Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
File:                     s3fTy2Ur05jE2752zbAILp3u1tQ.mft (raw, json)
Hash identifier:          pKLL87PlSf/RKFSoDI9hH91nRzU8eXjkoSOf5DwuK00=
Subject key identifier:   E0:19:EE:05:2F:16:E5:7F:14:95:12:E2:93:20:8D:72:EB:FF:66:EF
Authority key identifier: B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4
Certificate issuer:       /CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
Certificate serial:       0196BFA5F0C5A0D4474F9A70BF0FEDE45588
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
Manifest number:          03C9
Signing time:             Sun 11 May 2025 14:00:45 +0000
Manifest this update:     Sun 11 May 2025 14:00:45 +0000
Manifest next update:     Mon 12 May 2025 14:00:45 +0000
Files and hashes:         1: s3fTy2Ur05jE2752zbAILp3u1tQ.crl (hash: Kj5+kt0o0HHsni1X56UkFGDrvL4sH48Zp6bCi/6nSaE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 14:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:a5:f0:c5:a0:d4:47:4f:9a:70:bf:0f:ed:e4:55:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
        Validity
            Not Before: May 11 14:00:45 2025 GMT
            Not After : May 12 14:00:45 2025 GMT
        Subject: CN=e019ee052f16e57f149512e293208d72ebff66ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:cd:ba:14:d2:27:92:7f:dd:9b:b0:d8:f3:eb:
                    55:fd:e4:bc:a6:a8:56:49:e4:9f:24:5a:b1:13:05:
                    74:05:06:98:50:ae:85:3c:9c:06:26:8c:cb:dd:2e:
                    98:35:3f:b7:b2:db:79:87:8b:4b:e4:c8:3e:46:a0:
                    45:81:eb:5f:d8:c8:40:c7:d6:61:2d:95:e4:48:be:
                    6a:a4:47:14:99:26:94:52:5c:09:37:4f:c8:cc:85:
                    83:1b:72:23:bc:a8:1a:03:7c:88:32:1e:5d:01:1e:
                    ae:5e:33:82:17:10:9e:42:7e:64:e2:c8:7d:b1:ee:
                    68:ec:e4:01:0d:3f:b6:bf:5f:aa:28:c3:cf:8e:96:
                    c6:34:cd:bd:fc:a7:d9:16:41:0f:5a:13:fb:3e:12:
                    58:27:3e:ee:96:77:93:ce:66:f9:0e:f1:fb:76:94:
                    99:b3:91:90:ba:b4:b1:50:36:34:39:65:36:b9:a5:
                    0a:a8:64:ba:a1:42:25:a9:46:93:d9:7c:4c:22:a6:
                    5a:82:45:6e:46:a8:d3:f2:de:02:bf:4a:eb:f2:4f:
                    ba:0b:26:5d:fc:d2:26:3f:a9:80:43:55:93:a8:51:
                    20:62:ec:6f:cf:7c:0c:e7:db:d6:05:a4:89:f8:e3:
                    92:c2:fe:26:3a:9e:72:2d:ff:4a:a2:d5:cc:bd:6a:
                    34:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:19:EE:05:2F:16:E5:7F:14:95:12:E2:93:20:8D:72:EB:FF:66:EF
            X509v3 Authority Key Identifier:
                keyid:B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:a0:a9:f4:16:18:88:b4:8b:29:bf:86:1c:d9:3f:d4:83:36:
         b2:93:f3:d5:6b:d7:bc:9e:dc:6e:36:1a:55:c5:2f:30:cb:a6:
         e8:f5:6e:4c:9b:3f:4c:b9:46:3b:98:77:85:b9:9a:eb:ad:eb:
         0a:d2:96:78:06:47:82:a6:51:c8:aa:5d:61:39:75:e6:61:af:
         2c:90:2c:6a:27:93:50:e8:9f:2e:69:59:69:12:24:91:42:b2:
         25:30:59:65:13:ac:fd:99:d0:45:6a:1b:43:b1:3a:36:8c:cc:
         0b:4e:6b:f0:5d:56:eb:23:86:ab:3f:c1:2f:3e:8f:3a:d8:1c:
         d7:e0:5d:17:07:3d:5f:28:98:04:18:83:bc:fc:cc:54:e0:0b:
         2b:e6:44:cc:48:11:6d:7d:4b:00:49:11:8d:d6:1b:2d:e8:62:
         b5:b5:22:b0:cf:81:0a:37:16:52:f0:70:9b:20:7c:f3:eb:88:
         ba:a8:1c:8f:47:4b:93:7b:35:30:38:9d:b8:04:97:fd:80:47:
         d8:69:62:ae:41:19:dd:d8:a5:62:e7:21:e6:f0:de:e3:f5:b6:
         89:78:d2:c2:2f:af:7d:12:5f:cf:b9:5a:61:75:00:4e:f3:44:
         f6:5f:13:2f:86:0b:9d:74:60:03:05:05:31:02:85:01:20:3a:
         83:84:4c:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/pfDFoNRHT5pwvw/t5FWIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNzdkM2NiNjUyYmQzOThjNGRiYmU3NmNkYjAwODJlOWRl
ZWQ2ZDQwHhcNMjUwNTExMTQwMDQ1WhcNMjUwNTEyMTQwMDQ1WjAzMTEwLwYDVQQD
EyhlMDE5ZWUwNTJmMTZlNTdmMTQ5NTEyZTI5MzIwOGQ3MmViZmY2NmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuc26FNInkn/dm7DY8+tV/eS8pqhW
SeSfJFqxEwV0BQaYUK6FPJwGJozL3S6YNT+3stt5h4tL5Mg+RqBFgetf2MhAx9Zh
LZXkSL5qpEcUmSaUUlwJN0/IzIWDG3IjvKgaA3yIMh5dAR6uXjOCFxCeQn5k4sh9
se5o7OQBDT+2v1+qKMPPjpbGNM29/KfZFkEPWhP7PhJYJz7ulneTzmb5DvH7dpSZ
s5GQurSxUDY0OWU2uaUKqGS6oUIlqUaT2XxMIqZagkVuRqjT8t4Cv0rr8k+6CyZd
/NImP6mAQ1WTqFEgYuxvz3wM59vWBaSJ+OOSwv4mOp5yLf9KotXMvWo0DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOAZ7gUvFuV/FJUS4pMgjXLr/2bvMB8GA1UdIwQY
MBaAFLN308tlK9OYxNu+ds2wCC6d7tbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAt
ZDczYTQ1NzNjMWI0LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAtZDczYTQ1NzNjMWI0
LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqKCp9BYY
iLSLKb+GHNk/1IM2spPz1WvXvJ7cbjYaVcUvMMum6PVuTJs/TLlGO5h3hbma663r
CtKWeAZHgqZRyKpdYTl15mGvLJAsaieTUOifLmlZaRIkkUKyJTBZZROs/ZnQRWob
Q7E6NozMC05r8F1W6yOGqz/BLz6POtgc1+BdFwc9XyiYBBiDvPzMVOALK+ZEzEgR
bX1LAEkRjdYbLehitbUisM+BCjcWUvBwmyB88+uIuqgcj0dLk3s1MDiduASX/YBH
2GlirkEZ3dilYuch5vDe4/W2iXjSwi+vfRJfz7laYXUATvNE9l8TL4YLnXRgAwUF
MQKFASA6g4RMlw==
-----END CERTIFICATE-----