Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
File:                     3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft (raw, json)
Hash identifier:          BGBP83gxBe1cK7KCwsPYTtiu63FNdJN37umdEtmehcM=
Subject key identifier:   58:38:65:2F:BD:48:40:66:46:A7:75:58:40:2A:C5:3B:E7:4D:41:B1
Authority key identifier: DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07
Certificate issuer:       /CN=de17fd66577b3ed358b3862a7dd980944a85d507
Certificate serial:       01974B8DB7B406EC54087BF4FCBB8434ED87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
Manifest number:          013C
Signing time:             Sat 07 Jun 2025 18:01:07 +0000
Manifest this update:     Sat 07 Jun 2025 18:01:07 +0000
Manifest next update:     Sun 08 Jun 2025 18:01:07 +0000
Files and hashes:         1: 3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl (hash: T7teLngX0WcbvERjvP4U7E8RIaLD4TByKIWvpJ51ZkY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:8d:b7:b4:06:ec:54:08:7b:f4:fc:bb:84:34:ed:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de17fd66577b3ed358b3862a7dd980944a85d507
        Validity
            Not Before: Jun  7 18:01:07 2025 GMT
            Not After : Jun  8 18:01:07 2025 GMT
        Subject: CN=5838652fbd48406646a77558402ac53be74d41b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:82:cd:74:e8:be:f8:38:07:8b:d2:51:06:c4:
                    c1:9c:99:1e:36:3f:60:c6:2f:34:48:1c:1a:a5:9a:
                    8c:05:33:42:99:88:ee:0b:bc:08:71:12:1d:12:97:
                    1c:22:48:5f:79:df:9e:ef:e9:25:23:81:fd:4c:b3:
                    e4:6f:e2:5a:28:2d:4e:91:b0:c7:89:17:cc:08:15:
                    b3:3f:73:91:80:54:65:6f:8d:a8:b6:80:45:7d:a8:
                    7a:6e:ad:19:37:47:fd:13:6c:ff:86:7d:18:39:74:
                    f7:90:ae:5b:da:94:c9:04:2b:0c:65:88:6a:74:0a:
                    58:23:a4:ad:b0:22:2d:ae:84:22:f3:7c:46:ab:7d:
                    1f:24:16:ca:25:bf:36:c5:5d:35:f8:a4:49:63:e2:
                    03:24:0e:4b:99:ca:01:a6:63:6c:ad:2c:8f:21:9a:
                    8b:90:54:83:e0:fa:b3:9a:1c:dc:f3:f3:b5:d8:04:
                    c9:79:a3:c7:54:c0:d5:29:8a:cd:a5:0c:26:c3:d1:
                    6c:73:70:13:26:33:48:56:2a:c7:ba:0c:d6:18:28:
                    86:9b:98:6c:e7:71:2e:0e:f1:9d:72:f7:4d:7b:f9:
                    f2:cc:97:c0:95:1e:87:b3:e3:07:b5:17:50:33:2a:
                    85:02:89:76:5c:99:b8:6b:0a:bb:b8:8b:ad:ea:4f:
                    7d:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:38:65:2F:BD:48:40:66:46:A7:75:58:40:2A:C5:3B:E7:4D:41:B1
            X509v3 Authority Key Identifier:
                keyid:DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:ac:5f:f8:4b:1a:56:f1:c7:e9:f3:85:15:8b:a8:1e:7e:b8:
         e2:af:fd:e9:8f:9d:4d:04:f0:cd:66:03:7c:6d:65:8a:88:12:
         9e:7d:07:74:e0:19:50:35:33:db:10:1a:8f:98:12:6d:34:ce:
         a4:19:af:ca:4e:23:2c:11:84:26:76:4d:fd:21:43:28:09:31:
         80:9d:1b:9e:22:96:f7:4a:3e:52:5e:a2:85:a8:9a:17:fd:01:
         2b:a5:e2:ef:01:d7:11:ba:53:f7:ee:a9:25:bd:c2:c5:3c:47:
         0a:0f:5b:c3:68:17:8c:02:8b:dd:73:21:c9:df:6d:2e:a0:14:
         84:5c:45:d6:57:99:a8:b0:cf:c0:11:96:1c:62:ed:d9:11:a8:
         f4:ba:0a:f1:1d:a1:7e:87:3e:bc:0e:b1:49:ce:4a:cf:04:7a:
         9d:0f:9f:ce:e1:e4:82:b8:2e:83:13:99:ac:49:2f:b9:b0:cc:
         31:17:b1:c3:aa:a8:f7:e0:df:f1:5b:02:21:7d:00:f4:d5:d0:
         5f:c7:fc:9b:f3:49:5c:0d:7d:19:d5:d7:f0:79:ca:0e:c7:68:
         3e:fa:ee:3a:30:66:a0:9b:c8:4b:4d:91:0f:b5:47:41:b5:9f:
         f9:94:a7:94:a7:a5:34:31:74:b3:34:e0:36:62:9d:5f:9b:5d:
         43:3f:5f:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLjbe0BuxUCHv0/LuENO2HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTdmZDY2NTc3YjNlZDM1OGIzODYyYTdkZDk4MDk0NGE4
NWQ1MDcwHhcNMjUwNjA3MTgwMTA3WhcNMjUwNjA4MTgwMTA3WjAzMTEwLwYDVQQD
Eyg1ODM4NjUyZmJkNDg0MDY2NDZhNzc1NTg0MDJhYzUzYmU3NGQ0MWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyILNdOi++DgHi9JRBsTBnJkeNj9g
xi80SBwapZqMBTNCmYjuC7wIcRIdEpccIkhfed+e7+klI4H9TLPkb+JaKC1OkbDH
iRfMCBWzP3ORgFRlb42otoBFfah6bq0ZN0f9E2z/hn0YOXT3kK5b2pTJBCsMZYhq
dApYI6StsCItroQi83xGq30fJBbKJb82xV01+KRJY+IDJA5LmcoBpmNsrSyPIZqL
kFSD4Pqzmhzc8/O12ATJeaPHVMDVKYrNpQwmw9Fsc3ATJjNIVirHugzWGCiGm5hs
53EuDvGdcvdNe/nyzJfAlR6Hs+MHtRdQMyqFAol2XJm4awq7uIut6k99EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFg4ZS+9SEBmRqd1WEAqxTvnTUGxMB8GA1UdIwQY
MBaAFN4X/WZXez7TWLOGKn3ZgJRKhdUHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAt
MjQyYzI1YzcyMDEyLzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAtMjQyYzI1YzcyMDEy
LzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAqxf+Esa
VvHH6fOFFYuoHn644q/96Y+dTQTwzWYDfG1liogSnn0HdOAZUDUz2xAaj5gSbTTO
pBmvyk4jLBGEJnZN/SFDKAkxgJ0bniKW90o+Ul6ihaiaF/0BK6Xi7wHXEbpT9+6p
Jb3CxTxHCg9bw2gXjAKL3XMhyd9tLqAUhFxF1leZqLDPwBGWHGLt2RGo9LoK8R2h
foc+vA6xSc5KzwR6nQ+fzuHkgrgugxOZrEkvubDMMRexw6qo9+Df8VsCIX0A9NXQ
X8f8m/NJXA19GdXX8HnKDsdoPvruOjBmoJvIS02RD7VHQbWf+ZSnlKelNDF0szTg
NmKdX5tdQz9f/A==
-----END CERTIFICATE-----