Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
File:                     3XzvizrZIDFjCqyiJqntebpgVYY.mft (raw, json)
Hash identifier:          fjMDFrSZ4l1fRINC3DfIjGwx3qiuWXeVWLzcGVVY5Tg=
Subject key identifier:   C3:D3:DF:FC:86:CB:3C:8E:4D:7D:0C:07:B4:D2:72:1E:5C:BF:02:F8
Authority key identifier: DD:7C:EF:8B:3A:D9:20:31:63:0A:AC:A2:26:A9:ED:79:BA:60:55:86
Certificate issuer:       /CN=dd7cef8b3ad92031630aaca226a9ed79ba605586
Certificate serial:       0197B5C50709A5D50E6E7E7D5B94B6A96CC7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
Manifest number:          011B
Signing time:             Sat 28 Jun 2025 09:01:17 +0000
Manifest this update:     Sat 28 Jun 2025 09:01:17 +0000
Manifest next update:     Sun 29 Jun 2025 09:01:17 +0000
Files and hashes:         1: 3XzvizrZIDFjCqyiJqntebpgVYY.crl (hash: tqPiyXBqi/Ab+HEikAEIxTtKhaG8rME8oQwDwJrWmLU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 09:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:c5:07:09:a5:d5:0e:6e:7e:7d:5b:94:b6:a9:6c:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd7cef8b3ad92031630aaca226a9ed79ba605586
        Validity
            Not Before: Jun 28 09:01:17 2025 GMT
            Not After : Jun 29 09:01:17 2025 GMT
        Subject: CN=c3d3dffc86cb3c8e4d7d0c07b4d2721e5cbf02f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:42:a5:eb:80:62:3b:d0:2e:be:de:8c:f2:98:
                    eb:92:00:2a:ae:3d:da:2c:c8:a2:44:d8:85:4d:1b:
                    8d:53:a4:fb:ba:79:62:18:18:ce:e8:3b:71:77:de:
                    3c:78:b2:37:11:03:ae:27:64:e5:36:4b:11:85:e2:
                    37:c9:97:a1:a1:1c:c3:86:b3:42:a6:cc:ae:9f:40:
                    e7:ed:ef:16:e5:b3:c4:43:00:6c:f3:87:c0:bd:69:
                    c0:1c:c5:fb:a8:46:40:ef:0d:1c:63:58:b7:33:c4:
                    a7:fa:4a:40:6e:48:22:40:f8:ce:36:f8:38:a6:da:
                    ce:57:12:09:8a:a6:1c:0f:6d:07:de:89:4d:ea:dd:
                    4a:4c:9b:26:ac:08:71:37:63:3b:63:cc:29:2c:43:
                    52:ba:29:92:fd:fb:59:9c:92:cc:3f:ba:d2:cf:a4:
                    06:3e:2e:0f:fa:29:1f:0a:f9:91:47:c1:ca:c9:97:
                    75:56:a1:eb:bf:50:b3:4a:a8:7a:31:bc:1b:3d:6e:
                    e5:08:8d:e2:b5:07:6b:98:3b:8d:f4:c8:03:e2:d9:
                    65:4e:15:10:99:3e:7c:d7:a3:f0:d3:82:28:14:63:
                    85:60:f2:90:5f:72:84:cf:0a:75:75:30:48:09:89:
                    97:55:41:4b:37:95:69:22:32:96:2d:cb:47:ab:e1:
                    2e:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:D3:DF:FC:86:CB:3C:8E:4D:7D:0C:07:B4:D2:72:1E:5C:BF:02:F8
