Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
File:                     3frtS0AyNuLKi-twkcug4GpUPQo.mft (raw, json)
Hash identifier:          ZRxtObt1fTi5XY4r1t3siIjcrK3YQTbHDPrWXow4YUA=
Subject key identifier:   59:53:BB:E1:AA:9B:80:1D:FA:8A:99:68:9E:51:5C:BF:FF:E8:D8:D9
Authority key identifier: DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A
Certificate issuer:       /CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a
Certificate serial:       0197B6A220E455C6F1C33B26EA099AB9863B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
Manifest number:          F8
Signing time:             Sat 28 Jun 2025 13:02:47 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:47 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:47 +0000
Files and hashes:         1: 3frtS0AyNuLKi-twkcug4GpUPQo.crl (hash: lIi8ADEESruuqRPD8+cm2O6ht7MmdaqYdQKwUrdE71w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a2:20:e4:55:c6:f1:c3:3b:26:ea:09:9a:b9:86:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a
        Validity
            Not Before: Jun 28 13:02:47 2025 GMT
            Not After : Jun 29 13:02:47 2025 GMT
        Subject: CN=5953bbe1aa9b801dfa8a99689e515cbfffe8d8d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:7c:3f:59:88:f3:52:e6:c0:6a:f3:03:06:92:
                    24:8c:27:62:43:2a:25:b7:2f:a1:32:b6:15:65:da:
                    80:ee:88:64:f8:ec:64:3f:7d:28:7a:84:9f:f4:b8:
                    9f:5e:56:12:74:2b:49:a7:97:81:f5:65:31:49:d9:
                    76:5e:6c:0f:0f:f5:12:e3:cc:f6:9d:4f:e5:17:6e:
                    e5:16:82:bc:04:10:45:53:fe:bb:64:9c:c2:02:50:
                    4a:54:a6:08:5e:e4:af:ba:b3:1c:95:ab:d5:3f:a8:
                    20:90:77:91:de:99:95:a3:e7:70:fc:13:a5:e3:2b:
                    fd:f3:7e:2f:08:a5:34:f4:c9:33:2a:81:df:8c:fc:
                    c2:2f:49:dc:c0:f5:d6:8d:15:8d:87:ca:06:b7:74:
                    4f:de:2c:73:df:ed:2e:ff:37:6f:75:2a:98:09:72:
                    7a:29:53:49:57:de:e9:67:fa:40:76:6b:b2:1b:c8:
                    62:e4:6e:ff:55:2f:01:e8:f3:3a:46:c3:a2:89:33:
                    9b:04:c4:b4:5e:3d:df:46:e0:0a:d4:f9:c1:ef:b2:
                    ce:22:c3:bd:cd:b0:82:f0:a5:20:cd:f8:22:77:b9:
                    7d:6b:05:6e:53:b2:37:b5:40:f3:70:6f:f7:b8:ec:
                    b5:c4:f7:a1:d4:1d:f5:0a:ef:88:c8:fc:8b:9b:3e:
                    34:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:53:BB:E1:AA:9B:80:1D:FA:8A:99:68:9E:51:5C:BF:FF:E8:D8:D9
            X509v3 Authority Key Identifier:
                keyid:DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:0d:14:50:c6:e1:0a:2c:70:74:81:c3:3a:49:3a:93:9c:ea:
         d6:a5:e1:21:56:ac:c4:02:3d:a5:0c:3d:3c:4d:e6:63:fd:75:
         72:06:c0:31:2d:a5:70:7a:fb:e4:8d:ae:7a:a2:24:12:98:61:
         50:d3:74:74:88:67:35:36:ec:a0:43:43:cf:f5:f3:b4:d9:f1:
         33:c1:e0:4e:11:30:6c:b1:af:c3:7d:82:2e:b9:8f:8e:e9:9b:
         91:b8:dd:55:c4:66:9f:e0:4b:fa:9f:1e:4a:e1:c6:63:76:d1:
         7e:95:52:42:83:6f:69:93:58:1c:7e:e9:c2:04:0b:db:e1:a7:
         c6:0b:4d:37:c7:36:40:d2:52:2b:ee:52:ce:29:0d:3d:4b:81:
         90:64:e6:f4:12:9e:e9:18:08:75:a6:21:46:33:35:cb:e8:0f:
         d3:51:cf:d6:4f:dc:4f:f9:5a:f8:a5:e5:80:43:57:4a:f9:cb:
         e0:dc:ee:74:6c:9f:e6:82:87:a3:58:69:c6:d7:37:75:8d:ba:
         62:e6:76:e8:b9:9c:bb:69:9a:e3:6c:5b:9b:f9:06:12:ff:bb:
         1f:5d:e8:98:80:c2:69:76:bb:a7:40:06:54:be:39:32:f7:1b:
         22:94:25:c9:04:62:fb:3e:2c:62:75:1e:ca:a4:88:df:04:82:
         10:b9:17:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oiDkVcbxwzsm6gmauYY7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZmFlZDRiNDAzMjM2ZTJjYThiZWI3MDkxY2JhMGUwNmE1
NDNkMGEwHhcNMjUwNjI4MTMwMjQ3WhcNMjUwNjI5MTMwMjQ3WjAzMTEwLwYDVQQD
Eyg1OTUzYmJlMWFhOWI4MDFkZmE4YTk5Njg5ZTUxNWNiZmZmZThkOGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13w/WYjzUubAavMDBpIkjCdiQyol
ty+hMrYVZdqA7ohk+OxkP30oeoSf9LifXlYSdCtJp5eB9WUxSdl2XmwPD/US48z2
nU/lF27lFoK8BBBFU/67ZJzCAlBKVKYIXuSvurMclavVP6ggkHeR3pmVo+dw/BOl
4yv9834vCKU09MkzKoHfjPzCL0ncwPXWjRWNh8oGt3RP3ixz3+0u/zdvdSqYCXJ6
KVNJV97pZ/pAdmuyG8hi5G7/VS8B6PM6RsOiiTObBMS0Xj3fRuAK1PnB77LOIsO9
zbCC8KUgzfgid7l9awVuU7I3tUDzcG/3uOy1xPeh1B31Cu+IyPyLmz407QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFlTu+Gqm4Ad+oqZaJ5RXL//6NjZMB8GA1UdIwQY
MBaAFN367UtAMjbiyovrcJHLoOBqVD0KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEt
YjkzN2QxMjA1YWIxLzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEtYjkzN2QxMjA1YWIx
LzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlg0UUMbh
CixwdIHDOkk6k5zq1qXhIVasxAI9pQw9PE3mY/11cgbAMS2lcHr75I2ueqIkEphh
UNN0dIhnNTbsoENDz/XztNnxM8HgThEwbLGvw32CLrmPjumbkbjdVcRmn+BL+p8e
SuHGY3bRfpVSQoNvaZNYHH7pwgQL2+GnxgtNN8c2QNJSK+5SzikNPUuBkGTm9BKe
6RgIdaYhRjM1y+gP01HP1k/cT/la+KXlgENXSvnL4NzudGyf5oKHo1hpxtc3dY26
YuZ26Lmcu2ma42xbm/kGEv+7H13omIDCaXa7p0AGVL45MvcbIpQlyQRi+z4sYnUe
yqSI3wSCELkXQw==
-----END CERTIFICATE-----