Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft
File:                     3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft (raw, json)
Hash identifier:          OIkGgaSfKTEgdoPsnKht6sSYxeb0TjhBpVi++w3Oxdk=
Subject key identifier:   93:E9:CC:93:46:FB:B7:38:96:61:F7:C8:C1:D1:27:DC:51:22:7A:18
Authority key identifier: DE:3D:3A:98:49:5C:27:B9:CE:35:0A:E5:B8:9F:99:14:4B:0A:4C:9D
Certificate issuer:       /CN=de3d3a98495c27b9ce350ae5b89f99144b0a4c9d
Certificate serial:       0197B745852B579F9F78BCD56D516BC06A38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3j06mElcJ7nONQrluJ-ZFEsKTJ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft
Manifest number:          0204
Signing time:             Sat 28 Jun 2025 16:01:16 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:16 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:16 +0000
Files and hashes:         1: 3j06mElcJ7nONQrluJ-ZFEsKTJ0.crl (hash: KDdsN/vvu2cbrY1hu9w6wxYzXBgmTRTqayRJ/H2AG5U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3j06mElcJ7nONQrluJ-ZFEsKTJ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 16:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:85:2b:57:9f:9f:78:bc:d5:6d:51:6b:c0:6a:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de3d3a98495c27b9ce350ae5b89f99144b0a4c9d
        Validity
            Not Before: Jun 28 16:01:16 2025 GMT
            Not After : Jun 29 16:01:16 2025 GMT
        Subject: CN=93e9cc9346fbb7389661f7c8c1d127dc51227a18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:1a:7b:fc:32:1c:e7:16:c9:ee:2d:03:e6:ec:
                    3f:4f:ea:2d:1a:13:ad:0b:71:7e:40:9f:f0:ea:c1:
                    2e:8d:f3:fb:9c:2e:5c:b0:66:f1:de:25:67:ff:2c:
                    0e:0b:28:b9:90:e3:25:87:ee:33:f4:5d:dd:37:76:
                    28:66:18:01:ee:ae:6c:f1:7b:5c:92:a7:43:03:62:
                    88:d1:e5:8d:08:80:73:3b:ec:3a:69:d7:9e:68:70:
                    1a:68:44:64:59:d9:09:6e:95:53:ff:b0:03:13:b7:
                    2e:8d:25:43:c3:45:97:53:e6:9d:88:62:2f:7c:24:
                    a8:a4:db:02:94:97:3b:ac:97:2d:cd:fd:b7:bb:09:
                    a4:0b:d0:c1:c6:bb:34:2b:ce:17:09:36:c7:a4:22:
                    81:d7:70:87:1f:88:f4:4c:c4:51:0d:b5:eb:53:c5:
                    72:4e:11:1e:2d:c4:36:6c:fb:c8:ef:c7:25:5b:cc:
                    b1:db:c8:51:3f:0e:ee:a9:76:4f:c9:02:31:1e:bc:
                    a2:51:e2:77:ae:9e:1c:a3:02:ce:64:eb:5f:26:1a:
                    2f:3b:3a:07:3c:79:bc:16:2e:62:65:0b:05:93:cf:
                    db:e5:56:e7:6c:5f:fa:46:bd:3b:da:d3:82:81:e9:
                    46:c7:de:4e:89:8b:66:9c:1a:8a:6e:25:10:9c:58:
                    42:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:E9:CC:93:46:FB:B7:38:96:61:F7:C8:C1:D1:27:DC:51:22:7A:18
