Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft
File:                     h3OqvdPia0S3mDfBRwq44XQV6o4.mft (raw, json)
Hash identifier:          nsPx8jCj97gl+wLLeqx/vfDu40K5r5tfccDZpUxryI8=
Subject key identifier:   90:BC:ED:9C:BF:D6:F3:92:E2:CD:06:E0:7D:9E:06:A9:8B:FE:8F:B7
Authority key identifier: 87:73:AA:BD:D3:E2:6B:44:B7:98:37:C1:47:0A:B8:E1:74:15:EA:8E
Certificate issuer:       /CN=8773aabdd3e26b44b79837c1470ab8e17415ea8e
Certificate serial:       0196C1CAD69C9C09EC2652C0D793E3ED8826
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h3OqvdPia0S3mDfBRwq44XQV6o4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft
Manifest number:          0122
Signing time:             Mon 12 May 2025 00:00:17 +0000
Manifest this update:     Mon 12 May 2025 00:00:17 +0000
Manifest next update:     Tue 13 May 2025 00:00:17 +0000
Files and hashes:         1: h3OqvdPia0S3mDfBRwq44XQV6o4.crl (hash: i3/EwZBbIY/SsEHrby2uEMPRBNzlEAwH5yZiiq3DVhc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h3OqvdPia0S3mDfBRwq44XQV6o4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:ca:d6:9c:9c:09:ec:26:52:c0:d7:93:e3:ed:88:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8773aabdd3e26b44b79837c1470ab8e17415ea8e
        Validity
            Not Before: May 12 00:00:17 2025 GMT
            Not After : May 13 00:00:17 2025 GMT
        Subject: CN=90bced9cbfd6f392e2cd06e07d9e06a98bfe8fb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:2a:68:30:52:d1:4c:a3:11:32:81:64:c2:e3:
                    97:d6:2c:92:86:b8:39:ef:d0:11:65:35:c6:42:aa:
                    62:ff:96:70:b9:b3:a5:a8:7b:a3:58:b2:f7:6c:09:
                    59:09:92:dc:97:dd:c9:9a:a4:d4:b4:38:d0:ec:c8:
                    ec:58:f6:a2:2a:31:f8:b4:8e:3b:11:30:3a:11:30:
                    67:fb:4f:7e:b0:dd:60:6c:8e:12:3f:e9:c7:bf:f6:
                    7d:5d:8f:f7:c4:25:a3:a1:55:14:e7:57:61:dd:a4:
                    48:0f:34:1c:37:b1:bd:db:ab:a2:ec:95:73:76:5f:
                    0b:15:02:e1:10:d2:45:e5:5f:5f:18:c6:cf:b8:f7:
                    15:50:f0:5e:8a:86:16:32:ff:66:ea:e6:d1:4c:b7:
                    ee:1f:e0:b2:51:01:40:23:39:d7:83:46:84:44:54:
                    d2:c7:78:a3:3b:c3:89:6f:e6:fb:10:24:02:40:46:
                    18:46:8a:07:dc:59:5f:d4:94:ca:90:26:8c:c8:ab:
                    e8:97:da:0d:97:92:ab:76:f3:b0:46:9b:70:c9:93:
                    e9:0a:e9:7d:b8:15:15:cb:fa:8b:17:9c:88:e4:9c:
                    c9:5c:b1:c2:fb:16:d9:f7:5e:20:33:34:d5:d4:f4:
                    9a:f9:08:07:47:39:0e:9a:ab:0d:ae:2f:6b:af:53:
                    93:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:BC:ED:9C:BF:D6:F3:92:E2:CD:06:E0:7D:9E:06:A9:8B:FE:8F:B7
            X509v3 Authority Key Identifier:
