Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
File:                     3DU3KrVODfO_UU1fCMpS5De9kaQ.mft (raw, json)
Hash identifier:          5haCl17Xo5gSk29PPCLir+8PkBxv/chUGdeOTSbEMf8=
Subject key identifier:   DE:6F:A3:87:4B:E4:E2:6C:C8:AB:CA:F9:81:4C:A0:3B:09:1C:89:75
Authority key identifier: DC:35:37:2A:B5:4E:0D:F3:BF:51:4D:5F:08:CA:52:E4:37:BD:91:A4
Certificate issuer:       /CN=dc35372ab54e0df3bf514d5f08ca52e437bd91a4
Certificate serial:       01974A0CF40B71FF4E173153C40F1AFD84D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
Manifest number:          04CE
Signing time:             Sat 07 Jun 2025 11:00:52 +0000
Manifest this update:     Sat 07 Jun 2025 11:00:52 +0000
Manifest next update:     Sun 08 Jun 2025 11:00:52 +0000
Files and hashes:         1: 3DU3KrVODfO_UU1fCMpS5De9kaQ.crl (hash: nc/v+URdh2RXheAGOQa+NexfnIM/9GQDK/69YLj5Ew8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:0c:f4:0b:71:ff:4e:17:31:53:c4:0f:1a:fd:84:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc35372ab54e0df3bf514d5f08ca52e437bd91a4
        Validity
            Not Before: Jun  7 11:00:52 2025 GMT
            Not After : Jun  8 11:00:52 2025 GMT
        Subject: CN=de6fa3874be4e26cc8abcaf9814ca03b091c8975
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:89:ff:b9:a6:84:a0:70:fc:b2:5c:a0:d0:c6:
                    0d:e4:30:e2:aa:52:1b:3a:b9:2d:54:aa:bc:27:ee:
                    ac:2e:cf:7e:c2:38:5c:f6:ce:d0:62:36:a0:37:85:
                    b8:45:aa:e7:77:2c:34:97:9f:df:89:d9:7b:49:5c:
                    e3:5f:f5:b5:a1:a2:12:d3:6e:22:80:bb:e4:a8:e7:
                    0d:dd:32:5d:d3:b6:f0:76:ab:02:f6:7c:b8:ed:0c:
                    a5:36:e8:c6:31:fb:a1:0a:1d:e4:df:89:44:b9:21:
                    e3:f6:18:9e:24:a0:76:1c:9f:cf:6d:ad:1f:5f:11:
                    f1:11:d3:a3:fb:c8:04:91:0f:4a:de:3f:51:c2:1f:
                    8d:7d:19:f1:00:fa:c5:08:f1:4e:09:0b:cd:2f:a5:
                    8d:04:82:9d:e6:0c:de:39:9d:f8:3a:84:32:92:f9:
                    b3:d7:25:fa:66:40:54:1c:cf:9f:a2:24:93:96:77:
                    f4:5a:d1:8f:dd:c0:42:6d:47:55:02:d2:04:cc:97:
                    7f:f7:56:8a:43:a7:6c:3d:73:f1:88:f7:0a:38:9e:
                    ae:67:8f:96:73:7d:a4:7f:81:ab:29:6f:03:c6:a9:
                    52:d4:65:4a:4b:af:41:48:af:e4:be:78:41:81:15:
                    a8:86:2f:e1:ee:40:3f:a0:65:2f:fc:ff:8f:86:cb:
                    65:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:6F:A3:87:4B:E4:E2:6C:C8:AB:CA:F9:81:4C:A0:3B:09:1C:89:75
