Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
File:                     3DC4_dBG72WGgJfwNrinyFVyqtA.mft (raw, json)
Hash identifier:          3QRFtTHJi9SpsRVxDPlVLXRwWb+0JBT/ZWDhY9qJ1bE=
Subject key identifier:   02:13:B1:EB:AD:FC:91:B6:00:05:39:4E:B3:E0:68:CE:6E:F5:46:9B
Authority key identifier: DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0
Certificate issuer:       /CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
Certificate serial:       01976DAB8F420BB6EA23C7FB8357D52B751E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
Manifest number:          158C
Signing time:             Sat 14 Jun 2025 09:00:49 +0000
Manifest this update:     Sat 14 Jun 2025 09:00:49 +0000
Manifest next update:     Sun 15 Jun 2025 09:00:49 +0000
Files and hashes:         1: 3DC4_dBG72WGgJfwNrinyFVyqtA.crl (hash: robP5C1IC+J9t++Ftskmsk4meeJbmAvvt9OKlqIZF0U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:ab:8f:42:0b:b6:ea:23:c7:fb:83:57:d5:2b:75:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
        Validity
            Not Before: Jun 14 09:00:49 2025 GMT
            Not After : Jun 15 09:00:49 2025 GMT
        Subject: CN=0213b1ebadfc91b60005394eb3e068ce6ef5469b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:12:28:aa:60:08:36:91:57:75:97:98:93:c4:
                    6e:d3:88:3b:cd:fd:5f:9e:55:08:c8:02:f9:af:cb:
                    9d:01:b6:2b:da:db:c9:b9:d1:a5:93:53:70:8d:1f:
                    80:6c:22:84:5c:0a:b5:95:4c:8a:11:1d:69:71:bd:
                    23:15:93:05:1f:85:be:a7:51:5a:d6:9d:a5:22:77:
                    5e:d1:28:ee:1b:94:de:b0:74:11:f2:a5:ba:67:d5:
                    09:96:64:f2:94:37:30:b2:e3:ee:1f:df:7d:ef:b8:
                    12:be:0b:f5:01:2c:c4:da:ff:35:59:2f:92:2d:e2:
                    f7:10:b6:52:93:09:bf:1a:ed:09:64:a3:dd:c4:a9:
                    aa:41:42:43:53:37:9c:76:ba:5b:fc:af:54:73:8b:
                    d3:bb:c4:6f:d7:b1:d8:d2:8d:22:93:ed:cf:88:33:
                    e1:6b:f9:9e:ad:e8:2d:15:08:06:64:71:c8:63:87:
                    89:e7:db:50:ae:23:75:3f:d5:6d:66:19:85:24:ca:
                    92:79:80:7e:42:d6:ab:05:32:cf:59:65:a7:25:15:
                    49:7d:b6:1a:6a:34:1e:50:d3:b9:7c:4b:c5:1b:a4:
                    9a:39:f9:55:db:23:1a:af:a9:61:35:5c:68:89:74:
                    01:8f:26:57:36:e5:1d:0e:81:43:67:c0:0f:40:1d:
                    af:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:13:B1:EB:AD:FC:91:B6:00:05:39:4E:B3:E0:68:CE:6E:F5:46:9B
            X509v3 Authority Key Identifier:
                keyid:DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:4f:29:46:42:6e:55:08:5a:3b:9c:13:bd:05:ba:4f:e0:33:
         ce:b5:f7:67:f7:45:60:f9:e4:6f:99:f0:71:bd:8c:aa:58:b1:
         46:9f:83:7d:fb:22:1a:3d:ef:60:be:a4:cd:43:e8:d1:60:1a:
         c3:41:84:d7:ca:a0:bf:e2:d1:f4:85:30:2d:f9:1b:69:3d:57:
         ab:30:67:75:09:4b:af:74:42:5f:0c:df:cd:f1:29:5f:dc:a4:
         34:ae:e3:c5:95:e5:43:c7:37:cb:f9:9d:78:a9:7d:84:3a:a9:
         91:19:8f:fc:dc:71:5d:d1:bd:b5:6a:86:72:10:7d:17:d1:d7:
         f2:60:a3:d6:a5:8d:17:f6:83:69:6f:0b:5a:55:1e:02:a2:79:
         c5:ec:97:c1:65:50:74:f7:d1:b2:9a:10:cf:53:ee:c9:ce:3d:
         2f:33:2f:9f:f9:30:93:d8:bc:21:37:8d:26:5c:2a:d3:b0:fb:
         3a:d3:df:d5:2f:f9:c0:5a:95:74:8f:d7:0a:40:3f:72:09:95:
         10:76:53:da:28:14:db:c6:f8:3c:1f:0c:39:f3:9a:dd:b9:32:
         1b:44:8b:c0:c1:d6:10:0a:67:1c:2d:9a:e6:d3:3d:75:eb:c6:
         9a:25:97:df:9b:e3:c3:43:c5:67:c4:1e:bd:60:b0:8f:27:ca:
         e8:ec:f8:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtq49CC7bqI8f7g1fVK3UeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzBiOGZkZDA0NmVmNjU4NjgwOTdmMDM2YjhhN2M4NTU3
MmFhZDAwHhcNMjUwNjE0MDkwMDQ5WhcNMjUwNjE1MDkwMDQ5WjAzMTEwLwYDVQQD
EygwMjEzYjFlYmFkZmM5MWI2MDAwNTM5NGViM2UwNjhjZTZlZjU0NjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxIoqmAINpFXdZeYk8Ru04g7zf1f
nlUIyAL5r8udAbYr2tvJudGlk1NwjR+AbCKEXAq1lUyKER1pcb0jFZMFH4W+p1Fa
1p2lInde0SjuG5TesHQR8qW6Z9UJlmTylDcwsuPuH99977gSvgv1ASzE2v81WS+S
LeL3ELZSkwm/Gu0JZKPdxKmqQUJDUzecdrpb/K9Uc4vTu8Rv17HY0o0ik+3PiDPh
a/meregtFQgGZHHIY4eJ59tQriN1P9VtZhmFJMqSeYB+QtarBTLPWWWnJRVJfbYa
ajQeUNO5fEvFG6SaOflV2yMar6lhNVxoiXQBjyZXNuUdDoFDZ8APQB2vkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAITseut/JG2AAU5TrPgaM5u9UabMB8GA1UdIwQY
MBaAFNwwuP3QRu9lhoCX8Da4p8hVcqrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYt
MjlhMGFhNmM0YWQxLzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYtMjlhMGFhNmM0YWQx
LzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARk8pRkJu
VQhaO5wTvQW6T+AzzrX3Z/dFYPnkb5nwcb2MqlixRp+DffsiGj3vYL6kzUPo0WAa
w0GE18qgv+LR9IUwLfkbaT1XqzBndQlLr3RCXwzfzfEpX9ykNK7jxZXlQ8c3y/md
eKl9hDqpkRmP/NxxXdG9tWqGchB9F9HX8mCj1qWNF/aDaW8LWlUeAqJ5xeyXwWVQ
dPfRspoQz1Puyc49LzMvn/kwk9i8ITeNJlwq07D7OtPf1S/5wFqVdI/XCkA/cgmV
EHZT2igU28b4PB8MOfOa3bkyG0SLwMHWEApnHC2a5tM9devGmiWX35vjw0PFZ8Qe
vWCwjyfK6Oz47w==
-----END CERTIFICATE-----