Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
File:                     I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft (raw, json)
Hash identifier:          0Ugg6GS/P61AGCqrolZ6Ab2avCrCL/GSLsI8KFFfYcU=
Subject key identifier:   17:BF:C2:BB:DF:F8:B7:40:17:78:3C:BC:D0:67:42:DD:08:23:CF:C6
Authority key identifier: 23:74:3F:E3:17:C3:24:BF:79:43:EA:73:A7:D4:B7:86:CF:DC:1E:9F
Certificate issuer:       /CN=23743fe317c324bf7943ea73a7d4b786cfdc1e9f
Certificate serial:       0196C53AF1113DA8C04CA245A849F2986153
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
Manifest number:          1534
Signing time:             Mon 12 May 2025 16:01:36 +0000
Manifest this update:     Mon 12 May 2025 16:01:36 +0000
Manifest next update:     Tue 13 May 2025 16:01:36 +0000
Files and hashes:         1: I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl (hash: nXJEuxEkVUec3Iu2ms3iPqgw8J7ZAmuXoU6icbN79/o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:3a:f1:11:3d:a8:c0:4c:a2:45:a8:49:f2:98:61:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23743fe317c324bf7943ea73a7d4b786cfdc1e9f
        Validity
            Not Before: May 12 16:01:36 2025 GMT
            Not After : May 13 16:01:36 2025 GMT
        Subject: CN=17bfc2bbdff8b74017783cbcd06742dd0823cfc6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:92:db:fa:c3:61:10:45:92:6a:b0:a0:93:4f:
                    4a:9c:21:91:38:dd:d2:17:95:8a:9d:cf:fe:50:24:
                    55:32:3d:16:ac:b8:b4:20:e7:2c:7c:99:ed:23:5c:
                    e1:a1:96:11:c9:85:c1:cb:58:02:a3:3b:e9:e7:58:
                    b7:37:5d:ef:36:48:7b:db:5c:19:5b:66:14:df:ae:
                    93:d8:ff:d9:f2:95:37:1f:b3:bb:43:7e:3c:17:6d:
                    71:68:ae:e7:6b:0f:8d:07:ea:f0:2a:8f:28:94:9e:
                    5c:ad:7c:5e:41:01:4a:65:d7:c0:3b:f3:62:27:72:
                    86:86:ec:60:a7:d2:84:71:29:b0:c1:5b:b6:1d:c7:
                    7c:4a:b2:ed:27:ed:3a:ae:d9:af:98:88:23:09:2b:
                    af:d2:51:6e:c7:c9:47:31:ea:09:29:15:5f:fb:f9:
                    e4:10:3e:01:73:35:35:71:00:74:d5:92:ae:88:9d:
                    86:47:23:72:f3:a6:20:d2:9c:b6:cd:16:a9:93:c5:
                    17:3c:90:3e:27:3f:4b:a9:7a:66:78:fe:f2:0d:7b:
                    22:dd:31:45:78:da:8e:9b:c0:f2:bd:d9:0e:f1:1f:
                    80:eb:20:77:b1:7e:41:65:7d:4a:9a:17:ee:43:6f:
                    71:9a:1e:43:a5:b3:b7:c4:9a:9d:95:a7:41:f6:c4:
                    3f:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:BF:C2:BB:DF:F8:B7:40:17:78:3C:BC:D0:67:42:DD:08:23:CF:C6
