Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft
File:                     R3BGWvTHI2RwAFnnll08iepGPNc.mft (raw, json)
Hash identifier:          Udf0cHQKhlx92G430vVTvQwO72+euu/3uuWhUayczXE=
Subject key identifier:   D7:E3:AA:7E:AB:8D:26:37:8C:E5:F8:D0:EE:53:52:40:A4:5A:F4:6D
Authority key identifier: 47:70:46:5A:F4:C7:23:64:70:00:59:E7:96:5D:3C:89:EA:46:3C:D7
Certificate issuer:       /CN=4770465af4c72364700059e7965d3c89ea463cd7
Certificate serial:       0197BA7D63107BE4CB714B1A4CCD1BC41767
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R3BGWvTHI2RwAFnnll08iepGPNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft
Manifest number:          0F6D
Signing time:             Sun 29 Jun 2025 07:01:08 +0000
Manifest this update:     Sun 29 Jun 2025 07:01:08 +0000
Manifest next update:     Mon 30 Jun 2025 07:01:08 +0000
Files and hashes:         1: R3BGWvTHI2RwAFnnll08iepGPNc.crl (hash: WAaroFpgtFNorwWiljKO713TmoyRwbZoh3+Z4ivOy28=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R3BGWvTHI2RwAFnnll08iepGPNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:7d:63:10:7b:e4:cb:71:4b:1a:4c:cd:1b:c4:17:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4770465af4c72364700059e7965d3c89ea463cd7
        Validity
            Not Before: Jun 29 07:01:08 2025 GMT
            Not After : Jun 30 07:01:08 2025 GMT
        Subject: CN=d7e3aa7eab8d26378ce5f8d0ee535240a45af46d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:0c:5e:86:ea:6c:b1:67:cd:b9:eb:c4:ce:03:
                    2e:8d:54:fa:2c:c1:8c:8a:b3:79:a3:94:f3:f2:92:
                    e2:29:ff:94:dc:09:21:69:3e:80:1e:29:17:45:b2:
                    f8:a4:fe:9f:b4:be:5d:17:4a:5d:31:d3:02:88:e2:
                    71:18:b8:10:aa:8e:1e:57:e5:46:cf:b6:38:cc:a7:
                    48:b4:6f:39:77:11:e6:64:ae:a1:ad:a9:8c:87:65:
                    07:ef:a6:68:1c:2e:2b:8b:6e:bd:68:9d:dd:08:0d:
                    32:e9:e5:94:91:3a:1e:de:d1:19:a5:ea:8a:14:de:
                    25:9d:1b:37:14:b0:c3:d4:d4:2d:ee:90:86:66:e2:
                    b9:7e:54:31:a8:26:7a:c7:3f:97:ef:55:8d:d1:81:
                    8f:3a:9e:a8:11:3a:d7:69:f7:2e:24:2d:78:ea:41:
                    fc:08:97:69:8c:c5:86:ba:d5:72:59:0c:1a:91:dc:
                    51:04:2a:e3:30:58:98:7f:ba:cf:5e:bf:01:20:d8:
                    af:e3:67:58:a4:ca:a9:5b:b0:e5:33:71:80:95:07:
                    1a:c7:f2:70:0e:aa:c4:71:96:f6:23:87:65:49:d9:
                    bc:ef:b1:79:95:ed:cc:64:5d:16:66:e6:52:73:0b:
                    80:c3:b1:07:be:92:b8:0c:59:19:a2:d7:16:29:41:
                    ba:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:E3:AA:7E:AB:8D:26:37:8C:E5:F8:D0:EE:53:52:40:A4:5A:F4:6D
            X509v3 Authority Key Identifier:
