Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft
File:                     Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft (raw, json)
Hash identifier:          GPd6S2ek+ADrqobdiIrvtPdxsvhwAET4QY892GbPsfU=
Subject key identifier:   3B:0E:E2:AF:EE:70:92:4C:0F:D0:DA:E0:97:DA:DB:8F:60:55:CD:DC
Authority key identifier: 4A:1E:D4:BF:50:2C:0F:2D:8B:C8:70:26:C1:8A:C9:85:9B:0F:1D:EC
Certificate issuer:       /CN=4a1ed4bf502c0f2d8bc87026c18ac9859b0f1dec
Certificate serial:       0196A31C3547B5C0B8BC25A7E03C27B74F9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft
Manifest number:          1525
Signing time:             Tue 06 May 2025 01:00:56 +0000
Manifest this update:     Tue 06 May 2025 01:00:56 +0000
Manifest next update:     Wed 07 May 2025 01:00:56 +0000
Files and hashes:         1: Sh7Uv1AsDy2LyHAmwYrJhZsPHew.crl (hash: VH+jLiWCSA7Ycud5y/LqtK6tJu8i3wMTwd8JbynH5wA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 18:19:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a3:1c:35:47:b5:c0:b8:bc:25:a7:e0:3c:27:b7:4f:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a1ed4bf502c0f2d8bc87026c18ac9859b0f1dec
        Validity
            Not Before: May  6 01:00:56 2025 GMT
            Not After : May  7 01:00:56 2025 GMT
        Subject: CN=3b0ee2afee70924c0fd0dae097dadb8f6055cddc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:8b:1b:0b:a3:02:81:fe:bd:f8:10:3c:28:d8:
                    fc:58:81:40:c6:b2:10:be:74:2d:54:65:ae:20:14:
                    27:11:56:34:67:e5:fb:1d:b7:5a:c1:00:0c:80:2d:
                    77:12:51:9c:23:0d:35:f4:97:0a:80:cf:59:c3:9c:
                    4f:50:2c:61:2f:8c:2f:fb:66:c7:2b:7b:56:ac:15:
                    b6:ce:08:f5:f3:41:a6:b5:aa:1e:61:db:32:20:2e:
                    86:d3:f3:d5:fd:7a:36:de:68:1b:cf:d2:62:16:02:
                    3c:57:36:b0:d8:0c:4e:42:b5:59:f0:10:2c:b6:b7:
                    0d:f9:5a:5c:1a:96:83:ca:50:35:c7:8b:86:23:8d:
                    71:8e:f8:7d:63:21:05:72:4f:aa:93:aa:14:73:40:
                    8b:0b:92:dd:18:e6:49:0d:ca:2a:14:49:f4:d2:aa:
                    5d:8b:e8:bf:fb:87:96:8b:7f:29:3b:83:5f:09:20:
                    c9:a1:89:92:5e:85:f6:fc:40:06:3e:0e:2c:89:c5:
                    cc:28:15:5f:71:23:2d:8c:8a:c6:4e:cc:24:da:ae:
                    8c:29:6b:77:08:ff:81:a1:32:a0:d6:92:5f:8a:2d:
                    16:3e:37:99:aa:69:04:76:74:fb:23:e0:c0:18:b3:
                    e6:10:71:a3:8e:35:9c:39:39:d1:1c:a0:f6:83:5e:
                    d4:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:0E:E2:AF:EE:70:92:4C:0F:D0:DA:E0:97:DA:DB:8F:60:55:CD:DC
            X509v3 Authority Key Identifier:
