Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
File:                     3XF0IQf16FBis-CuZa-kuuZw4Es.mft (raw, json)
Hash identifier:          DK6ghVUgxIZKXLfwlv9crhQ6avZRvmJHv3ccneNqMws=
Subject key identifier:   7E:A2:B3:6C:D1:85:2E:10:5B:8C:A8:10:78:B8:75:F9:FC:98:BE:03
Authority key identifier: DD:71:74:21:07:F5:E8:50:62:B3:E0:AE:65:AF:A4:BA:E6:70:E0:4B
Certificate issuer:       /CN=dd71742107f5e85062b3e0ae65afa4bae670e04b
Certificate serial:       0197B7EA1D8ED1FAB1E82787AF4696604C31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
Manifest number:          0436
Signing time:             Sat 28 Jun 2025 19:01:02 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:02 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:02 +0000
Files and hashes:         1: 3XF0IQf16FBis-CuZa-kuuZw4Es.crl (hash: QIBgYHplo5qjf2Q1/TF0d00DBtXv9RU0Bh3ov+p+/zc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:1d:8e:d1:fa:b1:e8:27:87:af:46:96:60:4c:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd71742107f5e85062b3e0ae65afa4bae670e04b
        Validity
            Not Before: Jun 28 19:01:02 2025 GMT
            Not After : Jun 29 19:01:02 2025 GMT
        Subject: CN=7ea2b36cd1852e105b8ca81078b875f9fc98be03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:6e:5b:d4:10:40:c5:ed:e1:98:26:01:2b:e4:
                    b9:4b:23:be:8b:bb:0e:fd:e0:51:25:73:cf:b5:8d:
                    61:ce:5f:38:65:f8:df:e2:e7:e9:5e:3e:f5:f1:56:
                    47:68:2d:14:85:81:80:73:5d:f5:28:56:77:ae:8d:
                    03:73:5a:dd:12:68:b9:79:74:e8:b0:3a:14:fc:7f:
                    ed:92:44:33:19:bc:2c:fc:7b:e3:5a:53:10:1d:aa:
                    d1:a2:03:e5:1a:93:e1:09:2f:7e:d0:3b:fc:16:96:
                    6a:28:d2:29:19:bb:9a:d2:03:1f:df:8f:af:32:50:
                    45:c4:16:81:f9:9e:10:ba:9d:d9:c3:c9:0e:c5:b8:
                    7f:0b:8d:7a:2a:48:06:8d:3c:07:e5:04:b8:10:af:
                    2e:18:1e:16:ba:fb:fb:86:07:49:10:17:f9:dc:0b:
                    63:19:11:9f:36:61:bd:88:11:62:ca:30:20:7b:7e:
                    e1:1e:6f:68:19:d5:6d:23:c2:66:46:30:51:5b:73:
                    41:8d:7b:52:0e:4d:82:a1:89:ee:19:eb:1f:c9:ff:
                    74:05:69:37:53:9c:1e:38:87:5d:98:53:a8:49:0d:
                    e3:5d:29:6c:c9:4f:64:a5:c2:60:57:51:1d:94:7a:
                    5c:63:61:39:19:58:11:85:e7:56:64:e7:ab:3c:92:
                    5c:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:A2:B3:6C:D1:85:2E:10:5B:8C:A8:10:78:B8:75:F9:FC:98:BE:03
