Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
File:                     03h3GhBvaw0FSld4U1aSLK8C40M.mft (raw, json)
Hash identifier:          bp7I03ijNeOyrNw9r5eWxUVQj29ao/SMbSrq+SPVNGc=
Subject key identifier:   F8:4C:A4:9D:5E:40:6B:60:75:0F:F8:07:19:83:B6:E2:E4:68:98:F4
Authority key identifier: D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43
Certificate issuer:       /CN=d378771a106f6b0d054a57785356922caf02e343
Certificate serial:       01974EC503DA735BEB25DECA3C1289EAB050
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
Manifest number:          0929
Signing time:             Sun 08 Jun 2025 09:00:23 +0000
Manifest this update:     Sun 08 Jun 2025 09:00:23 +0000
Manifest next update:     Mon 09 Jun 2025 09:00:23 +0000
Files and hashes:         1: 03h3GhBvaw0FSld4U1aSLK8C40M.crl (hash: lm7bx+oASKQd6bQeczHhQ0j+XeAjJVksirlLckc4RbA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 09:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:c5:03:da:73:5b:eb:25:de:ca:3c:12:89:ea:b0:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d378771a106f6b0d054a57785356922caf02e343
        Validity
            Not Before: Jun  8 09:00:23 2025 GMT
            Not After : Jun  9 09:00:23 2025 GMT
        Subject: CN=f84ca49d5e406b60750ff8071983b6e2e46898f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:ef:83:17:b7:fb:c4:a6:2b:02:6a:a9:27:05:
                    a9:40:1f:1f:6f:a2:a7:cd:d8:19:30:17:f4:22:62:
                    1e:86:61:ef:fb:6e:be:f9:09:e5:27:d1:9a:eb:9f:
                    40:eb:68:0d:e8:63:a4:7f:e3:6a:a8:0b:46:59:d2:
                    b0:5a:b2:23:bb:1f:3c:e8:c9:e6:22:6d:89:fa:c1:
                    dc:af:5b:40:21:35:96:46:0a:51:8f:ac:cc:a9:ca:
                    53:1c:02:9e:ac:9d:cc:19:8d:61:ae:ab:87:d4:60:
                    17:f4:21:d4:b4:36:ed:1c:02:ac:ae:85:a5:bf:f5:
                    7d:5b:2b:7a:08:fd:4d:6a:d0:09:18:77:f2:1f:e7:
                    29:ee:ef:5f:41:65:1e:2c:98:b9:f3:33:7f:e9:1f:
                    91:df:89:ae:36:8a:8f:08:eb:d8:96:55:99:36:e5:
                    e8:6a:2c:87:a5:ce:3d:7b:e5:6f:d0:00:24:79:a8:
                    70:31:26:bb:10:71:58:b8:d5:e3:ce:b3:39:f1:69:
                    c5:b4:8b:b8:10:0f:53:e1:2d:3d:2f:78:db:39:ab:
                    ea:ca:8c:45:51:b0:54:36:ad:7e:24:5b:63:1f:5a:
                    8f:6b:cb:f1:e8:dd:11:5a:69:e7:81:72:7f:0a:29:
                    93:ac:49:82:e0:7b:a3:e8:c6:60:cb:eb:f9:66:34:
                    12:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:4C:A4:9D:5E:40:6B:60:75:0F:F8:07:19:83:B6:E2:E4:68:98:F4
            X509v3 Authority Key Identifier:
                keyid:D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:47:78:23:23:ac:15:da:3b:82:51:01:4d:e1:a1:6c:05:d3:
         24:0a:bd:fc:63:9e:f1:cf:06:a1:45:30:cb:21:31:17:d8:aa:
         c2:0f:26:bb:e0:42:fa:b8:b9:c6:d6:21:13:fa:ea:fc:ee:1e:
         61:24:6b:db:7c:13:06:07:85:07:7f:c7:33:3b:74:26:31:2f:
         0e:f7:da:03:09:65:07:23:76:39:81:52:ac:51:a1:1d:23:ba:
         d0:e9:dc:de:f2:9b:22:26:f3:75:dc:c3:c9:6c:3a:96:39:27:
         bf:8f:b7:f2:7f:19:ca:e5:af:19:e8:76:67:22:a3:31:04:cf:
         c0:b5:9b:d8:68:d5:66:7b:eb:2b:88:db:a7:7e:f6:36:98:5e:
         70:bc:49:be:59:85:fe:61:fc:49:f6:a1:c8:21:54:64:87:88:
         53:ea:b1:21:ec:50:10:e0:e3:7e:0c:7f:59:b2:35:50:c3:0c:
         51:be:cd:34:72:ec:b4:e4:f3:c9:1a:d1:0f:a9:73:f4:99:b3:
         98:e4:f3:46:e3:5b:e9:bf:3a:88:8d:2b:bd:1f:73:70:dd:42:
         c4:ee:b3:1d:13:57:89:6f:d4:64:17:dd:11:f9:7e:39:5d:8d:
         95:be:71:6c:d6:98:ee:be:42:6a:b0:3b:1d:a7:5f:cf:e8:e8:
         62:a4:68:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOxQPac1vrJd7KPBKJ6rBQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNzg3NzFhMTA2ZjZiMGQwNTRhNTc3ODUzNTY5MjJjYWYw
MmUzNDMwHhcNMjUwNjA4MDkwMDIzWhcNMjUwNjA5MDkwMDIzWjAzMTEwLwYDVQQD
EyhmODRjYTQ5ZDVlNDA2YjYwNzUwZmY4MDcxOTgzYjZlMmU0Njg5OGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiO+DF7f7xKYrAmqpJwWpQB8fb6Kn
zdgZMBf0ImIehmHv+26++QnlJ9Ga659A62gN6GOkf+NqqAtGWdKwWrIjux886Mnm
Im2J+sHcr1tAITWWRgpRj6zMqcpTHAKerJ3MGY1hrquH1GAX9CHUtDbtHAKsroWl
v/V9Wyt6CP1NatAJGHfyH+cp7u9fQWUeLJi58zN/6R+R34muNoqPCOvYllWZNuXo
aiyHpc49e+Vv0AAkeahwMSa7EHFYuNXjzrM58WnFtIu4EA9T4S09L3jbOavqyoxF
UbBUNq1+JFtjH1qPa8vx6N0RWmnngXJ/CimTrEmC4Huj6MZgy+v5ZjQSYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPhMpJ1eQGtgdQ/4BxmDtuLkaJj0MB8GA1UdIwQY
MBaAFNN4dxoQb2sNBUpXeFNWkiyvAuNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEt
NTQ3MTdmNzJjYTU5LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEtNTQ3MTdmNzJjYTU5
LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIEd4IyOs
Fdo7glEBTeGhbAXTJAq9/GOe8c8GoUUwyyExF9iqwg8mu+BC+ri5xtYhE/rq/O4e
YSRr23wTBgeFB3/HMzt0JjEvDvfaAwllByN2OYFSrFGhHSO60Onc3vKbIibzddzD
yWw6ljknv4+38n8ZyuWvGeh2ZyKjMQTPwLWb2GjVZnvrK4jbp372NphecLxJvlmF
/mH8SfahyCFUZIeIU+qxIexQEODjfgx/WbI1UMMMUb7NNHLstOTzyRrRD6lz9Jmz
mOTzRuNb6b86iI0rvR9zcN1CxO6zHRNXiW/UZBfdEfl+OV2Nlb5xbNaY7r5CarA7
Hadfz+joYqRoxQ==
-----END CERTIFICATE-----