Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft
File:                     3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft (raw, json)
Hash identifier:          P+7cZbovg1Hw1u3oQOxD9IMGiy5yK6MCiHolnnvrHYw=
Subject key identifier:   84:66:DD:23:37:AF:82:96:F7:9F:A7:4D:7A:BE:C5:8B:94:06:ED:65
Authority key identifier: DE:3D:3A:98:49:5C:27:B9:CE:35:0A:E5:B8:9F:99:14:4B:0A:4C:9D
Certificate issuer:       /CN=de3d3a98495c27b9ce350ae5b89f99144b0a4c9d
Certificate serial:       0196ACC422D96E7E240E628A24B3DE70A313
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3j06mElcJ7nONQrluJ-ZFEsKTJ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft
Manifest number:          017A
Signing time:             Wed 07 May 2025 22:00:57 +0000
Manifest this update:     Wed 07 May 2025 22:00:57 +0000
Manifest next update:     Thu 08 May 2025 22:00:57 +0000
Files and hashes:         1: 3j06mElcJ7nONQrluJ-ZFEsKTJ0.crl (hash: nMRU0LaDQzsmoeqP/ZCAnCEVZUTiSaQXiaAHQIasLWA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3j06mElcJ7nONQrluJ-ZFEsKTJ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 20:38:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ac:c4:22:d9:6e:7e:24:0e:62:8a:24:b3:de:70:a3:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de3d3a98495c27b9ce350ae5b89f99144b0a4c9d
        Validity
            Not Before: May  7 22:00:57 2025 GMT
            Not After : May  8 22:00:57 2025 GMT
        Subject: CN=8466dd2337af8296f79fa74d7abec58b9406ed65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:4e:34:58:c8:a7:f5:29:2a:b2:c0:4f:de:6f:
                    80:d4:e2:07:4e:fc:af:fc:2a:4d:22:c1:b1:83:7f:
                    59:66:1e:f8:75:e4:d1:1e:58:6d:6a:fa:67:58:7a:
                    6b:21:1e:99:be:5e:e8:02:88:ee:b3:a2:00:87:a8:
                    39:32:7a:a2:de:1c:cc:27:fb:11:e4:25:68:ec:f5:
                    2b:33:47:a8:19:8a:19:fa:e2:7d:d7:42:8b:47:5f:
                    23:33:9b:50:de:b0:10:86:31:fd:47:31:8a:86:3b:
                    c5:16:33:78:e4:5f:ce:ad:3b:c7:98:0c:fd:0e:ef:
                    26:a3:c3:57:e4:f5:06:4b:59:92:45:34:23:df:4f:
                    6f:c1:cd:57:ca:69:ec:3c:ed:59:47:9c:b6:93:e3:
                    ce:87:e5:a8:97:1f:dd:5d:10:21:f3:78:aa:f7:a1:
                    bd:42:4d:06:1d:7b:a1:83:66:52:54:6d:1c:66:c9:
                    d1:dc:fd:30:04:2b:09:35:32:f8:1d:6d:de:b8:1f:
                    71:dc:d1:f9:1a:0e:e7:4b:5a:fc:59:fc:0b:75:09:
                    cd:c2:56:90:87:f5:88:36:ce:44:d7:98:bf:53:e9:
                    ed:22:4c:ab:f5:37:ef:ed:f7:17:a1:13:d9:d4:22:
                    d8:a8:b7:ba:f4:57:2d:96:6a:98:d8:08:2d:31:f4:
                    fe:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:66:DD:23:37:AF:82:96:F7:9F:A7:4D:7A:BE:C5:8B:94:06:ED:65
