Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
File:                     db3TijiDJA5GxLGsi7-DF96P-IU.mft (raw, json)
Hash identifier:          wnm7VZpmjQL+jGWBo4xuh3yhJLEPRyup56dQxU+LTOs=
Subject key identifier:   1A:59:72:B8:14:14:F6:FC:FB:14:62:FD:A5:A8:77:FC:96:05:BA:EC
Authority key identifier: 75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85
Certificate issuer:       /CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885
Certificate serial:       019749D6142D836864B1852489FB55AA3A18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
Manifest number:          1289
Signing time:             Sat 07 Jun 2025 10:00:56 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:56 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:56 +0000
Files and hashes:         1: db3TijiDJA5GxLGsi7-DF96P-IU.crl (hash: trzBIwdla8A5/hHsC/rlLhyJxUa0XDSkxc4V5xFr0/U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d6:14:2d:83:68:64:b1:85:24:89:fb:55:aa:3a:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885
        Validity
            Not Before: Jun  7 10:00:56 2025 GMT
            Not After : Jun  8 10:00:56 2025 GMT
        Subject: CN=1a5972b81414f6fcfb1462fda5a877fc9605baec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d1:b9:36:c9:0a:9c:0c:4d:c0:07:48:8f:cc:
                    bc:3b:7c:13:d0:30:53:66:b6:47:ec:ec:10:78:d0:
                    70:d0:2f:02:ef:de:58:80:a0:26:9a:77:97:17:83:
                    bf:12:0c:3e:64:59:df:26:da:27:c3:cb:87:a5:9b:
                    e6:a3:0c:d0:12:16:8b:56:27:52:c1:12:3c:a9:22:
                    29:34:92:6e:90:84:24:64:21:09:02:0c:47:e5:d2:
                    b1:1e:d6:9e:32:5c:10:de:29:28:e2:2f:e2:69:c2:
                    cb:7a:2d:85:25:0b:64:b5:8e:94:ee:05:08:ac:9c:
                    8e:9a:5b:70:01:bc:67:00:04:75:94:61:54:de:63:
                    d5:e6:1e:25:d5:b1:e6:5c:ef:fa:4c:ec:d4:1e:9e:
                    00:8b:75:80:16:67:1f:45:8d:92:a5:34:c3:33:d4:
                    88:5d:3f:09:6e:f1:49:08:24:43:d6:48:3e:08:bc:
                    5e:cb:92:13:c7:84:1a:f7:fe:31:5b:90:cb:0c:63:
                    fd:61:a9:f9:4b:96:9e:75:4e:48:ab:df:18:64:91:
                    86:d3:ac:01:89:db:3e:bc:12:fc:67:98:fe:22:38:
                    b6:fc:cf:91:8c:23:1c:ee:34:8b:ba:00:68:34:a3:
                    b0:ac:02:43:e0:af:45:09:0f:2c:1b:88:aa:16:19:
                    39:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:59:72:B8:14:14:F6:FC:FB:14:62:FD:A5:A8:77:FC:96:05:BA:EC
            X509v3 Authority Key Identifier:
                keyid:75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:40:50:de:29:5f:3c:1d:3c:a4:67:59:70:71:31:44:fc:f6:
         c9:a6:0f:48:b8:6a:53:1d:27:81:f3:3f:d7:85:1d:e1:12:82:
         a5:1e:06:c6:26:d5:5a:fe:c6:78:ff:ab:df:c9:46:4d:dc:93:
         3d:3b:27:dc:46:77:81:c9:6b:df:fc:d4:ef:a5:73:f4:26:fd:
         4d:d2:c0:a7:30:8d:cb:c4:bb:84:f7:d2:06:9c:f3:58:a7:8a:
         d1:00:b3:94:a3:fe:c0:b0:64:84:c5:37:88:14:7b:f8:00:18:
         61:65:83:dd:9d:19:0e:4a:c2:5a:65:27:11:c5:4e:c8:d3:23:
         5c:e7:ec:f8:14:53:9a:1f:22:80:30:57:b6:d5:99:07:a8:1a:
         01:30:0f:ab:e6:37:17:d5:32:34:c0:92:5f:05:b3:e9:cc:04:
         59:79:f8:28:4e:45:7d:e3:2a:1f:8e:59:6a:55:44:c4:c9:a7:
         59:7d:66:08:1f:57:7d:d5:37:39:1e:3a:15:1e:20:3d:ab:ea:
         5a:30:65:5f:88:ee:b5:cd:db:0f:d7:a5:54:80:8e:c5:e5:3a:
         03:17:d7:80:c8:8c:24:f7:58:ee:5a:b5:14:50:af:a8:c2:0d:
         9c:30:70:63:db:d6:b6:9e:fb:61:aa:2f:1a:03:48:2e:c7:80:
         e2:40:5e:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1hQtg2hksYUkiftVqjoYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YmRkMzhhMzg4MzI0MGU0NmM0YjFhYzhiYmY4MzE3ZGU4
ZmY4ODUwHhcNMjUwNjA3MTAwMDU2WhcNMjUwNjA4MTAwMDU2WjAzMTEwLwYDVQQD
EygxYTU5NzJiODE0MTRmNmZjZmIxNDYyZmRhNWE4NzdmYzk2MDViYWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdG5NskKnAxNwAdIj8y8O3wT0DBT
ZrZH7OwQeNBw0C8C795YgKAmmneXF4O/Egw+ZFnfJtonw8uHpZvmowzQEhaLVidS
wRI8qSIpNJJukIQkZCEJAgxH5dKxHtaeMlwQ3iko4i/iacLLei2FJQtktY6U7gUI
rJyOmltwAbxnAAR1lGFU3mPV5h4l1bHmXO/6TOzUHp4Ai3WAFmcfRY2SpTTDM9SI
XT8JbvFJCCRD1kg+CLxey5ITx4Qa9/4xW5DLDGP9Yan5S5aedU5Iq98YZJGG06wB
ids+vBL8Z5j+Iji2/M+RjCMc7jSLugBoNKOwrAJD4K9FCQ8sG4iqFhk5/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBpZcrgUFPb8+xRi/aWod/yWBbrsMB8GA1UdIwQY
MBaAFHW904o4gyQORsSxrIu/gxfej/iFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGIt
OGRhNjA1MzVlNmEwLzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGItOGRhNjA1MzVlNmEw
LzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXkBQ3ilf
PB08pGdZcHExRPz2yaYPSLhqUx0ngfM/14Ud4RKCpR4GxibVWv7GeP+r38lGTdyT
PTsn3EZ3gclr3/zU76Vz9Cb9TdLApzCNy8S7hPfSBpzzWKeK0QCzlKP+wLBkhMU3
iBR7+AAYYWWD3Z0ZDkrCWmUnEcVOyNMjXOfs+BRTmh8igDBXttWZB6gaATAPq+Y3
F9UyNMCSXwWz6cwEWXn4KE5FfeMqH45ZalVExMmnWX1mCB9XfdU3OR46FR4gPavq
WjBlX4jutc3bD9elVICOxeU6AxfXgMiMJPdY7lq1FFCvqMINnDBwY9vWtp77Yaov
GgNILseA4kBefA==
-----END CERTIFICATE-----