Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
File:                     3ohLjkYvPsE6QCTWaamdlK8FzbI.mft (raw, json)
Hash identifier:          7hdILE5pPDKM5jh0uI21UCKj0eTkz+XvI53Efdz1ytI=
Subject key identifier:   0F:B0:9E:0E:F5:68:4F:B6:57:76:58:34:49:54:B8:A7:93:0A:58:9E
Authority key identifier: DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2
Certificate issuer:       /CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
Certificate serial:       0197B74556AF3A4A6C5B005EB133DE8F7945
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
Manifest number:          0664
Signing time:             Sat 28 Jun 2025 16:01:03 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:03 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:03 +0000
Files and hashes:         1: 3ohLjkYvPsE6QCTWaamdlK8FzbI.crl (hash: ZZn2d82DusSG3hlcsQxrDqwU3Gfg082Cs8UbohMGjbg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:56:af:3a:4a:6c:5b:00:5e:b1:33:de:8f:79:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
        Validity
            Not Before: Jun 28 16:01:03 2025 GMT
            Not After : Jun 29 16:01:03 2025 GMT
        Subject: CN=0fb09e0ef5684fb6577658344954b8a7930a589e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:8b:b2:2a:af:20:2e:61:38:46:b7:a1:55:7a:
                    07:8e:14:59:b2:bb:d1:20:81:fe:fd:b5:04:8c:68:
                    77:03:ba:d1:5c:eb:dd:7d:c1:8f:f9:36:b7:f0:e8:
                    18:2e:a6:59:67:0f:ca:22:a7:d9:74:9a:35:6a:42:
                    7b:bb:00:96:fd:69:9a:d3:55:a5:61:6f:03:93:54:
                    6b:04:0f:56:9d:f6:be:e2:68:d8:5e:c4:0b:46:3d:
                    4e:73:b2:50:14:1d:a6:1b:19:47:c8:52:3f:3f:4c:
                    ea:f3:2b:52:a5:aa:16:9e:ef:f5:dd:b3:09:03:72:
                    87:ee:75:c8:58:08:9c:56:a2:df:b8:57:cd:db:85:
                    85:af:a5:04:50:d6:8f:3f:9e:37:9a:78:e6:e2:c9:
                    b8:8c:38:4d:2f:e2:98:43:04:3f:6f:cd:0a:84:45:
                    de:5d:58:5e:08:63:8b:db:f4:5f:91:47:a8:7d:88:
                    29:83:e7:61:e5:22:44:56:87:42:77:79:60:80:ef:
                    5d:26:23:32:6b:49:e9:99:31:f5:22:fa:e3:ff:91:
                    32:5d:13:75:c2:09:7a:f1:0d:12:ad:86:8d:9b:94:
                    57:b8:7a:77:0c:24:56:b2:43:b9:46:05:1c:54:f8:
                    28:4b:23:2b:56:68:0f:04:e3:99:20:b8:c9:fe:b8:
                    e9:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:B0:9E:0E:F5:68:4F:B6:57:76:58:34:49:54:B8:A7:93:0A:58:9E
            X509v3 Authority Key Identifier:
                keyid:DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:11:76:cb:2e:0f:a7:b0:09:7f:b7:ab:79:e0:03:fe:4e:3c:
         d0:39:03:97:0c:1b:14:c4:d5:1d:05:63:99:95:e2:9c:2f:a2:
         59:43:02:e2:68:24:49:1a:5e:b5:50:51:56:a4:a1:e0:eb:02:
         6d:84:1a:03:3b:e4:89:1f:39:39:3c:a1:76:20:56:2d:47:1c:
         b0:cd:ee:3c:62:1b:f3:18:ae:97:38:55:da:44:00:d0:7b:cb:
         4c:f4:a8:56:d3:1a:28:be:44:d3:01:91:e6:f3:83:37:ec:27:
         a7:f8:60:d8:35:1d:2a:82:03:39:08:23:cb:6b:8a:02:fe:ee:
         ce:00:76:9d:c1:64:0c:2e:04:9a:e3:ef:32:83:aa:76:b4:da:
         15:08:de:13:59:e1:84:4b:f9:89:86:1d:64:44:72:27:03:8e:
         e0:cf:f6:b7:a0:cc:b4:2a:3c:a9:f5:3a:e5:a2:3f:f0:0d:ae:
         03:c7:79:22:93:fa:f3:22:0f:be:34:72:c4:71:65:e3:8c:b6:
         76:98:94:69:d3:39:d5:0b:d4:a0:44:aa:c0:ae:f5:cc:fa:4f:
         d0:8d:fa:e5:5e:33:1c:dc:75:ed:f8:0a:c3:30:ef:63:65:32:
         8d:36:44:87:59:5b:b0:bd:11:70:4b:21:42:4d:31:1b:44:c2:
         0e:4b:22:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RVavOkpsWwBesTPej3lFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODg0YjhlNDYyZjNlYzEzYTQwMjRkNjY5YTk5ZDk0YWYw
NWNkYjIwHhcNMjUwNjI4MTYwMTAzWhcNMjUwNjI5MTYwMTAzWjAzMTEwLwYDVQQD
EygwZmIwOWUwZWY1Njg0ZmI2NTc3NjU4MzQ0OTU0YjhhNzkzMGE1ODllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIuyKq8gLmE4RrehVXoHjhRZsrvR
IIH+/bUEjGh3A7rRXOvdfcGP+Ta38OgYLqZZZw/KIqfZdJo1akJ7uwCW/Wma01Wl
YW8Dk1RrBA9Wnfa+4mjYXsQLRj1Oc7JQFB2mGxlHyFI/P0zq8ytSpaoWnu/13bMJ
A3KH7nXIWAicVqLfuFfN24WFr6UEUNaPP543mnjm4sm4jDhNL+KYQwQ/b80KhEXe
XVheCGOL2/RfkUeofYgpg+dh5SJEVodCd3lggO9dJiMya0npmTH1Ivrj/5EyXRN1
wgl68Q0SrYaNm5RXuHp3DCRWskO5RgUcVPgoSyMrVmgPBOOZILjJ/rjpJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+wng71aE+2V3ZYNElUuKeTClieMB8GA1UdIwQY
MBaAFN6IS45GLz7BOkAk1mmpnZSvBc2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUt
NGFmNzA0MDJiMjcwLzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUtNGFmNzA0MDJiMjcw
LzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANxF2yy4P
p7AJf7ereeAD/k480DkDlwwbFMTVHQVjmZXinC+iWUMC4mgkSRpetVBRVqSh4OsC
bYQaAzvkiR85OTyhdiBWLUccsM3uPGIb8xiulzhV2kQA0HvLTPSoVtMaKL5E0wGR
5vODN+wnp/hg2DUdKoIDOQgjy2uKAv7uzgB2ncFkDC4EmuPvMoOqdrTaFQjeE1nh
hEv5iYYdZERyJwOO4M/2t6DMtCo8qfU65aI/8A2uA8d5IpP68yIPvjRyxHFl44y2
dpiUadM51QvUoESqwK71zPpP0I365V4zHNx17fgKwzDvY2UyjTZEh1lbsL0RcEsh
Qk0xG0TCDksiGQ==
-----END CERTIFICATE-----