Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
File:                     3k_14NZGWzwsc6LG4Q5WovpzFic.mft (raw, json)
Hash identifier:          grr0v7mp2I0szJFRRO7aiNWm6aWvJdurpMlYisEsIwA=
Subject key identifier:   A4:3D:B5:4F:3A:40:9E:2C:53:EF:62:25:CF:4E:E6:67:7C:56:8A:42
Authority key identifier: DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27
Certificate issuer:       /CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
Certificate serial:       0196CA608DC9DCD52FB478F90000E95729A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
Manifest number:          0CD3
Signing time:             Tue 13 May 2025 16:00:47 +0000
Manifest this update:     Tue 13 May 2025 16:00:47 +0000
Manifest next update:     Wed 14 May 2025 16:00:47 +0000
Files and hashes:         1: 3k_14NZGWzwsc6LG4Q5WovpzFic.crl (hash: XeFWiwygysXq5miVFqcM/FPPUrP5jKFiB1pQprs21i4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 16:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ca:60:8d:c9:dc:d5:2f:b4:78:f9:00:00:e9:57:29:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
        Validity
            Not Before: May 13 16:00:47 2025 GMT
            Not After : May 14 16:00:47 2025 GMT
        Subject: CN=a43db54f3a409e2c53ef6225cf4ee6677c568a42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:d5:1a:69:bf:bc:84:5f:e1:c6:c5:1d:f2:c8:
                    9b:7f:e3:47:c0:7e:15:73:12:5e:69:af:0e:55:92:
                    7e:13:ce:03:a8:98:81:a2:16:86:28:ac:2b:b1:87:
                    40:d5:53:1f:f4:ec:61:3e:49:bc:e8:70:02:72:35:
                    91:cb:66:cb:b1:c0:78:12:96:c8:3a:f5:4b:95:44:
                    28:70:91:a3:a6:95:7e:c0:71:61:ea:94:8b:85:22:
                    c4:47:a7:f0:8d:71:d3:3f:d6:0e:a2:59:ef:3e:81:
                    95:6f:29:36:1f:ad:ee:ca:8a:e5:7e:28:2f:24:90:
                    fe:4d:55:6a:3f:ee:51:8c:98:a5:03:88:aa:aa:4d:
                    da:29:5f:b2:aa:44:9d:bb:ae:ad:17:c6:4b:20:ee:
                    68:7d:b5:6e:4d:12:1c:22:d1:d8:e3:6f:4e:e2:3c:
                    be:5c:3c:36:60:1b:2a:91:48:50:5e:8b:ab:f5:d0:
                    19:d0:45:02:9a:cf:68:d0:59:7b:89:73:05:70:a6:
                    16:95:b6:31:4f:87:72:93:13:e9:f4:3e:67:e6:98:
                    9e:56:be:03:0f:94:46:20:b0:87:a2:46:4f:c4:6d:
                    a8:63:01:b4:88:f8:7d:80:a1:3d:f5:61:f3:c5:ab:
                    ab:df:f4:b4:f6:f8:8f:c0:88:46:3b:59:ca:09:eb:
                    9e:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:3D:B5:4F:3A:40:9E:2C:53:EF:62:25:CF:4E:E6:67:7C:56:8A:42
            X509v3 Authority Key Identifier:
                keyid:DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:19:ee:d3:d4:6f:9e:60:ea:fa:94:9e:69:95:a2:cc:18:97:
         a9:30:34:d2:36:00:4f:ea:04:1b:b2:cd:ce:17:42:16:67:6b:
         6a:bc:65:cb:0e:f5:be:4f:57:b1:0b:cd:e6:89:ec:57:05:39:
         0e:fa:7e:3c:b8:70:7a:6f:2f:a2:77:3c:6a:c4:19:79:ba:b6:
         36:cc:98:19:b9:e7:d1:fd:4d:1d:b2:ec:e5:da:2b:b8:74:f7:
         c1:99:5f:21:29:33:37:be:4a:7e:45:c2:3b:d4:5a:b6:c6:02:
         f9:b0:0e:51:e9:10:6a:c1:ad:ec:f3:74:bf:b9:94:81:67:37:
         d7:ac:7a:94:42:a4:8d:56:71:3d:48:87:c7:27:fd:2c:98:bf:
         48:56:73:45:0f:47:76:50:61:45:a0:bc:6b:6a:59:f4:3d:62:
         f1:46:5b:a9:9b:28:56:c6:cd:05:98:a6:81:7b:a1:91:ea:62:
         4c:78:68:0b:53:05:0e:8c:46:32:49:53:ac:f2:6d:86:37:b3:
         0d:de:a9:01:19:66:cb:33:b4:a8:4f:86:b3:de:33:c5:b7:c6:
         98:6d:3d:64:de:b8:53:f9:82:e8:16:2c:08:65:a8:33:9f:20:
         f2:2f:3c:ea:b5:50:e1:48:7a:fc:a1:07:bf:7f:8a:46:c3:a9:
         1d:41:39:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbKYI3J3NUvtHj5AADpVymlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNGZmNWUwZDY0NjViM2MyYzczYTJjNmUxMGU1NmEyZmE3
MzE2MjcwHhcNMjUwNTEzMTYwMDQ3WhcNMjUwNTE0MTYwMDQ3WjAzMTEwLwYDVQQD
EyhhNDNkYjU0ZjNhNDA5ZTJjNTNlZjYyMjVjZjRlZTY2NzdjNTY4YTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNUaab+8hF/hxsUd8sibf+NHwH4V
cxJeaa8OVZJ+E84DqJiBohaGKKwrsYdA1VMf9OxhPkm86HACcjWRy2bLscB4EpbI
OvVLlUQocJGjppV+wHFh6pSLhSLER6fwjXHTP9YOolnvPoGVbyk2H63uyorlfigv
JJD+TVVqP+5RjJilA4iqqk3aKV+yqkSdu66tF8ZLIO5ofbVuTRIcItHY429O4jy+
XDw2YBsqkUhQXour9dAZ0EUCms9o0Fl7iXMFcKYWlbYxT4dykxPp9D5n5pieVr4D
D5RGILCHokZPxG2oYwG0iPh9gKE99WHzxaur3/S09viPwIhGO1nKCeuerQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKQ9tU86QJ4sU+9iJc9O5md8VopCMB8GA1UdIwQY
MBaAFN5P9eDWRls8LHOixuEOVqL6cxYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEt
ODg0ZTgxYTE3ODZhLzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEtODg0ZTgxYTE3ODZh
LzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlBnu09Rv
nmDq+pSeaZWizBiXqTA00jYAT+oEG7LNzhdCFmdrarxlyw71vk9XsQvN5onsVwU5
Dvp+PLhwem8vonc8asQZebq2NsyYGbnn0f1NHbLs5doruHT3wZlfISkzN75KfkXC
O9RatsYC+bAOUekQasGt7PN0v7mUgWc316x6lEKkjVZxPUiHxyf9LJi/SFZzRQ9H
dlBhRaC8a2pZ9D1i8UZbqZsoVsbNBZimgXuhkepiTHhoC1MFDoxGMklTrPJthjez
Dd6pARlmyzO0qE+Gs94zxbfGmG09ZN64U/mC6BYsCGWoM58g8i886rVQ4Uh6/KEH
v3+KRsOpHUE5ng==
-----END CERTIFICATE-----