Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
File:                     MH3iES3L0Gv7x-h_O_8jcinS0XM.mft (raw, json)
Hash identifier:          G47q+bLTQ/quYy4lnitUVoOSmm2OMlj4wbu769eM8v4=
Subject key identifier:   F4:6B:8D:FA:A1:32:4D:95:41:B1:48:B7:96:0D:9E:62:26:E8:47:65
Authority key identifier: 30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73
Certificate issuer:       /CN=307de2112dcbd06bfbc7e87f3bff237229d2d173
Certificate serial:       0196A19B1F3EC59E2BD5DEABC5D088690DD3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
Manifest number:          59
Signing time:             Mon 05 May 2025 18:00:19 +0000
Manifest this update:     Mon 05 May 2025 18:00:19 +0000
Manifest next update:     Tue 06 May 2025 18:00:19 +0000
Files and hashes:         1: MH3iES3L0Gv7x-h_O_8jcinS0XM.crl (hash: frKQIx3X2p0Anlp3BvNvpPW9K3WDzuiQ6V47X+r8WVA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a1:9b:1f:3e:c5:9e:2b:d5:de:ab:c5:d0:88:69:0d:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=307de2112dcbd06bfbc7e87f3bff237229d2d173
        Validity
            Not Before: May  5 18:00:19 2025 GMT
            Not After : May  6 18:00:19 2025 GMT
        Subject: CN=f46b8dfaa1324d9541b148b7960d9e6226e84765
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:b3:0b:ff:a3:54:ad:8f:14:8f:94:b5:72:8e:
                    e0:cb:df:e9:8f:41:ef:5a:ee:32:53:26:98:73:41:
                    b3:a4:48:eb:bf:95:c0:01:65:87:e1:84:b4:20:07:
                    54:8c:9f:1a:dc:5f:0b:db:e9:91:57:96:54:f1:3d:
                    08:0b:19:7e:8c:e0:c2:97:a8:dd:ea:75:1b:e5:84:
                    3a:72:41:ef:bb:f3:56:ef:cf:1d:b3:a9:eb:b2:43:
                    21:b9:22:ba:af:f5:bd:cd:a9:ae:92:6a:f6:fb:8e:
                    18:3d:25:44:90:56:52:e1:4e:1e:12:74:fc:16:f3:
                    25:10:da:50:fe:7a:91:c3:bc:48:b2:fd:36:65:f6:
                    6a:90:6a:84:04:40:9e:32:2d:8b:9a:45:6b:ef:1c:
                    34:f3:af:8e:2a:67:ed:d2:38:e6:cb:7f:af:8b:b9:
                    57:58:6d:81:1b:91:92:9d:ec:70:f6:5b:00:37:96:
                    10:c3:e5:88:b6:b1:55:e0:c0:3a:ef:46:1a:42:14:
                    53:67:da:a6:a7:43:aa:09:cd:b2:54:93:34:5c:aa:
                    86:89:dd:f4:3f:9e:d7:ca:65:32:0f:ab:2b:ec:a8:
                    c2:ec:92:7b:81:34:48:e6:78:4f:03:77:c2:e6:65:
                    cf:c1:b0:03:bd:0e:72:54:d5:be:c1:91:92:1e:1f:
                    ba:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:6B:8D:FA:A1:32:4D:95:41:B1:48:B7:96:0D:9E:62:26:E8:47:65
