Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft
File:                     g-3hynyzX11h-NWctQNumT6kO3A.mft (raw, json)
Hash identifier:          BZCPnheVDupZpAOhqzQqWwCmFoOs+meim2glRiO7qZg=
Subject key identifier:   04:30:49:DE:8D:5C:44:92:1B:41:3F:E4:41:A5:60:B5:82:10:9C:BD
Authority key identifier: 83:ED:E1:CA:7C:B3:5F:5D:61:F8:D5:9C:B5:03:6E:99:3E:A4:3B:70
Certificate issuer:       /CN=83ede1ca7cb35f5d61f8d59cb5036e993ea43b70
Certificate serial:       0196B1EA6361D86E7C872B98DCC40C4CBAE7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g-3hynyzX11h-NWctQNumT6kO3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft
Manifest number:          0D55
Signing time:             Thu 08 May 2025 22:00:50 +0000
Manifest this update:     Thu 08 May 2025 22:00:50 +0000
Manifest next update:     Fri 09 May 2025 22:00:50 +0000
Files and hashes:         1: g-3hynyzX11h-NWctQNumT6kO3A.crl (hash: JtrRhwmPrYd/Ie1M70nRtP32qlD7u3DboCcVf9WFxcc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/g-3hynyzX11h-NWctQNumT6kO3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b1:ea:63:61:d8:6e:7c:87:2b:98:dc:c4:0c:4c:ba:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83ede1ca7cb35f5d61f8d59cb5036e993ea43b70
        Validity
            Not Before: May  8 22:00:50 2025 GMT
            Not After : May  9 22:00:50 2025 GMT
        Subject: CN=043049de8d5c44921b413fe441a560b582109cbd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:de:ce:af:89:f8:36:33:c8:c2:d8:f8:a5:ea:
                    3e:3a:f0:c4:46:32:ca:c9:e6:77:39:01:e8:8c:7b:
                    51:6c:31:3b:1a:82:0f:3b:8c:ad:00:84:7f:9e:3d:
                    93:3a:df:bd:aa:b4:b9:19:4e:c7:65:7f:cb:30:d5:
                    29:2f:d9:23:b4:d3:85:08:f3:72:27:5f:db:7b:3e:
                    7b:9f:55:8d:56:79:0a:01:12:f3:03:3b:a4:81:d1:
                    37:b7:dc:8d:16:f2:81:aa:53:74:c3:30:ab:fc:95:
                    83:39:fc:31:23:bc:0d:f0:00:8a:70:56:f3:e2:5d:
                    5e:81:4e:c6:df:74:f3:a7:51:e8:5b:46:a2:9b:62:
                    b2:cf:a7:64:9f:39:18:cd:fb:0b:df:52:af:fe:66:
                    77:8f:55:1c:54:f9:26:60:a8:be:26:6d:60:a4:a8:
                    60:ff:28:e8:ec:53:3e:55:1c:66:fa:a3:e9:a2:8a:
                    f5:02:54:c0:72:4e:b6:b0:f1:92:ed:03:a4:ed:7d:
                    4c:9a:e2:27:17:5f:97:85:72:3d:4e:26:48:76:8c:
                    ef:e3:35:7f:95:ba:ca:88:cc:16:bd:26:63:dd:0d:
                    4a:d8:23:66:f3:ed:56:01:96:f8:12:2d:9f:e8:3f:
                    fe:2a:72:be:70:ef:d4:f5:d7:5b:74:4a:0f:68:b4:
                    15:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:30:49:DE:8D:5C:44:92:1B:41:3F:E4:41:A5:60:B5:82:10:9C:BD
            X509v3 Authority Key Identifier:
