Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
File:                     3IiUXIhnpyYro3mzpphACRpPGQQ.mft (raw, json)
Hash identifier:          voUGb5eJw1calziecxOxgE9Ib2w4JFVRb5jzmBO0Tj4=
Subject key identifier:   72:4C:94:0D:3B:A5:3A:D0:FF:1E:73:8F:1C:38:21:E0:A2:5C:66:F2
Authority key identifier: DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04
Certificate issuer:       /CN=dc88945c8867a7262ba379b3a69840091a4f1904
Certificate serial:       0197778AD00F66039BA7DF66F65A93AA6046
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
Manifest number:          0966
Signing time:             Mon 16 Jun 2025 07:01:15 +0000
Manifest this update:     Mon 16 Jun 2025 07:01:15 +0000
Manifest next update:     Tue 17 Jun 2025 07:01:15 +0000
Files and hashes:         1: 3IiUXIhnpyYro3mzpphACRpPGQQ.crl (hash: ZxYcqcA/mJ393T8SApsoLx8k4eugF08dMljn/mssjdM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 06:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:77:8a:d0:0f:66:03:9b:a7:df:66:f6:5a:93:aa:60:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc88945c8867a7262ba379b3a69840091a4f1904
        Validity
            Not Before: Jun 16 07:01:15 2025 GMT
            Not After : Jun 17 07:01:15 2025 GMT
        Subject: CN=724c940d3ba53ad0ff1e738f1c3821e0a25c66f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:76:d2:0e:6f:7c:33:2b:53:77:72:3f:39:cd:
                    17:a0:8b:b5:e9:0d:c4:ee:40:18:f4:58:fa:11:57:
                    36:ab:16:9d:82:3d:ab:7f:16:ee:15:0d:e0:a1:e4:
                    a9:0c:22:1c:03:92:a9:90:e9:7a:1d:ef:e5:03:77:
                    19:f8:1c:09:cf:05:85:c6:c1:d0:1d:5d:a3:e3:5d:
                    df:5e:ae:59:ee:f1:39:4e:7d:02:65:33:45:da:42:
                    25:ee:e3:e4:2f:8a:88:6e:74:ee:79:24:f0:1b:fd:
                    d3:73:a2:9b:fe:b4:24:6f:fa:2f:49:42:3e:f2:7d:
                    98:54:15:6f:5d:1f:9d:27:20:c2:e2:60:91:4e:56:
                    56:7c:ee:92:17:79:d2:08:33:9b:16:1e:78:fd:53:
                    d3:0e:86:2b:e1:23:a0:bd:fa:b4:64:44:d5:2e:7e:
                    36:db:a8:4d:01:fd:9b:64:1b:3b:3e:78:2d:a2:5f:
                    2c:af:07:b1:d3:e1:08:9e:9f:be:be:35:b7:d4:ac:
                    bc:b4:59:a8:77:c9:16:54:c4:15:85:5f:b1:a5:43:
                    4d:3f:74:74:b6:4a:4e:43:7c:bc:30:a6:18:32:b0:
                    5c:3e:ff:33:c4:e3:5f:d3:b5:79:04:46:e4:b8:21:
                    e3:33:3f:e4:f1:09:16:2d:bc:37:0e:07:bf:35:8c:
                    b1:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:4C:94:0D:3B:A5:3A:D0:FF:1E:73:8F:1C:38:21:E0:A2:5C:66:F2
            X509v3 Authority Key Identifier:
                keyid:DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:1d:b1:4b:35:c9:7c:dd:62:38:e3:5a:2a:94:1c:3e:62:88:
         9b:93:26:ef:5c:59:fc:00:bb:00:39:55:99:46:be:42:1f:5b:
         1c:34:55:7b:87:f2:b9:e4:b8:24:2d:8f:a8:dd:50:b0:90:b1:
         fd:3b:90:57:2a:db:13:ed:0a:a7:b3:6a:2b:f7:9e:ad:f4:e3:
         97:f1:72:ae:6b:40:2d:e0:4c:ed:3f:61:53:23:be:99:50:94:
         60:0e:56:1f:7d:3e:01:71:c6:60:9a:7f:d1:33:57:bd:cc:a9:
         77:17:4e:12:99:fb:99:73:f5:c7:ab:95:f4:cf:c5:51:52:9b:
         9f:2a:93:85:68:42:c3:47:00:0e:2c:66:4a:14:2b:67:aa:e8:
         e2:d5:ce:be:a8:2d:33:2a:00:a1:86:f4:8c:bd:0a:79:95:69:
         60:ff:27:ba:ac:c1:f5:4a:8f:a6:2a:74:95:fe:4f:b2:87:28:
         a5:80:7c:5c:25:56:9d:54:e8:2e:51:d1:9e:e0:b1:40:9a:f4:
         dd:79:eb:23:9d:b5:5c:1b:3e:2f:79:ca:57:25:e7:fc:b2:49:
         11:ad:ce:8a:af:ad:74:7d:ee:bd:31:39:3b:da:d5:4a:45:6f:
         e3:78:32:df:9b:9c:83:fb:29:40:49:6e:21:5a:3c:9a:9a:e1:
         5f:41:75:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd3itAPZgObp99m9lqTqmBGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODg5NDVjODg2N2E3MjYyYmEzNzliM2E2OTg0MDA5MWE0
ZjE5MDQwHhcNMjUwNjE2MDcwMTE1WhcNMjUwNjE3MDcwMTE1WjAzMTEwLwYDVQQD
Eyg3MjRjOTQwZDNiYTUzYWQwZmYxZTczOGYxYzM4MjFlMGEyNWM2NmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHbSDm98MytTd3I/Oc0XoIu16Q3E
7kAY9Fj6EVc2qxadgj2rfxbuFQ3goeSpDCIcA5KpkOl6He/lA3cZ+BwJzwWFxsHQ
HV2j413fXq5Z7vE5Tn0CZTNF2kIl7uPkL4qIbnTueSTwG/3Tc6Kb/rQkb/ovSUI+
8n2YVBVvXR+dJyDC4mCRTlZWfO6SF3nSCDObFh54/VPTDoYr4SOgvfq0ZETVLn42
26hNAf2bZBs7Pngtol8srwex0+EInp++vjW31Ky8tFmod8kWVMQVhV+xpUNNP3R0
tkpOQ3y8MKYYMrBcPv8zxONf07V5BEbkuCHjMz/k8QkWLbw3Dge/NYyx8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHJMlA07pTrQ/x5zjxw4IeCiXGbyMB8GA1UdIwQY
MBaAFNyIlFyIZ6cmK6N5s6aYQAkaTxkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2Et
OWNmZjFhZWUyYjBjLzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2EtOWNmZjFhZWUyYjBj
LzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjB2xSzXJ
fN1iOONaKpQcPmKIm5Mm71xZ/AC7ADlVmUa+Qh9bHDRVe4fyueS4JC2PqN1QsJCx
/TuQVyrbE+0Kp7NqK/eerfTjl/FyrmtALeBM7T9hUyO+mVCUYA5WH30+AXHGYJp/
0TNXvcypdxdOEpn7mXP1x6uV9M/FUVKbnyqThWhCw0cADixmShQrZ6ro4tXOvqgt
MyoAoYb0jL0KeZVpYP8nuqzB9UqPpip0lf5PsocopYB8XCVWnVToLlHRnuCxQJr0
3XnrI521XBs+L3nKVyXn/LJJEa3Oiq+tdH3uvTE5O9rVSkVv43gy35ucg/spQElu
IVo8mprhX0F1iA==
-----END CERTIFICATE-----