Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
File:                     3cwuYUgshl3CU8D6lD49os6X2gU.mft (raw, json)
Hash identifier:          ulqvJckj/5UHgzZYbT4Ty+UOCJQdVwWio1Eu3RPBv9g=
Subject key identifier:   10:8C:97:3F:92:93:C4:B4:67:94:39:DC:EA:88:1B:24:14:89:CA:B6
Authority key identifier: DD:CC:2E:61:48:2C:86:5D:C2:53:C0:FA:94:3E:3D:A2:CE:97:DA:05
Certificate issuer:       /CN=ddcc2e61482c865dc253c0fa943e3da2ce97da05
Certificate serial:       0196C2A6FE367F6D9BF54AAD596C483927C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
Manifest number:          04BB
Signing time:             Mon 12 May 2025 04:00:46 +0000
Manifest this update:     Mon 12 May 2025 04:00:46 +0000
Manifest next update:     Tue 13 May 2025 04:00:46 +0000
Files and hashes:         1: 3cwuYUgshl3CU8D6lD49os6X2gU.crl (hash: lpLV8KMN0ZoiOJPkN0AnQAmc/O2SW28cIICn/cJhurE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c2:a6:fe:36:7f:6d:9b:f5:4a:ad:59:6c:48:39:27:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddcc2e61482c865dc253c0fa943e3da2ce97da05
        Validity
            Not Before: May 12 04:00:46 2025 GMT
            Not After : May 13 04:00:46 2025 GMT
        Subject: CN=108c973f9293c4b4679439dcea881b241489cab6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:18:1b:a8:67:51:7a:6a:da:65:88:6c:1c:02:
                    d8:61:62:2c:fa:97:13:0e:33:49:1b:00:aa:07:55:
                    63:c0:18:0e:d4:4e:05:83:0c:5e:32:73:bb:53:61:
                    81:1b:22:e3:a8:09:3d:24:75:91:5b:f8:c0:4f:a0:
                    b9:af:30:f0:c3:35:eb:70:18:85:09:d5:da:cb:5c:
                    d0:04:01:e1:d8:5c:81:07:ba:57:43:53:54:43:d5:
                    e8:5d:f3:93:eb:77:48:b7:bd:6c:81:55:52:95:ac:
                    b2:52:fd:87:71:95:eb:bf:73:d4:60:54:54:4b:1a:
                    86:55:09:3c:c4:a9:51:eb:15:4c:fe:c2:fd:50:51:
                    72:66:9b:f0:21:af:5b:36:3b:77:55:5c:e2:3b:fc:
                    dd:87:8c:9d:81:d7:0c:e5:5d:ce:37:21:6b:02:35:
                    8c:46:ec:b3:89:de:4b:d6:60:ef:ab:b3:55:f0:9d:
                    b8:5f:4b:ea:d9:8e:82:2d:4a:94:3e:85:58:65:6d:
                    c5:d9:df:2d:19:3b:86:c6:c5:9e:4d:c4:ac:6e:c7:
                    3c:97:ad:34:c8:f8:cd:63:ec:6b:3c:13:34:09:8b:
                    b0:02:e1:b0:09:df:e7:0f:6e:74:95:72:22:38:ee:
                    d6:75:0b:53:12:62:20:34:11:4e:8f:3c:73:ca:44:
                    a2:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:8C:97:3F:92:93:C4:B4:67:94:39:DC:EA:88:1B:24:14:89:CA:B6
