Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
File:                     x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft (raw, json)
Hash identifier:          YTqedYhL0tF6KNosvAgKSc66SJQshUeqJDCqOX4OFNs=
Subject key identifier:   E4:77:A3:87:FF:68:76:BF:5C:01:D6:DD:1E:1F:96:CA:58:3C:40:F5
Authority key identifier: C7:72:9A:6E:CE:2D:0E:BE:9B:BE:5D:8D:79:62:F7:3B:DC:92:04:A9
Certificate issuer:       /CN=c7729a6ece2d0ebe9bbe5d8d7962f73bdc9204a9
Certificate serial:       0197485565116ECBA55066FF6357D76457D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
Manifest number:          30
Signing time:             Sat 07 Jun 2025 03:00:45 +0000
Manifest this update:     Sat 07 Jun 2025 03:00:45 +0000
Manifest next update:     Sun 08 Jun 2025 03:00:45 +0000
Files and hashes:         1: x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl (hash: 3LA4ptJ2aloIKdzp6hY01H8CalK3BBNYt2yC20qb1pA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:55:65:11:6e:cb:a5:50:66:ff:63:57:d7:64:57:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c7729a6ece2d0ebe9bbe5d8d7962f73bdc9204a9
        Validity
            Not Before: Jun  7 03:00:45 2025 GMT
            Not After : Jun  8 03:00:45 2025 GMT
        Subject: CN=e477a387ff6876bf5c01d6dd1e1f96ca583c40f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:92:01:3d:4d:dc:04:a1:40:ac:bd:08:d3:81:
                    01:03:4c:95:00:51:c7:f5:02:b0:16:5e:da:02:a9:
                    0f:d0:93:ab:b0:10:fe:74:aa:82:56:e8:ee:6d:5e:
                    fb:aa:2d:ed:6c:78:3b:51:c6:c2:48:0c:91:69:9d:
                    5f:14:f5:c3:b1:a5:13:60:ab:50:2e:b0:a2:25:46:
                    53:4f:4d:ea:ff:1c:a6:b7:18:13:c1:34:66:1f:83:
                    79:04:ab:84:7b:ee:b8:d8:47:53:cd:e8:5b:01:26:
                    4a:24:a2:82:57:70:29:67:31:7e:17:46:d8:10:62:
                    e3:ee:55:a2:2c:3f:1a:e2:f7:7d:56:da:10:7e:2c:
                    d7:c4:cf:34:20:1c:35:53:3f:0e:0b:0e:0f:89:18:
                    c7:2a:18:fe:aa:54:2f:bf:e4:2d:41:fa:eb:46:f1:
                    9a:81:21:c0:78:db:83:18:8c:bd:4a:6f:d2:cd:ce:
                    5d:1f:31:f5:88:82:00:1f:ae:15:73:51:8e:2a:73:
                    c1:aa:4e:15:13:43:ce:e0:a4:67:da:c1:f3:b1:46:
                    b0:85:1a:0f:14:3b:67:92:a6:62:e0:87:45:c3:fa:
                    81:d9:75:ea:37:d6:9d:b5:e2:4d:7f:78:7e:a6:00:
                    33:00:2d:11:c0:11:10:2a:a2:f0:f3:7b:be:6f:05:
                    2f:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:77:A3:87:FF:68:76:BF:5C:01:D6:DD:1E:1F:96:CA:58:3C:40:F5