            X509v3 Authority Key Identifier:
                keyid:DD:71:74:21:07:F5:E8:50:62:B3:E0:AE:65:AF:A4:BA:E6:70:E0:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:c5:cd:f7:b1:45:92:2a:51:c5:fa:0f:52:29:c6:f3:58:1e:
         5c:43:c4:7d:4a:fc:3f:62:9a:58:6e:c7:88:0d:07:11:fe:b6:
         7c:d0:cf:a3:5e:d5:2c:5d:32:ce:a3:08:10:af:88:55:23:80:
         1c:b9:d8:4d:13:4d:59:00:45:7b:a2:2e:a3:7d:0f:4e:28:77:
         00:58:8b:c5:16:24:1c:3e:dd:a3:8c:28:9b:06:f8:a1:35:cf:
         a7:98:65:b5:ca:00:63:80:7c:be:42:92:31:8c:0a:65:ce:4c:
         4b:28:78:0a:a2:92:b6:8a:71:76:c8:f3:9c:dc:10:20:db:88:
         3f:7e:78:2e:70:d4:57:46:e3:a9:39:d3:de:e8:f3:f2:af:c4:
         05:03:b1:ec:64:5a:58:35:2d:fc:c0:78:db:c4:54:f6:4b:38:
         66:d0:e7:11:4d:fc:f7:44:dd:f9:02:84:cf:01:00:e7:23:91:
         2d:ad:f9:11:c1:f8:65:d3:71:e5:f9:fc:c1:4f:e9:92:44:fb:
         77:a4:5b:8d:4f:51:9c:51:94:3b:51:bd:b2:31:9e:83:32:f1:
         11:e8:d8:9d:fc:40:3f:ce:9d:17:3e:1d:43:b6:6f:d8:f0:87:
         88:8b:2d:04:14:bb:d5:c1:96:f2:3c:5c:39:f5:54:47:3b:ad:
         8e:cf:41:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36h2O0fqx6CeHr0aWYEwxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzE3NDIxMDdmNWU4NTA2MmIzZTBhZTY1YWZhNGJhZTY3
MGUwNGIwHhcNMjUwNjI4MTkwMTAyWhcNMjUwNjI5MTkwMTAyWjAzMTEwLwYDVQQD
Eyg3ZWEyYjM2Y2QxODUyZTEwNWI4Y2E4MTA3OGI4NzVmOWZjOThiZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoG5b1BBAxe3hmCYBK+S5SyO+i7sO
/eBRJXPPtY1hzl84Zfjf4ufpXj718VZHaC0UhYGAc131KFZ3ro0Dc1rdEmi5eXTo
sDoU/H/tkkQzGbws/HvjWlMQHarRogPlGpPhCS9+0Dv8FpZqKNIpGbua0gMf34+v
MlBFxBaB+Z4Qup3Zw8kOxbh/C416KkgGjTwH5QS4EK8uGB4Wuvv7hgdJEBf53Atj
GRGfNmG9iBFiyjAge37hHm9oGdVtI8JmRjBRW3NBjXtSDk2CoYnuGesfyf90BWk3
U5weOIddmFOoSQ3jXSlsyU9kpcJgV1EdlHpcY2E5GVgRhedWZOerPJJcuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH6is2zRhS4QW4yoEHi4dfn8mL4DMB8GA1UdIwQY
MBaAFN1xdCEH9ehQYrPgrmWvpLrmcOBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8yZGU0YTktNjU4Yy00MDZiLThlZTct
YTc3MDZiYTMwODg5LzEvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8yZGU0YTktNjU4Yy00MDZiLThlZTctYTc3MDZiYTMwODg5
LzEvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGsXN97FF
kipRxfoPUinG81geXEPEfUr8P2KaWG7HiA0HEf62fNDPo17VLF0yzqMIEK+IVSOA
HLnYTRNNWQBFe6Iuo30PTih3AFiLxRYkHD7do4womwb4oTXPp5hltcoAY4B8vkKS
MYwKZc5MSyh4CqKStopxdsjznNwQINuIP354LnDUV0bjqTnT3ujz8q/EBQOx7GRa
WDUt/MB428RU9ks4ZtDnEU3890Td+QKEzwEA5yORLa35EcH4ZdNx5fn8wU/pkkT7
d6RbjU9RnFGUO1G9sjGegzLxEejYnfxAP86dFz4dQ7Zv2PCHiIstBBS71cGW8jxc
OfVURzutjs9BkQ==
-----END CERTIFICATE-----