Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
File:                     3cwuYUgshl3CU8D6lD49os6X2gU.mft (raw, json)
Hash identifier:          W6ch+QHLvBcakq146Xc2GD/0SISt4VLmZ7SSkQN7f2M=
Subject key identifier:   0E:4D:70:81:44:EF:4B:EE:39:71:90:21:1E:E4:E9:25:E4:1B:CE:BD
Authority key identifier: DD:CC:2E:61:48:2C:86:5D:C2:53:C0:FA:94:3E:3D:A2:CE:97:DA:05
Certificate issuer:       /CN=ddcc2e61482c865dc253c0fa943e3da2ce97da05
Certificate serial:       0197B5FC5803CAF3116A9C710E0821E7A165
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
Manifest number:          0539
Signing time:             Sat 28 Jun 2025 10:01:43 +0000
Manifest this update:     Sat 28 Jun 2025 10:01:43 +0000
Manifest next update:     Sun 29 Jun 2025 10:01:43 +0000
Files and hashes:         1: 3cwuYUgshl3CU8D6lD49os6X2gU.crl (hash: WtorU9tG5LwXV3AWk02l+AflXHd+wSDsoIToJbESFCo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:01:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:fc:58:03:ca:f3:11:6a:9c:71:0e:08:21:e7:a1:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddcc2e61482c865dc253c0fa943e3da2ce97da05
        Validity
            Not Before: Jun 28 10:01:43 2025 GMT
            Not After : Jun 29 10:01:43 2025 GMT
        Subject: CN=0e4d708144ef4bee397190211ee4e925e41bcebd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:03:71:45:43:78:38:0c:be:aa:74:41:70:38:
                    c8:73:90:95:6c:5a:13:68:5f:7e:aa:a1:e5:b0:50:
                    6c:fd:bc:3d:b7:df:09:8f:7e:c8:22:34:97:4b:f3:
                    3a:65:02:ad:d7:67:52:f5:ec:a5:16:ec:7d:a9:1f:
                    70:8b:3f:64:05:3d:9a:ce:fa:fe:53:7c:75:4b:8c:
                    6c:ed:aa:40:b2:04:b9:d8:d2:3e:ce:07:3b:ba:a4:
                    ae:9c:82:38:39:ff:9a:3e:c1:a3:31:ec:18:41:ed:
                    29:5a:3e:b4:35:d7:8b:a7:e8:6b:39:d0:ef:ed:31:
                    cc:39:84:a3:33:0b:58:1e:e4:e4:11:bd:e7:ac:fd:
                    ed:04:30:1b:e0:54:03:c0:6d:0c:64:b1:b5:93:06:
                    92:ca:f1:5f:59:81:7e:fb:28:79:7d:b0:eb:9c:58:
                    f4:54:bd:90:1d:3a:17:57:b7:9d:38:88:5b:33:75:
                    73:9c:5e:f4:08:24:bf:a8:5e:82:47:9f:bf:26:07:
                    53:ad:86:5b:e4:a2:b8:2f:ad:09:8b:af:5e:b7:39:
                    8d:af:39:61:4c:de:f1:aa:c4:13:d9:22:09:ce:8c:
                    00:e3:6c:76:fa:34:97:35:16:87:b3:7e:4c:20:45:
                    ad:23:d2:a6:7a:00:1f:a7:fe:d5:fb:9e:0d:ac:f9:
                    0e:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:4D:70:81:44:EF:4B:EE:39:71:90:21:1E:E4:E9:25:E4:1B:CE:BD
