Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
File:                     3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft (raw, json)
Hash identifier:          F+QU7ChWC8GUoL7VWputR41OTkZ7eO+rhCTEr8yTTY8=
Subject key identifier:   44:7C:3C:B5:9C:52:6D:3C:1D:0B:FD:55:7D:8E:A4:1B:55:7F:4D:7E
Authority key identifier: DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91
Certificate issuer:       /CN=dd399e494189f691a5ed64f3be3a6a3b50225091
Certificate serial:       0197B7454207D184249181320B2FEF92B25A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
Manifest number:          0522
Signing time:             Sat 28 Jun 2025 16:00:58 +0000
Manifest this update:     Sat 28 Jun 2025 16:00:58 +0000
Manifest next update:     Sun 29 Jun 2025 16:00:58 +0000
Files and hashes:         1: 3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl (hash: Ava8Pms3AGm4Ezm9GZYpAU6oYqKqjSQyDnb/2GCBn8g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:42:07:d1:84:24:91:81:32:0b:2f:ef:92:b2:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd399e494189f691a5ed64f3be3a6a3b50225091
        Validity
            Not Before: Jun 28 16:00:58 2025 GMT
            Not After : Jun 29 16:00:58 2025 GMT
        Subject: CN=447c3cb59c526d3c1d0bfd557d8ea41b557f4d7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a4:ec:9e:81:75:0b:71:b1:f6:f9:2d:ca:aa:
                    9e:c8:ed:dc:97:74:08:cc:65:29:54:65:6b:fe:e8:
                    02:dc:ab:a1:9b:5f:bd:91:15:82:ef:18:e0:f0:7f:
                    f3:90:7c:4a:6f:8f:c0:28:d9:20:68:ca:94:c7:8a:
                    98:a2:ef:7b:79:a7:3e:bc:b0:eb:80:06:22:a6:2b:
                    00:79:cf:0b:8e:df:39:46:de:e0:9b:e7:c2:59:df:
                    05:de:2f:db:b7:d1:c2:42:86:2e:0e:da:4e:6f:ac:
                    59:02:1e:46:ad:1b:cf:c2:ab:22:ed:d4:49:17:64:
                    88:e4:81:70:1b:0e:4e:8b:30:2c:07:e8:5d:0f:97:
                    55:4c:4c:4e:e2:27:20:bd:aa:d2:3c:e7:bf:0c:69:
                    4c:f6:2b:51:90:13:f8:07:06:a3:00:f1:90:77:89:
                    6d:b5:a1:3d:ad:d3:46:88:96:b8:0d:50:3e:bd:09:
                    d6:bb:40:a9:63:51:61:d5:2c:93:d3:e6:25:61:dd:
                    ac:70:23:37:02:d9:00:a1:a8:2a:e2:41:0a:a4:c3:
                    bf:dc:1c:c5:f4:69:c6:b1:95:60:0e:a6:6e:86:29:
                    e3:08:86:cf:4b:8e:2e:b7:68:e1:7f:dc:fa:c3:a6:
                    47:e2:67:be:48:72:bc:92:4a:49:35:10:61:3a:06:
                    d0:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:7C:3C:B5:9C:52:6D:3C:1D:0B:FD:55:7D:8E:A4:1B:55:7F:4D:7E
            X509v3 Authority Key Identifier:
                keyid:DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:c0:8d:14:2a:ba:fb:8c:47:98:d5:ff:94:fb:20:3f:3c:a4:
         58:c7:1f:be:b0:01:e8:bc:39:6f:25:37:7f:c3:0b:1e:3f:36:
         51:e5:0a:23:b3:5f:b4:d0:2d:48:0a:d4:f5:3c:29:a3:3d:7a:
         21:b5:b5:d1:e0:1b:67:d4:4c:50:30:fa:4b:e9:ce:62:81:85:
         e7:76:51:83:b2:89:58:5e:a6:a8:8b:df:b1:2f:53:0c:30:f2:
         81:97:11:b6:d5:38:16:5c:71:8e:16:9a:98:59:2c:a1:7b:35:
         92:66:c2:85:7c:e8:dd:58:7b:dc:5c:a8:8e:b8:59:18:6b:82:
         a2:fb:70:ba:46:79:25:a1:c0:4e:14:4e:cc:e4:7a:54:44:24:
         a6:7b:06:7e:64:d1:70:61:73:97:59:1e:c7:de:b7:21:c5:28:
         db:fc:ae:ab:53:0a:a1:3c:f9:06:ac:04:0e:40:0a:45:47:fd:
         36:bd:86:55:3c:2c:0e:f9:ae:96:5a:9b:36:12:5f:73:db:03:
         3d:e4:0b:e6:17:13:bd:50:28:f8:51:59:2e:71:f3:79:e2:fa:
         ab:05:0e:53:97:a8:7c:1e:28:e9:2e:2a:b8:19:4f:ae:6f:bf:
         55:90:60:cc:79:83:d4:e3:57:5d:65:1f:d6:7e:30:d9:73:3f:
         e3:58:28:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RUIH0YQkkYEyCy/vkrJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMzk5ZTQ5NDE4OWY2OTFhNWVkNjRmM2JlM2E2YTNiNTAy
MjUwOTEwHhcNMjUwNjI4MTYwMDU4WhcNMjUwNjI5MTYwMDU4WjAzMTEwLwYDVQQD
Eyg0NDdjM2NiNTljNTI2ZDNjMWQwYmZkNTU3ZDhlYTQxYjU1N2Y0ZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6TsnoF1C3Gx9vktyqqeyO3cl3QI
zGUpVGVr/ugC3Kuhm1+9kRWC7xjg8H/zkHxKb4/AKNkgaMqUx4qYou97eac+vLDr
gAYipisAec8Ljt85Rt7gm+fCWd8F3i/bt9HCQoYuDtpOb6xZAh5GrRvPwqsi7dRJ
F2SI5IFwGw5OizAsB+hdD5dVTExO4icgvarSPOe/DGlM9itRkBP4BwajAPGQd4lt
taE9rdNGiJa4DVA+vQnWu0CpY1Fh1SyT0+YlYd2scCM3AtkAoagq4kEKpMO/3BzF
9GnGsZVgDqZuhinjCIbPS44ut2jhf9z6w6ZH4me+SHK8kkpJNRBhOgbQkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFER8PLWcUm08HQv9VX2OpBtVf01+MB8GA1UdIwQY
MBaAFN05nklBifaRpe1k8746ajtQIlCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTct
NDQyYTAzYjdmMDg0LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTctNDQyYTAzYjdmMDg0
LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAacCNFCq6
+4xHmNX/lPsgPzykWMcfvrAB6Lw5byU3f8MLHj82UeUKI7NftNAtSArU9Twpoz16
IbW10eAbZ9RMUDD6S+nOYoGF53ZRg7KJWF6mqIvfsS9TDDDygZcRttU4Flxxjhaa
mFksoXs1kmbChXzo3Vh73FyojrhZGGuCovtwukZ5JaHAThROzOR6VEQkpnsGfmTR
cGFzl1kex963IcUo2/yuq1MKoTz5BqwEDkAKRUf9Nr2GVTwsDvmullqbNhJfc9sD
PeQL5hcTvVAo+FFZLnHzeeL6qwUOU5eofB4o6S4quBlPrm+/VZBgzHmD1ONXXWUf
1n4w2XM/41goeg==
-----END CERTIFICATE-----