            X509v3 Authority Key Identifier:
                keyid:DC:35:37:2A:B5:4E:0D:F3:BF:51:4D:5F:08:CA:52:E4:37:BD:91:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:a3:1f:46:79:6d:d0:4c:6e:cc:3a:fe:b7:13:b6:13:a1:5b:
         0a:a3:ad:4e:c8:73:8f:7f:54:2b:07:bd:82:69:ec:83:63:3c:
         65:74:99:88:4c:b1:c2:c7:a8:28:c7:0a:27:1b:e4:59:3d:8c:
         d0:91:d1:83:f8:6d:c1:90:e0:3e:b6:b5:0f:b6:39:14:92:d4:
         c2:10:d6:26:7c:5a:74:de:fa:b8:fb:1a:12:85:fe:e7:3c:14:
         6b:10:50:3f:d2:0a:40:31:a5:0e:ad:5f:9e:07:ff:77:64:6e:
         90:2f:ed:ce:6a:15:f7:ba:88:d6:e5:84:6e:f7:96:f1:ed:5c:
         9e:ab:70:f6:7e:49:d1:d6:15:79:63:95:ba:3f:cc:a9:82:51:
         3d:16:d0:3b:74:6d:5d:ec:35:0d:1c:cb:a5:af:3a:97:79:33:
         6f:55:ce:21:e8:bb:82:e8:a4:67:8b:bd:22:5d:12:05:61:0a:
         4a:60:93:35:c9:05:f4:e3:6d:fd:ab:42:97:31:c1:f7:73:dd:
         76:4e:06:e2:e9:70:4e:fa:e7:26:95:e0:c1:52:36:b7:20:cb:
         3c:8d:7a:9d:51:63:02:9a:9f:42:d7:b0:a6:9d:16:91:89:24:
         25:29:33:b3:8d:40:d6:9c:c1:6f:a9:19:0b:7c:43:f8:a2:e5:
         2f:9f:79:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKDPQLcf9OFzFTxA8a/YTSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzUzNzJhYjU0ZTBkZjNiZjUxNGQ1ZjA4Y2E1MmU0Mzdi
ZDkxYTQwHhcNMjUwNjA3MTEwMDUyWhcNMjUwNjA4MTEwMDUyWjAzMTEwLwYDVQQD
EyhkZTZmYTM4NzRiZTRlMjZjYzhhYmNhZjk4MTRjYTAzYjA5MWM4OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIn/uaaEoHD8slyg0MYN5DDiqlIb
OrktVKq8J+6sLs9+wjhc9s7QYjagN4W4Rarndyw0l5/fidl7SVzjX/W1oaIS024i
gLvkqOcN3TJd07bwdqsC9ny47QylNujGMfuhCh3k34lEuSHj9hieJKB2HJ/Pba0f
XxHxEdOj+8gEkQ9K3j9Rwh+NfRnxAPrFCPFOCQvNL6WNBIKd5gzeOZ34OoQykvmz
1yX6ZkBUHM+foiSTlnf0WtGP3cBCbUdVAtIEzJd/91aKQ6dsPXPxiPcKOJ6uZ4+W
c32kf4GrKW8DxqlS1GVKS69BSK/kvnhBgRWohi/h7kA/oGUv/P+PhstlUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN5vo4dL5OJsyKvK+YFMoDsJHIl1MB8GA1UdIwQY
MBaAFNw1Nyq1Tg3zv1FNXwjKUuQ3vZGkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9iMWEzNGYtOTNhMy00MWIwLWIwOTYt
MTk3N2FjMjRkMjExLzEvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9iMWEzNGYtOTNhMy00MWIwLWIwOTYtMTk3N2FjMjRkMjEx
LzEvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFKMfRnlt
0ExuzDr+txO2E6FbCqOtTshzj39UKwe9gmnsg2M8ZXSZiEyxwseoKMcKJxvkWT2M
0JHRg/htwZDgPra1D7Y5FJLUwhDWJnxadN76uPsaEoX+5zwUaxBQP9IKQDGlDq1f
ngf/d2RukC/tzmoV97qI1uWEbveW8e1cnqtw9n5J0dYVeWOVuj/MqYJRPRbQO3Rt
Xew1DRzLpa86l3kzb1XOIei7guikZ4u9Il0SBWEKSmCTNckF9ONt/atClzHB93Pd
dk4G4ulwTvrnJpXgwVI2tyDLPI16nVFjApqfQtewpp0WkYkkJSkzs41A1pzBb6kZ
C3xD+KLlL595sw==
-----END CERTIFICATE-----