            X509v3 Authority Key Identifier:
                keyid:DD:CC:2E:61:48:2C:86:5D:C2:53:C0:FA:94:3E:3D:A2:CE:97:DA:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:73:59:63:88:dc:9a:2f:10:67:6d:55:61:cd:98:25:da:4e:
         46:cc:ae:9b:62:5d:61:fa:0b:51:31:a5:ab:09:87:d2:db:e0:
         91:88:9c:21:91:20:fe:1e:9e:ef:b0:a6:20:8c:d7:35:57:0c:
         e6:40:ce:71:07:e0:0a:0a:75:50:3d:da:05:a5:e2:f5:39:e7:
         27:69:04:c7:f4:76:54:0b:88:94:44:99:77:e6:90:11:64:f9:
         92:f6:e7:e1:e2:25:1e:ae:54:11:65:fd:2d:55:40:8e:a5:bc:
         2a:0c:06:9b:c6:16:37:b1:b1:67:12:3c:2b:cd:e3:b4:90:22:
         93:5a:cd:d0:7d:0f:6e:20:9e:69:dd:d8:30:29:69:24:ac:9f:
         2c:1e:ef:9f:c3:89:d0:da:7a:9b:cb:7a:91:68:e8:f5:01:36:
         be:a2:03:cc:26:b1:f2:78:82:d9:8f:3a:d9:c5:80:63:01:e1:
         10:8f:63:99:1c:e4:00:e2:6a:d0:73:bd:ab:ab:e6:f8:98:95:
         b5:95:aa:0a:c4:4e:88:af:84:65:1d:2a:8e:27:6a:c2:0a:dc:
         f1:5f:bd:90:9d:52:c9:3b:17:00:54:8c:88:e0:a8:07:b8:26:
         35:82:7c:ff:1d:ce:7d:55:fd:a3:c4:2d:1a:f0:9e:03:7c:5f:
         9d:e8:d0:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1/FgDyvMRapxxDggh56FlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkY2MyZTYxNDgyYzg2NWRjMjUzYzBmYTk0M2UzZGEyY2U5
N2RhMDUwHhcNMjUwNjI4MTAwMTQzWhcNMjUwNjI5MTAwMTQzWjAzMTEwLwYDVQQD
EygwZTRkNzA4MTQ0ZWY0YmVlMzk3MTkwMjExZWU0ZTkyNWU0MWJjZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ANxRUN4OAy+qnRBcDjIc5CVbFoT
aF9+qqHlsFBs/bw9t98Jj37IIjSXS/M6ZQKt12dS9eylFux9qR9wiz9kBT2azvr+
U3x1S4xs7apAsgS52NI+zgc7uqSunII4Of+aPsGjMewYQe0pWj60NdeLp+hrOdDv
7THMOYSjMwtYHuTkEb3nrP3tBDAb4FQDwG0MZLG1kwaSyvFfWYF++yh5fbDrnFj0
VL2QHToXV7edOIhbM3VznF70CCS/qF6CR5+/JgdTrYZb5KK4L60Ji69etzmNrzlh
TN7xqsQT2SIJzowA42x2+jSXNRaHs35MIEWtI9KmegAfp/7V+54NrPkOvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA5NcIFE70vuOXGQIR7k6SXkG869MB8GA1UdIwQY
MBaAFN3MLmFILIZdwlPA+pQ+PaLOl9oFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iZjczNDMtNjVhNC00NzE0LThmOTAt
MzU4ZjU5NTMyMjU4LzEvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iZjczNDMtNjVhNC00NzE0LThmOTAtMzU4ZjU5NTMyMjU4
LzEvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABnNZY4jc
mi8QZ21VYc2YJdpORsyum2JdYfoLUTGlqwmH0tvgkYicIZEg/h6e77CmIIzXNVcM
5kDOcQfgCgp1UD3aBaXi9TnnJ2kEx/R2VAuIlESZd+aQEWT5kvbn4eIlHq5UEWX9
LVVAjqW8KgwGm8YWN7GxZxI8K83jtJAik1rN0H0PbiCead3YMClpJKyfLB7vn8OJ
0Np6m8t6kWjo9QE2vqIDzCax8niC2Y862cWAYwHhEI9jmRzkAOJq0HO9q6vm+JiV
tZWqCsROiK+EZR0qjidqwgrc8V+9kJ1SyTsXAFSMiOCoB7gmNYJ8/x3OfVX9o8Qt
GvCeA3xfnejQnw==
-----END CERTIFICATE-----