            X509v3 Authority Key Identifier:
                keyid:DE:3D:3A:98:49:5C:27:B9:CE:35:0A:E5:B8:9F:99:14:4B:0A:4C:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3j06mElcJ7nONQrluJ-ZFEsKTJ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:55:02:65:9d:88:e6:9f:9e:ed:33:6a:b2:b7:44:17:3b:7f:
         99:00:80:6d:d9:6d:c5:89:01:cb:ed:13:b5:0e:cc:7f:63:6f:
         23:af:fd:c8:2e:7f:8a:da:84:dc:c3:0d:ed:11:5c:cf:de:fd:
         8f:0b:30:5c:3b:38:5a:74:83:c5:1f:bc:aa:a3:9d:a4:79:ad:
         49:68:39:b3:db:5e:7b:b0:c8:6b:fd:40:80:8d:51:39:52:55:
         e0:dc:c7:44:da:4e:49:41:5f:a4:f9:42:65:e8:d3:35:f5:c5:
         e9:81:6d:90:db:16:6e:ce:35:62:45:a9:82:4d:b6:e7:e5:73:
         92:a9:ab:c9:5c:9f:8e:78:c0:b1:10:0e:95:52:43:b3:b7:f4:
         a3:12:e3:5c:ce:9f:09:bc:88:26:50:1f:40:79:4b:33:f2:5c:
         50:ba:f2:df:ca:d2:c8:ed:c7:51:5a:d3:2a:33:cb:ee:4c:44:
         bc:af:70:98:e1:61:cc:67:5e:ac:66:16:94:fc:56:b7:d7:a4:
         3d:2f:66:e9:bf:ae:80:0f:d8:cf:34:3f:69:7c:35:5f:47:9f:
         f4:50:af:a9:9c:93:02:83:9d:b8:4c:20:64:20:ba:85:c7:89:
         24:ec:89:af:50:30:dc:d4:0d:0f:b9:4f:92:af:b1:65:f9:2b:
         e4:d9:78:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RYUrV5+feLzVbVFrwGo4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlM2QzYTk4NDk1YzI3YjljZTM1MGFlNWI4OWY5OTE0NGIw
YTRjOWQwHhcNMjUwNjI4MTYwMTE2WhcNMjUwNjI5MTYwMTE2WjAzMTEwLwYDVQQD
Eyg5M2U5Y2M5MzQ2ZmJiNzM4OTY2MWY3YzhjMWQxMjdkYzUxMjI3YTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBp7/DIc5xbJ7i0D5uw/T+otGhOt
C3F+QJ/w6sEujfP7nC5csGbx3iVn/ywOCyi5kOMlh+4z9F3dN3YoZhgB7q5s8Xtc
kqdDA2KI0eWNCIBzO+w6adeeaHAaaERkWdkJbpVT/7ADE7cujSVDw0WXU+adiGIv
fCSopNsClJc7rJctzf23uwmkC9DBxrs0K84XCTbHpCKB13CHH4j0TMRRDbXrU8Vy
ThEeLcQ2bPvI78clW8yx28hRPw7uqXZPyQIxHryiUeJ3rp4cowLOZOtfJhovOzoH
PHm8Fi5iZQsFk8/b5VbnbF/6Rr072tOCgelGx95OiYtmnBqKbiUQnFhCaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJPpzJNG+7c4lmH3yMHRJ9xRInoYMB8GA1UdIwQY
MBaAFN49OphJXCe5zjUK5bifmRRLCkydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2owNm1FbGNKN25PTlFybHVKLVpGRXNLVEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jYjQxMjctOGUwNi00N2Q5LWJkZjEt
Yzg4OGIyMDQ4OWZjLzEvM2owNm1FbGNKN25PTlFybHVKLVpGRXNLVEowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jYjQxMjctOGUwNi00N2Q5LWJkZjEtYzg4OGIyMDQ4OWZj
LzEvM2owNm1FbGNKN25PTlFybHVKLVpGRXNLVEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbFUCZZ2I
5p+e7TNqsrdEFzt/mQCAbdltxYkBy+0TtQ7Mf2NvI6/9yC5/itqE3MMN7RFcz979
jwswXDs4WnSDxR+8qqOdpHmtSWg5s9tee7DIa/1AgI1ROVJV4NzHRNpOSUFfpPlC
ZejTNfXF6YFtkNsWbs41YkWpgk225+VzkqmryVyfjnjAsRAOlVJDs7f0oxLjXM6f
CbyIJlAfQHlLM/JcULry38rSyO3HUVrTKjPL7kxEvK9wmOFhzGderGYWlPxWt9ek
PS9m6b+ugA/YzzQ/aXw1X0ef9FCvqZyTAoOduEwgZCC6hceJJOyJr1Aw3NQND7lP
kq+xZfkr5Nl4EQ==
-----END CERTIFICATE-----