                keyid:47:70:46:5A:F4:C7:23:64:70:00:59:E7:96:5D:3C:89:EA:46:3C:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3BGWvTHI2RwAFnnll08iepGPNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:59:13:d9:86:e4:46:ab:1b:05:0a:69:75:bf:49:ee:6a:7f:
         26:5e:0c:c9:1c:c1:04:7f:62:34:4c:87:c9:91:53:5a:ab:88:
         23:67:41:09:d4:8b:3e:00:6e:6a:0d:8f:46:88:10:82:ed:f8:
         20:a4:43:e0:75:8d:05:98:c3:1c:d9:a5:cf:0c:79:14:12:c9:
         df:b0:d3:53:ad:5c:26:70:d6:d9:2a:64:60:05:1a:b5:20:ab:
         b0:76:d6:2b:82:f3:19:7a:37:05:cf:a8:51:b6:69:90:fd:6b:
         23:ac:48:01:2d:4f:11:90:3b:db:e0:53:1f:3d:e9:e5:f6:e9:
         90:01:73:0b:94:91:09:09:e4:d1:db:68:5f:97:f4:3b:86:a4:
         9a:cf:59:af:b6:05:58:eb:3b:c9:aa:4d:4c:25:79:74:07:17:
         c6:07:ee:cb:e7:e0:95:bd:59:55:23:30:44:47:06:7f:d4:3d:
         37:c5:43:0d:82:34:48:5e:52:95:e5:f3:4a:d6:70:15:33:9f:
         8f:d4:36:33:98:c2:cb:76:2b:76:c2:27:e7:a5:6e:4d:83:b2:
         af:ab:fc:6e:ac:30:1b:09:d8:87:c5:b3:97:c3:b6:05:2d:40:
         4e:51:f2:41:f2:4c:05:e9:84:a7:dc:0c:a4:b2:6e:bf:a6:12:
         63:c5:ea:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6fWMQe+TLcUsaTM0bxBdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NzA0NjVhZjRjNzIzNjQ3MDAwNTllNzk2NWQzYzg5ZWE0
NjNjZDcwHhcNMjUwNjI5MDcwMTA4WhcNMjUwNjMwMDcwMTA4WjAzMTEwLwYDVQQD
EyhkN2UzYWE3ZWFiOGQyNjM3OGNlNWY4ZDBlZTUzNTI0MGE0NWFmNDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwxehupssWfNuevEzgMujVT6LMGM
irN5o5Tz8pLiKf+U3AkhaT6AHikXRbL4pP6ftL5dF0pdMdMCiOJxGLgQqo4eV+VG
z7Y4zKdItG85dxHmZK6hramMh2UH76ZoHC4ri269aJ3dCA0y6eWUkToe3tEZpeqK
FN4lnRs3FLDD1NQt7pCGZuK5flQxqCZ6xz+X71WN0YGPOp6oETrXafcuJC146kH8
CJdpjMWGutVyWQwakdxRBCrjMFiYf7rPXr8BINiv42dYpMqpW7DlM3GAlQcax/Jw
DqrEcZb2I4dlSdm877F5le3MZF0WZuZScwuAw7EHvpK4DFkZotcWKUG6MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNfjqn6rjSY3jOX40O5TUkCkWvRtMB8GA1UdIwQY
MBaAFEdwRlr0xyNkcABZ55ZdPInqRjzXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjNCR1d2VEhJMlJ3QUZubmxsMDhpZXBHUE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC85N2QwOWItZTVlMS00N2Y4LWIyNWYt
OGE5MmUwOWJmZTFiLzEvUjNCR1d2VEhJMlJ3QUZubmxsMDhpZXBHUE5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC85N2QwOWItZTVlMS00N2Y4LWIyNWYtOGE5MmUwOWJmZTFi
LzEvUjNCR1d2VEhJMlJ3QUZubmxsMDhpZXBHUE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASFkT2Ybk
RqsbBQppdb9J7mp/Jl4MyRzBBH9iNEyHyZFTWquII2dBCdSLPgBuag2PRogQgu34
IKRD4HWNBZjDHNmlzwx5FBLJ37DTU61cJnDW2SpkYAUatSCrsHbWK4LzGXo3Bc+o
UbZpkP1rI6xIAS1PEZA72+BTHz3p5fbpkAFzC5SRCQnk0dtoX5f0O4akms9Zr7YF
WOs7yapNTCV5dAcXxgfuy+fglb1ZVSMwREcGf9Q9N8VDDYI0SF5SleXzStZwFTOf
j9Q2M5jCy3YrdsIn56VuTYOyr6v8bqwwGwnYh8Wzl8O2BS1ATlHyQfJMBemEp9wM
pLJuv6YSY8Xqpw==
-----END CERTIFICATE-----