Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft
File:                     g-3hynyzX11h-NWctQNumT6kO3A.mft (raw, json)
Hash identifier:          1mCL6jdYjZXDo8Z6IMh1BLdPKf466zQJGid6SArsZx0=
Subject key identifier:   FB:5E:CC:B5:EE:66:1C:01:F2:30:29:E3:6F:D1:5F:67:82:5B:B2:80
Authority key identifier: 83:ED:E1:CA:7C:B3:5F:5D:61:F8:D5:9C:B5:03:6E:99:3E:A4:3B:70
Certificate issuer:       /CN=83ede1ca7cb35f5d61f8d59cb5036e993ea43b70
Certificate serial:       0197BA7EC1CB510AF2C6D94A1DB33B052D43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g-3hynyzX11h-NWctQNumT6kO3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft
Manifest number:          0DDE
Signing time:             Sun 29 Jun 2025 07:02:38 +0000
Manifest this update:     Sun 29 Jun 2025 07:02:38 +0000
Manifest next update:     Mon 30 Jun 2025 07:02:38 +0000
Files and hashes:         1: g-3hynyzX11h-NWctQNumT6kO3A.crl (hash: 70xFf+tM28IHzyJ6yHhrUnPL4rvYxpg+kjVRHzqN0J4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/g-3hynyzX11h-NWctQNumT6kO3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:7e:c1:cb:51:0a:f2:c6:d9:4a:1d:b3:3b:05:2d:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83ede1ca7cb35f5d61f8d59cb5036e993ea43b70
        Validity
            Not Before: Jun 29 07:02:38 2025 GMT
            Not After : Jun 30 07:02:38 2025 GMT
        Subject: CN=fb5eccb5ee661c01f23029e36fd15f67825bb280
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:78:91:a2:24:48:d4:72:47:61:7d:73:f1:9f:
                    0b:c0:5f:2e:29:ec:58:b3:dd:36:11:01:d2:a3:c1:
                    e9:f3:be:9d:19:ee:eb:79:85:bc:c0:f9:10:99:35:
                    ab:0d:81:5f:8e:48:78:37:f0:2d:51:20:9b:f7:cd:
                    0d:da:0b:52:e2:5e:31:97:69:d9:0c:68:2a:8e:e2:
                    2b:94:b8:27:41:c6:b4:68:e0:21:26:bf:c1:5e:54:
                    6b:32:46:a6:7e:23:2f:0f:f5:07:9a:ce:18:c3:3a:
                    32:73:b9:fa:74:df:9a:ca:db:74:93:c5:17:e0:f8:
                    c0:39:a7:b9:1c:4f:62:91:11:d9:bf:d3:91:0b:73:
                    6e:37:ba:3f:88:93:9e:92:fe:7c:71:40:b4:53:f6:
                    d8:b3:ba:11:be:d5:2b:50:14:9f:17:42:b5:10:5c:
                    11:c4:47:0b:35:13:19:75:5f:05:c2:91:03:ca:96:
                    a7:1c:e1:fb:c6:e4:30:47:6d:d1:ad:02:e6:42:0f:
                    1c:07:28:ff:be:83:0a:6a:6a:b2:e6:33:8b:33:03:
                    29:1d:74:8f:33:d7:7b:c6:ab:a8:24:e0:78:17:14:
                    d0:01:6e:97:2c:38:e1:e9:31:b1:34:bf:88:49:ea:
                    93:9c:34:0e:25:bf:7d:34:0c:f5:c3:d4:bf:75:04:
                    a2:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:5E:CC:B5:EE:66:1C:01:F2:30:29:E3:6F:D1:5F:67:82:5B:B2:80
            X509v3 Authority Key Identifier:
