Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
File:                     3C8IdW9U7NcoDR6sz4eK6z8orE8.mft (raw, json)
Hash identifier:          AauT2OuRdqnb2L1bS/yBHaIJj5h3/rtwtlsfI0Aath0=
Subject key identifier:   56:2E:D6:68:30:8B:B2:0E:BB:F5:60:1A:7B:E0:77:2E:3B:53:1B:28
Authority key identifier: DC:2F:08:75:6F:54:EC:D7:28:0D:1E:AC:CF:87:8A:EB:3F:28:AC:4F
Certificate issuer:       /CN=dc2f08756f54ecd7280d1eaccf878aeb3f28ac4f
Certificate serial:       019767E06D56337E473FA93158164EC8B318
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
Manifest number:          129A
Signing time:             Fri 13 Jun 2025 06:00:50 +0000
Manifest this update:     Fri 13 Jun 2025 06:00:50 +0000
Manifest next update:     Sat 14 Jun 2025 06:00:50 +0000
Files and hashes:         1: 3C8IdW9U7NcoDR6sz4eK6z8orE8.crl (hash: AzmrPmnVSpzW4lfwB4ZWhsGin3MEY/C49iGQAXMVRrQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 06:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:e0:6d:56:33:7e:47:3f:a9:31:58:16:4e:c8:b3:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc2f08756f54ecd7280d1eaccf878aeb3f28ac4f
        Validity
            Not Before: Jun 13 06:00:50 2025 GMT
            Not After : Jun 14 06:00:50 2025 GMT
        Subject: CN=562ed668308bb20ebbf5601a7be0772e3b531b28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:89:46:82:ce:f2:b6:a1:df:c3:51:19:0a:37:
                    73:52:b3:ac:6f:e9:ba:5a:5b:fb:ed:8a:42:58:03:
                    65:81:f0:30:1f:96:a3:eb:c7:35:19:f8:ae:bf:89:
                    14:39:dd:f1:f2:7b:bc:bc:af:ba:48:87:ae:c0:1b:
                    43:4f:c1:3a:51:0d:68:a2:b3:7d:d4:64:32:60:ce:
                    10:82:a8:f0:c3:59:aa:fa:17:c7:53:d8:b3:8b:9c:
                    5b:a5:7b:ef:cc:3c:29:5b:a6:28:19:3d:9e:dd:7b:
                    ea:92:28:34:6a:76:f8:bc:04:ab:07:76:63:2b:35:
                    ac:cb:1e:a7:50:3c:60:dd:9f:74:43:57:79:14:f6:
                    d5:b9:85:81:50:ee:2d:d4:47:a1:ec:b9:f2:b1:d8:
                    65:8e:13:2f:9b:1d:eb:98:d9:1c:dc:57:eb:45:e2:
                    a6:15:e4:08:11:fc:d0:c6:bb:0c:2e:65:43:06:10:
                    df:00:83:b2:81:48:36:cb:cd:9a:09:82:ac:75:05:
                    99:e9:5b:35:45:e6:47:dc:4a:e0:1f:e2:cd:49:72:
                    82:69:a7:23:ef:cb:f9:eb:cf:1c:00:29:42:46:76:
                    3e:80:3d:f1:67:b7:f3:28:11:6b:d5:c3:08:de:7a:
                    e2:a8:f3:db:91:e6:38:9f:c3:92:ad:43:f3:b2:06:
                    99:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:2E:D6:68:30:8B:B2:0E:BB:F5:60:1A:7B:E0:77:2E:3B:53:1B:28