                keyid:83:ED:E1:CA:7C:B3:5F:5D:61:F8:D5:9C:B5:03:6E:99:3E:A4:3B:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g-3hynyzX11h-NWctQNumT6kO3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:7f:43:99:66:e3:f2:02:70:18:0c:51:36:9a:ab:60:80:89:
         d3:09:5b:4a:25:23:9c:45:da:38:5e:78:d8:84:be:ed:5d:24:
         a1:84:b3:a6:3f:b2:87:8e:f7:fa:05:32:dd:e8:97:33:41:0e:
         ee:18:78:4b:47:c0:c8:a6:66:b6:b4:4d:52:ce:63:fd:25:2d:
         fe:75:91:4c:c2:60:9c:4f:3e:28:ee:24:e2:18:40:dc:6e:68:
         ac:5e:0a:64:8a:3e:93:7e:13:df:db:ce:5e:eb:90:eb:ef:a7:
         85:bd:48:71:cb:d7:97:f6:a6:5b:94:d0:11:b3:5e:f7:80:7b:
         5d:42:af:a5:86:58:c6:06:6b:6d:7b:5d:b4:80:23:de:c5:fc:
         31:de:f6:4d:9b:94:5f:f9:47:89:f3:d7:0f:64:d5:03:b3:e2:
         8d:cb:81:14:8b:aa:b0:69:59:a9:ea:5b:85:df:80:07:6e:70:
         78:00:1d:26:e8:ac:eb:0f:98:85:6d:fc:ec:c4:2b:c0:bd:7c:
         e3:a8:02:3b:3b:7c:4a:cc:82:49:16:5b:c9:74:3e:44:8c:dc:
         78:c3:e9:0c:33:0e:9b:1a:f1:f3:3d:dd:9c:91:bc:62:96:4c:
         c5:a9:49:92:05:b9:3c:91:2b:a1:21:62:b8:b1:c8:df:b9:99:
         07:7a:59:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZax6mNh2G58hyuY3MQMTLrnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZWRlMWNhN2NiMzVmNWQ2MWY4ZDU5Y2I1MDM2ZTk5M2Vh
NDNiNzAwHhcNMjUwNTA4MjIwMDUwWhcNMjUwNTA5MjIwMDUwWjAzMTEwLwYDVQQD
EygwNDMwNDlkZThkNWM0NDkyMWI0MTNmZTQ0MWE1NjBiNTgyMTA5Y2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt7Or4n4NjPIwtj4peo+OvDERjLK
yeZ3OQHojHtRbDE7GoIPO4ytAIR/nj2TOt+9qrS5GU7HZX/LMNUpL9kjtNOFCPNy
J1/bez57n1WNVnkKARLzAzukgdE3t9yNFvKBqlN0wzCr/JWDOfwxI7wN8ACKcFbz
4l1egU7G33Tzp1HoW0aim2Kyz6dknzkYzfsL31Kv/mZ3j1UcVPkmYKi+Jm1gpKhg
/yjo7FM+VRxm+qPpoor1AlTAck62sPGS7QOk7X1MmuInF1+XhXI9TiZIdozv4zV/
lbrKiMwWvSZj3Q1K2CNm8+1WAZb4Ei2f6D/+KnK+cO/U9ddbdEoPaLQVEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQwSd6NXESSG0E/5EGlYLWCEJy9MB8GA1UdIwQY
MBaAFIPt4cp8s19dYfjVnLUDbpk+pDtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZy0zaHlueXpYMTFoLU5XY3RRTnVtVDZrTzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9mM2ViMTktODVlZS00ODdmLWFkMTIt
OGIzNjYwZWQ1ZWQwLzEvZy0zaHlueXpYMTFoLU5XY3RRTnVtVDZrTzNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9mM2ViMTktODVlZS00ODdmLWFkMTItOGIzNjYwZWQ1ZWQw
LzEvZy0zaHlueXpYMTFoLU5XY3RRTnVtVDZrTzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoX9DmWbj
8gJwGAxRNpqrYICJ0wlbSiUjnEXaOF542IS+7V0koYSzpj+yh473+gUy3eiXM0EO
7hh4S0fAyKZmtrRNUs5j/SUt/nWRTMJgnE8+KO4k4hhA3G5orF4KZIo+k34T39vO
XuuQ6++nhb1IccvXl/amW5TQEbNe94B7XUKvpYZYxgZrbXtdtIAj3sX8Md72TZuU
X/lHifPXD2TVA7PijcuBFIuqsGlZqepbhd+AB25weAAdJuis6w+YhW387MQrwL18
46gCOzt8SsyCSRZbyXQ+RIzceMPpDDMOmxrx8z3dnJG8YpZMxalJkgW5PJEroSFi
uLHI37mZB3pZow==
-----END CERTIFICATE-----