Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.mft
File:                     _sQT3TZn54GV5SaKooWupRa8sZk.mft (raw, json)
Hash identifier:          USlF/xZvZ6eVro3sGsHKgvqbOX9PtLeAHXeUPpbXy1Y=
Subject key identifier:   56:BA:D8:3B:3E:81:CF:F3:B3:03:C6:D7:FF:E3:0F:A3:04:26:01:19
Authority key identifier: FE:C4:13:DD:36:67:E7:81:95:E5:26:8A:A2:85:AE:A5:16:BC:B1:99
Certificate issuer:       /CN=fec413dd3667e78195e5268aa285aea516bcb199
Certificate serial:       0197B5FC36671868B90701E7F2D2EB30974C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_sQT3TZn54GV5SaKooWupRa8sZk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.mft
Manifest number:          12DE
Signing time:             Sat 28 Jun 2025 10:01:34 +0000
Manifest this update:     Sat 28 Jun 2025 10:01:34 +0000
Manifest next update:     Sun 29 Jun 2025 10:01:34 +0000
Files and hashes:         1: _sQT3TZn54GV5SaKooWupRa8sZk.crl (hash: OVbZCCmH0XocDJVfsFK6nBcQ6bTXE+vnpskGROkYmpg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_sQT3TZn54GV5SaKooWupRa8sZk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:fc:36:67:18:68:b9:07:01:e7:f2:d2:eb:30:97:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fec413dd3667e78195e5268aa285aea516bcb199
        Validity
            Not Before: Jun 28 10:01:34 2025 GMT
            Not After : Jun 29 10:01:34 2025 GMT
        Subject: CN=56bad83b3e81cff3b303c6d7ffe30fa304260119
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:5f:c0:a3:7d:9f:63:fd:f8:5c:1b:52:e8:5b:
                    a3:db:f8:53:40:79:86:b3:81:74:71:fb:e4:ba:ef:
                    a9:96:f7:42:98:6c:c8:2c:91:69:6f:f1:94:16:ad:
                    f2:a1:38:b4:6c:6c:7a:c2:53:5d:dd:0f:c8:27:08:
                    86:81:be:34:c6:b1:2c:6e:7f:94:3e:a9:d7:ff:60:
                    b1:1a:47:31:d3:72:ac:ae:da:ce:2d:a3:7f:e2:34:
                    67:3d:10:2f:bb:e2:81:22:ce:61:7a:5d:cd:6c:4e:
                    15:39:b2:db:55:e4:6c:22:b7:52:73:67:59:c6:1e:
                    9b:cd:65:d1:36:3c:ba:d6:0d:7b:42:44:f9:35:b4:
                    ce:09:a5:c0:a8:d0:55:2b:52:67:39:55:e5:2a:cc:
                    d5:b6:be:2a:c1:2b:15:8d:0e:af:07:63:ae:d3:a1:
                    41:47:57:b9:03:48:13:10:1a:a7:a1:4c:d8:5d:6e:
                    24:9e:0a:c9:56:cb:9f:5a:bb:a6:bb:62:17:d1:12:
                    b2:23:47:1f:33:76:53:46:3d:df:29:2e:9b:be:ad:
                    e5:32:bf:50:9e:6d:83:14:10:94:dc:1c:aa:43:98:
                    c9:18:5e:6f:7a:51:05:a4:fa:12:ef:cf:1b:7c:86:
                    ba:18:a0:54:e3:4d:09:2b:2d:f2:7e:b2:ec:fe:c8:
                    7f:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:BA:D8:3B:3E:81:CF:F3:B3:03:C6:D7:FF:E3:0F:A3:04:26:01:19
            X509v3 Authority Key Identifier:
