Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft
File:                     3q91C1wrlTnZblZJdyr34Q7-D-o.mft (raw, json)
Hash identifier:          mtIPBse4QrRd8P388P7BTGZ9hJRKYD3YLY2zcMCGyZI=
Subject key identifier:   C3:E0:D9:9A:0A:E9:74:45:0E:7A:74:36:EE:B5:2B:CE:44:FF:99:78
Authority key identifier: DE:AF:75:0B:5C:2B:95:39:D9:6E:56:49:77:2A:F7:E1:0E:FE:0F:EA
Certificate issuer:       /CN=deaf750b5c2b9539d96e5649772af7e10efe0fea
Certificate serial:       01974EC57BBD40A711503BAF338A62045703
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3q91C1wrlTnZblZJdyr34Q7-D-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft
Manifest number:          0C10
Signing time:             Sun 08 Jun 2025 09:00:54 +0000
Manifest this update:     Sun 08 Jun 2025 09:00:54 +0000
Manifest next update:     Mon 09 Jun 2025 09:00:54 +0000
Files and hashes:         1: 3q91C1wrlTnZblZJdyr34Q7-D-o.crl (hash: /T50pGDdel4ssb/g6sU0k//kqti8qYW0o4YnwULcAHo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3q91C1wrlTnZblZJdyr34Q7-D-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:c5:7b:bd:40:a7:11:50:3b:af:33:8a:62:04:57:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=deaf750b5c2b9539d96e5649772af7e10efe0fea
        Validity
            Not Before: Jun  8 09:00:54 2025 GMT
            Not After : Jun  9 09:00:54 2025 GMT
        Subject: CN=c3e0d99a0ae974450e7a7436eeb52bce44ff9978
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:4a:f2:aa:98:3f:7c:d6:00:ea:32:05:37:cb:
                    c9:9b:2c:66:bb:2f:4c:38:cf:1f:00:b4:f3:ae:64:
                    cc:c0:09:15:57:0a:94:e6:24:34:0b:a1:43:67:be:
                    ca:36:cd:cd:3f:8e:bb:76:8c:ed:c5:be:dd:d8:c3:
                    1c:91:5b:d6:74:a6:de:f0:3d:42:1d:a8:06:85:c9:
                    a3:94:34:2c:f2:6d:a6:4c:36:02:05:17:9d:b6:7b:
                    51:a6:e4:bb:de:ed:22:28:da:3f:fe:3f:3d:73:e8:
                    10:a6:0e:eb:3e:8e:ca:06:b4:d4:4a:64:da:c9:1c:
                    eb:09:06:57:77:a2:0a:86:3f:ad:f8:27:15:ab:c1:
                    06:bd:cb:3d:2a:13:8f:b9:9e:66:54:76:18:8e:ec:
                    6d:5f:a7:af:f7:2a:54:93:08:b1:03:c7:57:d6:42:
                    c6:5b:6c:09:d5:6e:1f:3b:3f:20:f2:48:5e:09:08:
                    79:5b:a5:e1:12:14:8c:53:23:9d:6b:4a:9b:a9:9d:
                    f3:34:b1:e0:55:0f:85:aa:b7:f7:25:f0:97:e6:24:
                    25:5c:78:ba:67:a7:24:2e:3f:74:dc:b0:5e:c7:b0:
                    06:79:bc:0d:ba:fe:25:6a:4a:86:ab:aa:75:8f:20:
                    93:84:70:5a:6e:40:e1:1d:10:a9:42:84:16:9d:c8:
                    13:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:E0:D9:9A:0A:E9:74:45:0E:7A:74:36:EE:B5:2B:CE:44:FF:99:78
            X509v3 Authority Key Identifier:
