Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
File:                     3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft (raw, json)
Hash identifier:          GiUr3M/nO6Lj7s2WWw+eXCn8Ch1U3cvVpHKmPWTQClU=
Subject key identifier:   56:0F:84:4B:B1:9D:EB:8D:91:62:70:52:01:D2:C9:D1:2C:A7:E2:E1
Authority key identifier: DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91
Certificate issuer:       /CN=dd399e494189f691a5ed64f3be3a6a3b50225091
Certificate serial:       0196C7CD81C639BFAEBC7803B4B90BB4EC95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
Manifest number:          04A6
Signing time:             Tue 13 May 2025 04:00:56 +0000
Manifest this update:     Tue 13 May 2025 04:00:56 +0000
Manifest next update:     Wed 14 May 2025 04:00:56 +0000
Files and hashes:         1: 3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl (hash: rBVaMR+jU5EGLAkyLgfjJr5olw8TuhiZXZGM0lPt8G4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 04:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c7:cd:81:c6:39:bf:ae:bc:78:03:b4:b9:0b:b4:ec:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd399e494189f691a5ed64f3be3a6a3b50225091
        Validity
            Not Before: May 13 04:00:56 2025 GMT
            Not After : May 14 04:00:56 2025 GMT
        Subject: CN=560f844bb19deb8d9162705201d2c9d12ca7e2e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:10:9b:5a:d2:3e:83:d6:55:99:a4:76:01:aa:
                    f3:f7:17:77:0a:d7:82:fb:72:e9:2e:bc:e6:3d:09:
                    75:b2:94:3b:64:96:a1:10:04:65:38:fb:f4:ce:f7:
                    31:b8:d8:b4:be:21:8c:dd:79:c2:a7:3f:e9:89:60:
                    3f:13:25:83:12:0d:33:eb:fd:18:0a:48:3d:8f:83:
                    c3:23:36:b2:13:26:d1:bd:7d:4e:ee:ee:ab:50:40:
                    f3:45:51:ba:85:d8:72:7b:da:e4:bd:1f:3b:d3:3a:
                    48:5a:4f:ee:49:61:68:e2:3f:da:d2:15:09:48:30:
                    8a:8e:46:f7:95:a7:76:17:7a:90:18:34:9f:0c:33:
                    e3:19:42:a7:8f:b7:e3:8a:82:19:8d:4d:b0:12:26:
                    8d:a8:e1:30:49:35:8b:7e:40:8f:d6:bd:cb:3a:48:
                    84:c1:2c:38:a8:c8:33:05:fb:42:d7:1b:37:05:8b:
                    27:4c:d6:fe:44:35:0b:e1:63:27:e0:0f:b8:8e:24:
                    96:8c:a6:31:62:33:d0:8d:64:d1:ff:ee:6d:13:24:
                    90:bf:d5:10:b6:7f:49:1d:bc:db:83:80:b2:25:95:
                    c4:14:14:3b:83:72:fa:7f:97:10:21:ce:0b:80:14:
                    3d:2f:92:e5:72:48:14:7a:c2:95:af:39:a1:cf:36:
                    17:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:0F:84:4B:B1:9D:EB:8D:91:62:70:52:01:D2:C9:D1:2C:A7:E2:E1
            X509v3 Authority Key Identifier:
                keyid:DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:5a:64:62:c0:20:8b:80:76:71:c2:ea:4e:5e:36:1e:b1:1e:
         81:8b:7c:29:1c:4c:df:db:fc:20:77:f9:3f:64:9c:32:b7:ca:
         e9:de:c5:1b:76:33:73:4b:4f:aa:a2:79:e2:1d:d1:a2:08:be:
         74:0c:a9:10:50:e4:39:d2:91:b4:7d:17:1a:af:1b:96:e0:49:
         21:2e:2b:ea:c3:4d:c8:70:e8:66:f6:3a:9c:98:af:30:2f:57:
         5d:72:4f:a5:cd:42:1e:c2:c8:24:e8:be:9e:ae:bb:20:f6:a7:
         cd:60:ce:70:bf:5f:d4:7a:70:c2:24:b7:4e:2f:be:16:b6:99:
         b2:f9:e3:1a:4e:cb:f1:2f:12:f1:c5:64:52:8f:f3:43:ec:65:
         c6:8d:f4:84:5d:20:16:f9:c2:af:ff:9f:4b:9c:b5:85:1e:b5:
         07:4a:37:ea:88:38:98:d8:b1:07:8f:f2:bb:2f:61:a3:ad:35:
         69:eb:c3:69:6f:31:63:01:bf:17:2b:ff:23:f5:30:b9:62:fb:
         b7:48:d5:3d:5c:8a:cd:a8:b6:02:16:90:38:48:4c:ae:d5:9b:
         81:43:cc:2b:47:4f:13:31:10:b7:a7:4c:83:b0:2a:36:19:a1:
         dc:b5:ea:e4:1b:cc:e7:89:8b:47:c5:9a:75:2a:aa:de:68:4b:
         df:9e:16:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbHzYHGOb+uvHgDtLkLtOyVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMzk5ZTQ5NDE4OWY2OTFhNWVkNjRmM2JlM2E2YTNiNTAy
MjUwOTEwHhcNMjUwNTEzMDQwMDU2WhcNMjUwNTE0MDQwMDU2WjAzMTEwLwYDVQQD
Eyg1NjBmODQ0YmIxOWRlYjhkOTE2MjcwNTIwMWQyYzlkMTJjYTdlMmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphCbWtI+g9ZVmaR2Aarz9xd3CteC
+3LpLrzmPQl1spQ7ZJahEARlOPv0zvcxuNi0viGM3XnCpz/piWA/EyWDEg0z6/0Y
Ckg9j4PDIzayEybRvX1O7u6rUEDzRVG6hdhye9rkvR870zpIWk/uSWFo4j/a0hUJ
SDCKjkb3lad2F3qQGDSfDDPjGUKnj7fjioIZjU2wEiaNqOEwSTWLfkCP1r3LOkiE
wSw4qMgzBftC1xs3BYsnTNb+RDUL4WMn4A+4jiSWjKYxYjPQjWTR/+5tEySQv9UQ
tn9JHbzbg4CyJZXEFBQ7g3L6f5cQIc4LgBQ9L5LlckgUesKVrzmhzzYXYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFYPhEuxneuNkWJwUgHSydEsp+LhMB8GA1UdIwQY
MBaAFN05nklBifaRpe1k8746ajtQIlCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTct
NDQyYTAzYjdmMDg0LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTctNDQyYTAzYjdmMDg0
LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWlpkYsAg
i4B2ccLqTl42HrEegYt8KRxM39v8IHf5P2ScMrfK6d7FG3Yzc0tPqqJ54h3Rogi+
dAypEFDkOdKRtH0XGq8bluBJIS4r6sNNyHDoZvY6nJivMC9XXXJPpc1CHsLIJOi+
nq67IPanzWDOcL9f1HpwwiS3Ti++FraZsvnjGk7L8S8S8cVkUo/zQ+xlxo30hF0g
FvnCr/+fS5y1hR61B0o36og4mNixB4/yuy9ho601aevDaW8xYwG/Fyv/I/UwuWL7
t0jVPVyKzai2AhaQOEhMrtWbgUPMK0dPEzEQt6dMg7AqNhmh3LXq5BvM54mLR8Wa
dSqq3mhL354Wlw==
-----END CERTIFICATE-----