Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.mft
File:                     3tvumMupuOYloRR7s7VRl9LQoFc.mft (raw, json)
Hash identifier:          ButP7nYGJNeYr4X5ja2n9DpngZO95XPyenjV6qZW/i8=
Subject key identifier:   19:19:40:24:9B:4C:5A:C7:DE:CB:13:3B:80:79:84:FA:53:9C:BA:BC
Authority key identifier: DE:DB:EE:98:CB:A9:B8:E6:25:A1:14:7B:B3:B5:51:97:D2:D0:A0:57
Certificate issuer:       /CN=dedbee98cba9b8e625a1147bb3b55197d2d0a057
Certificate serial:       0197846A7B4AEAD01E5C2B0AD5BDB8A45393
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3tvumMupuOYloRR7s7VRl9LQoFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.mft
Manifest number:          0603
Signing time:             Wed 18 Jun 2025 19:01:00 +0000
Manifest this update:     Wed 18 Jun 2025 19:01:00 +0000
Manifest next update:     Thu 19 Jun 2025 19:01:00 +0000
Files and hashes:         1: 3tvumMupuOYloRR7s7VRl9LQoFc.crl (hash: CPXdeor3KYi7m1+CDsy4LH8r4zTzUksrUwf1ndMkvzA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3tvumMupuOYloRR7s7VRl9LQoFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 19 Jun 2025 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:84:6a:7b:4a:ea:d0:1e:5c:2b:0a:d5:bd:b8:a4:53:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dedbee98cba9b8e625a1147bb3b55197d2d0a057
        Validity
            Not Before: Jun 18 19:01:00 2025 GMT
            Not After : Jun 19 19:01:00 2025 GMT
        Subject: CN=191940249b4c5ac7decb133b807984fa539cbabc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:7c:f9:45:b0:e0:5d:b8:34:91:33:f8:56:29:
                    ee:22:8d:b7:c5:6d:a1:da:3c:25:56:9e:b4:4e:da:
                    c4:7f:0c:5a:d6:b4:bc:88:77:f9:1c:e4:59:ae:37:
                    af:93:2f:cc:39:9f:c4:0d:7b:b4:06:e0:8d:13:24:
                    f3:4f:1c:38:7c:65:da:37:6e:2a:c7:5d:99:cf:ea:
                    02:60:af:be:76:a0:88:1a:21:1c:94:19:81:e1:f0:
                    54:de:a1:a5:44:64:26:8c:db:d2:06:b0:82:70:22:
                    ad:23:b2:16:52:4a:de:b1:5e:cb:25:1f:d1:52:b0:
                    e0:e1:70:8c:55:17:db:41:38:1e:20:b5:8c:4a:11:
                    a9:8e:7d:06:48:05:de:1f:50:d5:30:3c:8e:17:7a:
                    6b:fd:81:c5:50:4d:ab:e6:7d:4d:55:1d:27:c9:2a:
                    bd:bb:d6:2d:e7:e0:dc:ec:e1:76:3f:1e:6c:e5:f6:
                    e1:51:52:dd:ee:c9:d6:32:f0:39:e6:c5:67:35:d4:
                    f6:64:42:d4:e2:fe:4c:4c:d0:bf:30:9b:78:43:c5:
                    f7:e2:c0:e9:9a:df:7a:fb:e4:42:4a:8e:56:39:bb:
                    86:a0:a5:6a:d9:47:93:44:7b:d5:ed:63:a0:98:99:
                    47:30:ad:66:13:25:a1:4a:e4:a8:cd:b3:be:e5:63:
                    e2:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:19:40:24:9B:4C:5A:C7:DE:CB:13:3B:80:79:84:FA:53:9C:BA:BC
