Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
File:                     3XF0IQf16FBis-CuZa-kuuZw4Es.mft (raw, json)
Hash identifier:          yu6PDYVdiNHL8klWhG4GPeeB2ACMOXAF07YGhze08p0=
Subject key identifier:   67:1E:C6:AF:CC:D2:C2:F6:82:BA:1E:96:78:6C:CF:CA:06:9A:8C:A5
Authority key identifier: DD:71:74:21:07:F5:E8:50:62:B3:E0:AE:65:AF:A4:BA:E6:70:E0:4B
Certificate issuer:       /CN=dd71742107f5e85062b3e0ae65afa4bae670e04b
Certificate serial:       019749D634D73F302DBA978EA4FAD554A3F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
Manifest number:          03FD
Signing time:             Sat 07 Jun 2025 10:01:04 +0000
Manifest this update:     Sat 07 Jun 2025 10:01:04 +0000
Manifest next update:     Sun 08 Jun 2025 10:01:04 +0000
Files and hashes:         1: 3XF0IQf16FBis-CuZa-kuuZw4Es.crl (hash: QqGaySWOJgbFR4GU8wnoqKPQZCpT9No3ipY7RFu26EM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d6:34:d7:3f:30:2d:ba:97:8e:a4:fa:d5:54:a3:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd71742107f5e85062b3e0ae65afa4bae670e04b
        Validity
            Not Before: Jun  7 10:01:04 2025 GMT
            Not After : Jun  8 10:01:04 2025 GMT
        Subject: CN=671ec6afccd2c2f682ba1e96786ccfca069a8ca5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:b1:c9:12:97:6c:48:c0:6b:c4:59:28:12:31:
                    42:03:22:b7:3e:d7:1d:de:64:64:6d:72:c2:58:8b:
                    83:17:53:71:66:73:28:3e:af:c6:c1:cc:eb:87:14:
                    61:40:71:7f:64:d1:05:96:47:1a:f7:2c:17:92:fb:
                    54:4f:1c:b7:70:a3:c3:03:d5:85:e7:48:f7:a7:2e:
                    22:d2:bb:d4:8f:f3:fe:84:81:15:05:de:93:06:c1:
                    ac:8d:0a:6b:65:8c:2c:e3:4a:40:43:d2:e7:ea:8a:
                    da:b4:05:da:88:20:05:7f:dd:ed:46:35:3f:c7:2c:
                    9f:19:9e:61:27:35:9d:39:a1:36:ad:26:c4:e0:e1:
                    1a:8c:18:f4:b9:1d:6c:7f:bb:e0:89:bc:81:62:9a:
                    eb:55:ba:1b:53:ed:07:2c:36:e4:58:ac:30:9c:35:
                    85:e2:56:7c:08:c5:a2:96:d9:24:31:f9:52:c6:8c:
                    4c:e5:e7:41:d3:fd:29:1d:11:49:7b:c2:4b:79:ec:
                    3f:e6:98:fc:58:77:fd:7b:84:d0:a1:af:06:75:fa:
                    b4:75:c0:8c:69:74:9b:d7:0d:6b:9f:7c:ae:23:5a:
                    5b:af:94:f8:fb:ee:50:04:5e:d3:4e:3b:65:a8:be:
                    8d:cc:aa:00:e5:db:bb:68:9f:7c:fb:98:97:02:64:
                    a9:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:1E:C6:AF:CC:D2:C2:F6:82:BA:1E:96:78:6C:CF:CA:06:9A:8C:A5
