Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
File:                     04G3AXBRkLnOnRsYRTU4TnHKMWU.mft (raw, json)
Hash identifier:          HxQXtVL1BSkikvz7NicgtXjhGYSlw4OjuJ1JT5DOka0=
Subject key identifier:   94:3C:5E:A3:C0:E1:A0:4A:07:A4:AA:F9:C1:D6:CF:59:49:DA:B7:EF
Authority key identifier: D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65
Certificate issuer:       /CN=d381b701705190b9ce9d1b184535384e71ca3165
Certificate serial:       0197B6A10A95A3F02815BEE7D67852EC6650
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 13:01:36 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:36 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:36 +0000
Files and hashes:         1: 04G3AXBRkLnOnRsYRTU4TnHKMWU.crl (hash: IIrPkhFlGY2PG3cbsijJxDuKOBHzrEXuXSbu0Kxo01g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:0a:95:a3:f0:28:15:be:e7:d6:78:52:ec:66:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d381b701705190b9ce9d1b184535384e71ca3165
        Validity
            Not Before: Jun 28 13:01:36 2025 GMT
            Not After : Jun 29 13:01:36 2025 GMT
        Subject: CN=943c5ea3c0e1a04a07a4aaf9c1d6cf5949dab7ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:22:f7:43:0b:33:6e:9d:e8:64:e7:dc:a0:7b:
                    6e:99:67:04:69:c7:fa:f1:7d:41:2a:88:fc:d6:ff:
                    64:4a:bc:a6:06:fc:58:39:01:48:18:db:6d:2c:4e:
                    4b:0b:1b:ec:60:bc:23:4b:c6:9f:ad:26:a3:7e:5d:
                    87:26:3d:f5:19:ec:9b:ed:f7:4d:8d:3a:0d:d4:3d:
                    df:c0:d2:a1:c7:16:5d:d9:3a:06:a8:04:9b:ce:ca:
                    d7:e3:29:6e:fd:96:72:65:05:d7:e3:39:2c:ad:b1:
                    e9:2a:07:57:1a:f2:7f:ce:29:51:69:0c:7c:63:82:
                    32:50:7b:23:06:3d:29:aa:be:f4:0c:98:01:12:29:
                    78:85:e5:0f:25:d1:f8:44:e1:85:2e:82:24:f6:d3:
                    4d:f7:82:e4:10:66:7b:e2:47:2d:aa:3f:fd:22:b3:
                    9a:03:e0:7d:f4:e5:d0:21:59:77:db:f2:4d:53:9e:
                    af:93:34:19:fc:36:4a:db:bf:87:43:4b:10:1e:26:
                    bc:f5:d1:a1:a1:28:79:3c:eb:61:1f:a7:2f:c4:cd:
                    2d:b2:7e:37:6b:e2:f1:ec:30:e3:33:73:8f:cc:14:
                    a1:24:66:7f:5d:de:cb:08:c9:24:2e:d3:f7:e1:6a:
                    e2:07:22:00:64:b5:34:3d:25:a7:82:13:d0:c6:89:
                    19:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:3C:5E:A3:C0:E1:A0:4A:07:A4:AA:F9:C1:D6:CF:59:49:DA:B7:EF
            X509v3 Authority Key Identifier:
                keyid:D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:67:fb:ba:87:36:c5:e5:7a:b8:82:12:02:55:4e:6e:9c:5f:
         4d:0c:43:98:1b:6e:82:c3:21:33:21:0d:ab:d8:0d:21:72:60:
         ff:c1:22:b1:e3:91:f9:3a:74:3d:b4:14:09:52:be:98:a5:f1:
         05:a6:dd:2a:e7:76:7f:f2:26:65:08:cf:5a:12:d5:d4:e0:89:
         38:32:3b:7f:a3:05:74:52:21:64:c1:55:21:8a:8d:02:61:ec:
         7b:ed:2e:99:be:ec:16:f9:2b:cc:6a:90:88:97:28:27:ac:51:
         fe:7a:dd:d7:38:81:e2:39:77:d1:36:e9:d5:90:de:27:eb:23:
         4b:6a:16:72:d0:b3:12:bf:ee:d0:a5:c9:41:14:e8:78:e1:62:
         0f:64:35:04:7e:d0:ae:9c:64:5c:cf:77:ec:d0:b1:7f:9a:f0:
         c3:0c:82:b4:dc:e1:06:d7:37:2b:d7:fc:54:f1:9a:03:80:56:
         6e:66:37:11:18:f5:6f:92:29:71:a8:83:66:d2:1b:12:72:5b:
         b1:bf:6a:35:bc:0d:ef:34:cb:b8:fc:17:34:d0:5d:ec:40:5b:
         9c:2f:50:84:83:82:57:f8:6e:81:2d:40:8a:52:54:40:d5:bc:
         8f:a0:41:5e:06:50:0b:b6:24:ff:6f:f4:5f:40:eb:d7:7e:c6:
         57:7b:47:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oQqVo/AoFb7n1nhS7GZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODFiNzAxNzA1MTkwYjljZTlkMWIxODQ1MzUzODRlNzFj
YTMxNjUwHhcNMjUwNjI4MTMwMTM2WhcNMjUwNjI5MTMwMTM2WjAzMTEwLwYDVQQD
Eyg5NDNjNWVhM2MwZTFhMDRhMDdhNGFhZjljMWQ2Y2Y1OTQ5ZGFiN2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyL3Qwszbp3oZOfcoHtumWcEacf6
8X1BKoj81v9kSrymBvxYOQFIGNttLE5LCxvsYLwjS8afrSajfl2HJj31Geyb7fdN
jToN1D3fwNKhxxZd2ToGqASbzsrX4ylu/ZZyZQXX4zksrbHpKgdXGvJ/zilRaQx8
Y4IyUHsjBj0pqr70DJgBEil4heUPJdH4ROGFLoIk9tNN94LkEGZ74kctqj/9IrOa
A+B99OXQIVl32/JNU56vkzQZ/DZK27+HQ0sQHia89dGhoSh5POthH6cvxM0tsn43
a+Lx7DDjM3OPzBShJGZ/Xd7LCMkkLtP34WriByIAZLU0PSWnghPQxokZIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJQ8XqPA4aBKB6Sq+cHWz1lJ2rfvMB8GA1UdIwQY
MBaAFNOBtwFwUZC5zp0bGEU1OE5xyjFlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTct
NzA1NGViMmM0YzAwLzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTctNzA1NGViMmM0YzAw
LzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK2f7uoc2
xeV6uIISAlVObpxfTQxDmBtugsMhMyENq9gNIXJg/8EiseOR+Tp0PbQUCVK+mKXx
BabdKud2f/ImZQjPWhLV1OCJODI7f6MFdFIhZMFVIYqNAmHse+0umb7sFvkrzGqQ
iJcoJ6xR/nrd1ziB4jl30Tbp1ZDeJ+sjS2oWctCzEr/u0KXJQRToeOFiD2Q1BH7Q
rpxkXM937NCxf5rwwwyCtNzhBtc3K9f8VPGaA4BWbmY3ERj1b5IpcaiDZtIbEnJb
sb9qNbwN7zTLuPwXNNBd7EBbnC9QhIOCV/hugS1AilJUQNW8j6BBXgZQC7Yk/2/0
X0Dr137GV3tHIA==
-----END CERTIFICATE-----