Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
File:                     3IiUXIhnpyYro3mzpphACRpPGQQ.mft (raw, json)
Hash identifier:          aL2sVG624d07fbIItJBuk5HAPQoL0FL1QFj4Q0kgBwE=
Subject key identifier:   90:DA:82:A1:55:0C:D5:B5:6E:96:1B:8B:9C:CA:58:07:30:43:BA:C6
Authority key identifier: DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04
Certificate issuer:       /CN=dc88945c8867a7262ba379b3a69840091a4f1904
Certificate serial:       0197B745A214046C44B4F855C2AD76465B81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
Manifest number:          0987
Signing time:             Sat 28 Jun 2025 16:01:23 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:23 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:23 +0000
Files and hashes:         1: 3IiUXIhnpyYro3mzpphACRpPGQQ.crl (hash: tsTmTRJl503K7XcDeRLSjBKORohuCBYol02v1OmYYnQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:a2:14:04:6c:44:b4:f8:55:c2:ad:76:46:5b:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc88945c8867a7262ba379b3a69840091a4f1904
        Validity
            Not Before: Jun 28 16:01:23 2025 GMT
            Not After : Jun 29 16:01:23 2025 GMT
        Subject: CN=90da82a1550cd5b56e961b8b9cca58073043bac6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:57:82:37:a2:f4:52:6d:0b:38:c4:40:82:ec:
                    57:32:53:09:de:a6:cb:73:24:b1:46:48:1c:0a:de:
                    49:13:a1:92:29:28:53:a1:aa:5a:40:0b:18:ca:b8:
                    48:11:32:81:bf:5d:1b:45:85:35:b3:8e:d0:43:6a:
                    b2:64:29:e5:5d:9f:e5:8a:4f:51:46:c7:08:5f:e6:
                    16:05:fc:86:3a:df:e0:cd:e5:54:11:e1:ca:33:eb:
                    63:23:d1:0f:0c:9b:09:66:91:e0:61:18:fb:31:6f:
                    03:61:0c:7a:6c:7c:77:94:a6:51:ee:56:23:fb:8e:
                    42:d3:46:d6:6c:28:55:52:50:04:d9:a6:13:ca:03:
                    e8:e6:60:38:65:b7:cb:7d:d3:47:5a:ac:11:a6:b4:
                    1b:73:12:c6:00:17:58:64:7b:c4:b2:5e:8e:ec:98:
                    6d:ce:66:d3:23:e6:3c:8b:3b:ba:f9:9a:5f:ff:b7:
                    f6:85:78:74:cc:6c:e3:f1:88:ca:83:70:93:f4:84:
                    32:fb:c2:3f:25:9a:c2:4d:6a:d9:05:0b:72:09:d4:
                    04:15:bf:e7:35:18:2d:e0:ab:a2:1a:a0:b3:0f:b4:
                    1f:14:71:de:31:e9:43:69:25:ac:99:a3:10:c3:24:
                    8f:65:01:5e:dc:65:a8:c8:a6:c4:fe:29:4a:ef:83:
                    ae:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:DA:82:A1:55:0C:D5:B5:6E:96:1B:8B:9C:CA:58:07:30:43:BA:C6
            X509v3 Authority Key Identifier:
                keyid:DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:fb:5e:13:18:3e:b0:d7:b5:99:6e:74:5b:f0:08:60:f4:f2:
         4f:35:54:ed:ca:c3:23:be:c7:ff:cb:fa:2d:9f:f5:0e:a1:9a:
         ed:a3:bd:e5:2e:9d:67:91:67:6e:36:9e:28:55:9a:f1:e8:ce:
         5d:bb:12:b5:c2:05:e8:29:bb:2f:ca:95:9f:ef:72:a3:18:91:
         90:3e:66:f2:cb:bb:52:cf:8f:21:e4:8e:9a:ee:62:8d:b0:5f:
         30:f9:3d:3c:7b:e0:15:45:f3:fd:ce:a3:ad:c0:27:94:fc:8f:
         fe:99:60:e9:d5:d9:df:4d:d8:56:46:7a:a0:8c:79:f6:22:19:
         d8:0a:ea:8a:6d:75:b7:b2:07:a9:80:51:36:52:c6:66:23:46:
         8b:58:aa:77:43:f1:a8:10:b8:0f:4a:d4:18:76:dd:b2:5a:7d:
         15:e0:ec:7f:e7:d4:0b:22:90:41:da:40:39:1d:57:d6:31:0f:
         d9:20:7e:b8:fc:a5:df:61:5e:6a:b2:79:5f:39:f6:e7:2b:4a:
         96:b7:be:87:b3:24:b8:59:15:0a:a8:5e:00:d9:36:a6:06:39:
         d5:0a:b6:32:49:fc:5f:1d:01:43:60:df:51:43:54:1b:d7:1d:
         dd:92:20:fd:5c:dc:86:80:9e:f1:6d:0d:38:cf:60:a3:bf:4b:
         9e:ca:40:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RaIUBGxEtPhVwq12RluBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODg5NDVjODg2N2E3MjYyYmEzNzliM2E2OTg0MDA5MWE0
ZjE5MDQwHhcNMjUwNjI4MTYwMTIzWhcNMjUwNjI5MTYwMTIzWjAzMTEwLwYDVQQD
Eyg5MGRhODJhMTU1MGNkNWI1NmU5NjFiOGI5Y2NhNTgwNzMwNDNiYWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVeCN6L0Um0LOMRAguxXMlMJ3qbL
cySxRkgcCt5JE6GSKShToapaQAsYyrhIETKBv10bRYU1s47QQ2qyZCnlXZ/lik9R
RscIX+YWBfyGOt/gzeVUEeHKM+tjI9EPDJsJZpHgYRj7MW8DYQx6bHx3lKZR7lYj
+45C00bWbChVUlAE2aYTygPo5mA4ZbfLfdNHWqwRprQbcxLGABdYZHvEsl6O7Jht
zmbTI+Y8izu6+Zpf/7f2hXh0zGzj8YjKg3CT9IQy+8I/JZrCTWrZBQtyCdQEFb/n
NRgt4KuiGqCzD7QfFHHeMelDaSWsmaMQwySPZQFe3GWoyKbE/ilK74OupQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJDagqFVDNW1bpYbi5zKWAcwQ7rGMB8GA1UdIwQY
MBaAFNyIlFyIZ6cmK6N5s6aYQAkaTxkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2Et
OWNmZjFhZWUyYjBjLzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2EtOWNmZjFhZWUyYjBj
LzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg/teExg+
sNe1mW50W/AIYPTyTzVU7crDI77H/8v6LZ/1DqGa7aO95S6dZ5FnbjaeKFWa8ejO
XbsStcIF6Cm7L8qVn+9yoxiRkD5m8su7Us+PIeSOmu5ijbBfMPk9PHvgFUXz/c6j
rcAnlPyP/plg6dXZ303YVkZ6oIx59iIZ2Arqim11t7IHqYBRNlLGZiNGi1iqd0Px
qBC4D0rUGHbdslp9FeDsf+fUCyKQQdpAOR1X1jEP2SB+uPyl32FearJ5Xzn25ytK
lre+h7MkuFkVCqheANk2pgY51Qq2Mkn8Xx0BQ2DfUUNUG9cd3ZIg/VzchoCe8W0N
OM9go79LnspAcA==
-----END CERTIFICATE-----