Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft
File:                     DW3GbMOENrasMel-cS0hlAfIPPQ.mft (raw, json)
Hash identifier:          RNjjAe1rfoV7b+EfgtdVV6QM45PPAePVMasgCadT04o=
Subject key identifier:   D7:6A:9E:53:F0:D2:F7:2E:7B:DD:E6:D3:FA:A2:33:AE:48:5B:B2:4D
Authority key identifier: 0D:6D:C6:6C:C3:84:36:B6:AC:31:E9:7E:71:2D:21:94:07:C8:3C:F4
Certificate issuer:       /CN=0d6dc66cc38436b6ac31e97e712d219407c83cf4
Certificate serial:       01974FA170C048C883A0EBE7A87ED0C4416D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DW3GbMOENrasMel-cS0hlAfIPPQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft
Manifest number:          0403
Signing time:             Sun 08 Jun 2025 13:01:09 +0000
Manifest this update:     Sun 08 Jun 2025 13:01:09 +0000
Manifest next update:     Mon 09 Jun 2025 13:01:09 +0000
Files and hashes:         1: DW3GbMOENrasMel-cS0hlAfIPPQ.crl (hash: le2TAdwvh6VEZ3C3ykSoPOy+IDds6H2qbrHKPk/A11U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DW3GbMOENrasMel-cS0hlAfIPPQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 11:44:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4f:a1:70:c0:48:c8:83:a0:eb:e7:a8:7e:d0:c4:41:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d6dc66cc38436b6ac31e97e712d219407c83cf4
        Validity
            Not Before: Jun  8 13:01:09 2025 GMT
            Not After : Jun  9 13:01:09 2025 GMT
        Subject: CN=d76a9e53f0d2f72e7bdde6d3faa233ae485bb24d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:e8:ad:20:8a:e1:e0:64:d2:0e:79:57:e1:8b:
                    cc:f0:76:8e:99:50:ff:5f:ca:27:42:18:cc:17:bd:
                    31:be:4e:13:d2:98:9d:c9:18:31:f9:38:3c:b1:e5:
                    74:30:4d:47:a8:73:b8:be:1b:ca:11:80:0c:7d:58:
                    32:b8:77:8e:85:11:58:6b:f5:a3:aa:32:fb:3d:37:
                    e2:89:40:df:c2:9a:2e:c9:9f:0e:24:01:50:aa:c8:
                    9e:a0:2a:ea:38:37:f1:8f:0f:e9:1d:e6:0b:42:bd:
                    15:a4:96:93:8d:c9:88:3a:84:6a:15:4e:ae:a1:8d:
                    13:2a:8b:1b:73:91:91:2b:e1:3d:15:17:bc:18:1b:
                    9e:c4:1a:ec:69:53:06:60:6c:3e:b9:9b:d5:f3:89:
                    69:32:b6:2d:0f:7c:3a:28:f2:37:95:8c:ae:92:93:
                    82:36:a6:66:57:ed:4b:4d:4e:7a:77:3a:06:a3:f6:
                    af:f8:a2:da:ef:fa:e0:13:97:18:14:d4:33:db:44:
                    92:2b:26:90:ce:92:7a:e8:c0:0c:b3:6a:94:5a:3f:
                    06:75:f6:49:f1:26:e7:44:a5:b4:1f:35:20:6f:7a:
                    11:2e:82:18:4c:cf:d2:cb:0f:bf:73:aa:06:6d:d5:
                    4b:3d:cb:f8:ee:e6:3f:e8:d7:a8:48:93:41:5e:3b:
                    fa:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:6A:9E:53:F0:D2:F7:2E:7B:DD:E6:D3:FA:A2:33:AE:48:5B:B2:4D
