Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
File:                     db3TijiDJA5GxLGsi7-DF96P-IU.mft (raw, json)
Hash identifier:          FIV5lBspW1ZBZKyxswqSzlBFHwz4W8PDAE3BwQNwf6Y=
Subject key identifier:   7A:27:F9:EA:F8:2B:CF:F6:71:74:7A:F5:50:E2:BE:0D:2F:2A:EB:C4
Authority key identifier: 75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85
Certificate issuer:       /CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885
Certificate serial:       01976C987043FB54E2623A02CCE6F3C875AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
Manifest number:          129B
Signing time:             Sat 14 Jun 2025 04:00:18 +0000
Manifest this update:     Sat 14 Jun 2025 04:00:18 +0000
Manifest next update:     Sun 15 Jun 2025 04:00:18 +0000
Files and hashes:         1: db3TijiDJA5GxLGsi7-DF96P-IU.crl (hash: TIc6TJYS84oj08LdRkrQhO5Vow/fnXB78d2QdQww75k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:98:70:43:fb:54:e2:62:3a:02:cc:e6:f3:c8:75:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885
        Validity
            Not Before: Jun 14 04:00:18 2025 GMT
            Not After : Jun 15 04:00:18 2025 GMT
        Subject: CN=7a27f9eaf82bcff671747af550e2be0d2f2aebc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:8e:1e:8c:82:cd:c4:71:5c:bd:16:da:2a:e8:
                    62:a0:40:ff:e8:c8:de:46:0e:b4:49:a7:8d:d5:77:
                    26:4a:ab:e1:d9:2c:70:7d:74:86:a5:ac:02:03:ec:
                    5a:7a:06:74:d4:a5:2b:3b:08:11:38:34:b2:d6:8c:
                    db:24:6a:36:55:0c:20:8d:51:a7:76:76:58:da:fd:
                    a1:73:e1:44:00:d4:65:22:83:5b:79:de:a9:1b:4c:
                    23:03:8c:02:de:29:9a:07:a2:7a:41:43:53:06:e6:
                    b7:72:46:f5:f8:e6:ab:55:8d:89:2d:44:37:34:47:
                    61:43:60:e1:ba:0a:bd:eb:dc:87:69:8b:24:fb:95:
                    dc:6c:83:22:19:5f:c9:7e:95:e6:38:2a:5e:dd:ea:
                    b2:18:fa:cf:97:76:54:44:bb:21:b2:d4:ed:17:c4:
                    1d:7d:bb:f4:4c:ac:ee:b3:d0:5d:e2:38:ba:c4:65:
                    62:61:f1:3a:29:71:4e:db:7a:07:64:32:c2:f3:06:
                    8e:ca:81:1f:98:43:09:43:c3:f0:99:de:a5:78:d3:
                    0d:f0:97:b6:d4:ee:5f:2f:94:3a:74:12:45:1b:03:
                    95:4b:66:e4:f1:d2:c4:0c:27:8a:8f:e7:f0:8a:31:
                    b1:f5:d4:3c:d8:e5:e5:dc:5a:dd:53:88:6e:cd:08:
                    19:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:27:F9:EA:F8:2B:CF:F6:71:74:7A:F5:50:E2:BE:0D:2F:2A:EB:C4
            X509v3 Authority Key Identifier:
                keyid:75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:dd:e8:5c:4a:ec:14:79:2d:7a:53:d1:29:95:9c:00:55:02:
         96:2c:37:8c:76:14:67:87:ca:2f:4d:bb:9d:2f:8b:33:6f:e1:
         1a:33:32:48:36:5c:eb:eb:be:e2:22:61:40:bd:84:41:31:82:
         91:ca:89:53:28:13:04:17:99:8e:de:51:99:86:91:e0:8a:a2:
         6d:51:38:3f:e2:2c:57:7d:01:36:5b:4c:08:87:8c:94:e7:e3:
         2b:51:d8:4e:fc:25:01:64:c3:f6:a0:7d:b3:2a:51:88:41:da:
         7a:c9:c1:7f:fb:4a:80:19:18:dc:29:b5:c0:bb:51:0b:27:25:
         db:96:c8:fe:1f:15:a6:97:59:b4:75:37:95:54:5a:7a:be:c4:
         02:e6:74:fc:73:8f:77:3b:60:55:2c:35:82:e3:fb:3c:89:ee:
         c3:4c:ea:a9:40:c3:ae:c0:59:62:2d:d3:98:22:98:9f:a4:d2:
         e1:71:bb:d5:ab:d9:9e:41:86:8b:87:49:6a:2e:f5:73:50:c4:
         3d:b8:65:71:bd:3b:e5:d6:4a:2b:30:22:c4:6a:c5:4f:af:ef:
         14:be:da:e0:e7:34:8f:a1:ac:42:ea:ef:6d:2d:ac:f0:0d:35:
         f4:fc:ba:97:f7:e8:a3:f4:74:29:fc:6e:13:bb:d6:c6:50:31:
         43:93:3a:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmHBD+1TiYjoCzObzyHWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YmRkMzhhMzg4MzI0MGU0NmM0YjFhYzhiYmY4MzE3ZGU4
ZmY4ODUwHhcNMjUwNjE0MDQwMDE4WhcNMjUwNjE1MDQwMDE4WjAzMTEwLwYDVQQD
Eyg3YTI3ZjllYWY4MmJjZmY2NzE3NDdhZjU1MGUyYmUwZDJmMmFlYmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz44ejILNxHFcvRbaKuhioED/6Mje
Rg60SaeN1XcmSqvh2SxwfXSGpawCA+xaegZ01KUrOwgRODSy1ozbJGo2VQwgjVGn
dnZY2v2hc+FEANRlIoNbed6pG0wjA4wC3imaB6J6QUNTBua3ckb1+OarVY2JLUQ3
NEdhQ2Dhugq969yHaYsk+5XcbIMiGV/JfpXmOCpe3eqyGPrPl3ZURLshstTtF8Qd
fbv0TKzus9Bd4ji6xGViYfE6KXFO23oHZDLC8waOyoEfmEMJQ8Pwmd6leNMN8Je2
1O5fL5Q6dBJFGwOVS2bk8dLEDCeKj+fwijGx9dQ82OXl3FrdU4huzQgZ2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHon+er4K8/2cXR69VDivg0vKuvEMB8GA1UdIwQY
MBaAFHW904o4gyQORsSxrIu/gxfej/iFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGIt
OGRhNjA1MzVlNmEwLzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGItOGRhNjA1MzVlNmEw
LzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdd3oXErs
FHktelPRKZWcAFUCliw3jHYUZ4fKL027nS+LM2/hGjMySDZc6+u+4iJhQL2EQTGC
kcqJUygTBBeZjt5RmYaR4IqibVE4P+IsV30BNltMCIeMlOfjK1HYTvwlAWTD9qB9
sypRiEHaesnBf/tKgBkY3Cm1wLtRCycl25bI/h8VppdZtHU3lVRaer7EAuZ0/HOP
dztgVSw1guP7PInuw0zqqUDDrsBZYi3TmCKYn6TS4XG71avZnkGGi4dJai71c1DE
Pbhlcb075dZKKzAixGrFT6/vFL7a4Oc0j6GsQurvbS2s8A019Py6l/foo/R0Kfxu
E7vWxlAxQ5M6Gg==
-----END CERTIFICATE-----