Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft
File:                     e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft (raw, json)
Hash identifier:          yjTUz8X+pvLdxr0DCNtJGq/BhJjpWEHxUaSsF3UUooY=
Subject key identifier:   02:F8:53:65:09:D0:DA:88:9B:41:DD:60:A4:12:B6:F3:3D:5B:DC:9D
Authority key identifier: 7B:78:73:F8:9C:2A:98:53:27:EA:79:96:26:74:23:A7:75:1C:61:69
Certificate issuer:       /CN=7b7873f89c2a985327ea7996267423a7751c6169
Certificate serial:       01974E57CAF774B0CE04FA5830C7AFE184E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e3hz-JwqmFMn6nmWJnQjp3UcYWk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft
Manifest number:          157B
Signing time:             Sun 08 Jun 2025 07:01:05 +0000
Manifest this update:     Sun 08 Jun 2025 07:01:05 +0000
Manifest next update:     Mon 09 Jun 2025 07:01:05 +0000
Files and hashes:         1: e3hz-JwqmFMn6nmWJnQjp3UcYWk.crl (hash: 1vnhscz0PLp7m9RkXCgpCulAlu48LG+ePquymxhM0iU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/e3hz-JwqmFMn6nmWJnQjp3UcYWk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:ca:f7:74:b0:ce:04:fa:58:30:c7:af:e1:84:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b7873f89c2a985327ea7996267423a7751c6169
        Validity
            Not Before: Jun  8 07:01:05 2025 GMT
            Not After : Jun  9 07:01:05 2025 GMT
        Subject: CN=02f8536509d0da889b41dd60a412b6f33d5bdc9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:a8:73:b0:a1:f1:6c:9e:de:4a:cf:3f:3b:6c:
                    f0:c1:ee:1e:aa:00:55:29:a1:3e:72:64:f0:e6:c0:
                    56:25:34:a2:ed:87:b4:97:ca:6a:ef:d5:72:5f:e2:
                    5d:ed:35:99:1f:b4:66:e6:78:35:65:95:e8:3b:e4:
                    1c:e9:41:48:57:20:2c:c5:3a:3c:c4:fb:3c:db:09:
                    74:37:92:94:ae:06:b6:34:66:47:a2:9f:4d:61:b5:
                    00:c9:c0:79:1e:f8:d0:dd:7f:75:8a:a8:1a:83:20:
                    f0:8b:4e:73:1a:74:f9:1b:20:19:21:a9:bf:71:a0:
                    82:b0:30:c1:6b:fd:6e:5f:de:be:e9:11:65:64:79:
                    fb:42:72:5a:44:82:a7:69:fb:78:8e:56:0e:c5:97:
                    9d:82:42:29:fb:89:08:f0:61:96:75:d2:8c:17:f0:
                    90:d7:f0:08:c8:09:a7:6e:e7:74:9a:73:cd:33:76:
                    3b:59:b5:cb:9c:ed:07:80:3d:f6:5c:b7:72:6f:ae:
                    9e:a7:47:4f:15:41:78:9a:ba:a5:7e:29:fd:81:07:
                    89:fc:5a:ae:0b:80:95:3d:39:5d:ac:48:03:e3:a8:
                    1e:6c:c7:6b:43:d2:aa:2a:04:77:b8:f1:9e:c3:64:
                    48:2d:6d:28:81:63:7f:0b:60:9e:05:ad:64:a0:83:
                    0e:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:F8:53:65:09:D0:DA:88:9B:41:DD:60:A4:12:B6:F3:3D:5B:DC:9D
            X509v3 Authority Key Identifier:
