Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
File:                     3DC4_dBG72WGgJfwNrinyFVyqtA.mft (raw, json)
Hash identifier:          vK2n9G//9mXiFJF48uxtTbLXEAax7YW76SflN+lyQMs=
Subject key identifier:   C7:EE:04:8E:BC:5B:D2:57:37:B0:87:96:E2:43:54:0F:71:E3:96:72
Authority key identifier: DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0
Certificate issuer:       /CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
Certificate serial:       0196A4D38D1A070FC4E4F085BBF8B402DD4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
Manifest number:          1524
Signing time:             Tue 06 May 2025 09:00:49 +0000
Manifest this update:     Tue 06 May 2025 09:00:49 +0000
Manifest next update:     Wed 07 May 2025 09:00:49 +0000
Files and hashes:         1: 3DC4_dBG72WGgJfwNrinyFVyqtA.crl (hash: SleaguhqiU764RpAO1d72gr8TvtIm0wVVkWlGBPU8DI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 09:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a4:d3:8d:1a:07:0f:c4:e4:f0:85:bb:f8:b4:02:dd:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
        Validity
            Not Before: May  6 09:00:49 2025 GMT
            Not After : May  7 09:00:49 2025 GMT
        Subject: CN=c7ee048ebc5bd25737b08796e243540f71e39672
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:fc:1e:08:d1:75:97:db:9b:ec:37:4d:2d:85:
                    1b:83:23:81:0b:9b:06:e3:be:01:63:f7:71:a7:22:
                    ab:cf:c2:da:0f:45:ca:fb:41:38:2d:c6:87:b4:7c:
                    04:ae:a0:1f:59:29:5b:1a:e2:08:eb:a7:f4:79:04:
                    bc:c4:93:d6:40:1e:6a:3a:51:3c:49:8c:54:77:01:
                    85:16:31:8e:32:3a:2d:e4:1c:09:ad:15:9e:5d:ae:
                    57:d6:a3:62:cf:d7:ec:aa:c9:4a:19:e2:16:33:ae:
                    e4:6f:f7:2f:4a:67:f7:31:5d:fd:40:6a:03:81:2d:
                    7e:61:bf:84:27:49:33:23:aa:de:ed:23:49:16:4e:
                    f3:70:e4:08:83:38:86:c7:80:a4:bd:72:b4:e9:e3:
                    56:72:c9:30:f1:00:60:6e:f7:cd:66:b3:81:fc:cb:
                    68:8f:a4:67:52:5c:94:5d:dc:6f:21:cd:20:f9:98:
                    c2:a6:73:c8:4c:5e:7f:5f:0b:14:8a:97:e7:54:b5:
                    38:ae:fd:18:78:9e:89:60:24:f4:f9:ec:52:c9:f0:
                    45:a6:0c:47:d7:70:38:d4:a2:dc:ff:67:e3:76:6f:
                    53:ba:50:a4:57:75:e2:b5:3e:91:ca:c8:a7:77:51:
                    fa:f4:6f:03:02:6e:d3:e8:40:bd:95:97:a6:f4:72:
                    e8:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:EE:04:8E:BC:5B:D2:57:37:B0:87:96:E2:43:54:0F:71:E3:96:72
            X509v3 Authority Key Identifier:
                keyid:DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:b3:02:ee:84:ea:61:94:53:84:84:42:60:64:17:e0:a4:1d:
         4d:03:bb:c1:95:65:ce:b3:28:f3:64:9a:db:c2:6f:75:a1:5d:
         d7:86:d2:fd:ae:18:37:a2:54:95:fa:35:36:b4:d4:a9:a0:45:
         66:99:f1:e5:eb:6f:53:33:39:16:a3:bc:df:1f:5d:3e:67:fa:
         6d:76:0e:2c:70:2d:eb:b5:be:98:34:b8:ae:27:4e:7f:58:04:
         f9:1e:21:9f:cd:a7:ab:2d:8b:d5:3c:79:4b:9f:71:cd:43:fe:
         94:18:70:fb:bb:e9:6f:0b:e0:cd:6f:c2:a5:2a:6d:54:82:d6:
         78:c7:03:e8:7c:6a:25:9c:73:83:79:77:81:1d:1c:86:24:ed:
         34:91:74:bd:37:d4:b0:7a:c6:aa:15:96:41:72:5d:b4:11:5f:
         6a:68:9f:84:cd:ca:35:17:5a:54:61:5b:56:a0:87:3b:10:f8:
         17:f7:3c:29:95:6f:f2:a6:36:f2:6e:ea:0b:e7:36:60:6a:29:
         a8:d0:32:19:0f:18:bc:8e:9d:bf:82:57:70:a2:9c:2f:26:79:
         33:ed:c4:ec:fb:e3:67:9f:48:97:e3:d5:81:2e:f6:4b:c0:56:
         f4:6b:ae:e7:6c:37:0e:e3:b9:9e:bc:e2:b3:98:fd:55:4a:b3:
         82:79:b6:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZak040aBw/E5PCFu/i0At1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzBiOGZkZDA0NmVmNjU4NjgwOTdmMDM2YjhhN2M4NTU3
MmFhZDAwHhcNMjUwNTA2MDkwMDQ5WhcNMjUwNTA3MDkwMDQ5WjAzMTEwLwYDVQQD
EyhjN2VlMDQ4ZWJjNWJkMjU3MzdiMDg3OTZlMjQzNTQwZjcxZTM5NjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fweCNF1l9ub7DdNLYUbgyOBC5sG
474BY/dxpyKrz8LaD0XK+0E4LcaHtHwErqAfWSlbGuII66f0eQS8xJPWQB5qOlE8
SYxUdwGFFjGOMjot5BwJrRWeXa5X1qNiz9fsqslKGeIWM67kb/cvSmf3MV39QGoD
gS1+Yb+EJ0kzI6re7SNJFk7zcOQIgziGx4CkvXK06eNWcskw8QBgbvfNZrOB/Mto
j6RnUlyUXdxvIc0g+ZjCpnPITF5/XwsUipfnVLU4rv0YeJ6JYCT0+exSyfBFpgxH
13A41KLc/2fjdm9TulCkV3XitT6Rysind1H69G8DAm7T6EC9lZem9HLo7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMfuBI68W9JXN7CHluJDVA9x45ZyMB8GA1UdIwQY
MBaAFNwwuP3QRu9lhoCX8Da4p8hVcqrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYt
MjlhMGFhNmM0YWQxLzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYtMjlhMGFhNmM0YWQx
LzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZrMC7oTq
YZRThIRCYGQX4KQdTQO7wZVlzrMo82Sa28JvdaFd14bS/a4YN6JUlfo1NrTUqaBF
Zpnx5etvUzM5FqO83x9dPmf6bXYOLHAt67W+mDS4ridOf1gE+R4hn82nqy2L1Tx5
S59xzUP+lBhw+7vpbwvgzW/CpSptVILWeMcD6HxqJZxzg3l3gR0chiTtNJF0vTfU
sHrGqhWWQXJdtBFfamifhM3KNRdaVGFbVqCHOxD4F/c8KZVv8qY28m7qC+c2YGop
qNAyGQ8YvI6dv4JXcKKcLyZ5M+3E7PvjZ59Il+PVgS72S8BW9Guu52w3DuO5nrzi
s5j9VUqzgnm2Uw==
-----END CERTIFICATE-----