                keyid:87:73:AA:BD:D3:E2:6B:44:B7:98:37:C1:47:0A:B8:E1:74:15:EA:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3OqvdPia0S3mDfBRwq44XQV6o4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:03:75:93:ed:7d:a5:8d:4e:95:b8:f2:94:47:10:ca:a3:f5:
         eb:ce:b6:06:37:2c:9a:83:d3:86:72:38:f8:79:d0:fa:23:ad:
         bf:8d:ba:c0:13:d9:2d:67:ce:c3:dc:b8:4a:92:aa:03:d8:a1:
         bd:4a:8a:71:ea:e3:41:95:75:16:d7:ab:51:d7:a0:18:9e:49:
         1d:c6:46:df:74:b9:5e:66:db:ef:21:e9:18:a0:90:3a:11:48:
         20:d9:44:de:7e:1d:67:91:2f:a2:0f:66:f0:d5:81:86:5c:35:
         2f:b2:cc:9f:c9:5c:d4:47:9f:6c:55:29:39:ee:f4:14:4a:05:
         fd:9a:6d:53:f9:fb:6b:14:3e:77:45:60:7b:7f:02:3a:ba:dc:
         1c:bc:06:44:2a:ac:f3:7c:d0:d2:69:21:43:9d:1c:76:41:83:
         60:d9:05:83:e7:34:84:4d:63:5e:41:b2:66:4b:b4:ec:cc:9e:
         71:5c:2f:52:50:c4:95:24:34:35:25:63:92:3b:c1:24:37:42:
         35:c1:c0:0f:56:46:c0:b5:e1:f2:78:08:41:c4:f1:5b:9f:ee:
         bd:1c:12:9a:9d:de:da:e1:25:1e:f6:f1:e7:6d:43:d0:31:c9:
         14:1e:86:3c:da:6e:c5:9b:5b:43:3e:12:a8:f2:bd:58:a6:fb:
         b2:8c:ec:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbBytacnAnsJlLA15Pj7YgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzNhYWJkZDNlMjZiNDRiNzk4MzdjMTQ3MGFiOGUxNzQx
NWVhOGUwHhcNMjUwNTEyMDAwMDE3WhcNMjUwNTEzMDAwMDE3WjAzMTEwLwYDVQQD
Eyg5MGJjZWQ5Y2JmZDZmMzkyZTJjZDA2ZTA3ZDllMDZhOThiZmU4ZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ypoMFLRTKMRMoFkwuOX1iyShrg5
79ARZTXGQqpi/5ZwubOlqHujWLL3bAlZCZLcl93JmqTUtDjQ7MjsWPaiKjH4tI47
ETA6ETBn+09+sN1gbI4SP+nHv/Z9XY/3xCWjoVUU51dh3aRIDzQcN7G926ui7JVz
dl8LFQLhENJF5V9fGMbPuPcVUPBeioYWMv9m6ubRTLfuH+CyUQFAIznXg0aERFTS
x3ijO8OJb+b7ECQCQEYYRooH3Flf1JTKkCaMyKvol9oNl5KrdvOwRptwyZPpCul9
uBUVy/qLF5yI5JzJXLHC+xbZ914gMzTV1PSa+QgHRzkOmqsNri9rr1OTfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJC87Zy/1vOS4s0G4H2eBqmL/o+3MB8GA1UdIwQY
MBaAFIdzqr3T4mtEt5g3wUcKuOF0FeqOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNPcXZkUGlhMFMzbURmQlJ3cTQ0WFFWNm80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lNGIzZjYtMDQwYi00MDZlLWI0Mzgt
NmFiOGE4NzlhMTdiLzEvaDNPcXZkUGlhMFMzbURmQlJ3cTQ0WFFWNm80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9lNGIzZjYtMDQwYi00MDZlLWI0MzgtNmFiOGE4NzlhMTdi
LzEvaDNPcXZkUGlhMFMzbURmQlJ3cTQ0WFFWNm80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsgN1k+19
pY1OlbjylEcQyqP16862BjcsmoPThnI4+HnQ+iOtv426wBPZLWfOw9y4SpKqA9ih
vUqKcerjQZV1FterUdegGJ5JHcZG33S5Xmbb7yHpGKCQOhFIINlE3n4dZ5Evog9m
8NWBhlw1L7LMn8lc1EefbFUpOe70FEoF/ZptU/n7axQ+d0Vge38COrrcHLwGRCqs
83zQ0mkhQ50cdkGDYNkFg+c0hE1jXkGyZku07MyecVwvUlDElSQ0NSVjkjvBJDdC
NcHAD1ZGwLXh8ngIQcTxW5/uvRwSmp3e2uElHvbx521D0DHJFB6GPNpuxZtbQz4S
qPK9WKb7sozs7A==
-----END CERTIFICATE-----