Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
File:                     tj8U3_NUhamVlBKGMDe4XfqfE9g.mft (raw, json)
Hash identifier:          UZl6EvQUf0q3fS85JiveUBqtoqXH4hNfMQi7yi84+18=
Subject key identifier:   8A:1E:1E:E0:3B:94:BC:97:E7:9D:89:11:8B:47:F8:1A:6A:91:B0:00
Authority key identifier: B6:3F:14:DF:F3:54:85:A9:95:94:12:86:30:37:B8:5D:FA:9F:13:D8
Certificate issuer:       /CN=b63f14dff35485a9959412863037b85dfa9f13d8
Certificate serial:       019749D5CD4BF94A1477FAD5CED94508CAA6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
Manifest number:          04B2
Signing time:             Sat 07 Jun 2025 10:00:37 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:37 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:37 +0000
Files and hashes:         1: tj8U3_NUhamVlBKGMDe4XfqfE9g.crl (hash: /VunyyyDsgFse3/gkeNCs3U0F19UJ+yXsK5ALzgii2A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d5:cd:4b:f9:4a:14:77:fa:d5:ce:d9:45:08:ca:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b63f14dff35485a9959412863037b85dfa9f13d8
        Validity
            Not Before: Jun  7 10:00:37 2025 GMT
            Not After : Jun  8 10:00:37 2025 GMT
        Subject: CN=8a1e1ee03b94bc97e79d89118b47f81a6a91b000
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:31:45:ee:a1:7b:94:ed:b9:34:9d:26:5c:90:
                    6c:48:3a:6f:aa:60:d4:fd:6e:d1:de:7e:24:18:d7:
                    32:ee:12:8e:e2:e4:22:c2:d9:18:d5:81:80:54:d0:
                    9a:46:23:c4:ce:72:e5:7c:ba:03:bf:ea:6d:5c:b3:
                    a7:f0:bd:1b:4d:84:5e:bf:86:1f:11:36:f2:92:d1:
                    b7:f9:5a:ca:e5:d6:59:76:c9:95:ce:00:dd:88:33:
                    70:ae:a4:db:e5:7e:c5:58:d6:fd:51:96:91:f3:fd:
                    d7:3a:c7:e5:99:03:14:30:c3:2f:ef:e2:0f:8c:83:
                    70:ec:07:f3:93:78:48:1a:89:eb:82:2e:69:8b:00:
                    0c:95:48:41:1f:cd:06:97:f7:65:a8:13:55:9c:37:
                    08:37:e5:7d:c1:c3:e9:68:de:fe:e4:8e:2b:a1:ad:
                    71:c6:68:c8:68:33:6e:66:d0:08:ad:c3:69:fc:ad:
                    d1:95:0f:81:8d:67:b7:e4:ee:6d:7b:69:e3:1f:ad:
                    cf:42:e4:04:04:df:5a:d3:b9:a2:47:c1:64:cb:b1:
                    cc:df:fb:dd:91:11:79:77:d2:be:17:d9:60:23:1b:
                    a7:5b:9a:25:6e:1c:7d:04:3a:3c:fb:95:7e:ba:d9:
                    42:54:86:9e:cc:90:34:1b:e0:60:01:31:5d:b6:de:
                    43:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:1E:1E:E0:3B:94:BC:97:E7:9D:89:11:8B:47:F8:1A:6A:91:B0:00