            X509v3 Authority Key Identifier:
                keyid:DC:2F:08:75:6F:54:EC:D7:28:0D:1E:AC:CF:87:8A:EB:3F:28:AC:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:d4:cb:49:fa:24:6c:9d:53:20:a8:93:ed:2c:6a:da:86:cd:
         f0:ff:f5:cb:77:2f:5b:c6:50:36:0a:a3:b4:dd:48:fb:88:85:
         70:cf:5a:6f:7c:c7:85:e4:84:cf:9a:ed:bd:b7:61:96:ba:09:
         7a:f0:38:08:c0:7f:ec:3e:13:1a:f5:12:ee:0f:18:c5:97:8d:
         e5:07:4d:15:98:c9:16:35:00:9f:62:fe:b4:0a:97:4c:79:38:
         29:16:5f:ee:02:3b:b0:0b:ce:67:a7:90:a4:73:de:65:1f:91:
         f6:e7:42:38:23:5d:cb:fd:a6:57:a3:6e:1c:28:34:22:47:12:
         95:ce:0d:1e:18:0c:81:a1:02:84:b0:c3:c7:80:87:f1:d9:d8:
         2e:c0:98:b6:26:52:7f:e4:a3:60:01:3e:72:b5:95:42:07:e1:
         b1:d1:32:c9:46:62:3c:31:81:4a:a2:7f:47:bc:1f:15:20:83:
         e0:07:52:ed:3b:a1:ba:6d:24:18:60:d4:50:11:c9:84:cd:07:
         9b:88:8a:9b:3e:7d:f4:9a:e4:86:21:3c:15:5b:78:82:79:fa:
         5d:8f:48:29:8b:43:f2:29:8e:bb:71:03:d7:d4:19:f2:f5:bc:
         cf:a3:02:33:2d:e1:92:51:83:9e:dc:34:09:2e:b5:22:b8:f5:
         50:e9:d8:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdn4G1WM35HP6kxWBZOyLMYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMmYwODc1NmY1NGVjZDcyODBkMWVhY2NmODc4YWViM2Yy
OGFjNGYwHhcNMjUwNjEzMDYwMDUwWhcNMjUwNjE0MDYwMDUwWjAzMTEwLwYDVQQD
Eyg1NjJlZDY2ODMwOGJiMjBlYmJmNTYwMWE3YmUwNzcyZTNiNTMxYjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4lGgs7ytqHfw1EZCjdzUrOsb+m6
Wlv77YpCWANlgfAwH5aj68c1Gfiuv4kUOd3x8nu8vK+6SIeuwBtDT8E6UQ1oorN9
1GQyYM4Qgqjww1mq+hfHU9izi5xbpXvvzDwpW6YoGT2e3Xvqkig0anb4vASrB3Zj
KzWsyx6nUDxg3Z90Q1d5FPbVuYWBUO4t1Eeh7LnysdhljhMvmx3rmNkc3FfrReKm
FeQIEfzQxrsMLmVDBhDfAIOygUg2y82aCYKsdQWZ6Vs1ReZH3ErgH+LNSXKCaacj
78v5688cAClCRnY+gD3xZ7fzKBFr1cMI3nriqPPbkeY4n8OSrUPzsgaZRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFYu1mgwi7IOu/VgGnvgdy47UxsoMB8GA1UdIwQY
MBaAFNwvCHVvVOzXKA0erM+Hius/KKxPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zODk0NzctNTg3MC00ZTJkLWFjODct
Y2M2YmM5NDUzOGZhLzEvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zODk0NzctNTg3MC00ZTJkLWFjODctY2M2YmM5NDUzOGZh
LzEvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACtTLSfok
bJ1TIKiT7Sxq2obN8P/1y3cvW8ZQNgqjtN1I+4iFcM9ab3zHheSEz5rtvbdhlroJ
evA4CMB/7D4TGvUS7g8YxZeN5QdNFZjJFjUAn2L+tAqXTHk4KRZf7gI7sAvOZ6eQ
pHPeZR+R9udCOCNdy/2mV6NuHCg0IkcSlc4NHhgMgaEChLDDx4CH8dnYLsCYtiZS
f+SjYAE+crWVQgfhsdEyyUZiPDGBSqJ/R7wfFSCD4AdS7Tuhum0kGGDUUBHJhM0H
m4iKmz599JrkhiE8FVt4gnn6XY9IKYtD8imOu3ED19QZ8vW8z6MCMy3hklGDntw0
CS61Irj1UOnYqw==
-----END CERTIFICATE-----