            X509v3 Authority Key Identifier:
                keyid:DD:CC:2E:61:48:2C:86:5D:C2:53:C0:FA:94:3E:3D:A2:CE:97:DA:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:0e:6a:af:a5:de:bd:a2:9e:c6:c0:3e:5b:7e:ac:0b:a5:47:
         e5:c3:b5:9f:36:a1:8f:e2:0d:dc:74:b5:18:74:79:9c:24:43:
         92:b8:cc:44:42:e1:d3:bc:e9:cb:04:a0:dd:ea:03:af:37:3c:
         8b:fa:5f:83:c6:61:73:fb:93:5a:bf:bf:08:3a:ea:8d:0f:51:
         16:07:01:e4:3f:dc:8d:52:7a:9c:94:21:bc:71:55:ce:e8:82:
         59:14:42:ba:03:cd:47:e9:69:13:d2:ae:4d:1e:6a:64:d4:02:
         9e:8a:25:57:79:19:5e:a7:15:ec:b0:18:21:05:fa:de:e6:28:
         df:09:0c:42:67:4d:5c:b7:b4:4e:4c:0e:88:49:4f:00:a3:60:
         7d:94:93:0e:36:1f:16:85:26:ec:9b:ca:eb:9c:24:28:91:65:
         75:e3:a6:cf:31:8d:92:10:5b:a8:c3:16:c2:63:64:12:c1:5e:
         91:19:86:54:8a:0b:a3:b7:15:8b:1c:00:49:9b:61:71:4c:cb:
         19:fc:41:4f:09:8c:14:25:76:af:bd:75:d5:14:ae:8d:ce:62:
         54:ac:0b:1c:ee:bf:9e:38:4c:51:85:aa:99:e6:e3:fd:f9:69:
         c0:9e:a9:a5:a5:43:8c:f9:0f:07:62:db:c1:1a:b1:9e:35:8b:
         a9:fe:b1:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbCpv42f22b9UqtWWxIOSfHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkY2MyZTYxNDgyYzg2NWRjMjUzYzBmYTk0M2UzZGEyY2U5
N2RhMDUwHhcNMjUwNTEyMDQwMDQ2WhcNMjUwNTEzMDQwMDQ2WjAzMTEwLwYDVQQD
EygxMDhjOTczZjkyOTNjNGI0Njc5NDM5ZGNlYTg4MWIyNDE0ODljYWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxgbqGdRemraZYhsHALYYWIs+pcT
DjNJGwCqB1VjwBgO1E4FgwxeMnO7U2GBGyLjqAk9JHWRW/jAT6C5rzDwwzXrcBiF
CdXay1zQBAHh2FyBB7pXQ1NUQ9XoXfOT63dIt71sgVVSlayyUv2HcZXrv3PUYFRU
SxqGVQk8xKlR6xVM/sL9UFFyZpvwIa9bNjt3VVziO/zdh4ydgdcM5V3ONyFrAjWM
Ruyzid5L1mDvq7NV8J24X0vq2Y6CLUqUPoVYZW3F2d8tGTuGxsWeTcSsbsc8l600
yPjNY+xrPBM0CYuwAuGwCd/nD250lXIiOO7WdQtTEmIgNBFOjzxzykSiIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBCMlz+Sk8S0Z5Q53OqIGyQUicq2MB8GA1UdIwQY
MBaAFN3MLmFILIZdwlPA+pQ+PaLOl9oFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iZjczNDMtNjVhNC00NzE0LThmOTAt
MzU4ZjU5NTMyMjU4LzEvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iZjczNDMtNjVhNC00NzE0LThmOTAtMzU4ZjU5NTMyMjU4
LzEvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASA5qr6Xe
vaKexsA+W36sC6VH5cO1nzahj+IN3HS1GHR5nCRDkrjMRELh07zpywSg3eoDrzc8
i/pfg8Zhc/uTWr+/CDrqjQ9RFgcB5D/cjVJ6nJQhvHFVzuiCWRRCugPNR+lpE9Ku
TR5qZNQCnoolV3kZXqcV7LAYIQX63uYo3wkMQmdNXLe0TkwOiElPAKNgfZSTDjYf
FoUm7JvK65wkKJFldeOmzzGNkhBbqMMWwmNkEsFekRmGVIoLo7cVixwASZthcUzL
GfxBTwmMFCV2r7111RSujc5iVKwLHO6/njhMUYWqmebj/flpwJ6ppaVDjPkPB2Lb
wRqxnjWLqf6xag==
-----END CERTIFICATE-----