Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
File:                     a3tNxJzDUDQveq4ssyBbn3dfZh0.mft (raw, json)
Hash identifier:          vSvpgrFp+X9TMnvKEZpQbjUkboEW6b+S94Y9lnS8dUk=
Subject key identifier:   8F:72:7F:43:5E:9A:97:54:18:26:61:15:CB:56:F8:D6:F5:95:F6:C5
Authority key identifier: 6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D
Certificate issuer:       /CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
Certificate serial:       0196A465BA0EDA2BECF144822DE7A3AD5E50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
Manifest number:          1522
Signing time:             Tue 06 May 2025 07:00:52 +0000
Manifest this update:     Tue 06 May 2025 07:00:52 +0000
Manifest next update:     Wed 07 May 2025 07:00:52 +0000
Files and hashes:         1: a3tNxJzDUDQveq4ssyBbn3dfZh0.crl (hash: vfO1TaL++kpD04f4+Le0BxAXZSFBCzkXisfZNBU+Eyo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 07:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a4:65:ba:0e:da:2b:ec:f1:44:82:2d:e7:a3:ad:5e:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
        Validity
            Not Before: May  6 07:00:52 2025 GMT
            Not After : May  7 07:00:52 2025 GMT
        Subject: CN=8f727f435e9a975418266115cb56f8d6f595f6c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:21:f0:04:83:8f:6c:e3:f1:a6:65:c6:b7:f4:
                    99:b7:97:1d:e6:8c:85:00:f2:38:46:ce:cd:bb:81:
                    7c:b4:74:87:d1:b5:90:b4:7e:54:05:b0:b9:32:77:
                    1a:c6:0d:e9:59:e1:5b:8d:8a:85:bf:e7:a9:b7:aa:
                    7f:3b:9e:c1:2d:cc:0e:95:4c:fc:8e:7d:bb:49:82:
                    ef:5c:71:76:17:6f:7a:3f:eb:04:35:9f:74:cb:bf:
                    57:8b:19:05:70:72:55:e8:46:c4:67:0c:d3:69:51:
                    ee:61:33:85:41:6f:a3:db:c6:0d:ca:3b:ce:06:b8:
                    62:f7:56:14:24:0e:34:53:0c:c3:a3:ff:a5:66:e2:
                    6d:3a:03:0d:74:cd:b3:7e:f9:d2:65:8e:15:7f:28:
                    16:7a:2f:22:9e:ba:1a:1e:48:a2:4d:ab:11:ba:f6:
                    45:6e:3d:77:58:2c:56:6c:a9:b2:f8:a9:0a:84:2e:
                    a5:32:20:32:59:51:5c:4f:33:6e:7c:4f:b0:0a:85:
                    d1:24:38:36:50:77:f1:aa:30:97:ed:6f:51:81:8c:
                    96:5b:a9:ba:b5:f2:38:71:69:70:7b:ed:25:a3:30:
                    f4:3f:e0:d6:7b:ae:25:72:34:89:ea:08:4f:ec:c6:
                    9d:d5:46:ed:8f:6b:27:75:82:3d:5c:9d:d0:77:2e:
                    e0:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:72:7F:43:5E:9A:97:54:18:26:61:15:CB:56:F8:D6:F5:95:F6:C5
            X509v3 Authority Key Identifier:
                keyid:6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:9c:d7:b4:87:85:67:6d:47:84:22:f7:34:79:d8:65:f6:c9:
         cb:0d:c0:b2:4a:23:87:5f:8a:9e:76:d8:e2:14:8c:f1:13:56:
         15:4e:6b:aa:b6:07:5f:a5:91:28:9d:ff:8d:04:7c:bd:ed:23:
         de:a7:1e:12:d5:19:d3:33:33:c5:b2:16:7e:b4:e8:54:93:4d:
         b6:61:17:9b:f5:7a:c0:1e:c7:a4:6f:ce:00:70:36:fe:50:b0:
         08:b0:ea:e7:12:61:e2:f4:c7:7d:63:10:3b:86:28:f2:48:00:
         8b:fd:b3:1c:4d:10:e2:30:06:87:a5:86:72:25:7e:9e:f6:3c:
         12:d3:d2:b4:66:0a:57:a6:94:51:d3:ee:19:66:a9:ef:c2:86:
         7a:fe:3a:cb:1d:b8:06:55:bf:d8:72:23:09:2b:33:c1:52:02:
         ae:18:50:1b:ad:62:0a:6c:fa:86:c2:05:3a:85:72:39:93:64:
         7a:4f:2f:12:07:13:f4:9b:67:2b:3c:08:94:f5:4b:25:bb:3d:
         c1:f8:0a:25:d7:45:3e:b5:85:73:57:04:ba:c8:c7:77:c2:1e:
         ce:6a:0f:10:8a:4a:3a:f3:2c:7d:18:99:b2:7f:15:b8:38:a1:
         90:d8:c6:b9:2c:ec:e8:0f:8d:23:fa:9b:a1:35:f3:75:e4:53:
         ac:2b:0d:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZakZboO2ivs8USCLeejrV5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2I0ZGM0OWNjMzUwMzQyZjdhYWUyY2IzMjA1YjlmNzc1
ZjY2MWQwHhcNMjUwNTA2MDcwMDUyWhcNMjUwNTA3MDcwMDUyWjAzMTEwLwYDVQQD
Eyg4ZjcyN2Y0MzVlOWE5NzU0MTgyNjYxMTVjYjU2ZjhkNmY1OTVmNmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3SHwBIOPbOPxpmXGt/SZt5cd5oyF
API4Rs7Nu4F8tHSH0bWQtH5UBbC5Mncaxg3pWeFbjYqFv+ept6p/O57BLcwOlUz8
jn27SYLvXHF2F296P+sENZ90y79XixkFcHJV6EbEZwzTaVHuYTOFQW+j28YNyjvO
Brhi91YUJA40UwzDo/+lZuJtOgMNdM2zfvnSZY4VfygWei8inroaHkiiTasRuvZF
bj13WCxWbKmy+KkKhC6lMiAyWVFcTzNufE+wCoXRJDg2UHfxqjCX7W9RgYyWW6m6
tfI4cWlwe+0lozD0P+DWe64lcjSJ6ghP7Mad1Ubtj2sndYI9XJ3Qdy7gAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI9yf0NempdUGCZhFctW+Nb1lfbFMB8GA1UdIwQY
MBaAFGt7TcScw1A0L3quLLMgW593X2YdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGIt
YzZkNGMxYTU0YTRiLzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGItYzZkNGMxYTU0YTRi
LzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF5zXtIeF
Z21HhCL3NHnYZfbJyw3Askojh1+KnnbY4hSM8RNWFU5rqrYHX6WRKJ3/jQR8ve0j
3qceEtUZ0zMzxbIWfrToVJNNtmEXm/V6wB7HpG/OAHA2/lCwCLDq5xJh4vTHfWMQ
O4Yo8kgAi/2zHE0Q4jAGh6WGciV+nvY8EtPStGYKV6aUUdPuGWap78KGev46yx24
BlW/2HIjCSszwVICrhhQG61iCmz6hsIFOoVyOZNkek8vEgcT9JtnKzwIlPVLJbs9
wfgKJddFPrWFc1cEusjHd8IezmoPEIpKOvMsfRiZsn8VuDihkNjGuSzs6A+NI/qb
oTXzdeRTrCsNcA==
-----END CERTIFICATE-----