            X509v3 Authority Key Identifier:
                keyid:30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:25:bd:ea:20:2a:29:7f:0a:0d:86:9d:9e:ef:9c:8a:3d:9c:
         c3:a4:aa:f0:9d:30:1a:3e:dc:27:d1:bd:f6:5b:f0:a6:69:60:
         2d:d1:ee:f5:95:7f:4a:66:d3:fb:d9:40:3f:ff:8b:53:fe:df:
         f0:bb:b9:e9:bc:27:5d:68:6c:da:5e:c5:52:88:da:a7:e4:ce:
         6a:fa:0a:60:06:4e:0e:31:0d:05:39:bf:24:6e:0f:d6:01:cb:
         6d:6e:31:23:2a:e8:2b:b5:e3:3f:43:93:13:b7:11:c9:17:1d:
         3b:18:ee:60:88:b7:2b:c5:3c:cb:38:a9:bb:fe:4e:cf:6a:06:
         4a:f0:39:f4:3a:13:76:88:fd:10:b0:46:bc:37:5d:a8:77:8d:
         f9:97:70:13:ae:02:a2:58:5c:8c:90:90:c0:c0:99:d9:4d:de:
         74:33:e4:da:83:f7:26:78:2a:56:45:0c:7d:d4:bf:84:f8:ed:
         92:50:d1:91:37:d4:4d:9f:ab:8d:3c:48:0b:9d:7f:05:34:ea:
         51:4d:50:a3:eb:11:0e:b9:28:ad:1d:0b:89:47:ff:fa:9d:88:
         d8:81:99:b0:fd:c2:44:a7:c1:98:a3:fc:ec:a3:e1:10:1a:b3:
         71:e3:37:7c:a2:dc:1c:d0:93:29:46:2b:e7:ab:f4:f3:ef:8a:
         de:93:bd:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZahmx8+xZ4r1d6rxdCIaQ3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2RlMjExMmRjYmQwNmJmYmM3ZTg3ZjNiZmYyMzcyMjlk
MmQxNzMwHhcNMjUwNTA1MTgwMDE5WhcNMjUwNTA2MTgwMDE5WjAzMTEwLwYDVQQD
EyhmNDZiOGRmYWExMzI0ZDk1NDFiMTQ4Yjc5NjBkOWU2MjI2ZTg0NzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprML/6NUrY8Uj5S1co7gy9/pj0Hv
Wu4yUyaYc0GzpEjrv5XAAWWH4YS0IAdUjJ8a3F8L2+mRV5ZU8T0ICxl+jODCl6jd
6nUb5YQ6ckHvu/NW788ds6nrskMhuSK6r/W9zamukmr2+44YPSVEkFZS4U4eEnT8
FvMlENpQ/nqRw7xIsv02ZfZqkGqEBECeMi2LmkVr7xw086+OKmft0jjmy3+vi7lX
WG2BG5GSnexw9lsAN5YQw+WItrFV4MA670YaQhRTZ9qmp0OqCc2yVJM0XKqGid30
P57XymUyD6sr7KjC7JJ7gTRI5nhPA3fC5mXPwbADvQ5yVNW+wZGSHh+6uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPRrjfqhMk2VQbFIt5YNnmIm6EdlMB8GA1UdIwQY
MBaAFDB94hEty9Br+8fofzv/I3Ip0tFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9hZWM4NzctNTlkNS00MmY5LTk2N2Ut
MjczMjE1MWI4ZTg2LzEvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9hZWM4NzctNTlkNS00MmY5LTk2N2UtMjczMjE1MWI4ZTg2
LzEvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaCW96iAq
KX8KDYadnu+cij2cw6Sq8J0wGj7cJ9G99lvwpmlgLdHu9ZV/SmbT+9lAP/+LU/7f
8Lu56bwnXWhs2l7FUojap+TOavoKYAZODjENBTm/JG4P1gHLbW4xIyroK7XjP0OT
E7cRyRcdOxjuYIi3K8U8yzipu/5Oz2oGSvA59DoTdoj9ELBGvDddqHeN+ZdwE64C
olhcjJCQwMCZ2U3edDPk2oP3JngqVkUMfdS/hPjtklDRkTfUTZ+rjTxIC51/BTTq
UU1Qo+sRDrkorR0LiUf/+p2I2IGZsP3CRKfBmKP87KPhEBqzceM3fKLcHNCTKUYr
56v08++K3pO9ww==
-----END CERTIFICATE-----