Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
File:                     3ySnzbcPLOjN3aURtEWeA0_375s.mft (raw, json)
Hash identifier:          wDb92EfPoDunR6hsNdHfrRe/6t1lDTLtmuX5GuTSw7s=
Subject key identifier:   5A:F2:5E:CE:D2:EF:49:44:F4:16:35:3E:00:B5:7D:30:88:4C:5D:DD
Authority key identifier: DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B
Certificate issuer:       /CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
Certificate serial:       0197794248C4978737E3CC287A5214428FFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
Manifest number:          0D40
Signing time:             Mon 16 Jun 2025 15:01:16 +0000
Manifest this update:     Mon 16 Jun 2025 15:01:16 +0000
Manifest next update:     Tue 17 Jun 2025 15:01:16 +0000
Files and hashes:         1: 3ySnzbcPLOjN3aURtEWeA0_375s.crl (hash: oICyINTB3epIykqK8SHBgV9SEic327RkQ8+k+7o6TSE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 14:25:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:79:42:48:c4:97:87:37:e3:cc:28:7a:52:14:42:8f:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
        Validity
            Not Before: Jun 16 15:01:16 2025 GMT
            Not After : Jun 17 15:01:16 2025 GMT
        Subject: CN=5af25eced2ef4944f416353e00b57d30884c5ddd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:7b:07:0e:d6:2d:83:fc:2f:f2:d3:e0:8e:57:
                    b6:89:74:6e:57:bb:90:7c:f7:63:bc:8f:b4:20:48:
                    3b:c7:e0:28:6a:05:50:ce:33:b5:80:63:3f:dc:8d:
                    92:f8:ca:e9:82:92:20:55:89:1f:9b:c5:76:03:8d:
                    fe:76:a8:1d:df:67:3c:68:d3:a1:bc:7f:e2:80:c7:
                    02:e9:36:d6:f1:f9:85:8c:2c:03:ad:d9:42:8b:32:
                    13:d7:de:1f:28:7a:14:f4:6d:52:04:4b:44:b9:74:
                    5e:6c:45:74:67:50:24:79:46:83:bc:f9:3d:21:bc:
                    b0:2d:c5:0b:7b:4d:f7:de:e9:0e:b7:63:ad:05:87:
                    1c:28:b5:fe:cd:28:94:34:bf:77:c5:a6:0d:24:45:
                    eb:e1:06:50:fa:7a:28:8a:9b:a2:84:68:7a:88:4d:
                    f2:ed:68:52:31:37:3d:d8:ae:1c:a5:3e:1b:89:4f:
                    40:5b:71:7c:76:d8:1f:9e:d3:6f:e4:8a:f5:9a:5e:
                    01:c8:3d:73:79:d8:bf:cb:fa:0e:d1:92:1b:96:19:
                    6c:70:07:d2:dd:14:9c:5b:56:2d:86:76:9a:f8:0d:
                    a7:d1:12:48:05:d8:3d:7b:f5:8e:7e:08:16:a0:94:
                    f2:20:b3:af:5e:e8:2c:24:a4:0d:ce:f5:a5:be:81:
                    4e:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:F2:5E:CE:D2:EF:49:44:F4:16:35:3E:00:B5:7D:30:88:4C:5D:DD
            X509v3 Authority Key Identifier:
                keyid:DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:2a:8d:d2:c0:ed:84:15:6c:84:4d:a1:27:15:3f:53:00:ca:
         f4:d5:4d:10:b0:6f:6e:2a:ae:07:c4:1f:bb:3e:1f:5d:b6:7f:
         66:21:77:60:27:81:b6:16:22:5f:92:c8:a1:1c:7f:1d:82:40:
         f3:43:24:96:e6:25:26:8f:a1:ed:62:87:b9:92:71:cc:5c:c0:
         2e:71:85:85:5d:ba:98:3d:05:e7:3b:48:22:69:b4:3f:03:c4:
         df:73:d3:34:14:e7:ab:bd:6f:56:95:10:59:7e:9e:ce:be:c5:
         9f:39:14:ef:95:3e:40:65:97:9a:64:b3:30:bc:26:f5:9f:49:
         60:6f:5c:77:06:a4:48:f8:cd:2a:0c:28:d7:d7:9c:ac:99:89:
         da:28:a6:fa:b5:77:4b:e4:f5:76:82:ac:78:fa:e4:a9:4c:c9:
         8f:8e:fc:fc:fe:3f:db:08:c6:0c:c6:a9:18:39:7e:73:55:c5:
         e3:02:9b:6b:07:a7:e9:2f:eb:84:ee:b2:07:a0:3b:54:ed:34:
         77:d3:66:fc:94:d8:68:a2:0e:f8:76:08:cd:fe:c9:39:18:57:
         9c:74:30:2f:85:6f:94:8b:07:9b:7e:f8:e9:ce:77:9e:cf:0f:
         86:94:24:02:58:70:dc:27:11:f3:12:f9:e6:a9:31:bf:dd:ac:
         fb:bb:fe:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd5QkjEl4c348woelIUQo//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjRhN2NkYjcwZjJjZThjZGRkYTUxMWI0NDU5ZTAzNGZm
N2VmOWIwHhcNMjUwNjE2MTUwMTE2WhcNMjUwNjE3MTUwMTE2WjAzMTEwLwYDVQQD
Eyg1YWYyNWVjZWQyZWY0OTQ0ZjQxNjM1M2UwMGI1N2QzMDg4NGM1ZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnsHDtYtg/wv8tPgjle2iXRuV7uQ
fPdjvI+0IEg7x+AoagVQzjO1gGM/3I2S+MrpgpIgVYkfm8V2A43+dqgd32c8aNOh
vH/igMcC6TbW8fmFjCwDrdlCizIT194fKHoU9G1SBEtEuXRebEV0Z1AkeUaDvPk9
IbywLcULe0333ukOt2OtBYccKLX+zSiUNL93xaYNJEXr4QZQ+nooipuihGh6iE3y
7WhSMTc92K4cpT4biU9AW3F8dtgfntNv5Ir1ml4ByD1zedi/y/oO0ZIblhlscAfS
3RScW1Ythnaa+A2n0RJIBdg9e/WOfggWoJTyILOvXugsJKQNzvWlvoFOQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFryXs7S70lE9BY1PgC1fTCITF3dMB8GA1UdIwQY
MBaAFN8kp823Dyzozd2lEbRFngNP9++bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjIt
ZjY5ZDczOTc0NThlLzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjItZjY5ZDczOTc0NThl
LzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlCqN0sDt
hBVshE2hJxU/UwDK9NVNELBvbiquB8Qfuz4fXbZ/ZiF3YCeBthYiX5LIoRx/HYJA
80MkluYlJo+h7WKHuZJxzFzALnGFhV26mD0F5ztIImm0PwPE33PTNBTnq71vVpUQ
WX6ezr7FnzkU75U+QGWXmmSzMLwm9Z9JYG9cdwakSPjNKgwo19ecrJmJ2iim+rV3
S+T1doKsePrkqUzJj478/P4/2wjGDMapGDl+c1XF4wKbawen6S/rhO6yB6A7VO00
d9Nm/JTYaKIO+HYIzf7JORhXnHQwL4VvlIsHm3746c53ns8PhpQkAlhw3CcR8xL5
5qkxv92s+7v+ZA==
-----END CERTIFICATE-----