Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
File:                     3C8IdW9U7NcoDR6sz4eK6z8orE8.mft (raw, json)
Hash identifier:          jxE+bQbWHIK7poxAtGUOh/466XD0D1YRqFZGanG3CUM=
Subject key identifier:   04:49:5C:7E:10:3F:F9:7F:56:2B:B4:48:9F:6B:D3:21:48:4B:92:77
Authority key identifier: DC:2F:08:75:6F:54:EC:D7:28:0D:1E:AC:CF:87:8A:EB:3F:28:AC:4F
Certificate issuer:       /CN=dc2f08756f54ecd7280d1eaccf878aeb3f28ac4f
Certificate serial:       01976403318C9CCA8E6AF1D8868D26FBA776
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
Manifest number:          1298
Signing time:             Thu 12 Jun 2025 12:00:20 +0000
Manifest this update:     Thu 12 Jun 2025 12:00:20 +0000
Manifest next update:     Fri 13 Jun 2025 12:00:20 +0000
Files and hashes:         1: 3C8IdW9U7NcoDR6sz4eK6z8orE8.crl (hash: UUjKEq+C2/M+AkTxm7fW3WUoqTFfL33imO5RaqZW6fk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:03:31:8c:9c:ca:8e:6a:f1:d8:86:8d:26:fb:a7:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc2f08756f54ecd7280d1eaccf878aeb3f28ac4f
        Validity
            Not Before: Jun 12 12:00:20 2025 GMT
            Not After : Jun 13 12:00:20 2025 GMT
        Subject: CN=04495c7e103ff97f562bb4489f6bd321484b9277
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:1c:4e:6c:0f:bb:0d:b7:59:98:5c:1b:a2:cd:
                    a7:0c:f2:60:fc:27:d7:fb:a0:a6:83:3d:1d:b2:14:
                    4e:4a:da:b1:3b:12:cf:8a:ac:e8:7f:c1:92:86:1b:
                    20:16:c6:d6:9a:d6:61:90:dc:70:25:75:4b:bc:90:
                    d8:66:ba:b6:c6:0b:4d:3f:2a:11:6c:1b:14:f8:5b:
                    d9:96:2f:de:a9:97:9d:9e:6c:31:c3:45:3b:73:b9:
                    4d:8e:d9:41:ba:c1:09:a5:44:a5:58:8d:c7:81:7b:
                    d1:b5:3b:05:d8:6c:1a:f0:7d:21:a7:76:cc:70:20:
                    e2:85:b1:ed:36:a1:2f:b7:c6:61:1c:5d:10:8b:1e:
                    d7:a6:da:c7:c2:34:35:b4:58:3e:9a:88:c0:ea:a3:
                    7e:e7:7a:54:79:7a:bb:c1:05:0a:c7:9b:3d:5c:6e:
                    75:88:00:27:40:9c:39:ef:d2:85:54:c1:07:86:a3:
                    05:23:1d:b2:89:8d:46:01:df:aa:c0:1b:5b:ae:6c:
                    14:e9:0b:13:7f:b0:21:da:9e:4c:d2:68:ed:de:b9:
                    02:c4:9b:3d:d4:6b:01:aa:50:c4:a7:73:f4:0a:6e:
                    e6:0b:d9:14:ec:fc:92:09:a3:e0:8c:80:4c:ca:da:
                    d7:d2:1e:53:db:af:d0:90:1c:5b:c0:21:4f:2f:61:
                    96:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:49:5C:7E:10:3F:F9:7F:56:2B:B4:48:9F:6B:D3:21:48:4B:92:77
