Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          1wkn31BGa32rIV/xwslCBUp5uJ6urXl4kR36XbU5t1g=
Subject key identifier:   50:5D:91:0F:6D:9A:14:E9:70:14:6A:9D:30:07:7E:F3:3D:B6:A8:D1
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       0197BA7F0BC56AC1FF2E47A344434FE92675
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          1026
Signing time:             Sun 29 Jun 2025 07:02:57 +0000
Manifest this update:     Sun 29 Jun 2025 07:02:57 +0000
Manifest next update:     Mon 30 Jun 2025 07:02:57 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: w2DkWCj9aEH3ypEJvCbSwGUb5YwNeYCWcqT9oHcaANw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:7f:0b:c5:6a:c1:ff:2e:47:a3:44:43:4f:e9:26:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: Jun 29 07:02:57 2025 GMT
            Not After : Jun 30 07:02:57 2025 GMT
        Subject: CN=505d910f6d9a14e970146a9d30077ef33db6a8d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:eb:ca:03:d8:80:90:fd:78:e2:23:dc:b4:f2:
                    e1:91:81:cb:54:4f:a6:5f:a3:8b:db:b0:1b:d2:3e:
                    b8:86:f8:a6:2f:6b:7f:6e:f8:7e:b7:62:c9:25:93:
                    41:75:f2:51:87:e6:9c:59:75:cf:a8:dc:27:84:1d:
                    67:65:12:43:7a:ad:b1:49:19:18:00:15:50:7b:00:
                    29:a0:fd:9d:56:4d:83:d1:47:bc:8e:4a:56:b1:91:
                    1a:77:f6:f6:91:34:7f:f5:f3:09:3f:d6:d5:44:4b:
                    2d:00:6a:d6:95:43:05:11:1c:fa:32:69:3e:ad:d4:
                    fd:83:30:07:ff:cf:e7:e2:9c:7f:dd:eb:1a:f9:e5:
                    d7:48:d0:cc:55:47:d4:4a:f3:ff:9d:6f:1e:18:40:
                    c0:82:ca:30:b5:1b:be:88:ac:91:a4:ff:c0:2d:07:
                    64:ef:f3:39:11:70:a3:a3:81:dc:d7:a7:e8:99:3c:
                    cb:b0:3f:9b:8b:23:a2:f6:0e:ef:5b:3a:cf:b5:6b:
                    f4:59:72:0a:17:87:75:78:8a:05:4a:a7:3f:fa:e4:
                    ba:dc:25:87:37:df:b8:3c:80:0d:dd:6b:4b:0e:4f:
                    36:6c:a3:5a:c1:af:05:4e:bb:10:7c:2e:f0:99:f3:
                    d5:06:4e:90:90:48:d1:7e:2d:84:be:40:49:7c:fe:
                    19:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:5D:91:0F:6D:9A:14:E9:70:14:6A:9D:30:07:7E:F3:3D:B6:A8:D1
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:ae:6e:57:f1:0e:5a:3e:00:6e:40:8a:59:fb:75:7f:04:f7:
         ec:32:7f:72:88:58:0b:9c:ca:22:d2:7e:39:21:a1:94:84:1e:
         a5:66:68:4e:a5:39:cb:c0:4b:95:9c:74:49:06:61:e0:7f:fa:
         be:37:b1:82:12:4d:bf:e4:df:2e:ec:82:fe:ab:48:8a:0c:70:
         57:e0:1d:b1:1c:5a:dd:48:d1:95:89:8c:75:17:d5:96:41:e4:
         32:72:f2:16:28:af:0a:d5:1b:74:eb:ed:4a:c7:ce:a2:ff:e1:
         74:46:e7:bf:b2:60:a2:c3:14:f1:b6:b8:6d:e4:06:31:0a:c4:
         04:ff:fb:e0:7b:c8:34:3a:1d:8b:a0:22:6a:26:7d:51:60:d2:
         a8:f5:d5:e4:57:94:75:a3:63:9f:d8:b0:b7:9f:8b:99:cd:2f:
         27:38:9d:5b:51:0f:8a:eb:a6:55:6c:d2:2f:80:25:18:d1:3d:
         31:e2:ff:c7:44:e5:11:71:ba:38:ef:35:fa:6d:80:41:2f:31:
         d7:5d:52:19:ef:f4:26:af:88:e9:fc:c7:79:d0:9e:e9:a5:34:
         f4:d6:47:44:bd:cf:48:dd:25:a7:53:96:c6:3f:39:d5:4d:d3:
         78:d2:3c:08:e6:34:85:bb:54:ff:c3:0a:5c:cf:70:8e:15:08:
         d3:aa:c6:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6fwvFasH/LkejRENP6SZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjUwNjI5MDcwMjU3WhcNMjUwNjMwMDcwMjU3WjAzMTEwLwYDVQQD
Eyg1MDVkOTEwZjZkOWExNGU5NzAxNDZhOWQzMDA3N2VmMzNkYjZhOGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3evKA9iAkP144iPctPLhkYHLVE+m
X6OL27Ab0j64hvimL2t/bvh+t2LJJZNBdfJRh+acWXXPqNwnhB1nZRJDeq2xSRkY
ABVQewApoP2dVk2D0Ue8jkpWsZEad/b2kTR/9fMJP9bVREstAGrWlUMFERz6Mmk+
rdT9gzAH/8/n4px/3esa+eXXSNDMVUfUSvP/nW8eGEDAgsowtRu+iKyRpP/ALQdk
7/M5EXCjo4Hc16fomTzLsD+biyOi9g7vWzrPtWv0WXIKF4d1eIoFSqc/+uS63CWH
N9+4PIAN3WtLDk82bKNawa8FTrsQfC7wmfPVBk6QkEjRfi2EvkBJfP4Z+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFBdkQ9tmhTpcBRqnTAHfvM9tqjRMB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ65uV/EO
Wj4AbkCKWft1fwT37DJ/cohYC5zKItJ+OSGhlIQepWZoTqU5y8BLlZx0SQZh4H/6
vjexghJNv+TfLuyC/qtIigxwV+AdsRxa3UjRlYmMdRfVlkHkMnLyFiivCtUbdOvt
SsfOov/hdEbnv7JgosMU8ba4beQGMQrEBP/74HvINDodi6AiaiZ9UWDSqPXV5FeU
daNjn9iwt5+Lmc0vJzidW1EPiuumVWzSL4AlGNE9MeL/x0TlEXG6OO81+m2AQS8x
111SGe/0Jq+I6fzHedCe6aU09NZHRL3PSN0lp1OWxj851U3TeNI8COY0hbtU/8MK
XM9wjhUI06rGmg==
-----END CERTIFICATE-----