Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
File:                     mTFQMIBh3NrF2EZc-ITGejuxkVk.mft (raw, json)
Hash identifier:          OZAuqeRqK1NKQP47/c65h4UfU6I/7As8zOL+ei6E+I8=
Subject key identifier:   3F:C6:E3:C6:7B:7B:03:0D:EB:9C:0D:3A:F0:6D:8C:25:78:F6:03:F6
Authority key identifier: 99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59
Certificate issuer:       /CN=993150308061dcdac5d8465cf884c67a3bb19159
Certificate serial:       0197C94B843169A357D4FC47B6108C77B35B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
Manifest number:          06B3
Signing time:             Wed 02 Jul 2025 04:00:58 +0000
Manifest this update:     Wed 02 Jul 2025 04:00:58 +0000
Manifest next update:     Thu 03 Jul 2025 04:00:58 +0000
Files and hashes:         1: mTFQMIBh3NrF2EZc-ITGejuxkVk.crl (hash: dfuxhjhKAes/yz/4//kkZoQFg8qECVVA5rJAIef7pYI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 01:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c9:4b:84:31:69:a3:57:d4:fc:47:b6:10:8c:77:b3:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=993150308061dcdac5d8465cf884c67a3bb19159
        Validity
            Not Before: Jul  2 04:00:58 2025 GMT
            Not After : Jul  3 04:00:58 2025 GMT
        Subject: CN=3fc6e3c67b7b030deb9c0d3af06d8c2578f603f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:eb:09:da:a4:b8:f5:76:08:12:95:9f:05:7b:
                    d5:e6:34:33:b6:02:ed:d1:21:59:6e:25:4c:42:00:
                    24:01:97:d9:2f:d4:0a:8d:10:5a:3c:df:a6:f3:e8:
                    3a:7a:24:a5:74:53:1e:d7:01:a5:e5:cd:81:53:a9:
                    5f:82:de:ef:d5:38:92:33:7f:6b:09:db:1a:d2:39:
                    e2:1d:8f:ed:52:0a:cf:5c:77:46:9f:df:d4:9d:ee:
                    b3:72:08:61:80:8e:96:7f:e8:88:25:a9:e6:71:5c:
                    b5:79:fc:e3:ee:18:3c:f9:21:47:7a:47:64:70:9c:
                    ab:3a:1c:a0:fb:03:99:a8:60:7a:d3:94:5f:b2:d2:
                    b7:05:9e:35:ba:4c:53:43:b6:b1:4d:ae:af:76:12:
                    2d:41:11:06:80:53:b8:dc:74:3e:a0:35:73:1a:6e:
                    f9:90:8c:e6:2c:41:f7:c5:c2:3a:f4:e7:ab:b5:46:
                    11:dc:b8:43:7a:c4:13:f2:c7:19:be:a7:0f:dc:d0:
                    84:76:f8:44:19:fa:c6:9b:9e:25:2e:26:d9:43:77:
                    a0:a6:6d:38:c9:44:b7:a7:be:c5:78:0f:30:80:e2:
                    39:5c:f3:bb:9f:17:15:59:30:d6:6a:94:1d:d3:33:
                    64:b7:81:f8:ea:16:8e:fb:61:d0:9c:6d:7f:38:e7:
                    86:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:C6:E3:C6:7B:7B:03:0D:EB:9C:0D:3A:F0:6D:8C:25:78:F6:03:F6
            X509v3 Authority Key Identifier:
                keyid:99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:22:16:10:74:4d:96:f2:89:d1:a2:f5:80:44:e4:a0:30:d3:
         b2:59:b8:fc:d6:f4:a6:1c:9a:cc:91:7f:87:6b:e7:4c:31:6c:
         1e:21:42:8a:75:81:3e:6b:90:5e:0c:79:42:3a:b9:0d:3a:b8:
         b5:15:5e:ae:44:0f:44:73:1a:ee:75:f9:8c:45:d3:f6:f8:49:
         90:84:16:08:b7:bd:12:83:b0:f4:1a:16:f2:8c:8e:68:29:70:
         58:30:08:0b:97:04:44:de:8e:3b:5c:d8:8a:2f:b7:3d:65:2d:
         82:c1:91:78:17:62:25:e4:9c:01:62:86:ef:69:86:b4:b0:d2:
         6c:ac:ac:3d:95:37:4c:b5:07:6e:9f:38:15:ad:90:cb:e2:99:
         19:f0:81:85:5a:08:a1:e4:b3:f7:e3:a7:ec:08:bb:02:8a:aa:
         3d:85:ed:86:fc:e7:5c:21:c2:a8:78:5a:39:79:86:bd:f0:60:
         ab:b0:9a:9b:8d:15:b9:dc:6f:88:5f:84:1f:9d:ba:a7:50:18:
         2e:71:6b:90:a0:68:6e:e7:72:1e:33:84:e8:4d:a4:bd:10:94:
         e7:12:e2:8a:db:cb:f7:53:03:05:b6:c2:55:21:13:7f:e2:82:
         5e:9d:5d:54:27:ed:cd:c2:af:98:6c:4b:68:60:57:d9:37:91:
         be:80:31:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfJS4QxaaNX1PxHthCMd7NbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MzE1MDMwODA2MWRjZGFjNWQ4NDY1Y2Y4ODRjNjdhM2Ji
MTkxNTkwHhcNMjUwNzAyMDQwMDU4WhcNMjUwNzAzMDQwMDU4WjAzMTEwLwYDVQQD
EygzZmM2ZTNjNjdiN2IwMzBkZWI5YzBkM2FmMDZkOGMyNTc4ZjYwM2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArusJ2qS49XYIEpWfBXvV5jQztgLt
0SFZbiVMQgAkAZfZL9QKjRBaPN+m8+g6eiSldFMe1wGl5c2BU6lfgt7v1TiSM39r
Cdsa0jniHY/tUgrPXHdGn9/Une6zcghhgI6Wf+iIJanmcVy1efzj7hg8+SFHekdk
cJyrOhyg+wOZqGB605RfstK3BZ41ukxTQ7axTa6vdhItQREGgFO43HQ+oDVzGm75
kIzmLEH3xcI69OertUYR3LhDesQT8scZvqcP3NCEdvhEGfrGm54lLibZQ3egpm04
yUS3p77FeA8wgOI5XPO7nxcVWTDWapQd0zNkt4H46haO+2HQnG1/OOeGDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD/G48Z7ewMN65wNOvBtjCV49gP2MB8GA1UdIwQY
MBaAFJkxUDCAYdzaxdhGXPiExno7sZFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMt
NTJiMjMwZWNhY2FlLzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMtNTJiMjMwZWNhY2Fl
LzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWyIWEHRN
lvKJ0aL1gETkoDDTslm4/Nb0phyazJF/h2vnTDFsHiFCinWBPmuQXgx5Qjq5DTq4
tRVerkQPRHMa7nX5jEXT9vhJkIQWCLe9EoOw9BoW8oyOaClwWDAIC5cERN6OO1zY
ii+3PWUtgsGReBdiJeScAWKG72mGtLDSbKysPZU3TLUHbp84Fa2Qy+KZGfCBhVoI
oeSz9+On7Ai7AoqqPYXthvznXCHCqHhaOXmGvfBgq7Cam40VudxviF+EH526p1AY
LnFrkKBobudyHjOE6E2kvRCU5xLiitvL91MDBbbCVSETf+KCXp1dVCftzcKvmGxL
aGBX2TeRvoAx8w==
-----END CERTIFICATE-----