            X509v3 Authority Key Identifier:
                keyid:23:74:3F:E3:17:C3:24:BF:79:43:EA:73:A7:D4:B7:86:CF:DC:1E:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:2d:07:f5:7a:92:52:07:4e:b9:ea:e0:7a:6e:dd:85:a4:23:
         57:56:af:7f:cb:67:f3:1a:a8:7c:3b:79:b1:6d:f1:82:66:c0:
         93:a1:f8:12:e5:45:3a:5e:de:4e:2f:b5:48:7d:bf:34:37:29:
         9b:06:5e:d3:46:17:2e:9e:2a:15:c1:4e:a4:20:b9:d3:31:9a:
         57:78:cd:c5:cf:fd:ec:47:b7:0a:b6:51:5e:c4:6b:b8:45:9e:
         98:99:ad:00:37:dc:cd:cd:ae:cd:a4:88:7d:06:43:8a:74:71:
         88:23:7d:37:4a:2e:7e:c2:01:a5:f2:99:c2:f4:4c:4d:d6:5d:
         27:98:86:7b:14:5b:ac:b3:6f:90:5d:b7:bb:dc:e1:ed:63:16:
         74:99:97:36:85:81:fa:bd:c6:ff:2c:58:2b:f9:43:59:79:e5:
         40:b7:15:11:0d:9d:34:4b:b4:1f:12:ba:5c:3b:72:eb:8e:8d:
         43:55:94:b6:9e:44:fd:34:48:48:c0:fc:02:60:ff:a5:a9:34:
         22:aa:da:d3:57:af:e4:5d:68:08:38:47:3b:4f:e5:1e:c6:01:
         8c:e2:7d:e7:cb:16:6f:30:47:b3:82:b5:15:a8:ca:14:33:f1:
         b2:05:de:e0:12:9b:86:b3:6e:0b:fa:90:41:26:5b:10:bd:69:
         e7:f8:6e:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFOvERPajATKJFqEnymGFTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzQzZmUzMTdjMzI0YmY3OTQzZWE3M2E3ZDRiNzg2Y2Zk
YzFlOWYwHhcNMjUwNTEyMTYwMTM2WhcNMjUwNTEzMTYwMTM2WjAzMTEwLwYDVQQD
EygxN2JmYzJiYmRmZjhiNzQwMTc3ODNjYmNkMDY3NDJkZDA4MjNjZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5Lb+sNhEEWSarCgk09KnCGRON3S
F5WKnc/+UCRVMj0WrLi0IOcsfJntI1zhoZYRyYXBy1gCozvp51i3N13vNkh721wZ
W2YU366T2P/Z8pU3H7O7Q348F21xaK7naw+NB+rwKo8olJ5crXxeQQFKZdfAO/Ni
J3KGhuxgp9KEcSmwwVu2Hcd8SrLtJ+06rtmvmIgjCSuv0lFux8lHMeoJKRVf+/nk
ED4BczU1cQB01ZKuiJ2GRyNy86Yg0py2zRapk8UXPJA+Jz9LqXpmeP7yDXsi3TFF
eNqOm8DyvdkO8R+A6yB3sX5BZX1KmhfuQ29xmh5DpbO3xJqdladB9sQ/XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBe/wrvf+LdAF3g8vNBnQt0II8/GMB8GA1UdIwQY
MBaAFCN0P+MXwyS/eUPqc6fUt4bP3B6fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zZWY4NDYtZjg0ZC00NTVmLThlZTgt
Zjk2MTNkYTA5ZWViLzEvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zZWY4NDYtZjg0ZC00NTVmLThlZTgtZjk2MTNkYTA5ZWVi
LzEvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANC0H9XqS
UgdOuergem7dhaQjV1avf8tn8xqofDt5sW3xgmbAk6H4EuVFOl7eTi+1SH2/NDcp
mwZe00YXLp4qFcFOpCC50zGaV3jNxc/97Ee3CrZRXsRruEWemJmtADfczc2uzaSI
fQZDinRxiCN9N0oufsIBpfKZwvRMTdZdJ5iGexRbrLNvkF23u9zh7WMWdJmXNoWB
+r3G/yxYK/lDWXnlQLcVEQ2dNEu0HxK6XDty646NQ1WUtp5E/TRISMD8AmD/pak0
Iqra01ev5F1oCDhHO0/lHsYBjOJ958sWbzBHs4K1FajKFDPxsgXe4BKbhrNuC/qQ
QSZbEL1p5/huEA==
-----END CERTIFICATE-----