Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
File:                     3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft (raw, json)
Hash identifier:          4LWwjUfnt6nNgwM7Ena7T2iZycIJqFmiJ4R7ZSJ5Ids=
Subject key identifier:   AF:31:32:98:3A:82:F5:11:81:4E:C7:E0:EB:A4:35:01:6D:EB:BF:A1
Authority key identifier: DD:70:C5:F0:9B:62:68:32:92:FD:91:09:E6:94:71:35:90:28:1F:8D
Certificate issuer:       /CN=dd70c5f09b62683292fd9109e694713590281f8d
Certificate serial:       0197832061F55EA422F6C760CD18E8BABFFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
Manifest number:          1597
Signing time:             Wed 18 Jun 2025 13:00:26 +0000
Manifest this update:     Wed 18 Jun 2025 13:00:26 +0000
Manifest next update:     Thu 19 Jun 2025 13:00:26 +0000
Files and hashes:         1: 3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl (hash: UDdzVTjL4mLrX5sj348bfe/X6YXid9j86mQO6Ir+HNA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 19 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:83:20:61:f5:5e:a4:22:f6:c7:60:cd:18:e8:ba:bf:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd70c5f09b62683292fd9109e694713590281f8d
        Validity
            Not Before: Jun 18 13:00:26 2025 GMT
            Not After : Jun 19 13:00:26 2025 GMT
        Subject: CN=af3132983a82f511814ec7e0eba435016debbfa1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:43:9e:26:ee:94:97:d2:8b:6a:74:19:8f:5b:
                    56:7a:93:90:64:c8:e9:54:9e:a5:53:fc:ee:af:8f:
                    dc:c0:38:8c:be:5b:dd:0b:a5:2e:84:d1:72:df:ca:
                    9f:af:83:15:12:32:50:ce:6d:52:82:23:73:23:df:
                    2f:e2:9a:8b:1d:85:2a:f6:b2:df:84:4e:2e:e8:66:
                    81:47:79:af:89:37:eb:9d:c6:c1:a7:2b:43:52:21:
                    b2:a5:75:1c:7f:5a:f0:aa:b6:63:04:1f:9f:6c:12:
                    c2:51:a2:30:48:d2:97:84:9a:3a:06:67:cd:aa:76:
                    8f:e0:38:d8:5e:84:06:39:49:28:83:2e:28:f7:fd:
                    88:a9:03:37:b0:85:0c:ca:27:0c:83:75:83:e0:5e:
                    5c:51:55:30:59:82:56:78:90:7f:3d:42:fa:da:e8:
                    8c:c3:d9:76:7a:f9:82:a6:d7:b6:52:80:db:e2:e9:
                    96:3c:e2:5d:b2:1c:b7:41:50:5f:cc:60:84:9d:9c:
                    a3:a4:d9:85:53:51:ab:1d:43:34:70:ae:48:01:af:
                    db:52:5c:8e:8e:ba:7c:b8:97:c0:dd:6e:0b:a5:59:
                    25:2d:f5:72:27:4a:59:a5:a5:08:50:13:e0:ca:01:
                    4d:e3:02:3e:2b:e3:ad:52:ca:af:0f:cc:8b:6e:4c:
                    85:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:31:32:98:3A:82:F5:11:81:4E:C7:E0:EB:A4:35:01:6D:EB:BF:A1
