Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
File:                     3k_14NZGWzwsc6LG4Q5WovpzFic.mft (raw, json)
Hash identifier:          y6bPsOIoAGZTuwtohu47GmEXCV0W5tTb442ggKwc7Qc=
Subject key identifier:   B0:D4:E3:B9:5A:55:FA:B7:4A:E2:8B:17:51:A7:2B:D1:6E:30:0A:E2
Authority key identifier: DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27
Certificate issuer:       /CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
Certificate serial:       01975B3787612544AF81868FC3281C347203
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
Manifest number:          0D1E
Signing time:             Tue 10 Jun 2025 19:00:55 +0000
Manifest this update:     Tue 10 Jun 2025 19:00:55 +0000
Manifest next update:     Wed 11 Jun 2025 19:00:55 +0000
Files and hashes:         1: 3k_14NZGWzwsc6LG4Q5WovpzFic.crl (hash: Ngbw+uNxrb+gYykrzlj6BJBwQNvBRtJIVeyTuxYj7C4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:37:87:61:25:44:af:81:86:8f:c3:28:1c:34:72:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
        Validity
            Not Before: Jun 10 19:00:55 2025 GMT
            Not After : Jun 11 19:00:55 2025 GMT
        Subject: CN=b0d4e3b95a55fab74ae28b1751a72bd16e300ae2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:7f:00:f0:0f:62:68:18:6f:a8:08:0e:8f:b0:
                    bd:62:03:57:cd:87:21:8f:3d:b4:ed:45:28:79:f8:
                    2a:73:85:ff:61:90:60:7b:75:07:a6:e1:1d:87:10:
                    97:94:13:67:2e:41:a0:10:e0:32:46:13:2e:3b:c0:
                    38:74:6f:f2:31:8c:89:2e:23:c7:86:fa:86:52:9b:
                    19:7e:a9:18:40:09:89:cf:7f:2d:bd:d8:c0:dd:32:
                    10:ac:2b:b9:17:ac:b7:e7:d7:fb:2a:1a:db:7e:42:
                    50:26:fc:46:77:15:31:87:73:a2:09:8f:15:f6:d5:
                    c9:a1:d3:f6:eb:38:26:dc:00:4a:d3:dd:ae:c7:64:
                    bf:f5:18:23:80:65:bb:dd:f5:d5:6d:96:92:c9:4d:
                    d2:1b:d4:24:d4:f1:7f:00:24:f7:26:fc:b6:be:90:
                    29:cb:d2:13:7e:aa:21:f3:59:a7:5f:b3:22:d5:65:
                    2f:44:80:59:ac:1b:9d:70:4a:56:14:1c:a9:f8:c3:
                    e9:c0:52:aa:22:ed:a9:89:a2:99:45:ba:69:d8:ab:
                    ce:da:b4:1e:c2:e4:42:a1:34:86:9e:39:04:da:7a:
                    21:75:c8:c6:e5:4c:09:74:b3:7c:34:3d:35:d0:a7:
                    e5:42:6d:5c:86:bd:83:65:43:8f:2a:3f:81:89:22:
                    04:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:D4:E3:B9:5A:55:FA:B7:4A:E2:8B:17:51:A7:2B:D1:6E:30:0A:E2
            X509v3 Authority Key Identifier:
                keyid:DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:d4:cf:54:59:58:89:87:bd:a7:db:f8:e0:3b:d2:9a:34:c7:
         0f:17:ce:a7:bb:e1:13:67:80:55:50:f3:56:a1:70:0b:58:3d:
         b6:38:c9:67:4d:ae:06:d4:37:9c:90:fd:59:e1:e3:19:27:f5:
         9a:54:20:73:b5:1d:4e:1f:ac:e6:e2:ef:5e:54:70:b0:e7:37:
         d7:0b:b7:c6:4d:4b:a6:a3:49:f0:eb:5d:04:70:37:eb:0a:c0:
         6e:9e:d0:9b:22:40:a7:ca:71:d4:bd:20:9b:61:20:d8:41:ee:
         01:b9:da:05:67:29:bb:f4:10:e0:e4:66:0c:4f:e8:e4:5a:0b:
         8b:bc:9f:4b:04:06:8e:f9:ec:23:08:d0:ac:e0:5a:fa:14:4b:
         17:81:0e:de:de:b0:77:e3:e0:31:0f:7c:89:9f:06:c7:6b:1e:
         12:7b:b0:9c:8c:c1:7a:48:f7:93:21:19:ce:54:b6:43:95:33:
         df:3e:61:48:f9:c9:42:4c:52:87:23:dd:ce:55:74:71:ed:89:
         aa:49:34:0e:55:3f:a8:ba:d1:3c:c7:39:55:24:93:21:5f:b3:
         e5:2f:89:2d:99:9f:c0:cc:82:0c:61:0d:09:bf:49:ea:78:dd:
         c7:9e:58:62:a4:1b:62:6e:24:32:78:e7:56:71:0a:ee:b3:79:
         62:d8:cc:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdbN4dhJUSvgYaPwygcNHIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNGZmNWUwZDY0NjViM2MyYzczYTJjNmUxMGU1NmEyZmE3
MzE2MjcwHhcNMjUwNjEwMTkwMDU1WhcNMjUwNjExMTkwMDU1WjAzMTEwLwYDVQQD
EyhiMGQ0ZTNiOTVhNTVmYWI3NGFlMjhiMTc1MWE3MmJkMTZlMzAwYWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX8A8A9iaBhvqAgOj7C9YgNXzYch
jz207UUoefgqc4X/YZBge3UHpuEdhxCXlBNnLkGgEOAyRhMuO8A4dG/yMYyJLiPH
hvqGUpsZfqkYQAmJz38tvdjA3TIQrCu5F6y359f7KhrbfkJQJvxGdxUxh3OiCY8V
9tXJodP26zgm3ABK092ux2S/9RgjgGW73fXVbZaSyU3SG9Qk1PF/ACT3Jvy2vpAp
y9ITfqoh81mnX7Mi1WUvRIBZrBudcEpWFByp+MPpwFKqIu2piaKZRbpp2KvO2rQe
wuRCoTSGnjkE2nohdcjG5UwJdLN8ND010KflQm1chr2DZUOPKj+BiSIEjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLDU47laVfq3SuKLF1GnK9FuMAriMB8GA1UdIwQY
MBaAFN5P9eDWRls8LHOixuEOVqL6cxYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEt
ODg0ZTgxYTE3ODZhLzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEtODg0ZTgxYTE3ODZh
LzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAntTPVFlY
iYe9p9v44DvSmjTHDxfOp7vhE2eAVVDzVqFwC1g9tjjJZ02uBtQ3nJD9WeHjGSf1
mlQgc7UdTh+s5uLvXlRwsOc31wu3xk1LpqNJ8OtdBHA36wrAbp7QmyJAp8px1L0g
m2Eg2EHuAbnaBWcpu/QQ4ORmDE/o5FoLi7yfSwQGjvnsIwjQrOBa+hRLF4EO3t6w
d+PgMQ98iZ8Gx2seEnuwnIzBekj3kyEZzlS2Q5Uz3z5hSPnJQkxShyPdzlV0ce2J
qkk0DlU/qLrRPMc5VSSTIV+z5S+JLZmfwMyCDGENCb9J6njdx55YYqQbYm4kMnjn
VnEK7rN5YtjMvQ==
-----END CERTIFICATE-----