Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
File:                     3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json)
Hash identifier:          h5BLKxJVtwL4ksjFyI4imDWlCUlGn8tWfKo/Z6BfufA=
Subject key identifier:   1D:F8:B4:64:2E:B8:C3:99:A7:57:FD:DB:23:B1:81:8A:38:36:44:6D
Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52
Certificate issuer:       /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
Certificate serial:       0196C916C17E061DE8D77A2F3A650E71AC78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
Manifest number:          05CB
Signing time:             Tue 13 May 2025 10:00:33 +0000
Manifest this update:     Tue 13 May 2025 10:00:33 +0000
Manifest next update:     Wed 14 May 2025 10:00:33 +0000
Files and hashes:         1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: sU55uJRil7Jimdttob8BDpOupk2GGHqIzYwGhT+RAAM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 10:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c9:16:c1:7e:06:1d:e8:d7:7a:2f:3a:65:0e:71:ac:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
        Validity
            Not Before: May 13 10:00:33 2025 GMT
            Not After : May 14 10:00:33 2025 GMT
        Subject: CN=1df8b4642eb8c399a757fddb23b1818a3836446d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:7b:9b:e8:bb:d4:26:bb:9c:e6:01:e9:9b:d5:
                    eb:2c:f2:83:9d:c9:ec:cc:f5:00:b5:e9:57:1a:5e:
                    de:87:4f:69:85:4e:cc:db:66:a6:2e:22:b8:1c:c8:
                    dd:9e:a5:e4:6e:8e:d4:7f:c0:46:a9:fc:a4:01:ad:
                    34:70:31:97:28:0b:ad:6a:e3:b0:f9:26:4e:77:e1:
                    74:4f:f8:59:82:6e:b3:76:1f:8c:b8:13:56:62:f6:
                    2d:82:e3:72:e9:d8:af:45:22:1a:10:af:c8:ee:17:
                    78:bb:a5:ac:88:84:79:89:75:b8:e1:7e:4c:a7:c7:
                    08:95:41:f2:14:04:ec:17:ae:f6:05:c6:ea:af:21:
                    38:42:69:52:90:2f:4b:60:9f:5c:4f:d3:c2:84:60:
                    5d:49:5c:bc:0d:bc:66:eb:c5:d5:e6:5b:c2:5f:c7:
                    13:42:ef:4f:7b:f3:47:04:c2:d6:ca:fa:44:f7:85:
                    6c:41:44:72:9b:c6:e1:ca:51:f4:82:74:8e:f3:59:
                    ec:3c:12:d2:63:56:11:00:b0:ef:32:8a:d0:4a:d9:
                    a6:5e:ee:20:c2:36:22:61:ed:8c:df:f8:b2:a7:dd:
                    92:42:86:37:61:78:c4:ba:ae:1f:be:93:d8:22:5c:
                    5c:de:bb:8d:e4:3b:0f:e9:6a:43:a5:80:64:59:66:
                    a9:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:F8:B4:64:2E:B8:C3:99:A7:57:FD:DB:23:B1:81:8A:38:36:44:6D
            X509v3 Authority Key Identifier:
                keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:7d:07:8f:50:e4:16:fa:21:58:99:f4:95:c0:a8:10:f3:fb:
         7d:42:f6:70:6a:2d:2b:2c:a1:b0:6b:a6:66:1b:2d:c3:5d:7a:
         da:e7:32:4c:58:59:52:0e:0b:7c:2a:b1:1e:b4:04:68:1c:1c:
         b6:53:fd:86:51:b0:06:ee:18:91:94:ee:2a:a1:c5:59:00:16:
         12:36:a3:91:81:de:b0:db:39:f1:d9:51:44:f3:93:82:71:78:
         f4:cc:1c:e4:52:e9:4a:c2:9d:23:49:1e:de:36:01:89:4f:21:
         a2:3c:6c:0f:b5:75:c6:58:7e:d6:71:7b:22:a5:90:50:77:ec:
         2b:6e:85:46:a8:b4:44:e8:22:77:1a:22:65:ea:53:66:e6:15:
         94:78:73:a0:f2:b3:c9:d7:ee:6e:5a:3f:68:e8:2a:1f:0f:ed:
         43:f1:d1:6f:67:ee:c8:4f:77:51:14:e8:d0:0c:13:2a:23:c3:
         4a:c3:2a:31:95:5c:79:e9:15:1e:79:e2:27:16:5b:11:4e:de:
         08:6b:cc:98:27:ac:e4:56:b7:76:a5:f9:06:7c:4e:71:4b:ce:
         81:87:68:19:a4:5a:9a:8b:19:d1:5b:14:c6:7b:75:42:7a:46:
         a8:73:a1:9c:79:c6:7c:5f:d7:aa:54:20:47:8b:65:e4:2d:72:
         5f:2e:c2:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbJFsF+Bh3o13ovOmUOcax4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh
OTIxNTIwHhcNMjUwNTEzMTAwMDMzWhcNMjUwNTE0MTAwMDMzWjAzMTEwLwYDVQQD
EygxZGY4YjQ2NDJlYjhjMzk5YTc1N2ZkZGIyM2IxODE4YTM4MzY0NDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nub6LvUJruc5gHpm9XrLPKDncns
zPUAtelXGl7eh09phU7M22amLiK4HMjdnqXkbo7Uf8BGqfykAa00cDGXKAutauOw
+SZOd+F0T/hZgm6zdh+MuBNWYvYtguNy6divRSIaEK/I7hd4u6WsiIR5iXW44X5M
p8cIlUHyFATsF672BcbqryE4QmlSkC9LYJ9cT9PChGBdSVy8Dbxm68XV5lvCX8cT
Qu9Pe/NHBMLWyvpE94VsQURym8bhylH0gnSO81nsPBLSY1YRALDvMorQStmmXu4g
wjYiYe2M3/iyp92SQoY3YXjEuq4fvpPYIlxc3ruN5DsP6WpDpYBkWWapGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB34tGQuuMOZp1f92yOxgYo4NkRtMB8GA1UdIwQY
MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It
YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz
LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABX0Hj1Dk
FvohWJn0lcCoEPP7fUL2cGotKyyhsGumZhstw1162ucyTFhZUg4LfCqxHrQEaBwc
tlP9hlGwBu4YkZTuKqHFWQAWEjajkYHesNs58dlRRPOTgnF49Mwc5FLpSsKdI0ke
3jYBiU8hojxsD7V1xlh+1nF7IqWQUHfsK26FRqi0ROgidxoiZepTZuYVlHhzoPKz
ydfublo/aOgqHw/tQ/HRb2fuyE93URTo0AwTKiPDSsMqMZVceekVHnniJxZbEU7e
CGvMmCes5Fa3dqX5BnxOcUvOgYdoGaRamosZ0VsUxnt1QnpGqHOhnHnGfF/XqlQg
R4tl5C1yXy7CHQ==
-----END CERTIFICATE-----