            X509v3 Authority Key Identifier:
                keyid:B6:3F:14:DF:F3:54:85:A9:95:94:12:86:30:37:B8:5D:FA:9F:13:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:aa:0e:18:12:a1:78:ae:12:7a:5f:3b:90:6b:22:39:0d:00:
         34:f9:73:89:97:ee:32:da:55:1b:4d:82:a6:83:ab:bf:72:a5:
         71:a9:18:dc:19:60:9b:6d:61:09:ea:c5:97:46:11:63:cc:6a:
         15:5f:72:37:55:31:df:a3:65:a2:a7:c4:9a:3e:20:bb:89:5d:
         d0:cc:e2:bb:66:f4:b4:8d:96:91:59:f0:a2:16:f5:90:16:92:
         28:32:54:52:b3:2f:50:33:79:3f:51:23:b0:6d:e6:82:97:5e:
         2e:8c:54:50:84:7f:81:98:7e:bf:c5:61:3f:6f:4f:ed:52:71:
         7d:f6:48:1d:46:41:e3:51:b9:40:39:7f:de:13:71:8e:38:8f:
         3f:84:b3:6e:74:1b:de:b2:df:bc:89:f9:79:6f:76:69:82:05:
         9d:8f:c7:4a:84:26:ea:9d:35:e6:3b:44:6d:ff:99:8f:66:47:
         73:ec:47:b2:d6:63:3b:fb:fd:79:41:a8:af:e9:2e:ca:b2:29:
         64:40:99:82:91:bb:28:19:14:13:48:d2:53:de:79:31:12:c4:
         72:cf:81:cf:a8:fb:30:e0:29:a0:99:03:29:5c:b0:da:c1:6a:
         1e:21:d9:30:e0:1c:44:60:03:d2:89:0d:d7:da:4e:56:2f:af:
         ea:78:16:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1c1L+UoUd/rVztlFCMqmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2M2YxNGRmZjM1NDg1YTk5NTk0MTI4NjMwMzdiODVkZmE5
ZjEzZDgwHhcNMjUwNjA3MTAwMDM3WhcNMjUwNjA4MTAwMDM3WjAzMTEwLwYDVQQD
Eyg4YTFlMWVlMDNiOTRiYzk3ZTc5ZDg5MTE4YjQ3ZjgxYTZhOTFiMDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTFF7qF7lO25NJ0mXJBsSDpvqmDU
/W7R3n4kGNcy7hKO4uQiwtkY1YGAVNCaRiPEznLlfLoDv+ptXLOn8L0bTYRev4Yf
ETbyktG3+VrK5dZZdsmVzgDdiDNwrqTb5X7FWNb9UZaR8/3XOsflmQMUMMMv7+IP
jINw7Afzk3hIGonrgi5piwAMlUhBH80Gl/dlqBNVnDcIN+V9wcPpaN7+5I4roa1x
xmjIaDNuZtAIrcNp/K3RlQ+BjWe35O5te2njH63PQuQEBN9a07miR8Fky7HM3/vd
kRF5d9K+F9lgIxunW5olbhx9BDo8+5V+utlCVIaezJA0G+BgATFdtt5D8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIoeHuA7lLyX552JEYtH+BpqkbAAMB8GA1UdIwQY
MBaAFLY/FN/zVIWplZQShjA3uF36nxPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zYmM4NjUtMzg2Yi00YmVhLWFiYTAt
NjZjOThjMDFkZmQ3LzEvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zYmM4NjUtMzg2Yi00YmVhLWFiYTAtNjZjOThjMDFkZmQ3
LzEvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd6oOGBKh
eK4Sel87kGsiOQ0ANPlziZfuMtpVG02CpoOrv3KlcakY3Blgm21hCerFl0YRY8xq
FV9yN1Ux36NloqfEmj4gu4ld0Mziu2b0tI2WkVnwohb1kBaSKDJUUrMvUDN5P1Ej
sG3mgpdeLoxUUIR/gZh+v8VhP29P7VJxffZIHUZB41G5QDl/3hNxjjiPP4SzbnQb
3rLfvIn5eW92aYIFnY/HSoQm6p015jtEbf+Zj2ZHc+xHstZjO/v9eUGor+kuyrIp
ZECZgpG7KBkUE0jSU955MRLEcs+Bz6j7MOApoJkDKVyw2sFqHiHZMOAcRGAD0okN
19pOVi+v6ngW0g==
-----END CERTIFICATE-----