Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
File:                     3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft (raw, json)
Hash identifier:          wdyHfD3IM5Js3ImZjf6j+UowO0GOijccgGJjXzibcjA=
Subject key identifier:   28:A9:63:44:D0:D2:FA:98:BF:1F:93:FE:86:92:3E:1C:E0:91:31:7D
Authority key identifier: DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6
Certificate issuer:       /CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
Certificate serial:       0197665FCD02E51505DBDD71A9152EB88A57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
Manifest number:          0E8D
Signing time:             Thu 12 Jun 2025 23:00:43 +0000
Manifest this update:     Thu 12 Jun 2025 23:00:43 +0000
Manifest next update:     Fri 13 Jun 2025 23:00:43 +0000
Files and hashes:         1: 3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl (hash: HGZhUAu4H05OlvbVRw6CLnsUs85lNv9NU7a8Cz7NCNE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:66:5f:cd:02:e5:15:05:db:dd:71:a9:15:2e:b8:8a:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
        Validity
            Not Before: Jun 12 23:00:43 2025 GMT
            Not After : Jun 13 23:00:43 2025 GMT
        Subject: CN=28a96344d0d2fa98bf1f93fe86923e1ce091317d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:9b:ab:8c:84:5d:18:b6:b2:f8:64:13:0a:f2:
                    71:b4:81:64:20:12:68:36:5c:d9:ed:52:d1:95:36:
                    4a:9b:0e:78:f0:59:e9:d9:eb:c5:42:ca:db:4e:2b:
                    a9:7b:8c:6e:83:66:7d:30:4a:3d:0c:e9:84:2c:33:
                    07:a0:89:fc:76:88:92:ac:b8:d6:6e:7c:10:c6:97:
                    3e:e7:98:e0:d6:d1:30:ac:26:b6:dc:da:ad:43:f2:
                    18:58:97:98:89:20:28:a9:9e:30:3f:31:84:7e:85:
                    7e:8d:2e:b1:3b:66:d0:0b:de:e3:b6:5f:67:48:b1:
                    a3:b9:42:47:6a:b4:5d:ea:41:86:73:90:e8:0e:ac:
                    f9:ef:8f:04:e1:cb:06:c0:e6:25:eb:66:b5:d5:be:
                    eb:d8:c9:dc:bf:0f:36:c7:53:11:a6:d0:da:5c:22:
                    88:27:f9:41:87:22:78:22:09:2c:c4:05:b8:8d:8c:
                    74:89:88:99:18:ed:13:1d:c1:ab:a1:58:1b:93:15:
                    a2:de:0e:9a:9f:94:90:45:4e:5b:64:ff:a8:e8:e0:
                    c3:ca:63:2c:e2:be:f2:02:0e:c3:1a:7c:9e:36:cc:
                    b9:3f:ae:2b:f8:e6:91:1c:db:8c:02:11:a9:37:58:
                    ea:e1:f1:23:34:44:5a:37:ad:66:f7:61:4a:9b:c0:
                    3a:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:A9:63:44:D0:D2:FA:98:BF:1F:93:FE:86:92:3E:1C:E0:91:31:7D
            X509v3 Authority Key Identifier:
                keyid:DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:9c:87:d1:8d:0d:48:e3:3b:74:f3:a6:1c:3f:18:7c:c9:d3:
         42:bb:a6:51:9c:d6:dc:54:ab:82:19:12:69:cc:00:8e:08:70:
         c4:61:07:63:a7:52:21:c8:de:cb:19:69:eb:31:cc:de:f0:95:
         3f:b8:30:b7:ae:a7:fa:cd:6c:b4:70:9b:1c:ba:fb:00:63:73:
         84:60:22:21:d7:3e:04:85:23:17:d5:20:40:a1:ca:8d:52:67:
         94:e2:9e:06:77:e6:e9:2e:60:5c:a0:98:d7:70:b5:cc:01:3c:
         2e:f7:10:9f:da:d2:0e:16:af:86:5a:70:96:6e:c7:f6:19:6b:
         3f:05:37:33:b5:31:05:99:0d:87:95:b3:8b:d6:ae:e8:dc:7d:
         86:f6:51:0e:27:5f:34:fb:d1:24:3a:47:7c:f3:01:8c:ed:b5:
         29:82:44:7d:4d:8e:16:3a:89:41:71:22:ec:77:e4:01:ad:fc:
         0e:e6:18:dd:a0:0a:33:ac:f1:19:2e:dd:72:d5:43:b2:c3:42:
         8c:27:ee:06:1e:9f:6c:23:f3:85:21:0e:36:6b:b9:9b:0d:58:
         1e:8b:55:b7:18:ba:f7:3f:d9:3b:f2:37:b3:6e:6b:b7:e9:9b:
         3d:75:c9:8a:06:d3:67:68:38:4c:57:e3:37:61:fd:82:6d:83:
         c4:1d:10:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdmX80C5RUF291xqRUuuIpXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzNiZTM4N2FmNTUyOTcwY2Y2MmY2OTUxN2UzZjNjOWMx
MmQyZjYwHhcNMjUwNjEyMjMwMDQzWhcNMjUwNjEzMjMwMDQzWjAzMTEwLwYDVQQD
EygyOGE5NjM0NGQwZDJmYTk4YmYxZjkzZmU4NjkyM2UxY2UwOTEzMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpurjIRdGLay+GQTCvJxtIFkIBJo
NlzZ7VLRlTZKmw548Fnp2evFQsrbTiupe4xug2Z9MEo9DOmELDMHoIn8doiSrLjW
bnwQxpc+55jg1tEwrCa23NqtQ/IYWJeYiSAoqZ4wPzGEfoV+jS6xO2bQC97jtl9n
SLGjuUJHarRd6kGGc5DoDqz5748E4csGwOYl62a11b7r2Mncvw82x1MRptDaXCKI
J/lBhyJ4IgksxAW4jYx0iYiZGO0THcGroVgbkxWi3g6an5SQRU5bZP+o6ODDymMs
4r7yAg7DGnyeNsy5P64r+OaRHNuMAhGpN1jq4fEjNERaN61m92FKm8A6QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCipY0TQ0vqYvx+T/oaSPhzgkTF9MB8GA1UdIwQY
MBaAFNxzvjh69VKXDPYvaVF+PzycEtL2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUt
YzcxZjE3YWZjNzQ5LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUtYzcxZjE3YWZjNzQ5
LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARpyH0Y0N
SOM7dPOmHD8YfMnTQrumUZzW3FSrghkSacwAjghwxGEHY6dSIcjeyxlp6zHM3vCV
P7gwt66n+s1stHCbHLr7AGNzhGAiIdc+BIUjF9UgQKHKjVJnlOKeBnfm6S5gXKCY
13C1zAE8LvcQn9rSDhavhlpwlm7H9hlrPwU3M7UxBZkNh5Wzi9au6Nx9hvZRDidf
NPvRJDpHfPMBjO21KYJEfU2OFjqJQXEi7HfkAa38DuYY3aAKM6zxGS7dctVDssNC
jCfuBh6fbCPzhSEONmu5mw1YHotVtxi69z/ZO/I3s25rt+mbPXXJigbTZ2g4TFfj
N2H9gm2DxB0QBg==
-----END CERTIFICATE-----