                keyid:DE:AF:75:0B:5C:2B:95:39:D9:6E:56:49:77:2A:F7:E1:0E:FE:0F:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3q91C1wrlTnZblZJdyr34Q7-D-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:13:ae:5a:e5:81:47:86:2b:6d:d3:04:0e:3e:37:a3:12:62:
         2a:d3:a4:0d:51:2e:c7:d2:46:ef:27:d3:81:1f:b6:41:7e:6e:
         bd:ec:5b:52:dd:ab:b3:ae:95:09:0b:38:37:5f:ad:7c:d8:e8:
         19:13:bc:af:cf:27:91:5e:f4:41:92:3c:1c:fc:16:ca:d8:c7:
         69:ec:fb:c6:1d:2c:b5:43:8f:12:9a:91:68:80:e4:c3:79:24:
         06:fd:5b:a4:53:9c:92:12:ce:d0:66:3c:28:05:db:cd:1f:22:
         5a:1e:c5:1c:7c:98:ba:b5:a9:74:e5:f5:e8:d2:e4:8f:bc:d3:
         32:29:57:bd:91:27:95:b9:a4:bc:ff:15:ac:8e:7e:8f:ad:81:
         64:68:01:9e:29:fb:6e:0c:48:46:0e:5b:cd:41:3e:7d:c5:b2:
         e6:14:20:b0:74:1c:56:63:ab:20:8f:c5:74:4e:df:b0:63:6c:
         0a:b9:67:d6:22:41:6f:14:04:e6:82:15:ff:a2:50:1c:df:dc:
         61:38:d6:3e:d9:b6:d5:04:62:36:2b:0d:be:5e:72:d1:bc:ad:
         54:19:f0:f8:2f:4f:97:c6:61:a2:39:25:71:0e:a8:01:c4:63:
         17:a8:2c:3f:2c:8a:ea:d8:97:85:c2:67:28:33:0b:e5:33:2a:
         17:9d:b0:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOxXu9QKcRUDuvM4piBFcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYWY3NTBiNWMyYjk1MzlkOTZlNTY0OTc3MmFmN2UxMGVm
ZTBmZWEwHhcNMjUwNjA4MDkwMDU0WhcNMjUwNjA5MDkwMDU0WjAzMTEwLwYDVQQD
EyhjM2UwZDk5YTBhZTk3NDQ1MGU3YTc0MzZlZWI1MmJjZTQ0ZmY5OTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Uryqpg/fNYA6jIFN8vJmyxmuy9M
OM8fALTzrmTMwAkVVwqU5iQ0C6FDZ77KNs3NP467doztxb7d2MMckVvWdKbe8D1C
HagGhcmjlDQs8m2mTDYCBRedtntRpuS73u0iKNo//j89c+gQpg7rPo7KBrTUSmTa
yRzrCQZXd6IKhj+t+CcVq8EGvcs9KhOPuZ5mVHYYjuxtX6ev9ypUkwixA8dX1kLG
W2wJ1W4fOz8g8kheCQh5W6XhEhSMUyOda0qbqZ3zNLHgVQ+Fqrf3JfCX5iQlXHi6
Z6ckLj903LBex7AGebwNuv4lakqGq6p1jyCThHBabkDhHRCpQoQWncgTkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMPg2ZoK6XRFDnp0Nu61K85E/5l4MB8GA1UdIwQY
MBaAFN6vdQtcK5U52W5WSXcq9+EO/g/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3E5MUMxd3JsVG5aYmxaSmR5cjM0UTctRC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wMzA5ZmItNmY4NC00N2JjLWE3Yzkt
NWQzMWQxZmU0MjhmLzEvM3E5MUMxd3JsVG5aYmxaSmR5cjM0UTctRC1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wMzA5ZmItNmY4NC00N2JjLWE3YzktNWQzMWQxZmU0Mjhm
LzEvM3E5MUMxd3JsVG5aYmxaSmR5cjM0UTctRC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkhOuWuWB
R4YrbdMEDj43oxJiKtOkDVEux9JG7yfTgR+2QX5uvexbUt2rs66VCQs4N1+tfNjo
GRO8r88nkV70QZI8HPwWytjHaez7xh0stUOPEpqRaIDkw3kkBv1bpFOckhLO0GY8
KAXbzR8iWh7FHHyYurWpdOX16NLkj7zTMilXvZEnlbmkvP8VrI5+j62BZGgBnin7
bgxIRg5bzUE+fcWy5hQgsHQcVmOrII/FdE7fsGNsCrln1iJBbxQE5oIV/6JQHN/c
YTjWPtm21QRiNisNvl5y0bytVBnw+C9Pl8ZhojklcQ6oAcRjF6gsPyyK6tiXhcJn
KDML5TMqF52w/g==
-----END CERTIFICATE-----