            X509v3 Authority Key Identifier:
                keyid:DE:DB:EE:98:CB:A9:B8:E6:25:A1:14:7B:B3:B5:51:97:D2:D0:A0:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tvumMupuOYloRR7s7VRl9LQoFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:3f:72:d2:ec:32:a1:43:a5:33:0b:bb:b8:5a:0f:42:6a:24:
         b1:12:a9:e6:db:4b:98:67:16:f0:d1:c9:ec:0b:ee:2e:80:ec:
         ec:99:46:1d:62:1d:68:20:f6:44:55:61:ba:a9:97:f0:4c:29:
         42:52:8d:af:da:e8:93:81:fc:f8:4a:3a:51:14:71:10:fa:e2:
         05:be:dd:44:90:db:17:d5:10:2d:6a:1c:cb:9f:61:bf:09:65:
         ce:0c:82:82:c7:32:ba:8b:d2:9d:6f:76:a5:2f:53:48:27:70:
         b7:68:7d:be:50:2b:89:79:1b:f3:f3:8d:02:06:5c:6f:8c:f3:
         bb:a5:87:6b:25:4c:f7:56:b8:f3:94:1e:e0:10:1a:3c:98:95:
         41:38:e2:e6:0c:84:b8:48:f0:70:24:f4:47:3a:0b:57:54:20:
         1f:c4:f0:0f:4f:be:23:47:66:de:76:20:e9:23:db:4b:c5:7b:
         f2:0c:88:4e:bc:c4:8e:15:f1:44:e6:bc:17:c8:d1:77:66:7c:
         8b:1e:85:c7:2d:b9:9b:c2:21:28:d8:89:07:c0:93:be:a3:ce:
         5d:82:ca:a4:63:98:89:bf:50:19:c4:8a:8e:ac:8d:72:4e:f3:
         85:93:af:43:c8:d8:6e:8f:21:24:03:34:9a:dd:e7:0b:79:aa:
         bd:a7:06:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeEantK6tAeXCsK1b24pFOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZGJlZTk4Y2JhOWI4ZTYyNWExMTQ3YmIzYjU1MTk3ZDJk
MGEwNTcwHhcNMjUwNjE4MTkwMTAwWhcNMjUwNjE5MTkwMTAwWjAzMTEwLwYDVQQD
EygxOTE5NDAyNDliNGM1YWM3ZGVjYjEzM2I4MDc5ODRmYTUzOWNiYWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHz5RbDgXbg0kTP4VinuIo23xW2h
2jwlVp60TtrEfwxa1rS8iHf5HORZrjevky/MOZ/EDXu0BuCNEyTzTxw4fGXaN24q
x12Zz+oCYK++dqCIGiEclBmB4fBU3qGlRGQmjNvSBrCCcCKtI7IWUkresV7LJR/R
UrDg4XCMVRfbQTgeILWMShGpjn0GSAXeH1DVMDyOF3pr/YHFUE2r5n1NVR0nySq9
u9Yt5+Dc7OF2Px5s5fbhUVLd7snWMvA55sVnNdT2ZELU4v5MTNC/MJt4Q8X34sDp
mt96++RCSo5WObuGoKVq2UeTRHvV7WOgmJlHMK1mEyWhSuSozbO+5WPiMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBkZQCSbTFrH3ssTO4B5hPpTnLq8MB8GA1UdIwQY
MBaAFN7b7pjLqbjmJaEUe7O1UZfS0KBXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3R2dW1NdXB1T1lsb1JSN3M3VlJsOUxRb0ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8wZWY2NzgtNzg3MC00ZTA4LWFiMjUt
MThmMGI4MGYyNTBkLzEvM3R2dW1NdXB1T1lsb1JSN3M3VlJsOUxRb0ZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8wZWY2NzgtNzg3MC00ZTA4LWFiMjUtMThmMGI4MGYyNTBk
LzEvM3R2dW1NdXB1T1lsb1JSN3M3VlJsOUxRb0ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMj9y0uwy
oUOlMwu7uFoPQmoksRKp5ttLmGcW8NHJ7AvuLoDs7JlGHWIdaCD2RFVhuqmX8Ewp
QlKNr9rok4H8+Eo6URRxEPriBb7dRJDbF9UQLWocy59hvwllzgyCgscyuovSnW92
pS9TSCdwt2h9vlAriXkb8/ONAgZcb4zzu6WHayVM91a485Qe4BAaPJiVQTji5gyE
uEjwcCT0RzoLV1QgH8TwD0++I0dm3nYg6SPbS8V78gyITrzEjhXxROa8F8jRd2Z8
ix6Fxy25m8IhKNiJB8CTvqPOXYLKpGOYib9QGcSKjqyNck7zhZOvQ8jYbo8hJAM0
mt3nC3mqvacGhg==
-----END CERTIFICATE-----