            X509v3 Authority Key Identifier:
                keyid:C7:72:9A:6E:CE:2D:0E:BE:9B:BE:5D:8D:79:62:F7:3B:DC:92:04:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:f5:fb:e1:ef:d4:9a:a9:89:39:9c:98:12:e4:88:62:42:f2:
         8e:68:4d:ba:55:75:1e:df:e4:79:d3:16:8a:30:09:d0:0e:c7:
         8a:27:5d:2b:32:5f:91:7d:a8:fe:13:c3:11:ef:5c:ef:09:1b:
         85:4a:ce:61:a7:4c:14:a8:de:bf:c6:ce:90:4e:43:94:79:63:
         b6:3f:98:27:b6:ba:d3:de:c6:d1:3c:05:e5:e9:d9:50:1a:76:
         07:9b:09:23:96:69:97:44:78:d5:b3:ae:be:01:f6:0b:c3:10:
         f2:6d:55:d2:c7:df:28:4a:04:74:db:aa:7a:aa:21:4e:04:5e:
         a5:ff:ed:bc:fc:ee:d9:96:f5:44:d0:8e:1b:3e:5b:a4:d1:f7:
         8b:06:ae:09:2e:2c:85:2a:95:57:56:3a:2d:46:ac:51:bb:3f:
         e3:21:43:4b:38:44:f9:1f:a8:bf:91:0b:6c:a6:52:84:03:e0:
         2e:d9:40:04:f0:14:27:c5:57:03:6c:62:f7:5e:82:8e:50:85:
         64:f5:b0:aa:76:52:83:f9:5c:e6:d7:fe:45:ec:c1:9d:03:86:
         3a:b5:d8:26:61:8a:f8:f9:73:96:31:e2:19:f6:a1:a2:4b:6b:
         8c:ab:61:b6:f3:0e:93:a5:ff:a7:71:52:ac:0d:a2:b2:6f:e1:
         df:00:92:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIVWURbsulUGb/Y1fXZFfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NzI5YTZlY2UyZDBlYmU5YmJlNWQ4ZDc5NjJmNzNiZGM5
MjA0YTkwHhcNMjUwNjA3MDMwMDQ1WhcNMjUwNjA4MDMwMDQ1WjAzMTEwLwYDVQQD
EyhlNDc3YTM4N2ZmNjg3NmJmNWMwMWQ2ZGQxZTFmOTZjYTU4M2M0MGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5IBPU3cBKFArL0I04EBA0yVAFHH
9QKwFl7aAqkP0JOrsBD+dKqCVujubV77qi3tbHg7UcbCSAyRaZ1fFPXDsaUTYKtQ
LrCiJUZTT03q/xymtxgTwTRmH4N5BKuEe+642EdTzehbASZKJKKCV3ApZzF+F0bY
EGLj7lWiLD8a4vd9VtoQfizXxM80IBw1Uz8OCw4PiRjHKhj+qlQvv+QtQfrrRvGa
gSHAeNuDGIy9Sm/Szc5dHzH1iIIAH64Vc1GOKnPBqk4VE0PO4KRn2sHzsUawhRoP
FDtnkqZi4IdFw/qB2XXqN9adteJNf3h+pgAzAC0RwBEQKqLw83u+bwUvYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOR3o4f/aHa/XAHW3R4flspYPED1MB8GA1UdIwQY
MBaAFMdymm7OLQ6+m75djXli9zvckgSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xYzk3NTQtMzJlOS00MTg2LWE2OTEt
ZGMzNjUxY2NmOWFlLzEveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8xYzk3NTQtMzJlOS00MTg2LWE2OTEtZGMzNjUxY2NmOWFl
LzEveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALvX74e/U
mqmJOZyYEuSIYkLyjmhNulV1Ht/kedMWijAJ0A7HiiddKzJfkX2o/hPDEe9c7wkb
hUrOYadMFKjev8bOkE5DlHljtj+YJ7a6097G0TwF5enZUBp2B5sJI5Zpl0R41bOu
vgH2C8MQ8m1V0sffKEoEdNuqeqohTgRepf/tvPzu2Zb1RNCOGz5bpNH3iwauCS4s
hSqVV1Y6LUasUbs/4yFDSzhE+R+ov5ELbKZShAPgLtlABPAUJ8VXA2xi916CjlCF
ZPWwqnZSg/lc5tf+RezBnQOGOrXYJmGK+PlzljHiGfahoktrjKthtvMOk6X/p3FS
rA2ism/h3wCSwQ==
-----END CERTIFICATE-----