            X509v3 Authority Key Identifier:
                keyid:DD:7C:EF:8B:3A:D9:20:31:63:0A:AC:A2:26:A9:ED:79:BA:60:55:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:7a:95:fa:30:b0:80:08:e7:f0:7d:3b:e8:62:e3:b1:7b:76:
         c7:81:6d:93:d6:68:e7:d7:b0:b0:bd:99:3b:9b:61:fa:4f:12:
         84:66:96:80:a6:d2:a4:89:14:86:27:74:01:04:57:23:0d:20:
         a2:74:d8:a5:6b:f4:3c:9c:49:e6:12:9a:8b:56:38:b0:53:ed:
         8a:95:18:ce:0c:e9:18:8f:6a:80:45:ec:3c:65:04:af:ec:aa:
         eb:21:07:5b:14:89:5f:de:28:33:e3:2d:db:a1:14:da:57:f9:
         24:09:7a:3d:61:4b:59:83:63:58:80:bc:3c:75:3a:84:ed:0d:
         77:a3:cd:65:82:f1:95:aa:23:c0:f4:67:a6:a4:5e:e6:a8:92:
         ef:21:0b:56:00:49:33:ce:4a:5e:2f:4f:6e:bb:ec:e2:17:18:
         27:d4:b9:b2:bc:d4:68:cc:47:77:eb:50:ec:3a:a5:cc:9c:43:
         98:2a:db:cb:dd:76:e2:5d:18:e7:cb:cd:88:82:55:70:d6:32:
         d2:43:5a:a9:e5:71:69:5a:af:13:9c:ec:51:3e:7d:b6:37:32:
         e2:e8:f6:5e:4a:b9:e2:0d:9d:a5:da:31:2f:0d:8d:29:7c:a4:
         bf:f0:6a:0e:b5:7b:bc:c8:5b:91:d4:fc:8a:c4:b4:df:fb:6f:
         a9:cf:ea:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1xQcJpdUObn59W5S2qWzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkN2NlZjhiM2FkOTIwMzE2MzBhYWNhMjI2YTllZDc5YmE2
MDU1ODYwHhcNMjUwNjI4MDkwMTE3WhcNMjUwNjI5MDkwMTE3WjAzMTEwLwYDVQQD
EyhjM2QzZGZmYzg2Y2IzYzhlNGQ3ZDBjMDdiNGQyNzIxZTVjYmYwMmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUKl64BiO9Auvt6M8pjrkgAqrj3a
LMiiRNiFTRuNU6T7unliGBjO6Dtxd948eLI3EQOuJ2TlNksRheI3yZehoRzDhrNC
psyun0Dn7e8W5bPEQwBs84fAvWnAHMX7qEZA7w0cY1i3M8Sn+kpAbkgiQPjONvg4
ptrOVxIJiqYcD20H3olN6t1KTJsmrAhxN2M7Y8wpLENSuimS/ftZnJLMP7rSz6QG
Pi4P+ikfCvmRR8HKyZd1VqHrv1CzSqh6MbwbPW7lCI3itQdrmDuN9MgD4tllThUQ
mT5816Pw04IoFGOFYPKQX3KEzwp1dTBICYmXVUFLN5VpIjKWLctHq+EutQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMPT3/yGyzyOTX0MB7TSch5cvwL4MB8GA1UdIwQY
MBaAFN1874s62SAxYwqsoiap7Xm6YFWGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xZDk4YjAtNGE0ZC00MTkwLWJkODUt
MzcyZjY1ZDk5YTlmLzEvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xZDk4YjAtNGE0ZC00MTkwLWJkODUtMzcyZjY1ZDk5YTlm
LzEvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK3qV+jCw
gAjn8H076GLjsXt2x4Ftk9Zo59ewsL2ZO5th+k8ShGaWgKbSpIkUhid0AQRXIw0g
onTYpWv0PJxJ5hKai1Y4sFPtipUYzgzpGI9qgEXsPGUEr+yq6yEHWxSJX94oM+Mt
26EU2lf5JAl6PWFLWYNjWIC8PHU6hO0Nd6PNZYLxlaojwPRnpqRe5qiS7yELVgBJ
M85KXi9Pbrvs4hcYJ9S5srzUaMxHd+tQ7DqlzJxDmCrby9124l0Y58vNiIJVcNYy
0kNaqeVxaVqvE5zsUT59tjcy4uj2Xkq54g2dpdoxLw2NKXykv/BqDrV7vMhbkdT8
isS03/tvqc/qYw==
-----END CERTIFICATE-----