            X509v3 Authority Key Identifier:
                keyid:DE:3D:3A:98:49:5C:27:B9:CE:35:0A:E5:B8:9F:99:14:4B:0A:4C:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3j06mElcJ7nONQrluJ-ZFEsKTJ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:4d:1e:09:63:18:c9:19:ae:84:02:61:a7:8d:0f:35:e8:a0:
         95:80:b7:26:a4:2b:b1:f1:76:fb:03:5a:12:61:76:05:25:bc:
         24:87:86:f1:b5:85:c5:48:b9:1d:ef:9c:50:7d:e5:87:33:4b:
         3c:0e:ee:9f:f4:96:d1:7b:31:63:bd:0a:a8:4a:c8:45:96:cb:
         5c:ba:87:df:f4:84:62:b1:fa:a1:47:99:98:cc:65:57:bc:f5:
         ef:0b:87:1c:ae:1c:93:6f:f2:38:e7:1a:64:73:fa:f1:96:e0:
         a0:04:b7:32:28:53:72:b0:0c:1f:c4:17:fe:04:e5:bb:36:b0:
         03:6a:f2:a0:74:c0:3e:87:c4:d7:63:78:a1:6c:3c:04:53:eb:
         d4:ca:10:3c:30:b3:30:08:6e:e8:52:d0:53:b9:3b:cf:4f:2d:
         83:5e:33:d3:fa:2f:53:01:f1:67:52:ed:5e:48:cd:46:ba:31:
         73:55:d9:0c:a0:fb:76:86:32:29:51:97:95:9c:f6:39:68:3b:
         60:21:25:4b:eb:14:05:58:4e:3d:4e:57:d2:43:b7:ba:04:e2:
         ae:08:64:40:36:95:8e:76:f0:ef:e0:6c:ab:a4:b0:f9:6e:f7:
         71:da:4c:6e:81:a8:e7:81:9e:e7:ab:3a:ac:73:ee:1d:cf:0d:
         50:ec:e6:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZasxCLZbn4kDmKKJLPecKMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlM2QzYTk4NDk1YzI3YjljZTM1MGFlNWI4OWY5OTE0NGIw
YTRjOWQwHhcNMjUwNTA3MjIwMDU3WhcNMjUwNTA4MjIwMDU3WjAzMTEwLwYDVQQD
Eyg4NDY2ZGQyMzM3YWY4Mjk2Zjc5ZmE3NGQ3YWJlYzU4Yjk0MDZlZDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApk40WMin9SkqssBP3m+A1OIHTvyv
/CpNIsGxg39ZZh74deTRHlhtavpnWHprIR6Zvl7oAojus6IAh6g5Mnqi3hzMJ/sR
5CVo7PUrM0eoGYoZ+uJ910KLR18jM5tQ3rAQhjH9RzGKhjvFFjN45F/OrTvHmAz9
Du8mo8NX5PUGS1mSRTQj309vwc1XymnsPO1ZR5y2k+POh+Wolx/dXRAh83iq96G9
Qk0GHXuhg2ZSVG0cZsnR3P0wBCsJNTL4HW3euB9x3NH5Gg7nS1r8WfwLdQnNwlaQ
h/WINs5E15i/U+ntIkyr9Tfv7fcXoRPZ1CLYqLe69FctlmqY2AgtMfT+jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRm3SM3r4KW95+nTXq+xYuUBu1lMB8GA1UdIwQY
MBaAFN49OphJXCe5zjUK5bifmRRLCkydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2owNm1FbGNKN25PTlFybHVKLVpGRXNLVEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jYjQxMjctOGUwNi00N2Q5LWJkZjEt
Yzg4OGIyMDQ4OWZjLzEvM2owNm1FbGNKN25PTlFybHVKLVpGRXNLVEowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jYjQxMjctOGUwNi00N2Q5LWJkZjEtYzg4OGIyMDQ4OWZj
LzEvM2owNm1FbGNKN25PTlFybHVKLVpGRXNLVEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWk0eCWMY
yRmuhAJhp40PNeiglYC3JqQrsfF2+wNaEmF2BSW8JIeG8bWFxUi5He+cUH3lhzNL
PA7un/SW0XsxY70KqErIRZbLXLqH3/SEYrH6oUeZmMxlV7z17wuHHK4ck2/yOOca
ZHP68ZbgoAS3MihTcrAMH8QX/gTluzawA2ryoHTAPofE12N4oWw8BFPr1MoQPDCz
MAhu6FLQU7k7z08tg14z0/ovUwHxZ1LtXkjNRroxc1XZDKD7doYyKVGXlZz2OWg7
YCElS+sUBVhOPU5X0kO3ugTirghkQDaVjnbw7+Bsq6Sw+W73cdpMboGo54Ge56s6
rHPuHc8NUOzmHg==
-----END CERTIFICATE-----