Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft
File:                     3D56OUu_G77Efz-7aaGJ-KOx0FY.mft (raw, json)
Hash identifier:          ANfjRMrksEsB1NWHSxpISBBQGLk0ijWGTnMcgfjZOAc=
Subject key identifier:   85:64:AB:5B:9D:94:69:E2:15:C7:9F:AB:AC:00:7E:DA:10:46:03:88
Authority key identifier: DC:3E:7A:39:4B:BF:1B:BE:C4:7F:3F:BB:69:A1:89:F8:A3:B1:D0:56
Certificate issuer:       /CN=dc3e7a394bbf1bbec47f3fbb69a189f8a3b1d056
Certificate serial:       0197B88EC1EF7311DFBACBE7E6F77D5815A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft
Manifest number:          0861
Signing time:             Sat 28 Jun 2025 22:00:52 +0000
Manifest this update:     Sat 28 Jun 2025 22:00:52 +0000
Manifest next update:     Sun 29 Jun 2025 22:00:52 +0000
Files and hashes:         1: 3D56OUu_G77Efz-7aaGJ-KOx0FY.crl (hash: 7Ma8D2eNruwT4s6sPpgFZyoa/z/pfUzQxF+Pp8iCdS0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8e:c1:ef:73:11:df:ba:cb:e7:e6:f7:7d:58:15:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc3e7a394bbf1bbec47f3fbb69a189f8a3b1d056
        Validity
            Not Before: Jun 28 22:00:52 2025 GMT
            Not After : Jun 29 22:00:52 2025 GMT
        Subject: CN=8564ab5b9d9469e215c79fabac007eda10460388
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:15:7f:29:ad:35:c7:b9:a2:f1:cc:f3:2c:6d:
                    20:d4:0e:cf:2f:d6:fe:f1:55:af:cc:c5:42:fc:3f:
                    94:93:82:fe:a5:93:70:f1:5d:77:c4:eb:7b:18:a7:
                    c7:88:eb:7e:2b:74:9c:39:71:7e:e7:66:c5:c0:a7:
                    de:40:6c:70:11:e3:b2:a7:83:6c:ec:a8:27:a2:d1:
                    cf:b1:d9:26:f7:19:92:7f:53:c1:ab:59:83:21:09:
                    10:29:7c:83:e1:7d:24:40:96:1c:ac:21:4a:1b:a5:
                    92:7f:79:8b:e9:b0:fa:3b:5d:75:d0:79:01:0b:56:
                    77:02:1c:34:11:0b:95:60:90:b7:99:45:66:89:70:
                    68:59:c3:d3:c1:be:36:1b:b6:28:e0:62:19:70:2d:
                    03:f1:20:50:82:22:d9:96:69:1f:4a:20:e0:55:11:
                    4e:93:33:95:51:79:c6:57:fc:67:4b:89:3b:4c:25:
                    ac:d7:b3:60:b3:58:f8:1b:a0:36:65:0c:6f:db:9e:
                    01:3a:07:2b:5d:28:c0:8d:c4:4f:ef:55:36:1c:22:
                    b1:fc:65:12:d5:c7:23:f9:ea:c4:fa:5b:3b:36:bd:
                    26:af:27:b0:8b:51:25:94:3f:c7:84:fb:b9:45:c3:
                    40:21:96:0f:a3:6a:8a:3b:8c:e5:5c:72:6b:57:b9:
                    5b:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:64:AB:5B:9D:94:69:E2:15:C7:9F:AB:AC:00:7E:DA:10:46:03:88
