Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
File:                     3ohLjkYvPsE6QCTWaamdlK8FzbI.mft (raw, json)
Hash identifier:          zb4HirtrLyuy8SLhHQNnv9Qz83+3i5DisZmHW050A+s=
Subject key identifier:   E5:34:C3:89:53:55:CC:84:11:9A:84:3B:B8:68:4B:FC:EF:FF:36:AC
Authority key identifier: DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2
Certificate issuer:       /CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
Certificate serial:       01974742877D9BE2082F52C93367F65D1CAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
Manifest number:          062A
Signing time:             Fri 06 Jun 2025 22:00:31 +0000
Manifest this update:     Fri 06 Jun 2025 22:00:31 +0000
Manifest next update:     Sat 07 Jun 2025 22:00:31 +0000
Files and hashes:         1: 3ohLjkYvPsE6QCTWaamdlK8FzbI.crl (hash: NxJegIc+gayJwqoOXy+GAPEKsAD3VV8iW1Sxy9O2GMs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:42:87:7d:9b:e2:08:2f:52:c9:33:67:f6:5d:1c:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
        Validity
            Not Before: Jun  6 22:00:31 2025 GMT
            Not After : Jun  7 22:00:31 2025 GMT
        Subject: CN=e534c3895355cc84119a843bb8684bfcefff36ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e9:e4:a5:64:8f:f4:65:eb:e8:09:21:5a:81:
                    7e:eb:c9:5c:5e:e9:76:fc:8d:2e:ee:b1:ac:40:05:
                    65:e2:a0:51:7e:9a:d7:0c:5b:f2:fe:2a:a0:46:48:
                    47:c1:20:b8:00:e5:96:7f:5c:dd:0c:32:57:28:1e:
                    44:38:d5:d5:00:f1:6d:81:97:af:37:e4:3e:92:a7:
                    f3:f3:db:ed:96:f9:26:6d:be:3e:36:43:c3:7d:65:
                    5c:6d:5c:6c:78:4f:7d:ea:7a:c2:ee:af:f7:cf:04:
                    a5:ba:22:03:9a:7d:bd:62:ca:0a:42:dc:13:2c:22:
                    58:fe:0e:99:8f:69:a4:de:1b:b0:35:50:55:f8:37:
                    e2:82:9a:f6:c5:18:f4:07:ce:6d:6c:c0:76:2f:5f:
                    ad:1f:4c:49:a6:fe:0a:0c:f6:f6:5c:af:1e:1a:36:
                    63:28:ec:59:b1:dc:ac:a4:c3:50:00:7f:4f:d5:f5:
                    15:77:53:30:87:39:25:23:0f:39:cb:e8:54:1f:76:
                    61:45:57:1a:78:f8:ab:ea:5a:ec:64:a4:60:94:6d:
                    8b:19:d2:80:d9:08:90:2a:72:41:28:24:50:89:40:
                    d6:9f:35:53:fd:ca:12:02:c9:aa:cd:da:f2:12:2e:
                    36:dc:22:69:76:20:3c:5e:ae:f2:63:27:6f:f1:1a:
                    6f:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:34:C3:89:53:55:CC:84:11:9A:84:3B:B8:68:4B:FC:EF:FF:36:AC
            X509v3 Authority Key Identifier:
                keyid:DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:f5:cf:dd:e1:dd:2e:ed:9b:17:1e:94:e7:3b:39:1b:9a:ed:
         0e:49:88:9a:88:b1:49:a5:ad:45:82:76:4a:8a:c5:55:7e:83:
         88:09:98:d7:36:e7:30:d4:a9:ce:d9:55:c2:7e:4f:d0:89:4d:
         09:34:7b:c4:99:20:21:94:7a:3f:62:09:7c:74:71:9a:6c:c2:
         7b:3a:79:1b:d0:34:fc:36:c5:b1:77:02:be:63:0b:7c:47:db:
         ed:43:4b:f3:fd:14:45:7e:91:02:88:7e:f2:85:4b:d8:4c:67:
         44:45:a9:d5:15:1d:cd:c6:e5:77:03:1b:60:9f:bb:97:da:0e:
         c4:03:d4:0f:2f:ff:39:11:83:05:84:e1:b4:59:8d:30:00:6f:
         e4:43:1a:14:c7:48:49:a0:46:ed:c2:6c:d4:83:1c:27:a2:70:
         62:23:6c:83:3d:a5:8e:45:4c:e9:b4:3e:20:cc:9e:55:59:93:
         38:e8:7f:b5:35:50:a9:4c:05:c0:79:60:59:07:61:7e:c4:22:
         76:8c:c7:3a:82:41:ab:de:57:9f:97:c8:e1:f3:95:c7:e9:75:
         5a:e1:d8:da:f7:3a:5d:c3:96:e7:c3:ab:10:9f:99:c3:80:e4:
         01:c3:ea:9c:9c:80:f2:52:7e:dc:c4:7c:d0:45:95:d9:5f:7b:
         08:d3:1c:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHQod9m+IIL1LJM2f2XRyvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODg0YjhlNDYyZjNlYzEzYTQwMjRkNjY5YTk5ZDk0YWYw
NWNkYjIwHhcNMjUwNjA2MjIwMDMxWhcNMjUwNjA3MjIwMDMxWjAzMTEwLwYDVQQD
EyhlNTM0YzM4OTUzNTVjYzg0MTE5YTg0M2JiODY4NGJmY2VmZmYzNmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOnkpWSP9GXr6AkhWoF+68lcXul2
/I0u7rGsQAVl4qBRfprXDFvy/iqgRkhHwSC4AOWWf1zdDDJXKB5EONXVAPFtgZev
N+Q+kqfz89vtlvkmbb4+NkPDfWVcbVxseE996nrC7q/3zwSluiIDmn29YsoKQtwT
LCJY/g6Zj2mk3huwNVBV+Dfigpr2xRj0B85tbMB2L1+tH0xJpv4KDPb2XK8eGjZj
KOxZsdyspMNQAH9P1fUVd1MwhzklIw85y+hUH3ZhRVcaePir6lrsZKRglG2LGdKA
2QiQKnJBKCRQiUDWnzVT/coSAsmqzdryEi423CJpdiA8Xq7yYydv8Rpv2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOU0w4lTVcyEEZqEO7hoS/zv/zasMB8GA1UdIwQY
MBaAFN6IS45GLz7BOkAk1mmpnZSvBc2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUt
NGFmNzA0MDJiMjcwLzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUtNGFmNzA0MDJiMjcw
LzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcfXP3eHd
Lu2bFx6U5zs5G5rtDkmImoixSaWtRYJ2SorFVX6DiAmY1zbnMNSpztlVwn5P0IlN
CTR7xJkgIZR6P2IJfHRxmmzCezp5G9A0/DbFsXcCvmMLfEfb7UNL8/0URX6RAoh+
8oVL2ExnREWp1RUdzcbldwMbYJ+7l9oOxAPUDy//ORGDBYThtFmNMABv5EMaFMdI
SaBG7cJs1IMcJ6JwYiNsgz2ljkVM6bQ+IMyeVVmTOOh/tTVQqUwFwHlgWQdhfsQi
dozHOoJBq95Xn5fI4fOVx+l1WuHY2vc6XcOW58OrEJ+Zw4DkAcPqnJyA8lJ+3MR8
0EWV2V97CNMcXg==
-----END CERTIFICATE-----