Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
File:                     3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json)
Hash identifier:          hNn6eTRpGo/e5FLoVdtqvsi6oefZUYvSgOidHDPDBPw=
Subject key identifier:   91:B9:F8:BD:10:17:D6:DE:AA:96:F4:1F:45:61:B3:06:0A:2E:03:BE
Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9
Certificate issuer:       /CN=dd1738311581228ad28753944be8bcf2169faba9
Certificate serial:       01977308721BA9C7DDDC1DD333B8EF163A58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
Manifest number:          0D33
Signing time:             Sun 15 Jun 2025 10:00:22 +0000
Manifest this update:     Sun 15 Jun 2025 10:00:22 +0000
Manifest next update:     Mon 16 Jun 2025 10:00:22 +0000
Files and hashes:         1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: J/KkXsQR1Th1mShweO/+Y2oWj/yER61iw+PSMicPjQk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:73:08:72:1b:a9:c7:dd:dc:1d:d3:33:b8:ef:16:3a:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9
        Validity
            Not Before: Jun 15 10:00:22 2025 GMT
            Not After : Jun 16 10:00:22 2025 GMT
        Subject: CN=91b9f8bd1017d6deaa96f41f4561b3060a2e03be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:a8:f6:6c:61:32:23:44:db:c5:a1:15:39:d9:
                    9a:c7:80:fc:01:78:69:da:a2:0d:b7:86:ba:29:50:
                    fa:09:e6:d2:32:e7:6d:0e:3f:3c:2f:ff:71:8b:c4:
                    42:58:de:96:33:18:9e:f1:5c:43:a7:f4:ac:0e:12:
                    e5:87:73:b6:72:68:ce:54:06:54:7c:38:4f:81:76:
                    16:51:d6:eb:1c:fb:ee:92:6c:4e:00:ec:0e:87:d5:
                    f1:77:00:e1:1b:74:60:fc:9e:0b:f6:8c:b8:7e:64:
                    d0:3c:48:37:91:7c:c1:87:55:83:1a:89:bb:4b:21:
                    46:23:b2:d5:f9:71:26:d2:09:6a:7e:e8:b2:13:ab:
                    a3:df:b6:61:e8:1b:ce:7c:1e:2a:8b:1e:79:b1:6f:
                    23:ca:2a:22:09:ef:9f:08:e8:57:4e:ec:6d:d5:57:
                    6a:23:cc:9e:d0:d0:e6:65:b1:ee:2a:8d:da:26:2d:
                    ec:97:4d:ce:f3:a0:21:a5:34:6c:4c:45:96:71:8c:
                    9f:f2:b3:7c:f4:30:a2:1b:16:fd:3e:f3:64:a6:40:
                    e8:cc:c3:60:17:16:92:9a:ed:dd:f2:92:88:e8:79:
                    48:7b:56:55:27:69:3d:18:b7:f2:c8:62:de:06:af:
                    57:53:21:11:db:6f:c6:07:2c:2b:30:aa:0e:b0:9e:
                    8a:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:B9:F8:BD:10:17:D6:DE:AA:96:F4:1F:45:61:B3:06:0A:2E:03:BE
            X509v3 Authority Key Identifier:
                keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:36:69:d4:39:44:46:e4:ec:08:5f:24:a3:19:fa:2c:87:a1:
         02:35:65:08:a6:14:25:41:1b:f3:43:3b:9e:75:4b:74:ba:3b:
         bd:85:17:03:7b:75:d8:47:ce:cf:c0:52:4d:b4:c2:7b:a0:1e:
         8a:f6:c8:77:36:9f:71:25:b9:02:bd:12:0b:d8:64:20:a6:f2:
         50:f4:4f:48:92:29:6b:47:d1:44:e7:ba:94:be:93:9e:7e:ca:
         13:78:ec:02:b7:3c:38:a9:ff:85:47:90:27:ca:10:b6:4a:d3:
         61:b2:5a:90:d3:a7:1e:a1:00:ff:6f:40:f7:36:e4:36:cb:4b:
         cc:7c:c9:d6:14:d2:08:a4:37:0b:46:86:18:ca:c7:ad:a4:c6:
         ef:62:43:40:8f:f8:3d:d3:55:c7:79:f6:3e:e6:bf:99:79:6b:
         0d:49:13:ca:25:73:c5:1f:de:4c:c5:a1:f5:1f:fa:88:2e:11:
         4e:98:77:42:5d:56:eb:4c:8f:a8:2d:27:ae:a2:89:c3:fd:77:
         f6:ed:14:93:33:c9:86:c3:49:4f:a4:7b:24:c4:d6:e3:78:7b:
         4f:d4:c6:12:72:5c:c1:5c:87:ab:b4:60:79:03:1e:95:5c:ea:
         40:51:9c:5c:bd:72:06:4c:ef:f3:e9:c6:d2:c5:9e:00:f8:91:
         3d:53:14:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdzCHIbqcfd3B3TM7jvFjpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5
ZmFiYTkwHhcNMjUwNjE1MTAwMDIyWhcNMjUwNjE2MTAwMDIyWjAzMTEwLwYDVQQD
Eyg5MWI5ZjhiZDEwMTdkNmRlYWE5NmY0MWY0NTYxYjMwNjBhMmUwM2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKj2bGEyI0TbxaEVOdmax4D8AXhp
2qINt4a6KVD6CebSMudtDj88L/9xi8RCWN6WMxie8VxDp/SsDhLlh3O2cmjOVAZU
fDhPgXYWUdbrHPvukmxOAOwOh9XxdwDhG3Rg/J4L9oy4fmTQPEg3kXzBh1WDGom7
SyFGI7LV+XEm0glqfuiyE6uj37Zh6BvOfB4qix55sW8jyioiCe+fCOhXTuxt1Vdq
I8ye0NDmZbHuKo3aJi3sl03O86AhpTRsTEWWcYyf8rN89DCiGxb9PvNkpkDozMNg
FxaSmu3d8pKI6HlIe1ZVJ2k9GLfyyGLeBq9XUyER22/GBywrMKoOsJ6KawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJG5+L0QF9beqpb0H0VhswYKLgO+MB8GA1UdIwQY
MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt
YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm
LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGjZp1DlE
RuTsCF8koxn6LIehAjVlCKYUJUEb80M7nnVLdLo7vYUXA3t12EfOz8BSTbTCe6Ae
ivbIdzafcSW5Ar0SC9hkIKbyUPRPSJIpa0fRROe6lL6Tnn7KE3jsArc8OKn/hUeQ
J8oQtkrTYbJakNOnHqEA/29A9zbkNstLzHzJ1hTSCKQ3C0aGGMrHraTG72JDQI/4
PdNVx3n2Pua/mXlrDUkTyiVzxR/eTMWh9R/6iC4RTph3Ql1W60yPqC0nrqKJw/13
9u0UkzPJhsNJT6R7JMTW43h7T9TGEnJcwVyHq7RgeQMelVzqQFGcXL1yBkzv8+nG
0sWeAPiRPVMUHA==
-----END CERTIFICATE-----