Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
File:                     3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json)
Hash identifier:          xyn72YKwyQqFhE3v69iwBnP4T4zQGoJ8AtHVW3/uaJk=
Subject key identifier:   1F:BE:7B:EF:89:CD:0D:E4:F9:72:A0:FB:87:4A:CF:9C:14:9F:86:C5
Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9
Certificate issuer:       /CN=dd1738311581228ad28753944be8bcf2169faba9
Certificate serial:       0196CEE233A1F51D4E9508304689259F47FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
Manifest number:          0CDE
Signing time:             Wed 14 May 2025 13:00:52 +0000
Manifest this update:     Wed 14 May 2025 13:00:52 +0000
Manifest next update:     Thu 15 May 2025 13:00:52 +0000
Files and hashes:         1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: M1rjWiGn+aHmUiik4CLLUHcTBHvSZagRMzalRkOPhS4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 13:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ce:e2:33:a1:f5:1d:4e:95:08:30:46:89:25:9f:47:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9
        Validity
            Not Before: May 14 13:00:52 2025 GMT
            Not After : May 15 13:00:52 2025 GMT
        Subject: CN=1fbe7bef89cd0de4f972a0fb874acf9c149f86c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:d1:32:1c:52:ce:31:76:7e:88:d7:9f:e6:1d:
                    53:b1:f0:a5:eb:e9:df:e5:11:10:89:17:45:a0:41:
                    25:4a:0f:b2:69:c4:e9:0b:50:28:4b:5b:14:7d:8c:
                    1c:6a:26:d0:5a:15:4c:a1:23:57:88:66:73:1c:b8:
                    5c:be:fb:d1:94:47:64:bf:86:00:9f:ea:17:9b:3c:
                    30:6b:bb:a5:8c:bc:33:30:e1:5e:ae:3e:2c:54:71:
                    93:d4:8c:5a:48:89:e5:47:8e:02:67:ce:d2:45:a2:
                    6e:2c:44:81:59:09:66:fe:2a:a6:73:3a:7f:8f:c8:
                    ee:98:9d:43:6b:8a:6f:fa:97:b0:e6:d2:c3:1f:16:
                    5d:b2:71:07:02:16:25:34:3c:71:1e:28:c6:05:d1:
                    24:09:d3:a3:61:0e:30:0e:ea:67:63:19:c5:12:88:
                    b0:62:52:ef:54:eb:98:c9:2a:fa:ab:0d:96:a9:43:
                    b8:21:f6:65:50:45:e3:05:6d:fb:4f:a5:e9:73:0e:
                    58:4a:32:02:54:5e:3b:d3:16:ac:ea:66:38:d3:44:
                    02:e5:d5:e7:08:73:6e:8c:68:c9:86:f0:0d:00:a8:
                    64:7a:cb:30:ff:2d:c5:75:8a:a6:3b:3f:c3:05:81:
                    d4:ba:3a:a9:82:dc:c7:c8:8f:fa:f2:aa:2f:f6:4f:
                    dc:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:BE:7B:EF:89:CD:0D:E4:F9:72:A0:FB:87:4A:CF:9C:14:9F:86:C5
            X509v3 Authority Key Identifier:
                keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:3a:8d:74:f3:40:6e:a3:c7:81:6e:ae:a9:64:ed:ff:6c:4d:
         be:72:32:48:35:ee:3b:c1:00:7a:84:48:20:03:03:dd:fe:70:
         ce:9e:d3:27:47:db:4e:4c:3f:22:b9:a2:4a:44:36:51:f5:22:
         87:2a:8b:af:14:7d:d2:c2:2e:c9:13:5c:cf:13:b9:a8:7c:b7:
         9c:cf:15:4d:f2:1b:97:b5:13:eb:48:c0:61:09:f0:a2:8b:0c:
         1b:02:45:ed:cf:fe:b9:97:bb:44:29:72:43:ab:bd:c2:b4:df:
         e2:ba:3f:ab:be:a3:a7:f3:5c:4d:b2:28:0c:24:00:d1:82:15:
         77:f5:11:3f:23:6c:3f:aa:64:e6:38:e6:f6:ca:24:17:70:5e:
         93:2b:cd:82:98:37:fc:87:b6:04:be:c9:ab:61:36:70:bc:e5:
         bf:0e:b0:66:37:21:a0:45:33:12:c2:14:03:d3:d5:14:e8:cd:
         70:7e:42:6f:b8:6f:c9:f1:cc:ed:19:4a:b7:76:c5:4a:fd:ad:
         7f:f0:bd:c6:6b:dd:9e:00:6d:fc:a6:84:0c:f1:4b:17:78:23:
         bf:9f:cc:21:48:07:dd:0c:e2:cb:c1:aa:60:8d:ac:4f:c0:21:
         51:36:7a:ee:81:4f:5b:cc:83:12:2e:2d:1c:fc:7a:6c:1d:13:
         8b:ea:24:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbO4jOh9R1OlQgwRokln0f8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5
ZmFiYTkwHhcNMjUwNTE0MTMwMDUyWhcNMjUwNTE1MTMwMDUyWjAzMTEwLwYDVQQD
EygxZmJlN2JlZjg5Y2QwZGU0Zjk3MmEwZmI4NzRhY2Y5YzE0OWY4NmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstEyHFLOMXZ+iNef5h1TsfCl6+nf
5REQiRdFoEElSg+yacTpC1AoS1sUfYwcaibQWhVMoSNXiGZzHLhcvvvRlEdkv4YA
n+oXmzwwa7uljLwzMOFerj4sVHGT1IxaSInlR44CZ87SRaJuLESBWQlm/iqmczp/
j8jumJ1Da4pv+pew5tLDHxZdsnEHAhYlNDxxHijGBdEkCdOjYQ4wDupnYxnFEoiw
YlLvVOuYySr6qw2WqUO4IfZlUEXjBW37T6Xpcw5YSjICVF470xas6mY400QC5dXn
CHNujGjJhvANAKhkessw/y3FdYqmOz/DBYHUujqpgtzHyI/68qov9k/c/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB++e++JzQ3k+XKg+4dKz5wUn4bFMB8GA1UdIwQY
MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt
YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm
LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApjqNdPNA
bqPHgW6uqWTt/2xNvnIySDXuO8EAeoRIIAMD3f5wzp7TJ0fbTkw/IrmiSkQ2UfUi
hyqLrxR90sIuyRNczxO5qHy3nM8VTfIbl7UT60jAYQnwoosMGwJF7c/+uZe7RCly
Q6u9wrTf4ro/q76jp/NcTbIoDCQA0YIVd/URPyNsP6pk5jjm9sokF3BekyvNgpg3
/Ie2BL7Jq2E2cLzlvw6wZjchoEUzEsIUA9PVFOjNcH5Cb7hvyfHM7RlKt3bFSv2t
f/C9xmvdngBt/KaEDPFLF3gjv5/MIUgH3Qziy8GqYI2sT8AhUTZ67oFPW8yDEi4t
HPx6bB0Ti+okOQ==
-----END CERTIFICATE-----