Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
File:                     03h3GhBvaw0FSld4U1aSLK8C40M.mft (raw, json)
Hash identifier:          KbBjL/kcwtz7azkaKxQg5ToKtr9oYRZEIkrfNK8qO9s=
Subject key identifier:   07:BA:FA:B3:8D:44:96:26:BD:7B:28:8B:82:2D:76:BB:9D:1F:F7:D5
Authority key identifier: D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43
Certificate issuer:       /CN=d378771a106f6b0d054a57785356922caf02e343
Certificate serial:       01976BBCF3C110B13885AB233394B4DCEE34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
Manifest number:          0938
Signing time:             Sat 14 Jun 2025 00:00:34 +0000
Manifest this update:     Sat 14 Jun 2025 00:00:34 +0000
Manifest next update:     Sun 15 Jun 2025 00:00:34 +0000
Files and hashes:         1: 03h3GhBvaw0FSld4U1aSLK8C40M.crl (hash: vN95bvUwGoEUtOAhYzRxmIIUCYt/s3yDrP7FezqV8D8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 00:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:bc:f3:c1:10:b1:38:85:ab:23:33:94:b4:dc:ee:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d378771a106f6b0d054a57785356922caf02e343
        Validity
            Not Before: Jun 14 00:00:34 2025 GMT
            Not After : Jun 15 00:00:34 2025 GMT
        Subject: CN=07bafab38d449626bd7b288b822d76bb9d1ff7d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:97:ef:18:43:9a:49:e5:bc:86:53:c1:f3:d6:
                    15:62:1c:55:ab:22:13:b9:c3:c7:5f:b5:12:26:c0:
                    d2:e7:ab:1d:d2:e9:64:b9:2d:bc:c9:fa:5b:76:b0:
                    78:bf:e6:d5:50:b3:3a:3c:5e:fa:9d:49:2c:eb:72:
                    84:83:98:29:68:96:46:11:c7:34:a9:61:46:5c:83:
                    c5:0a:10:1f:e4:12:9e:ed:18:14:e9:fb:14:c4:dd:
                    25:79:33:e1:35:df:b0:fc:4e:e0:86:2d:52:ee:8d:
                    0b:d1:db:33:54:11:83:a7:29:94:99:a1:a6:e6:82:
                    74:d8:cb:06:bd:95:e9:0b:d5:38:96:c5:d1:c9:d2:
                    80:4a:de:4c:25:25:4e:04:a0:49:80:ab:db:44:2c:
                    d1:17:2b:db:b7:bc:20:8b:09:63:75:85:52:48:3d:
                    2f:fa:b9:7e:ee:3a:a1:5b:b9:32:f1:97:52:3a:2a:
                    74:4e:cf:f4:47:46:0e:bc:82:90:95:e8:25:22:51:
                    5a:6a:0c:75:ca:1f:21:90:d8:ca:05:8d:1e:14:c5:
                    56:fb:6b:93:24:93:95:51:56:6b:b6:4f:6c:73:ac:
                    31:3d:7d:7a:ba:37:d1:4d:0a:60:d5:14:47:36:25:
                    6a:ef:6c:c7:e8:61:31:3a:27:cb:55:87:5c:47:89:
                    3b:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:BA:FA:B3:8D:44:96:26:BD:7B:28:8B:82:2D:76:BB:9D:1F:F7:D5
            X509v3 Authority Key Identifier:
                keyid:D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:c7:8a:73:fd:20:75:c6:58:67:a9:e7:6d:a0:0a:8e:a7:ec:
         fe:e0:46:cb:9d:24:00:41:f2:31:55:0f:ec:d1:ce:9c:59:30:
         e2:46:fb:a2:69:d4:63:f5:ed:25:5a:56:d3:57:a3:eb:73:39:
         b2:0a:f4:63:dd:d2:a4:b9:33:51:cb:c1:a1:73:c5:1e:30:a5:
         8b:cf:f3:62:01:89:0a:00:1e:97:a4:7b:10:c2:2b:e6:de:1f:
         83:a7:a8:9a:ec:95:5d:e3:09:da:c7:48:7d:aa:fd:89:2d:4b:
         d2:7d:fe:0e:e7:6e:31:9b:9f:99:9e:c0:1b:a3:65:19:ab:9c:
         89:29:c4:23:cd:66:b4:e5:d7:27:dd:26:7e:c3:53:56:6b:d0:
         22:03:c0:77:f4:dc:df:e4:7b:39:fc:9f:f7:25:6e:b4:e0:cb:
         3a:63:fd:d9:45:8c:e3:8d:4b:b5:4f:e3:db:d5:9b:6f:88:0c:
         74:7e:e0:df:75:c0:c5:33:4e:20:52:2d:01:dc:ac:36:c4:fb:
         8f:62:2d:f7:ef:8f:95:ac:72:dc:ee:3d:b3:9f:6c:a8:f2:3b:
         0d:04:96:09:64:eb:12:73:11:85:8c:bb:ac:50:a5:ef:58:3c:
         3d:ec:d5:ae:72:ec:32:63:be:d4:a8:8e:37:09:37:a2:0c:57:
         f6:b2:41:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrvPPBELE4hasjM5S03O40MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNzg3NzFhMTA2ZjZiMGQwNTRhNTc3ODUzNTY5MjJjYWYw
MmUzNDMwHhcNMjUwNjE0MDAwMDM0WhcNMjUwNjE1MDAwMDM0WjAzMTEwLwYDVQQD
EygwN2JhZmFiMzhkNDQ5NjI2YmQ3YjI4OGI4MjJkNzZiYjlkMWZmN2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05fvGEOaSeW8hlPB89YVYhxVqyIT
ucPHX7USJsDS56sd0ulkuS28yfpbdrB4v+bVULM6PF76nUks63KEg5gpaJZGEcc0
qWFGXIPFChAf5BKe7RgU6fsUxN0leTPhNd+w/E7ghi1S7o0L0dszVBGDpymUmaGm
5oJ02MsGvZXpC9U4lsXRydKASt5MJSVOBKBJgKvbRCzRFyvbt7wgiwljdYVSSD0v
+rl+7jqhW7ky8ZdSOip0Ts/0R0YOvIKQleglIlFaagx1yh8hkNjKBY0eFMVW+2uT
JJOVUVZrtk9sc6wxPX16ujfRTQpg1RRHNiVq72zH6GExOifLVYdcR4k7QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAe6+rONRJYmvXsoi4ItdrudH/fVMB8GA1UdIwQY
MBaAFNN4dxoQb2sNBUpXeFNWkiyvAuNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEt
NTQ3MTdmNzJjYTU5LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEtNTQ3MTdmNzJjYTU5
LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXMeKc/0g
dcZYZ6nnbaAKjqfs/uBGy50kAEHyMVUP7NHOnFkw4kb7omnUY/XtJVpW01ej63M5
sgr0Y93SpLkzUcvBoXPFHjCli8/zYgGJCgAel6R7EMIr5t4fg6eomuyVXeMJ2sdI
far9iS1L0n3+DuduMZufmZ7AG6NlGauciSnEI81mtOXXJ90mfsNTVmvQIgPAd/Tc
3+R7Ofyf9yVutODLOmP92UWM441LtU/j29Wbb4gMdH7g33XAxTNOIFItAdysNsT7
j2It9++Plaxy3O49s59sqPI7DQSWCWTrEnMRhYy7rFCl71g8PezVrnLsMmO+1KiO
Nwk3ogxX9rJBfQ==
-----END CERTIFICATE-----