Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
File:                     3VShBsGZ81M-VritvPpLGsPmkJ8.mft (raw, json)
Hash identifier:          8/1t7KDul/lIRvP0hfBhZs9N+MF6Tq9fYUMojJkERdQ=
Subject key identifier:   B3:D7:B2:53:1D:F2:09:88:77:0B:31:01:CB:24:67:94:88:54:5F:D5
Authority key identifier: DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F
Certificate issuer:       /CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
Certificate serial:       01976D3D7DBD0BB8EF8702B6E15DC34A0CF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
Manifest number:          085B
Signing time:             Sat 14 Jun 2025 07:00:35 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:35 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:35 +0000
Files and hashes:         1: 3VShBsGZ81M-VritvPpLGsPmkJ8.crl (hash: FCX78IWwZwvR2Lpf1e8J+v438VqnhXf/KVrgI8QDSb0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:7d:bd:0b:b8:ef:87:02:b6:e1:5d:c3:4a:0c:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
        Validity
            Not Before: Jun 14 07:00:35 2025 GMT
            Not After : Jun 15 07:00:35 2025 GMT
        Subject: CN=b3d7b2531df20988770b3101cb24679488545fd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:fe:37:91:58:e6:df:9c:49:2c:f1:0d:6b:a5:
                    84:b8:a0:0c:54:d0:3c:da:ff:12:ab:ae:06:e0:23:
                    12:f2:9c:de:80:e0:1a:ef:e5:4b:83:e1:07:4d:a7:
                    95:9c:6d:9a:2a:f6:e6:2d:aa:d0:75:35:97:e9:a7:
                    db:fd:d4:3e:26:94:49:f1:47:cd:26:4c:8a:d1:24:
                    cc:64:06:5d:f8:e0:cc:99:68:16:63:8e:a3:e7:60:
                    f9:3f:32:a1:d9:6d:61:55:12:80:46:83:2a:2d:c5:
                    8a:bc:19:79:89:0b:c3:d2:10:a8:4a:fd:05:0e:90:
                    2a:3a:67:bc:7f:e1:4b:34:eb:32:42:eb:d7:c8:1c:
                    67:c9:0e:21:5f:14:4b:76:b7:79:ec:83:47:b1:26:
                    fc:df:98:2b:47:2f:82:bc:3f:20:2e:b8:41:0e:dc:
                    80:07:36:7c:a0:74:f1:98:dd:05:3e:1f:e5:54:6e:
                    d5:7e:67:0a:f1:7a:6c:3a:a7:54:1a:ff:13:c9:22:
                    86:c9:4e:cf:01:97:0a:42:8c:99:57:17:cf:ba:fa:
                    70:da:85:0e:3c:66:10:27:80:b4:6d:7d:06:dc:b4:
                    37:81:bd:87:6c:38:c1:c9:ae:31:0f:33:9b:df:54:
                    d6:46:1d:7b:de:32:a2:15:b9:ac:06:48:f4:61:2c:
                    ba:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:D7:B2:53:1D:F2:09:88:77:0B:31:01:CB:24:67:94:88:54:5F:D5
            X509v3 Authority Key Identifier:
                keyid:DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:93:bf:53:33:5c:12:56:6a:de:1a:37:b1:b7:4b:df:15:70:
         34:ce:bc:d0:90:67:41:dc:63:62:72:29:65:d2:22:b9:89:d8:
         33:cd:28:79:a6:c1:91:e4:65:4c:07:03:be:b8:c2:ad:75:9b:
         a5:5e:e0:3d:8e:43:ca:c9:77:bb:af:0f:f4:04:3a:51:ae:9b:
         9e:63:1b:bc:b5:96:c6:e9:e5:00:17:82:f5:37:e1:78:ba:8c:
         ca:a3:cf:f0:e1:5c:33:9c:dd:0b:de:ef:a8:4a:b3:fb:5e:a7:
         69:ec:1d:6b:cd:73:21:c9:77:0e:b0:f5:a2:c4:82:a4:70:96:
         23:c0:83:37:35:2d:b8:74:cd:3d:1a:29:94:c7:9a:8a:a4:09:
         54:bd:bb:18:61:fe:89:9d:64:d3:f9:92:1b:46:9f:2e:3b:ec:
         dc:25:b5:73:f9:50:fe:74:23:44:9d:33:f7:a7:55:65:a6:96:
         61:ba:44:cb:2c:00:e3:bd:0e:2f:e0:3d:30:40:7b:62:d4:00:
         e9:32:5a:6e:c6:82:75:ad:e6:82:2e:3d:78:f4:b0:38:f8:97:
         95:5c:f2:c2:41:ca:0a:29:79:55:8c:80:e6:d7:c2:83:51:d2:
         b4:bb:3d:82:e7:9e:6e:23:7e:45:35:7d:03:f7:6e:ee:91:b9:
         b5:44:f4:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPX29C7jvhwK24V3DSgz5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTRhMTA2YzE5OWYzNTMzZTU2YjhhZGJjZmE0YjFhYzNl
NjkwOWYwHhcNMjUwNjE0MDcwMDM1WhcNMjUwNjE1MDcwMDM1WjAzMTEwLwYDVQQD
EyhiM2Q3YjI1MzFkZjIwOTg4NzcwYjMxMDFjYjI0Njc5NDg4NTQ1ZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuP43kVjm35xJLPENa6WEuKAMVNA8
2v8Sq64G4CMS8pzegOAa7+VLg+EHTaeVnG2aKvbmLarQdTWX6afb/dQ+JpRJ8UfN
JkyK0STMZAZd+ODMmWgWY46j52D5PzKh2W1hVRKARoMqLcWKvBl5iQvD0hCoSv0F
DpAqOme8f+FLNOsyQuvXyBxnyQ4hXxRLdrd57INHsSb835grRy+CvD8gLrhBDtyA
BzZ8oHTxmN0FPh/lVG7VfmcK8XpsOqdUGv8TySKGyU7PAZcKQoyZVxfPuvpw2oUO
PGYQJ4C0bX0G3LQ3gb2HbDjBya4xDzOb31TWRh173jKiFbmsBkj0YSy6vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLPXslMd8gmIdwsxAcskZ5SIVF/VMB8GA1UdIwQY
MBaAFN1UoQbBmfNTPla4rbz6SxrD5pCfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDct
MzQxYWYxZjA3NjliLzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDctMzQxYWYxZjA3Njli
LzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL5O/UzNc
ElZq3ho3sbdL3xVwNM680JBnQdxjYnIpZdIiuYnYM80oeabBkeRlTAcDvrjCrXWb
pV7gPY5Dysl3u68P9AQ6Ua6bnmMbvLWWxunlABeC9TfheLqMyqPP8OFcM5zdC97v
qEqz+16naewda81zIcl3DrD1osSCpHCWI8CDNzUtuHTNPRoplMeaiqQJVL27GGH+
iZ1k0/mSG0afLjvs3CW1c/lQ/nQjRJ0z96dVZaaWYbpEyywA470OL+A9MEB7YtQA
6TJabsaCda3mgi49ePSwOPiXlVzywkHKCil5VYyA5tfCg1HStLs9gueebiN+RTV9
A/du7pG5tUT0gg==
-----END CERTIFICATE-----