Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
File:                     3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json)
Hash identifier:          WjW+JdUtRyo3KlLBVqJu7OFuCzT1O/WTUcJB8Hi+kl0=
Subject key identifier:   50:81:DE:5B:E2:8E:06:D0:01:3F:4C:59:95:11:E3:C9:9A:AB:96:84
Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3
Certificate issuer:       /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
Certificate serial:       01969E9A9B43124D7FCC5857E7FB336D38D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
Manifest number:          064A
Signing time:             Mon 05 May 2025 04:00:54 +0000
Manifest this update:     Mon 05 May 2025 04:00:54 +0000
Manifest next update:     Tue 06 May 2025 04:00:54 +0000
Files and hashes:         1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: njNSOhUICbxcEaRskcI9h46bKJIqqYtX520ZoNMzek8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 04:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9e:9a:9b:43:12:4d:7f:cc:58:57:e7:fb:33:6d:38:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
        Validity
            Not Before: May  5 04:00:54 2025 GMT
            Not After : May  6 04:00:54 2025 GMT
        Subject: CN=5081de5be28e06d0013f4c599511e3c99aab9684
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:26:bd:06:33:f5:8a:2a:85:b3:ff:fc:50:81:
                    58:4c:16:4e:6e:8c:1b:23:b6:f0:78:d8:7a:e0:b5:
                    54:4e:93:4f:79:83:08:f3:14:f0:1e:01:ee:74:89:
                    16:a7:27:5c:3f:f2:0f:d2:92:fe:19:2c:4d:bb:76:
                    6b:84:bc:08:f7:4c:38:75:71:fe:68:d5:4a:19:b9:
                    0a:2c:07:7b:3f:96:fe:72:f0:b2:96:ae:3d:2e:ea:
                    3d:9e:ff:f0:fc:b2:4a:0a:a4:28:5c:0f:b9:8d:67:
                    3e:29:0a:7c:15:f2:58:7a:2c:a1:ae:c1:17:02:bb:
                    95:03:a6:ef:30:ce:e9:ab:7c:8c:7f:c1:35:e5:1f:
                    ac:1a:1b:c6:10:3d:61:2b:b5:bd:e4:b7:45:5c:c0:
                    71:9d:23:e5:c8:b2:a8:27:49:8c:f6:5a:18:89:27:
                    9d:5d:49:75:44:46:e3:bd:f8:e6:94:f4:97:08:3f:
                    01:eb:b6:c3:16:4a:e6:c5:eb:c8:13:11:59:f8:e4:
                    00:6b:af:1b:fc:d8:ac:7a:b3:6a:e8:fe:11:1b:96:
                    8d:dd:ae:ed:94:6c:77:1e:98:90:cb:9f:0c:93:58:
                    e6:92:79:da:5d:18:2f:6e:b8:68:c5:cc:25:22:a1:
                    d2:23:2f:a8:b6:ab:99:1e:8e:89:67:3f:f2:fe:8f:
                    e4:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:81:DE:5B:E2:8E:06:D0:01:3F:4C:59:95:11:E3:C9:9A:AB:96:84
            X509v3 Authority Key Identifier:
                keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:86:2c:d5:6b:f7:02:be:5a:83:b4:7e:42:33:25:21:34:a2:
         4b:1c:f1:5d:91:41:2a:fa:ee:b3:28:a9:e0:77:13:c4:a7:4c:
         2e:77:de:e3:6e:99:4f:64:4d:4e:03:70:00:c5:27:23:87:2d:
         e2:eb:ed:54:99:e2:24:05:48:ba:40:c8:e2:d1:d2:94:c5:59:
         ef:73:80:c1:d9:5a:b9:b1:15:57:38:95:4d:84:bc:d8:4f:72:
         e6:91:60:7c:36:04:4b:65:db:3d:4a:5b:77:5d:55:80:93:c7:
         48:79:db:36:d4:94:57:b3:78:7e:c7:2e:24:cb:03:d5:69:d5:
         86:d9:cc:1d:49:71:39:aa:0f:1e:43:ad:fe:b2:e2:15:da:5b:
         80:04:db:8b:f0:a2:48:88:51:6e:d5:dc:7a:09:1f:35:73:4c:
         7a:ed:9c:3a:fe:1e:dc:57:7a:67:98:05:72:66:c7:62:2c:c2:
         6e:63:03:31:f3:c4:bb:c2:0a:34:86:7d:62:47:8f:e8:0a:f4:
         94:04:ce:c0:c8:4e:b3:45:2c:a7:89:07:53:1a:62:b6:44:c1:
         9e:1b:fb:c2:68:db:79:c5:5c:15:27:0d:b9:c1:60:17:76:c7:
         e8:dc:75:af:6e:0a:34:9a:bf:b2:31:55:22:6d:ce:21:1a:2f:
         9b:7a:3c:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaemptDEk1/zFhX5/szbTjWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0
OTA3YjMwHhcNMjUwNTA1MDQwMDU0WhcNMjUwNTA2MDQwMDU0WjAzMTEwLwYDVQQD
Eyg1MDgxZGU1YmUyOGUwNmQwMDEzZjRjNTk5NTExZTNjOTlhYWI5Njg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqia9BjP1iiqFs//8UIFYTBZObowb
I7bweNh64LVUTpNPeYMI8xTwHgHudIkWpydcP/IP0pL+GSxNu3ZrhLwI90w4dXH+
aNVKGbkKLAd7P5b+cvCylq49Luo9nv/w/LJKCqQoXA+5jWc+KQp8FfJYeiyhrsEX
AruVA6bvMM7pq3yMf8E15R+sGhvGED1hK7W95LdFXMBxnSPlyLKoJ0mM9loYiSed
XUl1REbjvfjmlPSXCD8B67bDFkrmxevIExFZ+OQAa68b/NiserNq6P4RG5aN3a7t
lGx3HpiQy58Mk1jmknnaXRgvbrhoxcwlIqHSIy+otquZHo6JZz/y/o/kvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFCB3lvijgbQAT9MWZUR48maq5aEMB8GA1UdIwQY
MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt
ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm
LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATIYs1Wv3
Ar5ag7R+QjMlITSiSxzxXZFBKvrusyip4HcTxKdMLnfe426ZT2RNTgNwAMUnI4ct
4uvtVJniJAVIukDI4tHSlMVZ73OAwdlaubEVVziVTYS82E9y5pFgfDYES2XbPUpb
d11VgJPHSHnbNtSUV7N4fscuJMsD1WnVhtnMHUlxOaoPHkOt/rLiFdpbgATbi/Ci
SIhRbtXcegkfNXNMeu2cOv4e3Fd6Z5gFcmbHYizCbmMDMfPEu8IKNIZ9YkeP6Ar0
lATOwMhOs0Usp4kHUxpitkTBnhv7wmjbecVcFScNucFgF3bH6Nx1r24KNJq/sjFV
Im3OIRovm3o8dg==
-----END CERTIFICATE-----