Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
File:                     u0WFtGeSNzbELHly4QQvGy4w3GY.mft (raw, json)
Hash identifier:          pWDNt9PtamcE5UEaJenbffCul/VO8h4H+UA8+ieLblc=
Subject key identifier:   B3:5D:68:D3:9F:1F:73:55:5A:13:0B:F0:9C:B8:8D:24:18:9F:7E:FC
Authority key identifier: BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66
Certificate issuer:       /CN=bb4585b467923736c42c7972e1042f1b2e30dc66
Certificate serial:       0196AA30B0588BE41BD0EC8DD41CA1403C60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
Manifest number:          1528
Signing time:             Wed 07 May 2025 10:00:39 +0000
Manifest this update:     Wed 07 May 2025 10:00:39 +0000
Manifest next update:     Thu 08 May 2025 10:00:39 +0000
Files and hashes:         1: u0WFtGeSNzbELHly4QQvGy4w3GY.crl (hash: X2QMkX1TQI2cpMSTolxONtXY6SDbSJo0h540CTBrcek=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 10:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:aa:30:b0:58:8b:e4:1b:d0:ec:8d:d4:1c:a1:40:3c:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb4585b467923736c42c7972e1042f1b2e30dc66
        Validity
            Not Before: May  7 10:00:39 2025 GMT
            Not After : May  8 10:00:39 2025 GMT
        Subject: CN=b35d68d39f1f73555a130bf09cb88d24189f7efc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:55:d5:4e:cf:2b:3f:98:c7:c2:68:10:fb:d8:
                    b3:44:ae:4b:f9:50:84:fd:68:01:90:08:20:ec:3c:
                    57:5d:64:53:de:02:0a:27:d9:c1:bb:3b:17:bc:25:
                    f3:c3:57:58:10:ee:ab:c8:20:f2:18:5d:5f:bc:b1:
                    32:c1:41:e1:13:c1:80:96:04:9b:80:51:73:9b:70:
                    51:a1:2f:57:03:81:14:e5:f9:9c:46:0c:a3:62:fc:
                    2a:60:a3:24:19:a0:c0:e5:cb:a8:44:46:b8:7f:e6:
                    a8:55:15:b7:83:4a:26:e8:67:ae:67:f9:6e:68:a0:
                    6d:ef:bd:fe:28:92:c0:d7:5a:91:65:3a:34:f4:33:
                    0d:f9:04:c3:49:ee:87:40:19:4e:1f:fc:95:76:2c:
                    46:33:ac:29:49:06:ae:32:6f:43:2c:91:bb:05:b3:
                    1c:6d:a1:bb:58:ac:59:93:62:a3:c9:17:15:90:d2:
                    70:93:68:7b:7a:af:a8:be:db:16:23:1d:d1:40:e0:
                    e2:96:69:70:2d:d9:fb:58:e0:21:34:b8:33:03:71:
                    50:db:a2:41:48:73:3d:54:5a:3a:79:3a:fc:ed:c2:
                    cc:b3:c9:96:f8:e4:c6:26:16:da:ec:62:de:24:1b:
                    8f:30:cd:2b:79:65:1e:77:89:fe:ab:62:aa:b2:4c:
                    b5:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:5D:68:D3:9F:1F:73:55:5A:13:0B:F0:9C:B8:8D:24:18:9F:7E:FC
            X509v3 Authority Key Identifier:
                keyid:BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:d2:46:a7:c2:8e:f9:33:34:92:a4:f4:56:80:81:aa:ac:e7:
         db:9b:ed:64:17:7d:92:09:ac:60:b2:ec:0b:7f:95:ef:58:17:
         0f:cf:b9:78:f4:21:5f:d0:03:00:de:cd:fe:00:94:0a:7a:b3:
         21:98:4b:2f:38:5f:40:70:01:d0:69:90:1e:90:d4:98:95:a2:
         32:cd:66:db:9e:e6:1e:b4:0b:0e:67:0e:6d:ae:2f:89:44:00:
         e3:6b:04:34:f4:56:1b:cf:e2:89:4a:17:e8:5c:b8:64:3b:9c:
         58:f3:31:f3:4d:8e:a8:12:02:dd:0e:3a:10:af:73:9d:91:69:
         cb:fe:c6:62:e2:2f:b8:83:ce:58:42:c2:f9:dc:b1:61:b8:56:
         5c:cd:6c:b2:0a:39:07:59:9f:31:04:84:fb:35:ea:2b:50:7f:
         c8:a7:64:96:e2:42:5a:d1:3f:76:74:fa:66:66:3b:23:b3:9b:
         1d:4a:4f:98:b1:67:18:b2:dd:d5:d5:c8:30:71:92:42:b9:ad:
         e1:17:06:e3:90:25:01:3d:b6:ec:07:8d:49:97:02:11:b0:c2:
         26:c0:97:3a:14:ed:41:ec:28:e7:68:49:cb:3c:ef:42:2f:54:
         e6:68:3d:eb:40:f1:99:e9:dc:ac:8f:53:58:4e:85:62:5f:9d:
         7f:3e:95:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaqMLBYi+Qb0OyN1ByhQDxgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDU4NWI0Njc5MjM3MzZjNDJjNzk3MmUxMDQyZjFiMmUz
MGRjNjYwHhcNMjUwNTA3MTAwMDM5WhcNMjUwNTA4MTAwMDM5WjAzMTEwLwYDVQQD
EyhiMzVkNjhkMzlmMWY3MzU1NWExMzBiZjA5Y2I4OGQyNDE4OWY3ZWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFXVTs8rP5jHwmgQ+9izRK5L+VCE
/WgBkAgg7DxXXWRT3gIKJ9nBuzsXvCXzw1dYEO6ryCDyGF1fvLEywUHhE8GAlgSb
gFFzm3BRoS9XA4EU5fmcRgyjYvwqYKMkGaDA5cuoREa4f+aoVRW3g0om6GeuZ/lu
aKBt773+KJLA11qRZTo09DMN+QTDSe6HQBlOH/yVdixGM6wpSQauMm9DLJG7BbMc
baG7WKxZk2KjyRcVkNJwk2h7eq+ovtsWIx3RQODilmlwLdn7WOAhNLgzA3FQ26JB
SHM9VFo6eTr87cLMs8mW+OTGJhba7GLeJBuPMM0reWUed4n+q2Kqsky1owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLNdaNOfH3NVWhML8Jy4jSQYn378MB8GA1UdIwQY
MBaAFLtFhbRnkjc2xCx5cuEELxsuMNxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUt
NjYzODEwMWUzMTliLzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUtNjYzODEwMWUzMTli
LzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ9JGp8KO
+TM0kqT0VoCBqqzn25vtZBd9kgmsYLLsC3+V71gXD8+5ePQhX9ADAN7N/gCUCnqz
IZhLLzhfQHAB0GmQHpDUmJWiMs1m257mHrQLDmcOba4viUQA42sENPRWG8/iiUoX
6Fy4ZDucWPMx802OqBIC3Q46EK9znZFpy/7GYuIvuIPOWELC+dyxYbhWXM1ssgo5
B1mfMQSE+zXqK1B/yKdkluJCWtE/dnT6ZmY7I7ObHUpPmLFnGLLd1dXIMHGSQrmt
4RcG45AlAT227AeNSZcCEbDCJsCXOhTtQewo52hJyzzvQi9U5mg960DxmencrI9T
WE6FYl+dfz6Veg==
-----END CERTIFICATE-----