Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
File:                     Pn1HTATkiliTr3HDWnfN1oJv0zk.mft (raw, json)
Hash identifier:          lIhWzS5FLxp6W46cWAW4moz7+0nJY3FjppQdXnytdPs=
Subject key identifier:   DC:0C:9D:48:A7:7A:24:10:47:D2:55:B6:7A:D2:D3:23:FC:0D:A4:19
Authority key identifier: 3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39
Certificate issuer:       /CN=3e7d474c04e48a5893af71c35a77cdd6826fd339
Certificate serial:       0196A20928DFF61825E783736E61A592A2FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
Manifest number:          03D1
Signing time:             Mon 05 May 2025 20:00:31 +0000
Manifest this update:     Mon 05 May 2025 20:00:31 +0000
Manifest next update:     Tue 06 May 2025 20:00:31 +0000
Files and hashes:         1: Pn1HTATkiliTr3HDWnfN1oJv0zk.crl (hash: lH5MVQDKeBn3o/BCt4u8CM61h6b2jZgwAPL8G6aYAbQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 18:19:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a2:09:28:df:f6:18:25:e7:83:73:6e:61:a5:92:a2:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e7d474c04e48a5893af71c35a77cdd6826fd339
        Validity
            Not Before: May  5 20:00:31 2025 GMT
            Not After : May  6 20:00:31 2025 GMT
        Subject: CN=dc0c9d48a77a241047d255b67ad2d323fc0da419
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ba:54:2e:05:94:47:c7:58:14:ec:f9:00:19:
                    da:76:b1:bd:2c:fa:b7:9d:f6:1a:40:b4:a7:16:d3:
                    42:82:dc:00:3d:62:94:d3:15:81:05:69:35:5b:c8:
                    0c:22:53:c8:cf:76:1f:3d:6d:41:c1:6c:80:00:41:
                    b2:a5:2c:f4:94:ad:70:dd:42:4d:76:23:eb:22:32:
                    0a:7f:8a:33:be:6e:47:76:97:31:77:88:b9:a1:3f:
                    9d:13:5b:6e:89:2f:c9:5b:ce:ce:5e:ea:c8:69:a8:
                    55:8b:99:b6:b3:9b:59:b7:f4:d2:ef:b2:3f:11:3c:
                    68:b0:74:ee:a8:48:1e:f0:34:4e:92:90:ad:6a:dc:
                    4a:11:c6:3c:51:b4:93:d7:bf:46:d0:31:aa:9d:2d:
                    50:26:96:a6:cd:4d:2a:6d:6f:49:c2:45:aa:5c:b2:
                    7d:ef:33:fb:92:a0:8b:98:87:df:88:92:91:a1:c0:
                    2f:d7:08:65:54:08:31:17:de:7b:04:12:86:c8:ec:
                    89:bd:5e:41:82:a4:23:c5:2f:a6:d2:94:79:81:b9:
                    61:37:ac:07:82:2c:19:8f:c4:32:9b:1f:40:d3:b4:
                    23:84:d0:5b:36:77:8c:f0:93:82:4d:99:9a:67:9a:
                    54:60:c0:69:b5:0f:64:36:45:19:33:14:aa:b1:ce:
                    2e:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:0C:9D:48:A7:7A:24:10:47:D2:55:B6:7A:D2:D3:23:FC:0D:A4:19
            X509v3 Authority Key Identifier:
                keyid:3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:27:d0:aa:24:ce:49:75:bb:22:70:de:0e:7d:37:7d:98:3e:
         d1:9d:ba:2a:9a:80:85:e2:f3:eb:df:a9:bd:72:74:69:f9:ce:
         78:74:d4:82:01:9d:da:fa:61:2c:94:fe:5b:8b:f9:71:81:74:
         6a:4a:81:e4:90:92:12:27:f0:48:f3:a4:a8:c9:77:8b:d6:26:
         cb:74:21:14:83:5e:cf:73:ff:59:26:85:dd:84:5b:4d:08:82:
         64:66:37:07:de:b4:b8:cb:f2:42:e7:20:79:87:38:40:ad:22:
         dd:92:10:26:0e:fa:ca:13:e9:71:ce:8a:61:9c:bb:e3:c0:fc:
         bf:80:51:e6:2a:a2:7d:97:dd:ae:58:8f:0a:f2:95:2a:b7:7e:
         57:03:69:03:ee:7c:dd:55:57:5b:4c:f4:b9:f4:94:cc:33:b3:
         a4:39:cb:19:e6:99:b8:98:08:32:5f:6a:d6:54:84:79:87:59:
         ac:d1:10:63:c7:15:f1:34:a4:98:d5:1e:3c:55:8b:03:90:ca:
         c7:d2:1c:1a:d3:4d:fa:54:ea:bf:0b:20:57:8c:3e:b9:69:16:
         00:dd:8a:7e:52:87:3c:f0:8c:19:2d:73:72:fc:38:cc:77:8d:
         d7:ff:2d:4b:43:fc:b0:58:57:9c:8e:2a:88:64:86:e0:fc:33:
         e0:db:7c:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaiCSjf9hgl54NzbmGlkqL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlN2Q0NzRjMDRlNDhhNTg5M2FmNzFjMzVhNzdjZGQ2ODI2
ZmQzMzkwHhcNMjUwNTA1MjAwMDMxWhcNMjUwNTA2MjAwMDMxWjAzMTEwLwYDVQQD
EyhkYzBjOWQ0OGE3N2EyNDEwNDdkMjU1YjY3YWQyZDMyM2ZjMGRhNDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobpULgWUR8dYFOz5ABnadrG9LPq3
nfYaQLSnFtNCgtwAPWKU0xWBBWk1W8gMIlPIz3YfPW1BwWyAAEGypSz0lK1w3UJN
diPrIjIKf4ozvm5Hdpcxd4i5oT+dE1tuiS/JW87OXurIaahVi5m2s5tZt/TS77I/
ETxosHTuqEge8DROkpCtatxKEcY8UbST179G0DGqnS1QJpamzU0qbW9JwkWqXLJ9
7zP7kqCLmIffiJKRocAv1whlVAgxF957BBKGyOyJvV5BgqQjxS+m0pR5gblhN6wH
giwZj8Qymx9A07QjhNBbNneM8JOCTZmaZ5pUYMBptQ9kNkUZMxSqsc4uUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNwMnUineiQQR9JVtnrS0yP8DaQZMB8GA1UdIwQY
MBaAFD59R0wE5IpYk69xw1p3zdaCb9M5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGIt
OTAzZTRmNWUxMjI1LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGItOTAzZTRmNWUxMjI1
LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjyfQqiTO
SXW7InDeDn03fZg+0Z26KpqAheLz69+pvXJ0afnOeHTUggGd2vphLJT+W4v5cYF0
akqB5JCSEifwSPOkqMl3i9Ymy3QhFINez3P/WSaF3YRbTQiCZGY3B960uMvyQucg
eYc4QK0i3ZIQJg76yhPpcc6KYZy748D8v4BR5iqifZfdrliPCvKVKrd+VwNpA+58
3VVXW0z0ufSUzDOzpDnLGeaZuJgIMl9q1lSEeYdZrNEQY8cV8TSkmNUePFWLA5DK
x9IcGtNN+lTqvwsgV4w+uWkWAN2KflKHPPCMGS1zcvw4zHeN1/8tS0P8sFhXnI4q
iGSG4Pwz4Nt8vw==
-----END CERTIFICATE-----