Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
File:                     3ySnzbcPLOjN3aURtEWeA0_375s.mft (raw, json)
Hash identifier:          bkSkKzE3uyUmW9W4UwRmzOfs4WpjXnBbhbmcYxXxH9U=
Subject key identifier:   DD:D8:64:51:18:B2:14:2A:67:5D:49:D7:01:1D:03:53:D3:0A:EC:E2
Authority key identifier: DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B
Certificate issuer:       /CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
Certificate serial:       0196A0F66087FF59049EDAEA6263420E003D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
Manifest number:          0CD0
Signing time:             Mon 05 May 2025 15:00:23 +0000
Manifest this update:     Mon 05 May 2025 15:00:23 +0000
Manifest next update:     Tue 06 May 2025 15:00:23 +0000
Files and hashes:         1: 3ySnzbcPLOjN3aURtEWeA0_375s.crl (hash: 8NXT1KdSKLYKblrWeVxAj1VQTu1agZ1YVszFxv+UDio=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 15:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a0:f6:60:87:ff:59:04:9e:da:ea:62:63:42:0e:00:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
        Validity
            Not Before: May  5 15:00:23 2025 GMT
            Not After : May  6 15:00:23 2025 GMT
        Subject: CN=ddd8645118b2142a675d49d7011d0353d30aece2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:4b:0d:8f:bb:3f:d8:e5:8a:95:19:c6:43:77:
                    87:cc:35:28:43:92:d7:a2:12:ce:8d:cd:cc:a0:8f:
                    d3:63:83:7c:a7:22:b1:a0:e4:cb:17:73:8e:7d:bd:
                    3b:f7:3f:7d:d8:5a:5b:2c:64:69:88:3d:f2:ad:c5:
                    d4:85:a9:74:77:7b:40:d7:96:8e:02:74:31:d3:87:
                    ae:06:e9:5c:18:62:d3:95:ed:dc:15:c8:82:41:95:
                    14:e1:e8:f3:02:8d:95:bc:83:32:21:8c:11:d9:33:
                    21:0a:ea:c2:69:78:56:ca:08:b9:58:23:7c:88:db:
                    79:0e:bd:70:a9:e1:62:5a:e9:99:f5:43:56:da:7a:
                    a3:1a:cd:57:79:d2:96:66:52:0a:f4:73:44:4a:e3:
                    18:3c:84:32:bb:d4:46:bb:1e:69:1f:1c:2d:50:fd:
                    91:cc:a0:b4:67:fa:3f:13:ec:d6:8f:af:f7:ee:4e:
                    25:45:63:2a:e6:81:a0:f7:e7:01:bb:99:ad:6a:7e:
                    b0:19:d7:34:90:1c:de:b4:ce:f6:63:b2:72:1a:a0:
                    55:86:de:00:0c:4c:5c:69:45:69:8a:b9:bb:b0:94:
                    8e:b2:a9:4d:33:bb:2e:a9:bb:47:4b:d3:83:92:aa:
                    85:55:71:8b:04:65:36:b2:38:1c:ef:7f:31:d5:82:
                    ea:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:D8:64:51:18:B2:14:2A:67:5D:49:D7:01:1D:03:53:D3:0A:EC:E2
            X509v3 Authority Key Identifier:
                keyid:DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:c8:39:cb:86:60:3b:a5:3a:6a:0e:7e:85:57:11:38:67:f8:
         e2:11:8c:15:6c:fc:8c:c9:4f:98:77:8d:05:44:4f:d3:cc:f7:
         e4:fa:a2:72:22:ae:4d:8c:b0:b3:c1:4a:94:b7:7a:2c:a6:9b:
         92:98:4e:14:af:51:11:52:63:2c:12:fb:3d:9a:5a:af:97:90:
         26:ee:ec:8d:05:68:2a:84:b4:d5:b3:36:d7:ac:9a:36:6c:60:
         b4:3b:e0:d3:48:31:d1:24:33:2e:ef:73:dd:6e:1e:36:17:3c:
         79:24:f0:d5:6c:77:e0:5e:fa:70:ac:cc:a3:b5:6c:62:06:2c:
         31:ce:93:c0:10:5b:5d:4f:fb:81:3a:e2:27:a0:5a:5d:ae:e3:
         ad:db:58:ae:4b:79:5b:d7:ec:d8:c7:d3:42:71:fb:39:ce:3d:
         cb:5b:8d:c2:88:a4:bf:ba:d8:17:ca:df:f3:24:da:47:54:ae:
         3e:71:32:79:88:49:47:12:4b:d6:02:69:98:54:05:3a:07:95:
         c2:e5:f3:52:69:dc:a0:83:e3:df:5e:95:d4:2c:76:31:38:09:
         25:cd:22:99:be:f9:cc:5f:ad:03:69:ad:d2:41:f5:c7:34:e1:
         c3:99:b0:b5:3e:67:50:56:9e:f8:61:05:95:ef:ad:71:a3:bb:
         dc:92:e0:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZag9mCH/1kEntrqYmNCDgA9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjRhN2NkYjcwZjJjZThjZGRkYTUxMWI0NDU5ZTAzNGZm
N2VmOWIwHhcNMjUwNTA1MTUwMDIzWhcNMjUwNTA2MTUwMDIzWjAzMTEwLwYDVQQD
EyhkZGQ4NjQ1MTE4YjIxNDJhNjc1ZDQ5ZDcwMTFkMDM1M2QzMGFlY2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ksNj7s/2OWKlRnGQ3eHzDUoQ5LX
ohLOjc3MoI/TY4N8pyKxoOTLF3OOfb079z992FpbLGRpiD3yrcXUhal0d3tA15aO
AnQx04euBulcGGLTle3cFciCQZUU4ejzAo2VvIMyIYwR2TMhCurCaXhWygi5WCN8
iNt5Dr1wqeFiWumZ9UNW2nqjGs1XedKWZlIK9HNESuMYPIQyu9RGux5pHxwtUP2R
zKC0Z/o/E+zWj6/37k4lRWMq5oGg9+cBu5mtan6wGdc0kBzetM72Y7JyGqBVht4A
DExcaUVpirm7sJSOsqlNM7suqbtHS9ODkqqFVXGLBGU2sjgc738x1YLq9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3YZFEYshQqZ11J1wEdA1PTCuziMB8GA1UdIwQY
MBaAFN8kp823Dyzozd2lEbRFngNP9++bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjIt
ZjY5ZDczOTc0NThlLzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjItZjY5ZDczOTc0NThl
LzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsMg5y4Zg
O6U6ag5+hVcROGf44hGMFWz8jMlPmHeNBURP08z35PqiciKuTYyws8FKlLd6LKab
kphOFK9REVJjLBL7PZpar5eQJu7sjQVoKoS01bM216yaNmxgtDvg00gx0SQzLu9z
3W4eNhc8eSTw1Wx34F76cKzMo7VsYgYsMc6TwBBbXU/7gTriJ6BaXa7jrdtYrkt5
W9fs2MfTQnH7Oc49y1uNwoikv7rYF8rf8yTaR1SuPnEyeYhJRxJL1gJpmFQFOgeV
wuXzUmncoIPj316V1Cx2MTgJJc0imb75zF+tA2mt0kH1xzThw5mwtT5nUFae+GEF
le+tcaO73JLgWw==
-----END CERTIFICATE-----