Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
File:                     s3fTy2Ur05jE2752zbAILp3u1tQ.mft (raw, json)
Hash identifier:          AFkWuiHyLIC4ZjiWO/4H7anKevGeh2fomJWvKUUHtFM=
Subject key identifier:   F0:8C:11:F1:B2:FA:B4:68:90:3B:8F:E1:99:E0:83:79:8F:F7:2D:84
Authority key identifier: B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4
Certificate issuer:       /CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
Certificate serial:       0197507CADE83F1A4D0EA61E7ACD6DC2D5D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
Manifest number:          0414
Signing time:             Sun 08 Jun 2025 17:00:37 +0000
Manifest this update:     Sun 08 Jun 2025 17:00:37 +0000
Manifest next update:     Mon 09 Jun 2025 17:00:37 +0000
Files and hashes:         1: s3fTy2Ur05jE2752zbAILp3u1tQ.crl (hash: EsSVheNf9usTgIGH2YXXr031K9TcHTZmCRgofnOVO8w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 17:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:7c:ad:e8:3f:1a:4d:0e:a6:1e:7a:cd:6d:c2:d5:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
        Validity
            Not Before: Jun  8 17:00:37 2025 GMT
            Not After : Jun  9 17:00:37 2025 GMT
        Subject: CN=f08c11f1b2fab468903b8fe199e083798ff72d84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:98:6e:15:b0:19:30:15:b2:3e:bf:b1:53:74:
                    21:71:3f:bd:34:71:2c:1b:9e:7e:df:b0:f5:38:09:
                    7e:ac:3f:dc:d8:8b:83:3e:0c:16:e3:3e:f3:0a:2a:
                    07:5f:54:b2:5e:a5:6e:09:d2:47:8f:e9:3b:fb:73:
                    63:6d:4a:24:b0:4c:31:66:b3:cd:a8:a6:3c:b0:98:
                    54:1a:1a:cd:0a:32:db:7b:5e:c6:89:b4:98:c8:f3:
                    20:49:7e:d5:cc:be:e3:89:59:95:ae:aa:d4:fd:91:
                    bb:c1:99:87:8f:d6:72:58:83:38:67:bf:3f:d5:02:
                    c2:4c:1e:77:97:a2:b6:48:c3:24:a9:69:f7:63:da:
                    55:bc:1f:e4:70:ec:bb:ab:c7:04:9e:5d:c3:45:05:
                    7f:9e:8c:54:c0:5d:1b:77:a3:de:f4:19:f7:36:d7:
                    e5:42:77:02:75:53:bb:18:4d:82:18:78:04:8f:ee:
                    7a:9e:e0:1b:39:ea:d2:6c:07:78:20:d3:1c:da:f8:
                    a3:e8:39:a2:17:8f:6c:d4:94:59:39:f7:c4:5c:eb:
                    4e:68:24:da:8b:9e:00:c9:fd:cd:1b:a8:51:90:bf:
                    ff:d7:b4:90:73:7c:4d:76:92:9f:22:55:7d:d7:2d:
                    43:a0:4e:6c:02:f0:0a:9b:ff:32:98:94:0b:f5:40:
                    27:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:8C:11:F1:B2:FA:B4:68:90:3B:8F:E1:99:E0:83:79:8F:F7:2D:84
            X509v3 Authority Key Identifier:
                keyid:B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:8c:e3:35:54:25:93:73:88:00:2b:56:fa:59:e2:ac:ee:4b:
         71:50:72:63:21:12:95:a4:61:a2:19:d4:8c:03:69:51:27:37:
         7a:1b:93:28:82:04:b4:0c:15:9b:fd:f5:63:e0:f3:4f:c3:9d:
         24:93:98:ae:20:28:a4:90:d5:f5:c3:e5:0f:11:26:4b:a1:2e:
         a4:9e:fb:e2:67:e0:2e:c5:85:5d:7c:36:92:36:89:23:64:91:
         7c:d2:ee:6d:e4:f0:c0:1b:58:c4:b8:88:67:2f:7f:d5:41:a9:
         be:0c:f2:c7:e4:41:8a:96:ff:46:73:80:8a:4a:72:fa:92:b5:
         4c:3c:2e:da:70:14:a7:63:a7:d2:56:e8:f9:57:2b:23:a5:a4:
         78:12:a2:e1:ff:bf:66:2f:4b:e5:b2:45:5a:47:1a:b3:dd:bb:
         4b:6d:b1:d8:53:0e:c2:4c:7e:e0:6e:37:89:17:26:f3:05:03:
         2c:0e:ff:fe:62:60:ad:08:c0:7d:12:f7:78:4d:2b:c1:bd:99:
         a2:5e:ce:d3:88:f5:e7:d4:ee:50:fc:70:80:0a:fa:70:bc:c0:
         56:31:37:9b:a5:80:41:07:bd:fd:64:a6:0b:64:11:ed:cf:c5:
         68:2b:cf:d5:29:d4:0a:56:4d:8b:a5:1c:01:53:cf:a2:0a:6c:
         d5:59:d4:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQfK3oPxpNDqYees1twtXQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNzdkM2NiNjUyYmQzOThjNGRiYmU3NmNkYjAwODJlOWRl
ZWQ2ZDQwHhcNMjUwNjA4MTcwMDM3WhcNMjUwNjA5MTcwMDM3WjAzMTEwLwYDVQQD
EyhmMDhjMTFmMWIyZmFiNDY4OTAzYjhmZTE5OWUwODM3OThmZjcyZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5huFbAZMBWyPr+xU3QhcT+9NHEs
G55+37D1OAl+rD/c2IuDPgwW4z7zCioHX1SyXqVuCdJHj+k7+3NjbUoksEwxZrPN
qKY8sJhUGhrNCjLbe17GibSYyPMgSX7VzL7jiVmVrqrU/ZG7wZmHj9ZyWIM4Z78/
1QLCTB53l6K2SMMkqWn3Y9pVvB/kcOy7q8cEnl3DRQV/noxUwF0bd6Pe9Bn3Ntfl
QncCdVO7GE2CGHgEj+56nuAbOerSbAd4INMc2vij6DmiF49s1JRZOffEXOtOaCTa
i54Ayf3NG6hRkL//17SQc3xNdpKfIlV91y1DoE5sAvAKm/8ymJQL9UAnnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPCMEfGy+rRokDuP4Zngg3mP9y2EMB8GA1UdIwQY
MBaAFLN308tlK9OYxNu+ds2wCC6d7tbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAt
ZDczYTQ1NzNjMWI0LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAtZDczYTQ1NzNjMWI0
LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVozjNVQl
k3OIACtW+lnirO5LcVByYyESlaRhohnUjANpUSc3ehuTKIIEtAwVm/31Y+DzT8Od
JJOYriAopJDV9cPlDxEmS6EupJ774mfgLsWFXXw2kjaJI2SRfNLubeTwwBtYxLiI
Zy9/1UGpvgzyx+RBipb/RnOAikpy+pK1TDwu2nAUp2On0lbo+VcrI6WkeBKi4f+/
Zi9L5bJFWkcas927S22x2FMOwkx+4G43iRcm8wUDLA7//mJgrQjAfRL3eE0rwb2Z
ol7O04j159TuUPxwgAr6cLzAVjE3m6WAQQe9/WSmC2QR7c/FaCvP1SnUClZNi6Uc
AVPPogps1VnURw==
-----END CERTIFICATE-----