Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
File:                     O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft (raw, json)
Hash identifier:          /5zZ69knCUnyTNa6FQUdvwiTD0Xj4Za/Tkl++IVcvdw=
Subject key identifier:   BA:AE:79:2A:67:F6:FF:55:91:71:AD:78:32:AA:E2:27:2C:7D:EE:34
Authority key identifier: 3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62
Certificate issuer:       /CN=3b55e7feb907137299f5792c36395efba9b34b62
Certificate serial:       0197759C278C25D27422F1732F02CA9D0002
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
Manifest number:          0E3A
Signing time:             Sun 15 Jun 2025 22:00:57 +0000
Manifest this update:     Sun 15 Jun 2025 22:00:57 +0000
Manifest next update:     Mon 16 Jun 2025 22:00:57 +0000
Files and hashes:         1: O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl (hash: BvYfhld9Zs3CRyOJAsuj13ehb8MwXlY4gurC4EAgukM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 20:59:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:75:9c:27:8c:25:d2:74:22:f1:73:2f:02:ca:9d:00:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b55e7feb907137299f5792c36395efba9b34b62
        Validity
            Not Before: Jun 15 22:00:57 2025 GMT
            Not After : Jun 16 22:00:57 2025 GMT
        Subject: CN=baae792a67f6ff559171ad7832aae2272c7dee34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:a5:39:4c:f0:07:90:51:8e:8f:23:a7:5a:c6:
                    0e:5e:6c:9a:1a:20:e5:05:d5:b5:3c:47:20:cc:99:
                    72:0e:df:05:3d:c6:b8:e1:ad:69:18:57:f3:1e:0c:
                    0b:f0:24:c0:08:76:97:5e:9a:77:9b:9b:ca:5e:c7:
                    58:fe:d3:ac:3e:16:d9:20:7e:f4:dd:b2:5a:23:b3:
                    7e:cb:da:bb:01:86:6a:ee:7c:bb:9d:62:de:ce:c8:
                    05:51:33:17:6f:9f:84:98:ab:30:a7:fa:f1:fb:ac:
                    b8:3c:01:dc:29:54:71:b5:4d:c6:a0:59:e5:21:70:
                    5c:da:14:9d:83:58:3f:43:03:54:ab:cf:c9:88:03:
                    ff:09:ed:05:3d:b7:c6:0c:4c:d3:3a:77:6d:a5:a9:
                    d3:7f:d2:6b:d8:4e:82:68:04:0c:13:25:3f:cb:d2:
                    f3:2a:09:5d:73:b3:cd:3d:f1:5a:25:26:c9:23:a1:
                    c6:58:1b:c1:e7:8d:37:08:19:25:e3:47:e3:11:64:
                    65:79:e3:f7:c9:77:10:18:a5:52:33:95:bf:a8:a7:
                    21:4f:9f:91:e1:88:b4:bd:5a:4f:29:21:2e:e8:16:
                    1b:70:cd:d3:36:7d:ef:1b:83:49:00:b3:3b:c4:9e:
                    ef:57:00:fb:0e:a5:7d:a0:a8:57:58:5b:5d:df:cd:
                    a3:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:AE:79:2A:67:F6:FF:55:91:71:AD:78:32:AA:E2:27:2C:7D:EE:34
            X509v3 Authority Key Identifier:
                keyid:3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:b6:08:28:ad:7f:a3:1a:19:62:2e:9a:5b:50:99:1a:f8:52:
         7a:93:c5:39:27:72:21:f2:8f:da:e3:e4:5a:a0:9f:e9:e4:f9:
         5d:b1:ec:17:a3:76:85:c8:ec:c6:fb:36:fa:c8:a5:37:93:f4:
         7c:9f:a2:dc:9d:ce:ca:23:43:27:78:26:e0:e3:33:96:e9:ee:
         ea:02:28:26:69:51:f2:36:61:31:eb:2a:dd:5b:79:7d:9a:72:
         16:f8:ad:bd:5e:ec:da:05:c6:74:de:27:41:18:3c:6b:0e:b8:
         1e:e7:c2:e6:43:35:d2:13:db:87:bf:4d:72:fd:eb:42:61:ff:
         20:d3:48:97:93:82:80:8f:48:f7:30:e1:c2:06:35:62:e0:cd:
         34:04:d3:0a:8a:79:13:72:13:f5:7a:b6:92:7a:2c:4a:5f:1c:
         4f:01:fe:69:80:b4:e2:2b:54:55:87:37:c0:dd:63:fe:1f:af:
         f0:ee:bc:b4:2a:61:bf:d8:67:68:21:0a:b2:1a:c3:b6:2d:56:
         aa:df:f4:42:f5:04:96:56:21:a3:25:99:95:fd:0d:d9:b7:ec:
         dd:86:16:24:57:e1:fd:9f:39:d7:38:82:1d:5e:19:5b:02:28:
         db:c0:d3:f2:8f:4d:75:10:96:3a:da:58:be:c4:dc:14:63:50:
         fa:94:6c:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd1nCeMJdJ0IvFzLwLKnQACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTVlN2ZlYjkwNzEzNzI5OWY1NzkyYzM2Mzk1ZWZiYTli
MzRiNjIwHhcNMjUwNjE1MjIwMDU3WhcNMjUwNjE2MjIwMDU3WjAzMTEwLwYDVQQD
EyhiYWFlNzkyYTY3ZjZmZjU1OTE3MWFkNzgzMmFhZTIyNzJjN2RlZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06U5TPAHkFGOjyOnWsYOXmyaGiDl
BdW1PEcgzJlyDt8FPca44a1pGFfzHgwL8CTACHaXXpp3m5vKXsdY/tOsPhbZIH70
3bJaI7N+y9q7AYZq7ny7nWLezsgFUTMXb5+EmKswp/rx+6y4PAHcKVRxtU3GoFnl
IXBc2hSdg1g/QwNUq8/JiAP/Ce0FPbfGDEzTOndtpanTf9Jr2E6CaAQMEyU/y9Lz
Kgldc7PNPfFaJSbJI6HGWBvB5403CBkl40fjEWRleeP3yXcQGKVSM5W/qKchT5+R
4Yi0vVpPKSEu6BYbcM3TNn3vG4NJALM7xJ7vVwD7DqV9oKhXWFtd382jdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLqueSpn9v9VkXGteDKq4icsfe40MB8GA1UdIwQY
MBaAFDtV5/65BxNymfV5LDY5Xvups0tiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAt
YTQ0MWUyNGJlMDM2LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAtYTQ0MWUyNGJlMDM2
LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANLYIKK1/
oxoZYi6aW1CZGvhSepPFOSdyIfKP2uPkWqCf6eT5XbHsF6N2hcjsxvs2+silN5P0
fJ+i3J3OyiNDJ3gm4OMzlunu6gIoJmlR8jZhMesq3Vt5fZpyFvitvV7s2gXGdN4n
QRg8aw64HufC5kM10hPbh79Ncv3rQmH/INNIl5OCgI9I9zDhwgY1YuDNNATTCop5
E3IT9Xq2knosSl8cTwH+aYC04itUVYc3wN1j/h+v8O68tCphv9hnaCEKshrDti1W
qt/0QvUEllYhoyWZlf0N2bfs3YYWJFfh/Z851ziCHV4ZWwIo28DT8o9NdRCWOtpY
vsTcFGNQ+pRspQ==
-----END CERTIFICATE-----