            X509v3 Authority Key Identifier:
                keyid:DC:2F:08:75:6F:54:EC:D7:28:0D:1E:AC:CF:87:8A:EB:3F:28:AC:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:10:d8:0f:5c:cb:dd:45:de:0d:7d:19:c4:77:e4:51:4c:e4:
         b0:c0:64:33:65:29:f1:0a:d1:32:90:c0:56:9e:46:20:04:ef:
         af:6e:1c:0e:3c:22:e5:19:56:92:43:be:97:3a:2e:8a:cf:8e:
         31:14:c4:80:dd:9e:bd:2c:55:a8:0a:22:39:8b:ce:a7:b3:18:
         db:f1:e0:16:ec:dd:92:a6:b9:72:b4:4c:97:37:6f:94:23:bf:
         2d:53:8a:ae:87:bb:02:d7:07:ab:f1:2f:a2:33:6d:29:d7:bf:
         4a:52:fb:66:43:05:b4:10:59:12:f4:a3:7a:c2:49:c4:92:61:
         0d:89:7c:42:53:7b:a7:6d:39:6d:e4:41:13:f5:c5:da:44:3b:
         88:44:1e:dd:d5:8e:52:5c:fc:c9:aa:79:f5:f7:a2:dd:bc:0a:
         70:85:32:8c:39:7e:05:de:c3:14:8e:8f:f4:5c:1d:34:31:15:
         86:5c:78:34:e9:24:10:37:f4:ad:ef:36:66:9f:21:6e:c0:1b:
         de:be:c3:bf:1c:47:ce:0a:95:bd:69:ec:ec:89:84:a0:0d:e7:
         01:a8:84:38:a7:c4:f0:f5:f5:ad:93:48:1c:02:a4:1b:96:da:
         59:b8:11:59:ac:91:3f:e4:2a:7c:6c:3b:8a:e9:82:d5:af:e4:
         58:d6:2c:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkAzGMnMqOavHYho0m+6d2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMmYwODc1NmY1NGVjZDcyODBkMWVhY2NmODc4YWViM2Yy
OGFjNGYwHhcNMjUwNjEyMTIwMDIwWhcNMjUwNjEzMTIwMDIwWjAzMTEwLwYDVQQD
EygwNDQ5NWM3ZTEwM2ZmOTdmNTYyYmI0NDg5ZjZiZDMyMTQ4NGI5Mjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxxObA+7DbdZmFwbos2nDPJg/CfX
+6Cmgz0dshROStqxOxLPiqzof8GShhsgFsbWmtZhkNxwJXVLvJDYZrq2xgtNPyoR
bBsU+FvZli/eqZednmwxw0U7c7lNjtlBusEJpUSlWI3HgXvRtTsF2Gwa8H0hp3bM
cCDihbHtNqEvt8ZhHF0Qix7XptrHwjQ1tFg+mojA6qN+53pUeXq7wQUKx5s9XG51
iAAnQJw579KFVMEHhqMFIx2yiY1GAd+qwBtbrmwU6QsTf7Ah2p5M0mjt3rkCxJs9
1GsBqlDEp3P0Cm7mC9kU7PySCaPgjIBMytrX0h5T26/QkBxbwCFPL2GWdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFARJXH4QP/l/Viu0SJ9r0yFIS5J3MB8GA1UdIwQY
MBaAFNwvCHVvVOzXKA0erM+Hius/KKxPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zODk0NzctNTg3MC00ZTJkLWFjODct
Y2M2YmM5NDUzOGZhLzEvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zODk0NzctNTg3MC00ZTJkLWFjODctY2M2YmM5NDUzOGZh
LzEvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABhDYD1zL
3UXeDX0ZxHfkUUzksMBkM2Up8QrRMpDAVp5GIATvr24cDjwi5RlWkkO+lzouis+O
MRTEgN2evSxVqAoiOYvOp7MY2/HgFuzdkqa5crRMlzdvlCO/LVOKroe7AtcHq/Ev
ojNtKde/SlL7ZkMFtBBZEvSjesJJxJJhDYl8QlN7p205beRBE/XF2kQ7iEQe3dWO
Ulz8yap59fei3bwKcIUyjDl+Bd7DFI6P9FwdNDEVhlx4NOkkEDf0re82Zp8hbsAb
3r7DvxxHzgqVvWns7ImEoA3nAaiEOKfE8PX1rZNIHAKkG5baWbgRWayRP+QqfGw7
iumC1a/kWNYseQ==
-----END CERTIFICATE-----