Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
File:                     3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft (raw, json)
Hash identifier:          vzmb97JD6AKXCsmsNlkmqkqivv9TRlJrNX91lLd/KWo=
Subject key identifier:   28:EE:16:C0:21:DB:59:A4:43:3F:D6:9C:E7:78:3E:A2:21:48:C6:64
Authority key identifier: DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B
Certificate issuer:       /CN=de11cc6df13366fc595a6e72ed03c53800792b4b
Certificate serial:       01976F99CA5F40C13DC0C7389A09032790FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
Manifest number:          0CF3
Signing time:             Sat 14 Jun 2025 18:00:39 +0000
Manifest this update:     Sat 14 Jun 2025 18:00:39 +0000
Manifest next update:     Sun 15 Jun 2025 18:00:39 +0000
Files and hashes:         1: 3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl (hash: ZcYOO3wuT0sej+a72+miM11xxAPDQK2RehfFCMM4ZvI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 18:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:99:ca:5f:40:c1:3d:c0:c7:38:9a:09:03:27:90:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de11cc6df13366fc595a6e72ed03c53800792b4b
        Validity
            Not Before: Jun 14 18:00:39 2025 GMT
            Not After : Jun 15 18:00:39 2025 GMT
        Subject: CN=28ee16c021db59a4433fd69ce7783ea22148c664
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:5c:f8:00:cb:d9:6c:0e:b8:57:47:b6:ab:ef:
                    ee:aa:59:04:c7:b7:c4:70:49:5f:83:c9:26:43:07:
                    d7:dd:82:1a:b6:00:fd:be:af:d0:1a:9e:17:e1:f3:
                    06:bc:11:58:09:cc:f4:4d:12:18:dd:29:a6:e4:3a:
                    1b:14:96:c8:8a:b5:70:97:fa:84:f2:0e:15:2f:ae:
                    f0:e5:bc:7c:ea:54:9b:a3:c8:60:5f:91:31:13:71:
                    06:73:6f:a0:4c:79:95:5f:26:df:f6:57:9f:95:aa:
                    40:51:6d:0b:82:b4:55:14:fb:0a:d2:d0:38:5a:95:
                    49:20:46:48:f4:32:0d:28:1a:34:e2:23:c3:17:58:
                    f0:18:b2:87:fe:c5:c6:1b:7f:46:ef:4c:f2:39:9f:
                    4f:49:75:e3:f6:29:bf:6b:ed:e7:a1:27:70:7d:95:
                    8f:95:2b:01:47:85:26:06:8e:b0:eb:57:3c:82:d8:
                    80:1a:53:0c:86:53:5f:c1:36:1f:8e:14:5d:f9:37:
                    f1:f9:5d:52:07:ab:0a:ad:ca:3e:fb:54:82:21:4d:
                    66:29:f7:ce:64:36:db:2d:b5:51:47:c1:80:a1:69:
                    0e:fd:c5:ed:0a:16:ca:94:f3:30:d4:21:fb:72:6e:
                    ed:4c:67:86:22:e7:14:7a:a0:e9:48:65:28:ea:d6:
                    41:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:EE:16:C0:21:DB:59:A4:43:3F:D6:9C:E7:78:3E:A2:21:48:C6:64
            X509v3 Authority Key Identifier:
                keyid:DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:ed:96:38:31:39:3e:e9:c5:93:35:b8:67:3d:45:cd:f1:58:
         88:0e:90:aa:d1:ee:9d:96:d4:5f:a5:b7:5f:68:3b:07:0c:df:
         94:fc:ab:87:17:56:2d:96:e7:a3:b2:28:66:65:80:24:5b:ea:
         e4:bf:93:80:1c:9c:81:b9:53:8a:bb:7b:48:da:76:c6:b7:12:
         fd:b6:77:2b:33:75:55:1d:9f:3f:3e:9c:96:69:f1:05:2a:62:
         a9:83:7f:4b:23:86:ae:5d:52:75:f5:8d:25:d7:f1:c2:f4:a0:
         1a:c6:5f:10:73:6d:ec:6c:53:62:65:9e:dc:5e:09:d7:a1:29:
         4a:5f:67:31:57:fc:56:45:47:87:6d:f8:d5:02:cc:ed:97:f1:
         e5:19:63:d7:6d:a0:14:80:52:f8:2d:d4:64:da:8d:b7:bd:34:
         a1:1e:9c:79:76:f1:e4:d6:2f:11:21:24:95:3d:a8:45:b5:5c:
         cd:86:a4:94:43:3f:25:9c:f9:a5:08:68:7d:13:20:c9:46:5e:
         86:bd:f9:c6:03:66:0e:6d:b6:5c:8c:7e:0f:a9:55:ac:d9:be:
         76:89:70:9b:db:b5:d6:f0:76:52:57:3d:f6:f9:58:d1:e0:4d:
         9c:6a:4c:4b:eb:97:d9:e5:a3:f4:fd:98:11:61:98:f1:2f:26:
         98:6d:79:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvmcpfQME9wMc4mgkDJ5D+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTFjYzZkZjEzMzY2ZmM1OTVhNmU3MmVkMDNjNTM4MDA3
OTJiNGIwHhcNMjUwNjE0MTgwMDM5WhcNMjUwNjE1MTgwMDM5WjAzMTEwLwYDVQQD
EygyOGVlMTZjMDIxZGI1OWE0NDMzZmQ2OWNlNzc4M2VhMjIxNDhjNjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFz4AMvZbA64V0e2q+/uqlkEx7fE
cElfg8kmQwfX3YIatgD9vq/QGp4X4fMGvBFYCcz0TRIY3Smm5DobFJbIirVwl/qE
8g4VL67w5bx86lSbo8hgX5ExE3EGc2+gTHmVXybf9leflapAUW0LgrRVFPsK0tA4
WpVJIEZI9DINKBo04iPDF1jwGLKH/sXGG39G70zyOZ9PSXXj9im/a+3noSdwfZWP
lSsBR4UmBo6w61c8gtiAGlMMhlNfwTYfjhRd+Tfx+V1SB6sKrco++1SCIU1mKffO
ZDbbLbVRR8GAoWkO/cXtChbKlPMw1CH7cm7tTGeGIucUeqDpSGUo6tZBKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjuFsAh21mkQz/WnOd4PqIhSMZkMB8GA1UdIwQY
MBaAFN4RzG3xM2b8WVpucu0DxTgAeStLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMt
ZTZjNGRmNDZmMDRkLzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMtZTZjNGRmNDZmMDRk
LzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACu2WODE5
PunFkzW4Zz1FzfFYiA6QqtHunZbUX6W3X2g7BwzflPyrhxdWLZbno7IoZmWAJFvq
5L+TgBycgblTirt7SNp2xrcS/bZ3KzN1VR2fPz6clmnxBSpiqYN/SyOGrl1SdfWN
JdfxwvSgGsZfEHNt7GxTYmWe3F4J16EpSl9nMVf8VkVHh2341QLM7Zfx5Rlj122g
FIBS+C3UZNqNt700oR6ceXbx5NYvESEklT2oRbVczYaklEM/JZz5pQhofRMgyUZe
hr35xgNmDm22XIx+D6lVrNm+dolwm9u11vB2Ulc99vlY0eBNnGpMS+uX2eWj9P2Y
EWGY8S8mmG159Q==
-----END CERTIFICATE-----