            X509v3 Authority Key Identifier:
                keyid:0D:6D:C6:6C:C3:84:36:B6:AC:31:E9:7E:71:2D:21:94:07:C8:3C:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DW3GbMOENrasMel-cS0hlAfIPPQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:a0:57:8d:8b:b1:59:e4:1e:55:30:1a:bd:5d:d1:18:00:08:
         92:4b:8c:10:ba:1b:2d:a4:6b:0c:bc:41:84:da:1a:1d:c7:74:
         20:d7:96:6a:96:e8:0f:c0:d3:21:ef:dd:b7:ae:85:42:b9:14:
         f3:ba:a5:7e:76:6c:5b:13:76:84:c1:67:8d:58:59:b9:7a:45:
         9f:34:c1:36:f4:05:2c:e1:21:3a:5e:06:13:02:5f:fb:9d:63:
         c1:e5:cd:c2:c1:e8:18:e0:f3:34:08:f8:3e:db:c1:3c:db:3e:
         7e:05:a9:21:6e:ea:b7:e6:95:15:24:86:bc:78:f6:a7:f7:3e:
         d1:83:ae:3e:c9:37:a4:2b:20:f4:69:08:eb:0a:12:b6:45:70:
         31:8a:03:10:bf:82:e8:a4:70:47:3f:55:76:d0:40:58:31:8b:
         7b:95:bd:5e:ab:a3:bc:97:fc:ec:d6:e1:f8:39:31:5f:6e:24:
         19:d0:65:85:cd:08:55:56:fa:3a:2d:7d:3e:ea:30:8c:9f:3a:
         32:02:a2:5b:a7:90:af:5b:e4:fe:73:72:95:6e:59:d4:a5:d4:
         73:70:be:a1:b9:c7:f0:d7:0a:db:df:0e:4c:76:91:9f:81:d9:
         60:d3:0e:9a:34:6b:ea:32:37:49:83:73:94:5e:10:d4:2c:04:
         6f:7e:2c:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdPoXDASMiDoOvnqH7QxEFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNmRjNjZjYzM4NDM2YjZhYzMxZTk3ZTcxMmQyMTk0MDdj
ODNjZjQwHhcNMjUwNjA4MTMwMTA5WhcNMjUwNjA5MTMwMTA5WjAzMTEwLwYDVQQD
EyhkNzZhOWU1M2YwZDJmNzJlN2JkZGU2ZDNmYWEyMzNhZTQ4NWJiMjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6eitIIrh4GTSDnlX4YvM8HaOmVD/
X8onQhjMF70xvk4T0pidyRgx+Tg8seV0ME1HqHO4vhvKEYAMfVgyuHeOhRFYa/Wj
qjL7PTfiiUDfwpouyZ8OJAFQqsieoCrqODfxjw/pHeYLQr0VpJaTjcmIOoRqFU6u
oY0TKosbc5GRK+E9FRe8GBuexBrsaVMGYGw+uZvV84lpMrYtD3w6KPI3lYyukpOC
NqZmV+1LTU56dzoGo/av+KLa7/rgE5cYFNQz20SSKyaQzpJ66MAMs2qUWj8GdfZJ
8SbnRKW0HzUgb3oRLoIYTM/Syw+/c6oGbdVLPcv47uY/6NeoSJNBXjv6ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNdqnlPw0vcue93m0/qiM65IW7JNMB8GA1UdIwQY
MBaAFA1txmzDhDa2rDHpfnEtIZQHyDz0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFczR2JNT0VOcmFzTWVsLWNTMGhsQWZJUFBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zODU5ZTYtNDNhYy00Yzc0LWI0ZmEt
OWRkNTIzMTNhZTdjLzEvRFczR2JNT0VOcmFzTWVsLWNTMGhsQWZJUFBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zODU5ZTYtNDNhYy00Yzc0LWI0ZmEtOWRkNTIzMTNhZTdj
LzEvRFczR2JNT0VOcmFzTWVsLWNTMGhsQWZJUFBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn6BXjYux
WeQeVTAavV3RGAAIkkuMELobLaRrDLxBhNoaHcd0INeWapboD8DTIe/dt66FQrkU
87qlfnZsWxN2hMFnjVhZuXpFnzTBNvQFLOEhOl4GEwJf+51jweXNwsHoGODzNAj4
PtvBPNs+fgWpIW7qt+aVFSSGvHj2p/c+0YOuPsk3pCsg9GkI6woStkVwMYoDEL+C
6KRwRz9VdtBAWDGLe5W9XqujvJf87Nbh+DkxX24kGdBlhc0IVVb6Oi19PuowjJ86
MgKiW6eQr1vk/nNylW5Z1KXUc3C+obnH8NcK298OTHaRn4HZYNMOmjRr6jI3SYNz
lF4Q1CwEb34sUg==
-----END CERTIFICATE-----