Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          Js1KacAX8CY1evXuXLp6P+hzg5zbgmgbm0tLIf/NjSo=
Subject key identifier:   41:54:4A:FC:2D:C9:DC:84:31:AF:D6:A5:50:5A:81:B9:A1:67:77:6F
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       0196BF6EB7C6C5B6F116895C301E7D4FD891
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          0FA4
Signing time:             Sun 11 May 2025 13:00:26 +0000
Manifest this update:     Sun 11 May 2025 13:00:26 +0000
Manifest next update:     Mon 12 May 2025 13:00:26 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: 0zi0BptM03C70qnslJBNvCiAGrGExNlmLOQI43dFfHc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 13:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:6e:b7:c6:c5:b6:f1:16:89:5c:30:1e:7d:4f:d8:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: May 11 13:00:26 2025 GMT
            Not After : May 12 13:00:26 2025 GMT
        Subject: CN=41544afc2dc9dc8431afd6a5505a81b9a167776f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:91:a7:41:c9:1b:f8:13:82:f1:8e:5e:1e:5d:
                    d7:ec:e7:e2:c9:31:7a:a7:70:79:c3:8b:9d:7e:5c:
                    c7:3a:04:ce:aa:db:5b:d5:16:e9:aa:28:db:ba:9c:
                    df:8a:77:8d:b3:fd:66:bc:27:9f:3d:17:a6:e7:52:
                    3e:b9:dd:2f:1b:85:2d:cd:78:89:d4:d6:51:b7:44:
                    3f:35:ba:72:7e:12:da:53:95:9c:2b:b2:1b:3c:24:
                    14:22:fe:b0:b3:bd:8f:26:48:f8:e1:48:79:bf:7d:
                    aa:d7:7c:9c:69:2e:f9:68:c2:cf:b9:c0:81:b4:f5:
                    fb:33:0d:63:70:4c:ba:9c:3b:61:ce:87:ff:2b:d0:
                    21:94:29:28:fe:8d:8a:05:6e:16:63:08:54:11:f0:
                    f4:46:c2:5e:6d:88:40:94:a7:9d:f0:ff:b4:f3:b1:
                    e5:96:07:0d:af:1a:72:f5:c2:06:cd:b1:a5:dd:95:
                    93:2d:fc:03:29:9f:cc:bc:7e:a4:0b:98:d4:57:48:
                    c7:85:c5:55:7e:25:d6:f5:d4:5b:fc:b8:67:1b:5a:
                    4f:99:25:71:43:25:6e:ae:73:9c:1a:33:e9:3c:e1:
                    f6:3e:38:37:b9:9f:6d:31:d7:52:9d:c5:c4:a3:5a:
                    e6:90:4f:79:fc:62:60:d2:27:6e:48:60:01:a4:db:
                    8d:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:54:4A:FC:2D:C9:DC:84:31:AF:D6:A5:50:5A:81:B9:A1:67:77:6F
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:5c:fa:25:dc:6f:20:5b:7a:40:ee:ab:91:25:20:bb:a9:49:
         81:e6:19:65:39:f6:1f:bd:97:ea:8f:8c:41:9b:aa:80:3d:0b:
         b2:09:30:1a:ac:22:2d:f4:9d:26:96:33:89:a9:cf:bb:c5:cb:
         b3:3b:3f:09:82:be:ba:fa:a0:66:78:16:5b:76:11:f5:73:47:
         96:2c:aa:e6:9b:d5:99:42:8b:14:ee:11:60:53:c2:3a:d9:e9:
         1d:5d:43:99:e4:25:03:95:3d:4c:17:59:c9:85:01:ad:8d:96:
         8e:a9:35:ee:cd:d9:96:f5:3a:5b:8e:7a:ee:b1:e1:44:31:d1:
         63:64:e3:70:cb:02:64:53:91:b2:70:3f:8b:d3:d6:e7:57:34:
         a9:e9:19:90:2a:6f:b6:81:49:67:fe:e7:9e:64:b0:82:43:89:
         6c:f2:0e:21:42:ba:b9:aa:63:19:f2:e9:9f:e2:8f:25:70:28:
         7d:f2:34:66:f1:3d:37:c3:f4:62:f4:6b:1e:6b:9b:7c:03:15:
         92:89:7a:0e:aa:01:7e:13:07:02:0f:b1:e9:85:b1:77:a2:b7:
         a8:3b:6f:43:c7:54:c6:34:d2:6e:2a:78:9f:02:bc:3d:a5:b0:
         33:1f:8b:dc:e9:bd:2c:3a:74:16:19:29:55:6a:ef:20:31:86:
         fb:0a:a0:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/brfGxbbxFolcMB59T9iRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjUwNTExMTMwMDI2WhcNMjUwNTEyMTMwMDI2WjAzMTEwLwYDVQQD
Eyg0MTU0NGFmYzJkYzlkYzg0MzFhZmQ2YTU1MDVhODFiOWExNjc3NzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZGnQckb+BOC8Y5eHl3X7OfiyTF6
p3B5w4udflzHOgTOqttb1RbpqijbupzfineNs/1mvCefPRem51I+ud0vG4UtzXiJ
1NZRt0Q/NbpyfhLaU5WcK7IbPCQUIv6ws72PJkj44Uh5v32q13ycaS75aMLPucCB
tPX7Mw1jcEy6nDthzof/K9AhlCko/o2KBW4WYwhUEfD0RsJebYhAlKed8P+087Hl
lgcNrxpy9cIGzbGl3ZWTLfwDKZ/MvH6kC5jUV0jHhcVVfiXW9dRb/LhnG1pPmSVx
QyVurnOcGjPpPOH2Pjg3uZ9tMddSncXEo1rmkE95/GJg0iduSGABpNuNMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEFUSvwtydyEMa/WpVBagbmhZ3dvMB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHVz6Jdxv
IFt6QO6rkSUgu6lJgeYZZTn2H72X6o+MQZuqgD0LsgkwGqwiLfSdJpYzianPu8XL
szs/CYK+uvqgZngWW3YR9XNHliyq5pvVmUKLFO4RYFPCOtnpHV1DmeQlA5U9TBdZ
yYUBrY2Wjqk17s3ZlvU6W4567rHhRDHRY2TjcMsCZFORsnA/i9PW51c0qekZkCpv
toFJZ/7nnmSwgkOJbPIOIUK6uapjGfLpn+KPJXAoffI0ZvE9N8P0YvRrHmubfAMV
kol6DqoBfhMHAg+x6YWxd6K3qDtvQ8dUxjTSbip4nwK8PaWwMx+L3Om9LDp0Fhkp
VWrvIDGG+wqgDw==
-----END CERTIFICATE-----