            X509v3 Authority Key Identifier:
                keyid:DC:3E:7A:39:4B:BF:1B:BE:C4:7F:3F:BB:69:A1:89:F8:A3:B1:D0:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:27:0d:e8:b4:a8:6f:58:14:d3:5a:c1:25:71:93:26:8d:2d:
         6d:a0:4f:ab:40:c0:c6:a8:71:32:b4:80:c0:65:15:2d:e8:e8:
         8f:15:8b:7f:44:88:93:92:d3:0c:56:df:ad:52:e6:64:8d:c3:
         39:9c:d8:70:f8:a3:be:77:68:5b:81:3f:f4:fe:04:4d:31:0c:
         8a:47:ea:3c:95:9e:ab:05:00:20:36:d8:4a:18:a8:03:f2:fa:
         b3:45:ee:03:a4:82:af:35:21:dc:23:d2:6b:29:22:35:d8:55:
         e9:7c:b7:02:20:f4:81:97:80:7d:bb:ce:f9:66:6f:78:f5:ae:
         62:25:8d:35:51:3e:0f:58:a8:ff:96:41:a3:eb:c9:02:84:ee:
         17:6a:89:40:2f:79:09:1f:da:f8:6e:f7:07:7c:83:ad:5f:0c:
         44:5e:35:96:be:b9:cb:60:3a:6c:e8:46:85:33:5d:67:e7:1b:
         71:9c:0e:c2:ad:98:9b:f4:f2:0a:9e:83:2f:b2:3e:55:0a:8c:
         db:ec:16:f0:73:16:21:12:6a:8c:f6:25:8f:05:36:eb:27:e1:
         71:12:3f:2b:a7:2c:6e:6e:db:34:0a:76:c7:e8:70:dc:4f:9f:
         0f:c8:78:c2:11:32:ee:69:90:98:cb:d7:6f:8d:36:e9:f9:52:
         05:52:88:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jsHvcxHfusvn5vd9WBWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjM2U3YTM5NGJiZjFiYmVjNDdmM2ZiYjY5YTE4OWY4YTNi
MWQwNTYwHhcNMjUwNjI4MjIwMDUyWhcNMjUwNjI5MjIwMDUyWjAzMTEwLwYDVQQD
Eyg4NTY0YWI1YjlkOTQ2OWUyMTVjNzlmYWJhYzAwN2VkYTEwNDYwMzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xV/Ka01x7mi8czzLG0g1A7PL9b+
8VWvzMVC/D+Uk4L+pZNw8V13xOt7GKfHiOt+K3ScOXF+52bFwKfeQGxwEeOyp4Ns
7KgnotHPsdkm9xmSf1PBq1mDIQkQKXyD4X0kQJYcrCFKG6WSf3mL6bD6O1110HkB
C1Z3Ahw0EQuVYJC3mUVmiXBoWcPTwb42G7Yo4GIZcC0D8SBQgiLZlmkfSiDgVRFO
kzOVUXnGV/xnS4k7TCWs17Ngs1j4G6A2ZQxv254BOgcrXSjAjcRP71U2HCKx/GUS
1ccj+erE+ls7Nr0mryewi1EllD/HhPu5RcNAIZYPo2qKO4zlXHJrV7lbqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIVkq1udlGniFcefq6wAftoQRgOIMB8GA1UdIwQY
MBaAFNw+ejlLvxu+xH8/u2mhifijsdBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81YjY4NGEtZTQwOS00N2VhLTljY2It
NDRiMjFhOGJlYmZkLzEvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81YjY4NGEtZTQwOS00N2VhLTljY2ItNDRiMjFhOGJlYmZk
LzEvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQScN6LSo
b1gU01rBJXGTJo0tbaBPq0DAxqhxMrSAwGUVLejojxWLf0SIk5LTDFbfrVLmZI3D
OZzYcPijvndoW4E/9P4ETTEMikfqPJWeqwUAIDbYShioA/L6s0XuA6SCrzUh3CPS
aykiNdhV6Xy3AiD0gZeAfbvO+WZvePWuYiWNNVE+D1io/5ZBo+vJAoTuF2qJQC95
CR/a+G73B3yDrV8MRF41lr65y2A6bOhGhTNdZ+cbcZwOwq2Ym/TyCp6DL7I+VQqM
2+wW8HMWIRJqjPYljwU26yfhcRI/K6csbm7bNAp2x+hw3E+fD8h4whEy7mmQmMvX
b4026flSBVKIag==
-----END CERTIFICATE-----