dcc16089b76b06db621badcdaea2706e2898d9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:8a:b1:f8:ed:f3:fa:d8:c4:c4:35:d9:24:ef:
                    72:d8:55:8f:7e:e7:f5:eb:f9:a6:86:c1:aa:45:dc:
                    9d:c2:a6:c0:ee:39:22:b7:10:83:1c:09:18:03:64:
                    7c:09:e0:ab:93:a1:b4:6f:9e:65:3b:59:cf:47:90:
                    50:b5:3d:32:03:bf:58:78:6c:1b:9c:a9:69:32:56:
                    17:e3:35:22:b4:1f:fe:85:6a:14:29:0e:ca:71:5b:
                    8f:b8:4c:41:05:f8:2c:7a:42:31:d8:a4:ae:2d:47:
                    5d:38:d0:6a:71:19:69:b6:13:2d:bb:68:28:41:c9:
                    07:67:3a:97:c1:4b:0d:60:62:4b:74:f6:ac:ba:86:
                    9e:ff:83:33:ac:01:94:ba:52:7f:c2:c1:b2:13:69:
                    5c:d1:ba:55:08:3f:02:a6:ed:e0:92:22:74:29:56:
                    44:b8:24:61:57:3b:62:5f:70:45:ec:ff:36:ca:cd:
                    c5:24:52:c3:d7:65:20:fe:db:3f:c6:ba:00:f1:c1:
                    04:4b:b6:7a:a7:63:df:ed:f6:26:c6:d7:cd:3a:2d:
                    52:f7:cc:8e:2e:c3:17:75:b0:aa:06:ce:34:66:8a:
                    0f:95:45:40:b3:f5:8b:e3:f0:c3:50:63:71:ce:88:
                    96:6f:8f:a3:8b:74:3f:c4:b7:a3:64:a3:7e:b4:b4:
                    97:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:CC:16:08:9B:76:B0:6D:B6:21:BA:DC:DA:EA:27:06:E2:89:8D:9D
            X509v3 Authority Key Identifier:
                keyid:DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:6c:41:77:14:08:b7:d7:a3:a2:51:06:12:ec:ad:2a:96:45:
         3f:04:0a:7a:3e:61:66:8e:41:46:a4:86:a1:60:9b:93:d2:07:
         fc:6a:7c:da:c3:dd:d5:15:a0:cc:6a:f7:89:65:5e:e1:d6:ca:
         be:ab:93:bf:c5:16:06:4a:75:19:10:41:e9:4c:75:62:83:6f:
         72:6e:7d:9f:c9:33:e4:14:2c:2d:24:60:cc:fb:1b:80:9d:15:
         f6:e1:3e:e0:95:68:91:f2:95:17:af:36:ba:1a:c8:58:71:89:
         73:c4:b1:82:f5:45:48:ca:b2:7b:2e:54:c3:0f:64:e9:cb:38:
         ba:70:49:b0:31:b9:88:3a:eb:4c:f7:7b:fc:61:bb:b0:aa:01:
         4c:cf:e9:c7:f7:c5:51:6b:6e:15:c8:f3:4c:d3:0a:a8:33:d8:
         06:85:f6:23:8a:68:14:cc:35:42:7c:5f:76:64:49:06:f4:6e:
         c8:b2:93:ca:f5:2e:93:9c:41:1d:ef:e3:48:eb:c9:83:70:55:
         9e:0d:b7:f7:91:11:2f:7b:6f:45:57:06:c7:84:73:ad:3f:cf:
         20:35:82:eb:2e:e6:eb:fb:2b:3a:9c:c1:d1:28:b0:ac:80:59:
         3b:0e:be:fb:a4:6f:18:1e:24:23:ef:f3:98:70:66:1d:26:ff:
         b1:e7:b2:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfRqeRTC3FxMZmAD4JpF9YkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTRhMTA2YzE5OWYzNTMzZTU2YjhhZGJjZmE0YjFhYzNl
NjkwOWYwHhcNMjUwNzAzMTkwMTAxWhcNMjUwNzA0MTkwMTAxWjAzMTEwLwYDVQQD
EygzZGNjMTYwODliNzZiMDZkYjYyMWJhZGNkYWVhMjcwNmUyODk4ZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4qx+O3z+tjExDXZJO9y2FWPfuf1
6/mmhsGqRdydwqbA7jkitxCDHAkYA2R8CeCrk6G0b55lO1nPR5BQtT0yA79YeGwb
nKlpMlYX4zUitB/+hWoUKQ7KcVuPuExBBfgsekIx2KSuLUddONBqcRlpthMtu2go
QckHZzqXwUsNYGJLdPasuoae/4MzrAGUulJ/wsGyE2lc0bpVCD8Cpu3gkiJ0KVZE
uCRhVztiX3BF7P82ys3FJFLD12Ug/ts/xroA8cEES7Z6p2Pf7fYmxtfNOi1S98yO
LsMXdbCqBs40ZooPlUVAs/WL4/DDUGNxzoiWb4+ji3Q/xLejZKN+tLSXIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD3MFgibdrBttiG63NrqJwbiiY2dMB8GA1UdIwQY
MBaAFN1UoQbBmfNTPla4rbz6SxrD5pCfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDct
MzQxYWYxZjA3NjliLzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDctMzQxYWYxZjA3Njli
LzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcGxBdxQI
t9ejolEGEuytKpZFPwQKej5hZo5BRqSGoWCbk9IH/Gp82sPd1RWgzGr3iWVe4dbK
vquTv8UWBkp1GRBB6Ux1YoNvcm59n8kz5BQsLSRgzPsbgJ0V9uE+4JVokfKVF682
uhrIWHGJc8SxgvVFSMqyey5Uww9k6cs4unBJsDG5iDrrTPd7/GG7sKoBTM/px/fF
UWtuFcjzTNMKqDPYBoX2I4poFMw1QnxfdmRJBvRuyLKTyvUuk5xBHe/jSOvJg3BV
ng2395ERL3tvRVcGx4RzrT/PIDWC6y7m6/srOpzB0SiwrIBZOw6++6RvGB4kI+/z
mHBmHSb/seeyVA==
-----END CERTIFICATE-----