Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft
File:                     3Feh-cEhycK2-U04p1-_3MVN8Fs.mft (raw, json)
Hash identifier:          dXnWioKa/M/UCzrE3HFTUmxa3xEwfLlnDYDoYg0aDfE=
Subject key identifier:   FF:E7:C0:D3:00:AC:F0:9C:C8:1B:B1:FF:65:6A:C2:96:4D:A6:27:EC
Authority key identifier: DC:57:A1:F9:C1:21:C9:C2:B6:F9:4D:38:A7:5F:BF:DC:C5:4D:F0:5B
Certificate issuer:       /CN=dc57a1f9c121c9c2b6f94d38a75fbfdcc54df05b
Certificate serial:       019748FA00DE87B1496D72603E3231CFC2F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Feh-cEhycK2-U04p1-_3MVN8Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft
Manifest number:          09F2
Signing time:             Sat 07 Jun 2025 06:00:33 +0000
Manifest this update:     Sat 07 Jun 2025 06:00:33 +0000
Manifest next update:     Sun 08 Jun 2025 06:00:33 +0000
Files and hashes:         1: 3Feh-cEhycK2-U04p1-_3MVN8Fs.crl (hash: 1F4gJSE9Kr0x4i819RaYYv2Llqpu7lL0hBuIDE99OZY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Feh-cEhycK2-U04p1-_3MVN8Fs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:00:de:87:b1:49:6d:72:60:3e:32:31:cf:c2:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc57a1f9c121c9c2b6f94d38a75fbfdcc54df05b
        Validity
            Not Before: Jun  7 06:00:33 2025 GMT
            Not After : Jun  8 06:00:33 2025 GMT
        Subject: CN=ffe7c0d300acf09cc81bb1ff656ac2964da627ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:77:68:8d:58:10:f8:e6:18:3b:98:da:e0:f3:
                    0e:af:84:db:5d:c3:ed:3c:24:cc:69:7f:7d:27:13:
                    f8:5b:87:e9:14:fa:6b:41:83:94:32:a2:b3:dd:16:
                    26:f6:c9:78:83:8f:b9:99:d7:d4:f2:ab:b9:7c:98:
                    fd:e8:7e:57:a1:74:42:51:cb:fa:33:bf:48:ac:70:
                    b3:18:55:a2:c9:1c:31:27:1e:31:f8:05:4e:56:76:
                    0c:90:fc:27:13:2b:2f:56:c8:1f:f5:d2:42:80:6a:
                    63:02:25:12:c1:17:10:2a:78:2d:5f:1e:0f:d5:61:
                    e6:a6:7f:f3:a8:cb:7d:e1:b0:b2:ce:08:97:96:3c:
                    6f:7b:7b:74:b8:3a:9f:19:a2:dc:29:a8:1f:06:5c:
                    96:36:2d:9e:6e:cd:ef:8c:ea:e4:19:af:0b:5c:1d:
                    6b:0c:61:68:ae:64:b3:3c:64:8b:54:2e:df:3b:71:
                    54:8c:08:b7:1a:26:64:c0:e2:b2:2d:ce:f6:20:94:
                    ac:0e:0b:57:bb:2b:f6:64:b7:cb:7f:f5:c5:94:7d:
                    f0:71:4c:f3:35:cc:89:ee:d8:87:fb:93:b0:35:3a:
                    ef:48:bb:0a:f1:ac:56:ac:0d:74:72:4a:85:51:cc:
                    c2:d5:75:19:86:a8:e3:b9:c2:4c:4d:6e:be:58:72:
                    7c:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:E7:C0:D3:00:AC:F0:9C:C8:1B:B1:FF:65:6A:C2:96:4D:A6:27:EC
            X509v3 Authority Key Identifier:
                keyid:DC:57:A1:F9:C1:21:C9:C2:B6:F9:4D:38:A7:5F:BF:DC:C5:4D:F0:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Feh-cEhycK2-U04p1-_3MVN8Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:ac:fc:b9:d8:0c:cd:e2:77:0a:d8:78:ed:b4:74:85:09:cd:
         c9:60:b0:19:9d:bc:f2:51:c9:e9:60:69:de:4d:ab:f4:3b:a5:
         08:52:a5:ee:a4:17:e0:7f:1a:12:0e:fd:cc:98:9d:fa:8d:ab:
         d1:ae:08:d9:ae:30:15:71:b2:a2:61:ba:d2:79:36:2b:af:c2:
         ac:ee:a9:33:2a:d5:42:dd:3e:02:56:6d:f7:bd:12:70:38:29:
         b6:c1:4a:91:07:02:4d:c9:e7:d1:1f:98:8e:55:21:86:62:5a:
         d5:56:6c:95:e9:a2:75:46:6c:9d:fc:4f:f7:32:8a:d1:5c:1d:
         ad:71:3d:53:75:ec:dd:cc:7c:b5:04:08:2d:ad:22:04:ce:f4:
         d4:cb:fe:0e:1d:ce:1e:58:7a:60:56:d4:18:c4:b1:b2:0e:ac:
         05:e5:e6:01:a5:a0:a7:62:57:60:a5:23:fc:e0:f6:4c:5d:c5:
         ed:7a:1f:e0:12:ce:03:40:ca:0f:06:d8:91:86:44:0b:a3:cf:
         f5:5f:69:57:3c:dd:34:bb:d0:1c:c8:74:06:e8:d3:30:67:c1:
         02:a3:33:27:34:09:d4:28:d8:cb:78:2f:a5:ad:15:21:ec:32:
         aa:72:50:2a:27:f8:ce:01:f7:42:48:de:42:3a:f5:9f:f0:28:
         26:dc:ec:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+gDeh7FJbXJgPjIxz8L0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNTdhMWY5YzEyMWM5YzJiNmY5NGQzOGE3NWZiZmRjYzU0
ZGYwNWIwHhcNMjUwNjA3MDYwMDMzWhcNMjUwNjA4MDYwMDMzWjAzMTEwLwYDVQQD
EyhmZmU3YzBkMzAwYWNmMDljYzgxYmIxZmY2NTZhYzI5NjRkYTYyN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHdojVgQ+OYYO5ja4PMOr4TbXcPt
PCTMaX99JxP4W4fpFPprQYOUMqKz3RYm9sl4g4+5mdfU8qu5fJj96H5XoXRCUcv6
M79IrHCzGFWiyRwxJx4x+AVOVnYMkPwnEysvVsgf9dJCgGpjAiUSwRcQKngtXx4P
1WHmpn/zqMt94bCyzgiXljxve3t0uDqfGaLcKagfBlyWNi2ebs3vjOrkGa8LXB1r
DGFormSzPGSLVC7fO3FUjAi3GiZkwOKyLc72IJSsDgtXuyv2ZLfLf/XFlH3wcUzz
NcyJ7tiH+5OwNTrvSLsK8axWrA10ckqFUczC1XUZhqjjucJMTW6+WHJ8QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP/nwNMArPCcyBux/2VqwpZNpifsMB8GA1UdIwQY
MBaAFNxXofnBIcnCtvlNOKdfv9zFTfBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0ZlaC1jRWh5Y0syLVUwNHAxLV8zTVZOOEZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wZTY3NjUtODZlMi00MDEwLThmOGUt
ZGQxMTNjNjk4ZDEyLzEvM0ZlaC1jRWh5Y0syLVUwNHAxLV8zTVZOOEZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wZTY3NjUtODZlMi00MDEwLThmOGUtZGQxMTNjNjk4ZDEy
LzEvM0ZlaC1jRWh5Y0syLVUwNHAxLV8zTVZOOEZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEaz8udgM
zeJ3Cth47bR0hQnNyWCwGZ288lHJ6WBp3k2r9DulCFKl7qQX4H8aEg79zJid+o2r
0a4I2a4wFXGyomG60nk2K6/CrO6pMyrVQt0+AlZt970ScDgptsFKkQcCTcnn0R+Y
jlUhhmJa1VZslemidUZsnfxP9zKK0VwdrXE9U3Xs3cx8tQQILa0iBM701Mv+Dh3O
Hlh6YFbUGMSxsg6sBeXmAaWgp2JXYKUj/OD2TF3F7Xof4BLOA0DKDwbYkYZEC6PP
9V9pVzzdNLvQHMh0BujTMGfBAqMzJzQJ1CjYy3gvpa0VIewyqnJQKif4zgH3Qkje
Qjr1n/AoJtzstw==
-----END CERTIFICATE-----