Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft
File:                     R3BGWvTHI2RwAFnnll08iepGPNc.mft (raw, json)
Hash identifier:          QWleMU9OVLA8XHacNUK2mtDP38/IhkzcTI5UzlcWxGk=
Subject key identifier:   B0:5C:37:18:54:26:24:3D:61:42:D3:18:BE:17:8A:FD:39:C9:C8:15
Authority key identifier: 47:70:46:5A:F4:C7:23:64:70:00:59:E7:96:5D:3C:89:EA:46:3C:D7
Certificate issuer:       /CN=4770465af4c72364700059e7965d3c89ea463cd7
Certificate serial:       0196C34C4BF5FAFA9AB3522B2BB7E89EBA89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R3BGWvTHI2RwAFnnll08iepGPNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft
Manifest number:          0EED
Signing time:             Mon 12 May 2025 07:01:19 +0000
Manifest this update:     Mon 12 May 2025 07:01:19 +0000
Manifest next update:     Tue 13 May 2025 07:01:19 +0000
Files and hashes:         1: R3BGWvTHI2RwAFnnll08iepGPNc.crl (hash: 5spyOTizgfALQhs4Payp9lizSQMBSAGwAA05mupuahU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R3BGWvTHI2RwAFnnll08iepGPNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:4c:4b:f5:fa:fa:9a:b3:52:2b:2b:b7:e8:9e:ba:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4770465af4c72364700059e7965d3c89ea463cd7
        Validity
            Not Before: May 12 07:01:19 2025 GMT
            Not After : May 13 07:01:19 2025 GMT
        Subject: CN=b05c37185426243d6142d318be178afd39c9c815
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:d3:91:9e:6a:55:71:c6:fc:f4:c6:d4:c9:ce:
                    85:2d:fb:9c:66:ec:4a:38:ea:2c:33:72:a2:27:84:
                    7f:78:d2:41:10:c9:4e:04:90:be:07:bd:a4:aa:77:
                    cf:3d:75:6c:35:dc:0d:8f:af:9b:9a:a4:10:46:8c:
                    e6:2a:f9:a3:bf:95:26:42:77:ca:d8:4c:58:ac:48:
                    60:38:aa:8b:c1:c3:d2:d0:f8:31:70:0d:77:22:4f:
                    87:fc:d0:7f:cc:36:b2:07:2c:1f:16:8f:1d:d5:27:
                    bf:d6:52:14:0f:a8:78:7a:75:c4:ce:3a:42:a0:d4:
                    a5:a0:05:ed:5a:bc:09:54:26:dc:11:ad:5a:e6:9a:
                    a6:75:c3:a3:31:89:c6:1e:79:97:6b:80:c8:9b:c9:
                    f0:f9:b5:ca:7f:7e:24:34:fa:aa:99:d6:f2:94:7e:
                    0b:f0:b0:c5:69:c8:fb:72:3b:e7:60:86:30:3c:db:
                    b1:c7:7d:b3:1a:8f:ef:1f:41:f2:79:c8:97:d8:b3:
                    9a:e1:5f:2d:06:4a:0b:c0:68:6b:25:ad:e1:28:3b:
                    cb:be:a7:db:5c:3c:c9:2f:65:c7:08:bf:20:cd:5b:
                    c8:bf:29:47:76:e5:8c:05:75:7e:4a:b6:48:ad:7c:
                    53:e1:40:11:5b:35:88:f1:57:ed:8f:5a:d2:4f:84:
                    db:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:5C:37:18:54:26:24:3D:61:42:D3:18:BE:17:8A:FD:39:C9:C8:15
            X509v3 Authority Key Identifier:
