Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
File:                     3ohLjkYvPsE6QCTWaamdlK8FzbI.mft (raw, json)
Hash identifier:          OsIvOzfOzKJ+2XwQ31Gkr20MstUSup5BXMkfwvm8p2s=
Subject key identifier:   60:66:07:97:67:31:7C:A2:BB:45:17:CD:59:8A:56:5C:41:05:E8:7E
Authority key identifier: DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2
Certificate issuer:       /CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
Certificate serial:       0197778AC88F6AC3267E172646445262A0D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
Manifest number:          0643
Signing time:             Mon 16 Jun 2025 07:01:13 +0000
Manifest this update:     Mon 16 Jun 2025 07:01:13 +0000
Manifest next update:     Tue 17 Jun 2025 07:01:13 +0000
Files and hashes:         1: 3ohLjkYvPsE6QCTWaamdlK8FzbI.crl (hash: G45uMbzdx1nV/G4CkLDqEbsxkQiiXrQ/WvRqaJiJVss=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:77:8a:c8:8f:6a:c3:26:7e:17:26:46:44:52:62:a0:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
        Validity
            Not Before: Jun 16 07:01:13 2025 GMT
            Not After : Jun 17 07:01:13 2025 GMT
        Subject: CN=6066079767317ca2bb4517cd598a565c4105e87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:67:a0:46:69:e2:63:33:d5:07:4b:89:b1:0e:
                    14:f5:c2:3e:c4:c0:fb:a7:6c:49:4f:e5:4b:c0:d2:
                    50:c8:1f:0f:a1:23:92:3c:59:bd:50:f2:74:80:3f:
                    9f:90:2d:49:26:28:91:5c:b1:68:39:94:84:7c:98:
                    9b:51:9e:01:b6:86:b4:36:00:6d:4f:42:64:7e:33:
                    e2:2b:e8:c2:78:0f:5f:4b:38:04:bd:5f:9b:96:47:
                    8b:91:ec:9a:9e:4f:6d:7e:c4:33:d9:0f:dd:4f:6c:
                    48:e2:8e:fc:23:40:c3:b1:11:e5:a1:51:32:aa:aa:
                    c7:a8:ac:ea:18:f0:9a:51:0a:df:5d:39:6a:09:3e:
                    2a:b8:34:18:ca:6a:89:96:be:90:e8:1d:79:de:44:
                    da:5e:a9:89:65:e5:39:51:d6:24:34:f0:44:64:a8:
                    0c:fb:de:b9:1a:e2:87:9e:8f:1b:84:d7:7e:9b:ea:
                    99:b1:ab:e0:7d:71:4a:57:82:bf:b0:56:10:0c:9d:
                    a2:64:6c:4f:33:0c:3d:fc:68:4f:c0:99:48:3b:21:
                    c3:2f:2a:ac:06:46:df:2d:a7:b1:71:52:21:03:00:
                    8e:34:94:60:79:fa:df:9e:f6:9f:12:06:33:a2:f8:
                    e9:a7:9a:6d:4e:dc:12:f5:01:79:a4:df:23:21:81:
                    28:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:66:07:97:67:31:7C:A2:BB:45:17:CD:59:8A:56:5C:41:05:E8:7E
            X509v3 Authority Key Identifier:
                keyid:DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:8d:05:d2:bf:13:95:5c:e1:0e:7f:39:d9:d3:42:3d:9d:b2:
         05:48:03:f2:ee:bb:2f:32:d7:cc:ee:1a:46:1a:f2:ea:c8:04:
         a4:60:07:d6:dd:95:f4:08:d1:b1:60:35:56:54:f7:30:04:d7:
         43:e8:c5:aa:bc:21:76:b4:bf:9d:6f:61:ee:4c:a2:f5:74:da:
         a3:2a:e8:1f:ce:0c:8b:53:81:f0:2f:56:ba:bd:03:bd:b1:fc:
         a5:55:0b:54:96:f8:db:25:11:fc:0b:bd:34:bb:06:37:b6:d7:
         a6:c8:b0:03:38:fc:8d:88:10:6b:78:84:e8:7f:9e:f3:62:e0:
         f3:ee:66:58:a2:e1:a0:a8:58:27:a4:45:e8:a6:42:a6:80:33:
         ed:42:1e:f2:be:f9:2d:ec:1b:58:c6:57:37:cd:fb:b6:8f:73:
         57:8c:0e:cf:36:5d:50:ef:57:0e:b6:94:c1:94:aa:d1:06:c2:
         f5:9f:10:35:a0:49:85:86:4b:4c:3a:24:71:ed:b5:17:1d:28:
         48:01:ef:b6:d1:21:58:83:b0:0d:db:d0:87:de:44:29:5c:73:
         a4:47:bb:a8:ec:e7:a0:a4:c2:a6:fd:ac:d0:80:8b:e4:68:01:
         24:ff:6b:0a:d3:0a:4e:ed:bf:00:56:dd:30:4d:7c:21:ce:59:
         ba:ec:23:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd3isiPasMmfhcmRkRSYqDYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODg0YjhlNDYyZjNlYzEzYTQwMjRkNjY5YTk5ZDk0YWYw
NWNkYjIwHhcNMjUwNjE2MDcwMTEzWhcNMjUwNjE3MDcwMTEzWjAzMTEwLwYDVQQD
Eyg2MDY2MDc5NzY3MzE3Y2EyYmI0NTE3Y2Q1OThhNTY1YzQxMDVlODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmegRmniYzPVB0uJsQ4U9cI+xMD7
p2xJT+VLwNJQyB8PoSOSPFm9UPJ0gD+fkC1JJiiRXLFoOZSEfJibUZ4Btoa0NgBt
T0JkfjPiK+jCeA9fSzgEvV+blkeLkeyank9tfsQz2Q/dT2xI4o78I0DDsRHloVEy
qqrHqKzqGPCaUQrfXTlqCT4quDQYymqJlr6Q6B153kTaXqmJZeU5UdYkNPBEZKgM
+965GuKHno8bhNd+m+qZsavgfXFKV4K/sFYQDJ2iZGxPMww9/GhPwJlIOyHDLyqs
BkbfLaexcVIhAwCONJRgefrfnvafEgYzovjpp5ptTtwS9QF5pN8jIYEo+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGBmB5dnMXyiu0UXzVmKVlxBBeh+MB8GA1UdIwQY
MBaAFN6IS45GLz7BOkAk1mmpnZSvBc2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUt
NGFmNzA0MDJiMjcwLzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUtNGFmNzA0MDJiMjcw
LzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmY0F0r8T
lVzhDn852dNCPZ2yBUgD8u67LzLXzO4aRhry6sgEpGAH1t2V9AjRsWA1VlT3MATX
Q+jFqrwhdrS/nW9h7kyi9XTaoyroH84Mi1OB8C9Wur0DvbH8pVULVJb42yUR/Au9
NLsGN7bXpsiwAzj8jYgQa3iE6H+e82Lg8+5mWKLhoKhYJ6RF6KZCpoAz7UIe8r75
LewbWMZXN837to9zV4wOzzZdUO9XDraUwZSq0QbC9Z8QNaBJhYZLTDokce21Fx0o
SAHvttEhWIOwDdvQh95EKVxzpEe7qOznoKTCpv2s0ICL5GgBJP9rCtMKTu2/AFbd
ME18Ic5ZuuwjJA==
-----END CERTIFICATE-----