Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
File:                     3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json)
Hash identifier:          2TfcZPqZ/yQxgdnnU1WJbGB+yKapvBGxWo2C1f1rq3k=
Subject key identifier:   1A:33:F9:64:D6:0F:D6:43:DB:2C:6B:8D:79:57:E6:4A:47:DE:2A:67
Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3
Certificate issuer:       /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
Certificate serial:       0197B6A09C77EB0260D7C0A5DAFB8F25AC2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
Manifest number:          06DB
Signing time:             Sat 28 Jun 2025 13:01:08 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:08 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:08 +0000
Files and hashes:         1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: W7uQjm727u7B+/rGALmu5kvX2jr6pWZH+6NrldLmyLA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:9c:77:eb:02:60:d7:c0:a5:da:fb:8f:25:ac:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
        Validity
            Not Before: Jun 28 13:01:08 2025 GMT
            Not After : Jun 29 13:01:08 2025 GMT
        Subject: CN=1a33f964d60fd643db2c6b8d7957e64a47de2a67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:a1:ec:90:70:ee:f0:b1:cb:e2:4a:ec:8f:b4:
                    a2:19:82:17:5e:5d:a6:4e:c2:34:f0:9d:36:d6:f1:
                    64:6e:38:b2:a8:dc:9d:5d:8d:cd:df:de:ed:e5:cb:
                    8a:ee:8b:70:3c:8a:27:aa:0d:e1:4f:b2:b5:33:e9:
                    1b:8e:58:49:0b:d9:6a:a3:9b:5d:ce:14:3a:79:49:
                    5e:35:45:36:ef:d1:c7:11:b7:cd:3d:8f:42:3f:7c:
                    74:85:3c:24:8e:2b:71:d2:08:12:72:22:06:22:80:
                    e1:77:27:ee:2e:fb:04:4e:9a:0b:09:67:f7:d3:5a:
                    27:ad:f7:85:e2:a1:11:51:db:17:84:cd:da:6a:f3:
                    e0:a0:36:1a:18:14:ec:eb:14:0d:5f:2d:38:74:9e:
                    14:fa:83:ba:59:60:16:05:dd:98:77:91:a6:71:5c:
                    65:ae:8e:f8:36:37:3e:db:5d:76:e8:4a:4f:d6:2f:
                    72:b4:b6:d8:c2:cc:82:c2:f6:9b:4c:f2:6e:19:4b:
                    e4:b5:50:ee:cc:09:03:d9:f8:6a:41:7b:4f:bb:bf:
                    40:30:9e:1a:dd:93:32:14:9d:93:f6:91:15:d4:d9:
                    c1:70:49:00:a1:08:b9:30:49:c0:c3:49:45:84:ca:
                    e0:60:b5:76:15:ed:af:5b:81:70:5b:27:d3:94:21:
                    2a:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:33:F9:64:D6:0F:D6:43:DB:2C:6B:8D:79:57:E6:4A:47:DE:2A:67
            X509v3 Authority Key Identifier:
                keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:de:0a:b6:13:eb:27:63:73:d8:2e:b9:de:3a:d4:47:c5:90:
         7f:26:d4:6c:1a:33:a8:83:3c:2d:91:cd:1e:6b:92:97:a4:ac:
         7a:50:34:da:ae:98:dc:08:34:cd:ee:13:b8:ea:20:39:fc:18:
         6e:8a:9f:93:2a:1b:a5:e7:9a:a6:94:e8:d2:49:be:e8:79:77:
         57:12:06:5d:91:46:c6:5f:47:3b:2d:7a:9f:da:d2:7a:8b:c6:
         1a:2f:b8:4f:27:bf:26:77:81:38:7b:85:d6:c6:38:26:4a:f7:
         a0:82:ef:c1:b3:d3:6d:14:d7:0b:7a:c0:95:40:34:11:87:13:
         25:ba:c9:26:01:67:76:62:96:bd:4f:7d:fe:1b:9c:b5:4a:dc:
         94:26:fa:1c:12:41:d4:3b:05:6a:45:70:44:71:7b:3d:fd:0b:
         9a:4b:94:51:b9:b7:73:91:3c:10:c0:81:89:37:8a:1e:60:c9:
         3b:f4:e9:a5:c4:8f:ba:2f:46:5c:a0:62:83:d0:b0:3f:03:1b:
         3c:0e:ba:57:31:f8:3f:f8:de:14:2c:87:06:09:e3:85:c1:a6:
         75:fa:95:30:72:8f:12:ff:14:12:fd:1c:03:a3:95:78:01:89:
         4d:29:3b:c6:4d:0a:aa:cf:ac:b2:fb:d5:78:b5:54:6b:8f:26:
         68:cc:88:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oJx36wJg18Cl2vuPJawqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0
OTA3YjMwHhcNMjUwNjI4MTMwMTA4WhcNMjUwNjI5MTMwMTA4WjAzMTEwLwYDVQQD
EygxYTMzZjk2NGQ2MGZkNjQzZGIyYzZiOGQ3OTU3ZTY0YTQ3ZGUyYTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5KHskHDu8LHL4krsj7SiGYIXXl2m
TsI08J021vFkbjiyqNydXY3N397t5cuK7otwPIonqg3hT7K1M+kbjlhJC9lqo5td
zhQ6eUleNUU279HHEbfNPY9CP3x0hTwkjitx0ggSciIGIoDhdyfuLvsETpoLCWf3
01onrfeF4qERUdsXhM3aavPgoDYaGBTs6xQNXy04dJ4U+oO6WWAWBd2Yd5GmcVxl
ro74Njc+21126EpP1i9ytLbYwsyCwvabTPJuGUvktVDuzAkD2fhqQXtPu79AMJ4a
3ZMyFJ2T9pEV1NnBcEkAoQi5MEnAw0lFhMrgYLV2Fe2vW4FwWyfTlCEqKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBoz+WTWD9ZD2yxrjXlX5kpH3ipnMB8GA1UdIwQY
MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt
ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm
LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ94KthPr
J2Nz2C653jrUR8WQfybUbBozqIM8LZHNHmuSl6SselA02q6Y3Ag0ze4TuOogOfwY
boqfkyobpeeappTo0km+6Hl3VxIGXZFGxl9HOy16n9rSeovGGi+4Tye/JneBOHuF
1sY4Jkr3oILvwbPTbRTXC3rAlUA0EYcTJbrJJgFndmKWvU99/huctUrclCb6HBJB
1DsFakVwRHF7Pf0LmkuUUbm3c5E8EMCBiTeKHmDJO/TppcSPui9GXKBig9CwPwMb
PA66VzH4P/jeFCyHBgnjhcGmdfqVMHKPEv8UEv0cA6OVeAGJTSk7xk0Kqs+ssvvV
eLVUa48maMyI2A==
-----END CERTIFICATE-----