                keyid:47:70:46:5A:F4:C7:23:64:70:00:59:E7:96:5D:3C:89:EA:46:3C:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3BGWvTHI2RwAFnnll08iepGPNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:0e:47:b3:5e:41:b9:ea:03:3a:9e:e6:00:22:ff:67:bf:cd:
         c1:23:c7:87:f2:b3:64:a8:cc:62:56:63:f4:1b:3f:a1:6c:f1:
         e5:c2:2f:e9:5f:1d:1c:97:d5:7f:6d:9e:78:de:36:04:bb:a6:
         74:34:a3:2b:59:67:b1:4c:1f:fa:bb:00:c2:77:ed:fc:09:77:
         e5:72:a7:e5:0d:88:8b:a3:03:1c:ca:2a:13:bf:2e:99:66:ff:
         6e:bb:d9:bd:43:ea:80:93:45:89:cf:cf:9a:de:44:01:75:01:
         2c:ab:15:89:a6:b8:b8:8d:53:ec:ee:52:93:96:27:22:24:7a:
         3a:23:90:9a:18:01:ed:cc:bd:2f:19:c8:59:27:20:81:2e:70:
         75:8e:77:b8:f0:60:9b:6d:e3:c1:37:5c:ab:15:b7:00:60:6e:
         f9:e8:d9:38:06:f2:cb:b2:e1:4f:a4:36:a7:64:0d:7e:f7:21:
         aa:4b:7a:8d:de:dc:10:8e:ca:e0:5c:76:71:64:43:ba:0d:5c:
         9c:f5:9e:3f:55:b2:16:64:a9:5c:f3:77:86:ae:3c:f2:a2:93:
         ad:6b:30:b6:79:8b:c8:bc:20:c5:ee:75:cb:85:b8:ce:b8:d4:
         e1:b5:96:d7:c4:25:ac:8d:20:49:f1:cb:07:74:fa:0f:52:78:
         8f:fc:e1:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDTEv1+vqas1IrK7fonrqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NzA0NjVhZjRjNzIzNjQ3MDAwNTllNzk2NWQzYzg5ZWE0
NjNjZDcwHhcNMjUwNTEyMDcwMTE5WhcNMjUwNTEzMDcwMTE5WjAzMTEwLwYDVQQD
EyhiMDVjMzcxODU0MjYyNDNkNjE0MmQzMThiZTE3OGFmZDM5YzljODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9ORnmpVccb89MbUyc6FLfucZuxK
OOosM3KiJ4R/eNJBEMlOBJC+B72kqnfPPXVsNdwNj6+bmqQQRozmKvmjv5UmQnfK
2ExYrEhgOKqLwcPS0PgxcA13Ik+H/NB/zDayBywfFo8d1Se/1lIUD6h4enXEzjpC
oNSloAXtWrwJVCbcEa1a5pqmdcOjMYnGHnmXa4DIm8nw+bXKf34kNPqqmdbylH4L
8LDFacj7cjvnYIYwPNuxx32zGo/vH0HyeciX2LOa4V8tBkoLwGhrJa3hKDvLvqfb
XDzJL2XHCL8gzVvIvylHduWMBXV+SrZIrXxT4UARWzWI8Vftj1rST4TbEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLBcNxhUJiQ9YULTGL4Xiv05ycgVMB8GA1UdIwQY
MBaAFEdwRlr0xyNkcABZ55ZdPInqRjzXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjNCR1d2VEhJMlJ3QUZubmxsMDhpZXBHUE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC85N2QwOWItZTVlMS00N2Y4LWIyNWYt
OGE5MmUwOWJmZTFiLzEvUjNCR1d2VEhJMlJ3QUZubmxsMDhpZXBHUE5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC85N2QwOWItZTVlMS00N2Y4LWIyNWYtOGE5MmUwOWJmZTFi
LzEvUjNCR1d2VEhJMlJ3QUZubmxsMDhpZXBHUE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQw5Hs15B
ueoDOp7mACL/Z7/NwSPHh/KzZKjMYlZj9Bs/oWzx5cIv6V8dHJfVf22eeN42BLum
dDSjK1lnsUwf+rsAwnft/Al35XKn5Q2Ii6MDHMoqE78umWb/brvZvUPqgJNFic/P
mt5EAXUBLKsViaa4uI1T7O5Sk5YnIiR6OiOQmhgB7cy9LxnIWScggS5wdY53uPBg
m23jwTdcqxW3AGBu+ejZOAbyy7LhT6Q2p2QNfvchqkt6jd7cEI7K4Fx2cWRDug1c
nPWeP1WyFmSpXPN3hq488qKTrWswtnmLyLwgxe51y4W4zrjU4bWW18QlrI0gSfHL
B3T6D1J4j/zhyQ==
-----END CERTIFICATE-----