            X509v3 Authority Key Identifier:
                keyid:DD:71:74:21:07:F5:E8:50:62:B3:E0:AE:65:AF:A4:BA:E6:70:E0:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:2e:00:60:04:ff:d5:9b:4e:12:10:82:c9:d8:c2:2d:7d:b5:
         60:41:2e:ea:46:39:03:68:f4:9a:45:b2:50:f8:92:e6:5a:13:
         94:78:e0:f2:01:4b:09:e1:27:4b:10:44:7d:08:45:55:eb:a9:
         eb:f9:6c:26:c7:2e:8c:f9:8b:95:c1:f9:21:7b:a3:88:ce:a4:
         d2:72:f0:2b:fa:54:c3:f4:8d:97:e4:4c:bc:91:da:e5:a0:bc:
         41:c2:c6:16:88:2a:e4:ea:76:eb:76:35:cf:34:8a:ef:c2:c1:
         7f:0d:71:8a:99:86:95:bf:97:be:a3:6b:6b:a6:af:77:4b:6b:
         bf:3e:db:17:85:55:31:21:5c:90:b3:32:1a:0d:3a:be:d4:15:
         28:6d:b6:88:ff:4d:9d:ff:13:1d:f1:6c:f8:12:87:25:b2:e6:
         b1:c4:fa:0b:ed:7e:17:6f:df:c2:43:de:f5:f6:5d:02:23:1f:
         86:0d:52:52:db:e5:c9:a4:76:14:49:38:1d:a3:46:b4:b0:07:
         1c:6f:dc:13:ae:eb:fe:60:3c:65:ad:8a:79:a8:50:42:fe:ea:
         13:d6:ae:6e:bf:55:7c:fe:8a:2e:a2:09:ed:45:f4:b6:2c:d7:
         eb:ba:9d:8a:2b:b9:8a:a1:d4:c5:24:e7:6a:7a:de:44:14:d7:
         0c:0c:fa:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1jTXPzAtupeOpPrVVKP1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzE3NDIxMDdmNWU4NTA2MmIzZTBhZTY1YWZhNGJhZTY3
MGUwNGIwHhcNMjUwNjA3MTAwMTA0WhcNMjUwNjA4MTAwMTA0WjAzMTEwLwYDVQQD
Eyg2NzFlYzZhZmNjZDJjMmY2ODJiYTFlOTY3ODZjY2ZjYTA2OWE4Y2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrHJEpdsSMBrxFkoEjFCAyK3Ptcd
3mRkbXLCWIuDF1NxZnMoPq/GwczrhxRhQHF/ZNEFlkca9ywXkvtUTxy3cKPDA9WF
50j3py4i0rvUj/P+hIEVBd6TBsGsjQprZYws40pAQ9Ln6oratAXaiCAFf93tRjU/
xyyfGZ5hJzWdOaE2rSbE4OEajBj0uR1sf7vgibyBYprrVbobU+0HLDbkWKwwnDWF
4lZ8CMWiltkkMflSxoxM5edB0/0pHRFJe8JLeew/5pj8WHf9e4TQoa8Gdfq0dcCM
aXSb1w1rn3yuI1pbr5T4++5QBF7TTjtlqL6NzKoA5du7aJ98+5iXAmSpnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGcexq/M0sL2groelnhsz8oGmoylMB8GA1UdIwQY
MBaAFN1xdCEH9ehQYrPgrmWvpLrmcOBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8yZGU0YTktNjU4Yy00MDZiLThlZTct
YTc3MDZiYTMwODg5LzEvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8yZGU0YTktNjU4Yy00MDZiLThlZTctYTc3MDZiYTMwODg5
LzEvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGS4AYAT/
1ZtOEhCCydjCLX21YEEu6kY5A2j0mkWyUPiS5loTlHjg8gFLCeEnSxBEfQhFVeup
6/lsJscujPmLlcH5IXujiM6k0nLwK/pUw/SNl+RMvJHa5aC8QcLGFogq5Op263Y1
zzSK78LBfw1xipmGlb+XvqNra6avd0trvz7bF4VVMSFckLMyGg06vtQVKG22iP9N
nf8THfFs+BKHJbLmscT6C+1+F2/fwkPe9fZdAiMfhg1SUtvlyaR2FEk4HaNGtLAH
HG/cE67r/mA8Za2KeahQQv7qE9aubr9VfP6KLqIJ7UX0tizX67qdiiu5iqHUxSTn
anreRBTXDAz6FA==
-----END CERTIFICATE-----