                keyid:FE:C4:13:DD:36:67:E7:81:95:E5:26:8A:A2:85:AE:A5:16:BC:B1:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_sQT3TZn54GV5SaKooWupRa8sZk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:f0:33:a0:66:f3:9d:19:9b:5a:49:d6:54:b0:ea:ec:a3:a7:
         81:04:e0:fe:1e:59:b2:18:1f:f9:3b:58:fa:39:b4:a2:aa:70:
         d3:eb:36:4b:41:cb:d8:d5:eb:93:79:de:70:6e:b3:ee:5c:6d:
         2e:dd:71:82:1b:9e:fe:b0:77:7b:19:76:bb:5d:61:3f:29:8b:
         a3:96:42:fe:e5:c7:4b:1e:fc:47:dc:52:25:09:b6:3e:88:bb:
         2b:ac:25:d7:1b:f2:0c:e5:8c:d2:f3:55:23:ae:91:43:de:1e:
         5c:af:ba:d5:9e:d9:e8:44:ac:a8:43:6e:da:0c:f5:ad:79:f2:
         2e:59:f9:06:2c:c8:7f:63:b5:57:00:47:7f:ea:e4:6e:72:ac:
         89:a0:2c:1b:0f:ad:de:42:fd:b7:7f:a0:51:cc:22:d3:64:d0:
         8c:8f:4f:4a:80:e8:24:6c:95:02:7d:b4:23:36:bd:c8:19:c0:
         cc:15:ab:9e:95:9f:47:bf:f6:9a:d8:d5:4f:ad:14:8d:3a:3b:
         61:73:c1:0c:f5:6e:7e:d6:5a:47:62:04:d6:03:83:7b:60:12:
         db:18:ec:f1:84:f2:00:24:a3:75:f1:92:f4:62:cd:26:9f:dd:
         a2:a1:37:fc:af:dd:19:56:6c:4e:e1:5b:a1:cd:3b:df:b2:b1:
         e8:3a:3a:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1/DZnGGi5BwHn8tLrMJdMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYzQxM2RkMzY2N2U3ODE5NWU1MjY4YWEyODVhZWE1MTZi
Y2IxOTkwHhcNMjUwNjI4MTAwMTM0WhcNMjUwNjI5MTAwMTM0WjAzMTEwLwYDVQQD
Eyg1NmJhZDgzYjNlODFjZmYzYjMwM2M2ZDdmZmUzMGZhMzA0MjYwMTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5F/Ao32fY/34XBtS6Fuj2/hTQHmG
s4F0cfvkuu+plvdCmGzILJFpb/GUFq3yoTi0bGx6wlNd3Q/IJwiGgb40xrEsbn+U
PqnX/2CxGkcx03KsrtrOLaN/4jRnPRAvu+KBIs5hel3NbE4VObLbVeRsIrdSc2dZ
xh6bzWXRNjy61g17QkT5NbTOCaXAqNBVK1JnOVXlKszVtr4qwSsVjQ6vB2Ou06FB
R1e5A0gTEBqnoUzYXW4kngrJVsufWrumu2IX0RKyI0cfM3ZTRj3fKS6bvq3lMr9Q
nm2DFBCU3ByqQ5jJGF5velEFpPoS788bfIa6GKBU400JKy3yfrLs/sh/2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFa62Ds+gc/zswPG1//jD6MEJgEZMB8GA1UdIwQY
MBaAFP7EE902Z+eBleUmiqKFrqUWvLGZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3NRVDNUWm41NEdWNVNhS29vV3VwUmE4c1prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9iMTk1ZTctYjgwNC00NTk0LTk2NWUt
M2ZkMTRiOTM2ZWI0LzEvX3NRVDNUWm41NEdWNVNhS29vV3VwUmE4c1prLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9iMTk1ZTctYjgwNC00NTk0LTk2NWUtM2ZkMTRiOTM2ZWI0
LzEvX3NRVDNUWm41NEdWNVNhS29vV3VwUmE4c1prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf/AzoGbz
nRmbWknWVLDq7KOngQTg/h5Zshgf+TtY+jm0oqpw0+s2S0HL2NXrk3necG6z7lxt
Lt1xghue/rB3exl2u11hPymLo5ZC/uXHSx78R9xSJQm2Poi7K6wl1xvyDOWM0vNV
I66RQ94eXK+61Z7Z6ESsqENu2gz1rXnyLln5BizIf2O1VwBHf+rkbnKsiaAsGw+t
3kL9t3+gUcwi02TQjI9PSoDoJGyVAn20Iza9yBnAzBWrnpWfR7/2mtjVT60UjTo7
YXPBDPVuftZaR2IE1gODe2AS2xjs8YTyACSjdfGS9GLNJp/doqE3/K/dGVZsTuFb
oc0737Kx6Do6WQ==
-----END CERTIFICATE-----