                keyid:83:ED:E1:CA:7C:B3:5F:5D:61:F8:D5:9C:B5:03:6E:99:3E:A4:3B:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g-3hynyzX11h-NWctQNumT6kO3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:c0:b4:b6:f8:ba:ba:82:77:99:b0:e4:e8:22:66:5d:94:c5:
         ae:7f:20:a0:d6:39:b0:53:23:f7:63:24:dd:dd:24:de:72:f7:
         56:c6:79:2a:df:e9:9b:f6:2e:50:1e:d8:65:69:2b:91:c5:f2:
         a6:2c:f6:e5:d0:53:e3:4e:1a:42:04:e2:6c:e3:c0:82:bd:a5:
         d8:bc:b3:48:1a:29:27:34:ec:8d:43:b9:b4:ea:0e:cd:c9:9c:
         9e:e6:33:87:90:d3:9f:23:b8:c4:a1:f6:b0:a4:63:8a:e0:a3:
         65:97:5d:39:30:fb:c7:d9:22:58:43:33:c5:3d:cc:be:4c:c8:
         02:e2:ab:c3:62:97:63:d1:24:01:cb:5c:88:5b:4b:d5:5f:17:
         44:af:0e:2b:0e:8a:df:e1:77:c1:74:4a:06:b0:46:fd:6e:5a:
         9c:83:98:cf:fc:73:d3:f9:c8:ff:11:5a:86:91:e2:67:49:43:
         96:3f:5a:3b:64:fe:a5:ec:7d:6b:28:c6:06:dc:30:5b:ef:9b:
         6c:3f:78:54:2a:ef:e4:92:33:47:c3:14:48:87:23:a5:36:5e:
         26:51:08:b4:ea:3a:e0:f2:26:f9:09:d9:5f:1a:e0:4c:4e:74:
         ed:b5:ca:05:1c:43:eb:be:0a:10:4c:a2:ac:da:08:20:d9:63:
         dd:42:10:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6fsHLUQryxtlKHbM7BS1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZWRlMWNhN2NiMzVmNWQ2MWY4ZDU5Y2I1MDM2ZTk5M2Vh
NDNiNzAwHhcNMjUwNjI5MDcwMjM4WhcNMjUwNjMwMDcwMjM4WjAzMTEwLwYDVQQD
EyhmYjVlY2NiNWVlNjYxYzAxZjIzMDI5ZTM2ZmQxNWY2NzgyNWJiMjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHiRoiRI1HJHYX1z8Z8LwF8uKexY
s902EQHSo8Hp876dGe7reYW8wPkQmTWrDYFfjkh4N/AtUSCb980N2gtS4l4xl2nZ
DGgqjuIrlLgnQca0aOAhJr/BXlRrMkamfiMvD/UHms4Ywzoyc7n6dN+aytt0k8UX
4PjAOae5HE9ikRHZv9ORC3NuN7o/iJOekv58cUC0U/bYs7oRvtUrUBSfF0K1EFwR
xEcLNRMZdV8FwpEDypanHOH7xuQwR23RrQLmQg8cByj/voMKamqy5jOLMwMpHXSP
M9d7xquoJOB4FxTQAW6XLDjh6TGxNL+ISeqTnDQOJb99NAz1w9S/dQSifwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPtezLXuZhwB8jAp42/RX2eCW7KAMB8GA1UdIwQY
MBaAFIPt4cp8s19dYfjVnLUDbpk+pDtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZy0zaHlueXpYMTFoLU5XY3RRTnVtVDZrTzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9mM2ViMTktODVlZS00ODdmLWFkMTIt
OGIzNjYwZWQ1ZWQwLzEvZy0zaHlueXpYMTFoLU5XY3RRTnVtVDZrTzNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9mM2ViMTktODVlZS00ODdmLWFkMTItOGIzNjYwZWQ1ZWQw
LzEvZy0zaHlueXpYMTFoLU5XY3RRTnVtVDZrTzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXcC0tvi6
uoJ3mbDk6CJmXZTFrn8goNY5sFMj92Mk3d0k3nL3VsZ5Kt/pm/YuUB7YZWkrkcXy
piz25dBT404aQgTibOPAgr2l2LyzSBopJzTsjUO5tOoOzcmcnuYzh5DTnyO4xKH2
sKRjiuCjZZddOTD7x9kiWEMzxT3MvkzIAuKrw2KXY9EkActciFtL1V8XRK8OKw6K
3+F3wXRKBrBG/W5anIOYz/xz0/nI/xFahpHiZ0lDlj9aO2T+pex9ayjGBtwwW++b
bD94VCrv5JIzR8MUSIcjpTZeJlEItOo64PIm+QnZXxrgTE507bXKBRxD674KEEyi
rNoIINlj3UIQ2w==
-----END CERTIFICATE-----