                keyid:4A:1E:D4:BF:50:2C:0F:2D:8B:C8:70:26:C1:8A:C9:85:9B:0F:1D:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:b3:ec:92:3d:c6:21:7b:36:38:a0:b8:b5:0b:af:4d:37:a2:
         49:fd:84:47:b6:b1:07:60:5f:a3:35:59:be:1d:b0:e0:7e:ba:
         75:38:b3:14:7b:d1:6e:97:3f:9c:a8:e2:de:04:6a:5e:70:28:
         fa:01:b7:97:a2:52:41:fd:aa:e6:e2:70:a2:6e:05:a5:80:06:
         02:90:b1:fb:a1:d3:36:ab:c9:fa:79:51:b6:a8:4c:04:34:56:
         62:49:e5:77:26:64:09:ee:96:59:53:92:68:91:41:e0:12:bb:
         7c:ef:ce:a8:ff:34:06:cc:4e:e8:ee:68:a1:c2:a6:fa:2a:28:
         d2:32:23:e3:52:87:55:37:c5:e2:de:a3:28:1f:c4:25:a0:51:
         5b:ab:3b:ba:05:33:e3:5a:b0:e1:e3:ec:b7:63:66:85:c8:64:
         0c:75:d3:1d:43:dc:28:e9:bb:f4:30:c3:74:9b:71:69:86:32:
         72:a6:98:ed:f4:04:91:60:d8:3a:01:83:ad:54:aa:e5:b3:f9:
         25:c6:54:ff:07:5a:39:40:4b:06:b5:04:fe:23:b8:7e:b7:ff:
         66:17:ad:53:66:f0:09:6c:03:7c:ff:80:b1:9b:46:46:e3:64:
         4c:1e:26:a6:d9:6c:1e:ff:ff:c6:d4:f6:ec:9f:52:c5:ee:c6:
         e2:c1:9e:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZajHDVHtcC4vCWn4Dwnt0+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMWVkNGJmNTAyYzBmMmQ4YmM4NzAyNmMxOGFjOTg1OWIw
ZjFkZWMwHhcNMjUwNTA2MDEwMDU2WhcNMjUwNTA3MDEwMDU2WjAzMTEwLwYDVQQD
EygzYjBlZTJhZmVlNzA5MjRjMGZkMGRhZTA5N2RhZGI4ZjYwNTVjZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5IsbC6MCgf69+BA8KNj8WIFAxrIQ
vnQtVGWuIBQnEVY0Z+X7HbdawQAMgC13ElGcIw019JcKgM9Zw5xPUCxhL4wv+2bH
K3tWrBW2zgj180GmtaoeYdsyIC6G0/PV/Xo23mgbz9JiFgI8Vzaw2AxOQrVZ8BAs
trcN+VpcGpaDylA1x4uGI41xjvh9YyEFck+qk6oUc0CLC5LdGOZJDcoqFEn00qpd
i+i/+4eWi38pO4NfCSDJoYmSXoX2/EAGPg4sicXMKBVfcSMtjIrGTswk2q6MKWt3
CP+BoTKg1pJfii0WPjeZqmkEdnT7I+DAGLPmEHGjjjWcOTnRHKD2g17UBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDsO4q/ucJJMD9Da4Jfa249gVc3cMB8GA1UdIwQY
MBaAFEoe1L9QLA8ti8hwJsGKyYWbDx3sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2g3VXYxQXNEeTJMeUhBbXdZckpoWnNQSGV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85N2M5MTYtODFiMS00YjNhLTlmZWUt
MzU2YTE5ZjU1NTA2LzEvU2g3VXYxQXNEeTJMeUhBbXdZckpoWnNQSGV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85N2M5MTYtODFiMS00YjNhLTlmZWUtMzU2YTE5ZjU1NTA2
LzEvU2g3VXYxQXNEeTJMeUhBbXdZckpoWnNQSGV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQrPskj3G
IXs2OKC4tQuvTTeiSf2ER7axB2BfozVZvh2w4H66dTizFHvRbpc/nKji3gRqXnAo
+gG3l6JSQf2q5uJwom4FpYAGApCx+6HTNqvJ+nlRtqhMBDRWYknldyZkCe6WWVOS
aJFB4BK7fO/OqP80BsxO6O5oocKm+ioo0jIj41KHVTfF4t6jKB/EJaBRW6s7ugUz
41qw4ePst2NmhchkDHXTHUPcKOm79DDDdJtxaYYycqaY7fQEkWDYOgGDrVSq5bP5
JcZU/wdaOUBLBrUE/iO4frf/ZhetU2bwCWwDfP+AsZtGRuNkTB4mptlsHv//xtT2
7J9Sxe7G4sGe+g==
-----END CERTIFICATE-----