Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
File:                     3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft (raw, json)
Hash identifier:          gLNyJqsR7+aLW3c0I7+U2o506MTbnVDDbgeuOxhzHVI=
Subject key identifier:   23:1B:F5:C0:DC:E2:78:D8:20:3B:A7:15:9C:40:92:BB:7D:EF:3C:1D
Authority key identifier: DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4
Certificate issuer:       /CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
Certificate serial:       01976D3E138FCFC0449A0DA047BC42DA3749
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
Manifest number:          0C81
Signing time:             Sat 14 Jun 2025 07:01:14 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:14 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:14 +0000
Files and hashes:         1: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl (hash: +gsVETT/ObBHPKTO2Y4izoNhuX9lE+Yjw9/BglpTCo0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:13:8f:cf:c0:44:9a:0d:a0:47:bc:42:da:37:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
        Validity
            Not Before: Jun 14 07:01:14 2025 GMT
            Not After : Jun 15 07:01:14 2025 GMT
        Subject: CN=231bf5c0dce278d8203ba7159c4092bb7def3c1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:09:d2:d5:11:55:32:96:68:00:17:fb:7f:99:
                    3a:da:d6:d9:69:89:30:9e:a1:56:38:4f:ac:e2:1f:
                    43:a0:08:55:be:50:f7:26:57:73:1f:3d:3f:78:35:
                    b9:50:19:7c:8f:09:e5:f1:ed:46:e5:06:40:81:f2:
                    58:80:fe:5a:c3:d1:84:4d:ce:a4:a4:bc:10:52:2c:
                    b1:7c:0f:ec:3b:93:af:d9:d4:ba:b2:64:8c:8a:b4:
                    f6:f2:46:8b:18:e5:fc:75:26:42:d8:a8:4c:3c:e3:
                    e0:d8:1e:9c:7e:c9:2e:ee:82:08:7c:2b:60:27:36:
                    4b:3f:10:99:12:8e:6d:03:05:51:6c:6e:a8:87:b3:
                    8d:e1:ab:3d:d3:7d:a3:0a:f1:19:1d:d9:70:cd:30:
                    b3:f7:bd:e6:14:6f:17:47:ba:77:1b:2b:45:78:28:
                    41:b4:9c:65:73:99:67:e7:d9:4a:d9:0d:72:38:27:
                    1c:f1:f5:08:02:a9:c9:26:8d:7e:7d:16:c0:f4:f9:
                    21:77:26:cf:7b:0c:eb:61:5d:06:27:b4:c5:dd:d9:
                    c9:ab:0b:c8:5c:30:68:e9:ac:12:07:ab:0c:a3:0b:
                    1f:e3:8f:b2:13:cb:0c:c5:6f:98:36:05:89:e6:cc:
                    83:49:86:42:ce:ff:a4:99:83:41:b9:0c:51:ec:83:
                    e7:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:1B:F5:C0:DC:E2:78:D8:20:3B:A7:15:9C:40:92:BB:7D:EF:3C:1D
            X509v3 Authority Key Identifier:
                keyid:DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d7:2c:6a:bf:5e:5c:43:03:24:c8:67:c8:ca:bf:32:ef:fc:49:
         c7:c1:87:25:9e:63:f8:ae:52:ba:d9:62:10:e0:8e:d0:0e:46:
         63:90:ca:72:d5:c2:02:9c:7e:1e:4b:57:9b:d9:20:73:8a:86:
         3c:ea:59:88:0c:24:0d:68:44:6d:6c:ec:3d:11:11:ab:8c:8a:
         24:2b:24:0a:31:db:0d:75:27:a5:c3:73:e6:ea:ef:2e:ec:2e:
         15:20:50:fd:b2:f0:bd:59:ee:5c:d0:1d:c2:de:a3:cf:70:35:
         1c:6e:f7:60:f5:0f:6b:fb:84:55:eb:bf:80:79:bb:d2:bf:a8:
         85:69:4c:31:0d:85:39:d5:26:b1:92:b5:02:c1:87:70:a3:5c:
         87:fb:31:cc:65:ce:68:bf:c7:7e:f7:b1:79:60:c3:34:5a:3a:
         57:f7:f0:a8:ed:7f:a9:ee:bc:47:e9:28:73:eb:06:fd:4a:f4:
         86:08:a7:dc:d4:9c:29:01:8c:50:44:23:6f:79:de:7f:05:bd:
         6f:45:4d:dd:31:ad:53:da:ec:8d:96:9c:c0:d6:fe:14:bd:c1:
         6b:81:76:b9:ec:64:f9:d3:0c:12:86:83:a1:18:34:e5:9e:9b:
         82:1b:28:96:33:37:bb:91:b9:c1:51:5c:07:9e:6e:45:ae:af:
         d4:db:93:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPhOPz8BEmg2gR7xC2jdJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzU4NTJlYjNkNWY0YmZhN2U0NGU4MGVlYTk4ODE5ODY0
MDNjZDQwHhcNMjUwNjE0MDcwMTE0WhcNMjUwNjE1MDcwMTE0WjAzMTEwLwYDVQQD
EygyMzFiZjVjMGRjZTI3OGQ4MjAzYmE3MTU5YzQwOTJiYjdkZWYzYzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAnS1RFVMpZoABf7f5k62tbZaYkw
nqFWOE+s4h9DoAhVvlD3JldzHz0/eDW5UBl8jwnl8e1G5QZAgfJYgP5aw9GETc6k
pLwQUiyxfA/sO5Ov2dS6smSMirT28kaLGOX8dSZC2KhMPOPg2B6cfsku7oIIfCtg
JzZLPxCZEo5tAwVRbG6oh7ON4as9032jCvEZHdlwzTCz973mFG8XR7p3GytFeChB
tJxlc5ln59lK2Q1yOCcc8fUIAqnJJo1+fRbA9PkhdybPewzrYV0GJ7TF3dnJqwvI
XDBo6awSB6sMowsf44+yE8sMxW+YNgWJ5syDSYZCzv+kmYNBuQxR7IPnvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCMb9cDc4njYIDunFZxAkrt97zwdMB8GA1UdIwQY
MBaAFNx1hS6z1fS/p+ROgO6piBmGQDzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQt
OWNmYWU4YTc1OTdlLzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQtOWNmYWU4YTc1OTdl
LzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1yxqv15c
QwMkyGfIyr8y7/xJx8GHJZ5j+K5SutliEOCO0A5GY5DKctXCApx+HktXm9kgc4qG
POpZiAwkDWhEbWzsPRERq4yKJCskCjHbDXUnpcNz5urvLuwuFSBQ/bLwvVnuXNAd
wt6jz3A1HG73YPUPa/uEVeu/gHm70r+ohWlMMQ2FOdUmsZK1AsGHcKNch/sxzGXO
aL/HfvexeWDDNFo6V/fwqO1/qe68R+koc+sG/Ur0hgin3NScKQGMUEQjb3nefwW9
b0VN3TGtU9rsjZacwNb+FL3Ba4F2uexk+dMMEoaDoRg05Z6bghsoljM3u5G5wVFc
B55uRa6v1NuTbQ==
-----END CERTIFICATE-----