Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
File:                     3k_14NZGWzwsc6LG4Q5WovpzFic.mft (raw, json)
Hash identifier:          mR6DHwEOWjoV5ca5LRT/G/Q7JmsNwTKXsQCgX0Ibvd4=
Subject key identifier:   92:3F:B6:66:49:92:AD:30:3A:05:D7:50:59:C6:46:CF:72:84:D8:25
Authority key identifier: DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27
Certificate issuer:       /CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
Certificate serial:       01976C986FCD4DC7449B3BA6272AD5B27235
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
Manifest number:          0D27
Signing time:             Sat 14 Jun 2025 04:00:18 +0000
Manifest this update:     Sat 14 Jun 2025 04:00:18 +0000
Manifest next update:     Sun 15 Jun 2025 04:00:18 +0000
Files and hashes:         1: 3k_14NZGWzwsc6LG4Q5WovpzFic.crl (hash: GYHrRw1jANqOKql6l1e8PA2Bq2HLmI/62mvO15tIzCg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:98:6f:cd:4d:c7:44:9b:3b:a6:27:2a:d5:b2:72:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
        Validity
            Not Before: Jun 14 04:00:18 2025 GMT
            Not After : Jun 15 04:00:18 2025 GMT
        Subject: CN=923fb6664992ad303a05d75059c646cf7284d825
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:81:63:b3:8d:d5:67:dd:dd:5e:3f:53:ba:17:
                    8a:f0:9e:0d:e3:d9:57:cd:d2:af:e0:03:23:68:f1:
                    8b:b3:2e:94:58:be:05:80:07:5c:a2:dc:2b:ef:a4:
                    a6:ee:ef:90:0d:41:80:2e:52:a9:f8:9d:b0:15:8a:
                    1f:05:04:17:79:25:ff:43:da:f0:ca:8b:74:80:57:
                    50:d7:c8:91:57:71:85:8c:84:fe:9f:61:b7:33:eb:
                    54:36:5b:ea:4f:c9:01:ff:d0:fe:86:b3:d0:b8:fd:
                    87:58:8c:4c:71:ed:ff:dc:03:86:c1:49:e5:a1:05:
                    f4:d7:ab:02:06:7f:15:0b:0c:b2:f6:e8:ea:7a:a0:
                    86:fa:43:76:9a:0d:89:da:6b:91:6c:6c:bf:ab:1d:
                    b9:ac:93:55:10:a2:da:8b:3a:ba:db:e4:4e:9c:b6:
                    06:c0:fd:92:5e:01:bd:24:99:a5:b9:b0:15:e6:4a:
                    92:27:ce:eb:bc:af:7b:95:3b:5e:90:7c:7d:2e:f1:
                    bf:73:c3:7f:00:a0:9b:11:ef:af:13:e5:cb:30:53:
                    f7:f3:ec:98:e8:09:f5:cf:81:fd:70:cf:46:68:70:
                    17:8e:58:3d:81:5f:c4:36:39:dc:d9:d9:3a:79:4d:
                    09:c3:e9:b7:48:c7:89:df:1c:f1:10:36:81:4d:64:
                    79:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:3F:B6:66:49:92:AD:30:3A:05:D7:50:59:C6:46:CF:72:84:D8:25
            X509v3 Authority Key Identifier:
                keyid:DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:96:37:a9:17:31:23:88:a1:8b:b1:16:a2:ca:98:83:3f:6a:
         ff:a2:65:dc:05:3a:ce:91:f4:41:c4:cd:56:81:93:13:93:3a:
         ad:0e:96:aa:9a:c3:45:4c:a3:ec:6e:7f:c5:fc:de:8c:24:02:
         ee:18:18:94:6c:cf:97:d0:e6:89:24:26:82:a7:80:4f:11:9e:
         25:ff:db:42:80:fd:07:14:73:c1:31:b0:32:e8:4f:ce:2a:be:
         79:5e:22:83:5b:50:4f:ef:29:fe:b0:f3:91:2e:a0:72:53:72:
         d5:9f:3d:a7:86:cc:57:da:75:e6:b9:24:7d:e6:e1:ed:bf:3f:
         4c:46:d2:9c:7e:80:b3:b1:a2:a6:69:1e:ef:fd:9c:5f:e8:95:
         4e:78:ac:da:2b:74:f7:56:e1:94:2b:28:8e:ed:be:41:ba:32:
         2f:45:0f:4d:3f:b9:a3:a5:30:63:52:8c:61:2f:05:2b:57:92:
         46:be:07:2b:7f:5c:cf:66:2a:e6:1e:76:a3:e4:7c:1d:29:aa:
         27:5c:c5:4a:2c:45:17:ce:29:8d:e8:fb:27:62:d1:a8:bc:3d:
         1e:d6:00:03:98:99:80:75:68:aa:22:a0:86:b5:c9:95:8e:35:
         82:af:c8:96:9d:00:eb:92:1c:0f:66:85:05:76:da:1b:5d:da:
         65:89:2f:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmG/NTcdEmzumJyrVsnI1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNGZmNWUwZDY0NjViM2MyYzczYTJjNmUxMGU1NmEyZmE3
MzE2MjcwHhcNMjUwNjE0MDQwMDE4WhcNMjUwNjE1MDQwMDE4WjAzMTEwLwYDVQQD
Eyg5MjNmYjY2NjQ5OTJhZDMwM2EwNWQ3NTA1OWM2NDZjZjcyODRkODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YFjs43VZ93dXj9TuheK8J4N49lX
zdKv4AMjaPGLsy6UWL4FgAdcotwr76Sm7u+QDUGALlKp+J2wFYofBQQXeSX/Q9rw
yot0gFdQ18iRV3GFjIT+n2G3M+tUNlvqT8kB/9D+hrPQuP2HWIxMce3/3AOGwUnl
oQX016sCBn8VCwyy9ujqeqCG+kN2mg2J2muRbGy/qx25rJNVEKLaizq62+ROnLYG
wP2SXgG9JJmlubAV5kqSJ87rvK97lTtekHx9LvG/c8N/AKCbEe+vE+XLMFP38+yY
6An1z4H9cM9GaHAXjlg9gV/ENjnc2dk6eU0Jw+m3SMeJ3xzxEDaBTWR5twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJI/tmZJkq0wOgXXUFnGRs9yhNglMB8GA1UdIwQY
MBaAFN5P9eDWRls8LHOixuEOVqL6cxYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEt
ODg0ZTgxYTE3ODZhLzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEtODg0ZTgxYTE3ODZh
LzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcpY3qRcx
I4ihi7EWosqYgz9q/6Jl3AU6zpH0QcTNVoGTE5M6rQ6WqprDRUyj7G5/xfzejCQC
7hgYlGzPl9DmiSQmgqeATxGeJf/bQoD9BxRzwTGwMuhPziq+eV4ig1tQT+8p/rDz
kS6gclNy1Z89p4bMV9p15rkkfebh7b8/TEbSnH6As7Gipmke7/2cX+iVTnis2it0
91bhlCsoju2+QboyL0UPTT+5o6UwY1KMYS8FK1eSRr4HK39cz2Yq5h52o+R8HSmq
J1zFSixFF84pjej7J2LRqLw9HtYAA5iZgHVoqiKghrXJlY41gq/Ilp0A65IcD2aF
BXbaG13aZYkvFQ==
-----END CERTIFICATE-----