            X509v3 Authority Key Identifier:
                keyid:DD:70:C5:F0:9B:62:68:32:92:FD:91:09:E6:94:71:35:90:28:1F:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:bd:60:30:b4:0a:71:a4:c5:20:d0:6c:da:ff:04:cb:91:e2:
         94:04:01:af:21:1f:d2:5b:3b:3b:d5:4c:80:6e:ed:bf:d7:87:
         8a:32:15:14:2c:5c:25:31:95:bb:f5:3b:ad:d8:af:14:cc:c9:
         af:b8:08:2d:3e:d4:ca:83:e6:46:8d:a0:fe:08:5e:68:32:77:
         15:b0:ec:bb:01:ae:d5:19:af:25:4e:91:c5:16:81:8a:15:01:
         1e:99:16:52:f6:95:ab:e7:b4:a6:c1:45:a4:61:10:3d:ec:04:
         a8:7e:9a:d4:97:92:93:2e:e6:8b:48:54:11:bc:21:a9:6f:42:
         cb:86:32:a3:fa:ba:bc:83:ec:e3:cd:95:a5:5f:63:fe:a7:8b:
         e6:59:0c:f9:21:e4:7f:05:13:b9:71:08:91:a8:a4:a6:1c:a1:
         64:90:09:f1:60:70:64:b8:b4:e6:0b:55:f3:52:6b:67:8b:d9:
         d2:84:77:b2:0f:7d:b7:a3:36:5b:19:6d:77:cf:43:8b:a6:8f:
         aa:3f:df:c8:4a:53:fc:e1:bb:3a:5b:b9:4d:72:5f:9b:67:8f:
         98:f4:2a:79:59:17:4e:07:c2:55:0f:b2:81:8a:50:03:56:16:
         59:4a:9f:ca:56:7f:a9:96:21:28:60:e0:3e:90:b8:45:34:83:
         c2:fa:ad:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeDIGH1XqQi9sdgzRjour/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzBjNWYwOWI2MjY4MzI5MmZkOTEwOWU2OTQ3MTM1OTAy
ODFmOGQwHhcNMjUwNjE4MTMwMDI2WhcNMjUwNjE5MTMwMDI2WjAzMTEwLwYDVQQD
EyhhZjMxMzI5ODNhODJmNTExODE0ZWM3ZTBlYmE0MzUwMTZkZWJiZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkOeJu6Ul9KLanQZj1tWepOQZMjp
VJ6lU/zur4/cwDiMvlvdC6UuhNFy38qfr4MVEjJQzm1SgiNzI98v4pqLHYUq9rLf
hE4u6GaBR3mviTfrncbBpytDUiGypXUcf1rwqrZjBB+fbBLCUaIwSNKXhJo6BmfN
qnaP4DjYXoQGOUkogy4o9/2IqQM3sIUMyicMg3WD4F5cUVUwWYJWeJB/PUL62uiM
w9l2evmCpte2UoDb4umWPOJdshy3QVBfzGCEnZyjpNmFU1GrHUM0cK5IAa/bUlyO
jrp8uJfA3W4LpVklLfVyJ0pZpaUIUBPgygFN4wI+K+OtUsqvD8yLbkyFLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8xMpg6gvURgU7H4OukNQFt67+hMB8GA1UdIwQY
MBaAFN1wxfCbYmgykv2RCeaUcTWQKB+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9hNjc1NTctZDg5YS00ZWYxLWJkNjMt
YTdmY2FiOWFhN2FhLzEvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9hNjc1NTctZDg5YS00ZWYxLWJkNjMtYTdmY2FiOWFhN2Fh
LzEvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeL1gMLQK
caTFINBs2v8Ey5HilAQBryEf0ls7O9VMgG7tv9eHijIVFCxcJTGVu/U7rdivFMzJ
r7gILT7UyoPmRo2g/gheaDJ3FbDsuwGu1RmvJU6RxRaBihUBHpkWUvaVq+e0psFF
pGEQPewEqH6a1JeSky7mi0hUEbwhqW9Cy4Yyo/q6vIPs482VpV9j/qeL5lkM+SHk
fwUTuXEIkaikphyhZJAJ8WBwZLi05gtV81JrZ4vZ0oR3sg99t6M2Wxltd89Di6aP
qj/fyEpT/OG7Olu5TXJfm2ePmPQqeVkXTgfCVQ+ygYpQA1YWWUqfylZ/qZYhKGDg
PpC4RTSDwvqt1w==
-----END CERTIFICATE-----