                keyid:7B:78:73:F8:9C:2A:98:53:27:EA:79:96:26:74:23:A7:75:1C:61:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3hz-JwqmFMn6nmWJnQjp3UcYWk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d3:91:17:ae:54:30:d4:11:fb:9c:b5:5b:f2:26:b6:74:70:96:
         dc:0f:73:d2:bf:1f:eb:87:55:2f:b3:5a:61:3b:59:7e:47:0c:
         50:22:2d:5e:8c:d4:de:eb:87:78:10:89:9b:f4:21:3e:75:4e:
         60:78:74:fa:a3:32:59:f3:a4:84:7a:b3:f1:af:ea:37:e1:25:
         ad:82:d8:ba:1d:eb:d5:07:0b:b2:f4:89:e7:25:ea:f9:30:42:
         f0:76:fc:f4:35:76:7c:99:8a:ed:86:af:de:7c:68:f4:16:15:
         ad:df:be:01:bd:87:ef:8e:45:ce:0a:2c:9a:14:b0:95:5d:04:
         9b:e0:1e:2c:48:43:91:3c:7c:c0:e6:a2:48:67:c0:91:95:51:
         d5:a4:f8:80:af:3f:51:ec:44:4b:ab:43:5a:28:21:50:c1:c8:
         d5:cc:6e:4e:a2:a2:84:fb:3b:b0:88:c4:79:ef:4a:03:a8:b4:
         14:27:14:18:91:84:4f:0f:e7:77:9d:06:4a:bd:fa:14:a0:b9:
         e0:ac:87:be:68:f3:7d:23:07:92:0e:d8:a3:98:8c:d8:77:b7:
         eb:fc:f9:71:b9:a5:37:45:f5:83:1b:4a:3a:d2:cd:8c:bf:8e:
         a0:2f:77:a2:69:b5:1d:96:63:bb:a8:5c:71:84:ff:2d:dc:c2:
         dd:58:4b:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOV8r3dLDOBPpYMMev4YTpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNzg3M2Y4OWMyYTk4NTMyN2VhNzk5NjI2NzQyM2E3NzUx
YzYxNjkwHhcNMjUwNjA4MDcwMTA1WhcNMjUwNjA5MDcwMTA1WjAzMTEwLwYDVQQD
EygwMmY4NTM2NTA5ZDBkYTg4OWI0MWRkNjBhNDEyYjZmMzNkNWJkYzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6hzsKHxbJ7eSs8/O2zwwe4eqgBV
KaE+cmTw5sBWJTSi7Ye0l8pq79VyX+Jd7TWZH7Rm5ng1ZZXoO+Qc6UFIVyAsxTo8
xPs82wl0N5KUrga2NGZHop9NYbUAycB5HvjQ3X91iqgagyDwi05zGnT5GyAZIam/
caCCsDDBa/1uX96+6RFlZHn7QnJaRIKnaft4jlYOxZedgkIp+4kI8GGWddKMF/CQ
1/AIyAmnbud0mnPNM3Y7WbXLnO0HgD32XLdyb66ep0dPFUF4mrqlfin9gQeJ/Fqu
C4CVPTldrEgD46gebMdrQ9KqKgR3uPGew2RILW0ogWN/C2CeBa1koIMOsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAL4U2UJ0NqIm0HdYKQStvM9W9ydMB8GA1UdIwQY
MBaAFHt4c/icKphTJ+p5liZ0I6d1HGFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTNoei1Kd3FtRk1uNm5tV0puUWpwM1VjWVdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi82MzM0YWUtODY2MS00YjFjLTg0MzAt
OWI5ZGY0NDNjODYzLzEvZTNoei1Kd3FtRk1uNm5tV0puUWpwM1VjWVdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi82MzM0YWUtODY2MS00YjFjLTg0MzAtOWI5ZGY0NDNjODYz
LzEvZTNoei1Kd3FtRk1uNm5tV0puUWpwM1VjWVdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA05EXrlQw
1BH7nLVb8ia2dHCW3A9z0r8f64dVL7NaYTtZfkcMUCItXozU3uuHeBCJm/QhPnVO
YHh0+qMyWfOkhHqz8a/qN+ElrYLYuh3r1QcLsvSJ5yXq+TBC8Hb89DV2fJmK7Yav
3nxo9BYVrd++Ab2H745FzgosmhSwlV0Em+AeLEhDkTx8wOaiSGfAkZVR1aT4gK8/
UexES6tDWighUMHI1cxuTqKihPs7sIjEee9KA6i0FCcUGJGETw/nd50GSr36FKC5
4KyHvmjzfSMHkg7Yo5iM2He36/z5cbmlN0X1gxtKOtLNjL+OoC93omm1HZZju6hc
cYT/LdzC3VhLdQ==
-----END CERTIFICATE-----