Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
File:                     03h3GhBvaw0FSld4U1aSLK8C40M.mft (raw, json)
Hash identifier:          14/6hmKVnZkVZYF8VPfw9vOP4nRsjdDqxQ+3hZGlcbg=
Subject key identifier:   D2:8B:75:36:AB:41:CC:3C:3A:7B:E3:FD:19:96:2A:B5:CC:11:36:6C
Authority key identifier: D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43
Certificate issuer:       /CN=d378771a106f6b0d054a57785356922caf02e343
Certificate serial:       0196BA1155C0797BB787517235B5310F7B7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
Manifest number:          08DC
Signing time:             Sat 10 May 2025 12:00:20 +0000
Manifest this update:     Sat 10 May 2025 12:00:20 +0000
Manifest next update:     Sun 11 May 2025 12:00:20 +0000
Files and hashes:         1: 03h3GhBvaw0FSld4U1aSLK8C40M.crl (hash: 18c6DXHV8JqplZiQscvNpD1Xoii6m5CAM3pKcoYHWuw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 12:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ba:11:55:c0:79:7b:b7:87:51:72:35:b5:31:0f:7b:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d378771a106f6b0d054a57785356922caf02e343
        Validity
            Not Before: May 10 12:00:20 2025 GMT
            Not After : May 11 12:00:20 2025 GMT
        Subject: CN=d28b7536ab41cc3c3a7be3fd19962ab5cc11366c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:33:08:d7:80:f1:ae:c2:bf:35:d2:ab:6f:66:
                    42:7a:77:9f:5c:06:5e:34:b2:23:df:1b:3b:c7:cd:
                    d2:f3:23:e4:c4:3c:73:20:f1:e8:3c:d7:ca:15:af:
                    33:06:ae:db:22:ad:02:cf:8e:13:2c:3a:40:4e:50:
                    3e:96:4a:ad:3e:e4:b7:45:e9:5b:0e:75:a5:00:3e:
                    90:d9:16:17:34:5e:79:22:67:db:81:e6:c5:db:c2:
                    ca:13:2b:ff:ae:f9:ed:87:cd:a6:90:e8:3c:6c:c1:
                    f1:9d:12:a9:e0:c8:77:c2:46:93:a7:3f:33:e1:1f:
                    0e:97:c7:f4:13:4b:e8:6a:9b:b5:e7:0b:85:bb:bb:
                    81:59:ab:51:fe:e3:55:dd:37:57:22:27:ea:5e:9d:
                    7e:03:cb:99:4d:e8:6b:b6:34:2b:ce:90:a7:ec:44:
                    25:e1:d3:4b:3c:6a:67:7e:cf:b6:42:82:72:0b:b9:
                    ae:58:ca:fc:db:b9:bb:45:e4:f5:f0:da:5c:c8:d7:
                    44:d6:dc:eb:d4:12:f1:63:53:1e:ea:e6:57:7c:ce:
                    0a:66:fd:68:05:74:7a:4a:4d:9c:1d:5d:8c:45:ea:
                    61:ce:7c:7b:da:07:2f:ed:96:02:69:19:0e:90:a2:
                    2d:76:91:30:93:2b:64:8f:4d:89:5d:f9:ce:c5:d4:
                    f3:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:8B:75:36:AB:41:CC:3C:3A:7B:E3:FD:19:96:2A:B5:CC:11:36:6C
            X509v3 Authority Key Identifier:
                keyid:D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:b8:25:57:8b:48:d8:d0:ed:f3:4c:e6:9a:72:b9:8f:75:15:
         fb:3e:0a:ef:94:da:9d:6f:fc:82:f4:9b:49:b1:7a:c1:87:4d:
         83:bc:88:52:81:ff:e1:8b:86:f2:d9:8e:81:2a:84:a1:cf:8e:
         fc:73:94:15:fd:17:51:2a:88:de:9b:11:a3:39:f2:b5:c7:61:
         56:91:13:c5:f4:6e:45:d6:14:47:fa:23:5e:05:7b:94:81:b9:
         3e:b8:ed:a5:86:cb:a7:60:35:64:1e:40:f2:f8:4b:c4:24:1b:
         75:52:33:a8:69:2d:c3:f5:70:ce:25:35:2d:cb:8f:8e:9b:e1:
         04:9d:df:49:1d:a4:04:fe:27:47:b9:f1:42:8a:50:65:8b:7e:
         2b:e9:74:bd:11:14:45:71:38:e6:83:10:7e:9a:3a:db:cf:fc:
         53:1b:37:c4:0c:94:6f:44:d0:28:de:ed:e7:3a:f4:82:b7:cd:
         70:60:8a:e4:d4:d0:e9:80:e6:1c:70:fa:fb:2a:a3:27:c8:d2:
         79:6f:7b:17:b6:cd:87:23:ee:a6:c5:fe:1e:80:08:93:0b:28:
         fb:61:68:29:55:69:a7:1d:ef:cc:2d:b6:11:bf:fb:9a:9f:f0:
         71:eb:62:71:15:cb:84:74:e0:3d:43:f0:11:98:d4:d7:3f:85:
         09:4c:d1:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa6EVXAeXu3h1FyNbUxD3t6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNzg3NzFhMTA2ZjZiMGQwNTRhNTc3ODUzNTY5MjJjYWYw
MmUzNDMwHhcNMjUwNTEwMTIwMDIwWhcNMjUwNTExMTIwMDIwWjAzMTEwLwYDVQQD
EyhkMjhiNzUzNmFiNDFjYzNjM2E3YmUzZmQxOTk2MmFiNWNjMTEzNjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTMI14DxrsK/NdKrb2ZCenefXAZe
NLIj3xs7x83S8yPkxDxzIPHoPNfKFa8zBq7bIq0Cz44TLDpATlA+lkqtPuS3Relb
DnWlAD6Q2RYXNF55ImfbgebF28LKEyv/rvnth82mkOg8bMHxnRKp4Mh3wkaTpz8z
4R8Ol8f0E0voapu15wuFu7uBWatR/uNV3TdXIifqXp1+A8uZTehrtjQrzpCn7EQl
4dNLPGpnfs+2QoJyC7muWMr827m7ReT18NpcyNdE1tzr1BLxY1Me6uZXfM4KZv1o
BXR6Sk2cHV2MRephznx72gcv7ZYCaRkOkKItdpEwkytkj02JXfnOxdTzgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNKLdTarQcw8Onvj/RmWKrXMETZsMB8GA1UdIwQY
MBaAFNN4dxoQb2sNBUpXeFNWkiyvAuNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEt
NTQ3MTdmNzJjYTU5LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEtNTQ3MTdmNzJjYTU5
LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfrglV4tI
2NDt80zmmnK5j3UV+z4K75TanW/8gvSbSbF6wYdNg7yIUoH/4YuG8tmOgSqEoc+O
/HOUFf0XUSqI3psRoznytcdhVpETxfRuRdYUR/ojXgV7lIG5PrjtpYbLp2A1ZB5A
8vhLxCQbdVIzqGktw/VwziU1LcuPjpvhBJ3fSR2kBP4nR7nxQopQZYt+K+l0vREU
RXE45oMQfpo628/8Uxs3xAyUb0TQKN7t5zr0grfNcGCK5NTQ6YDmHHD6+yqjJ8jS
eW97F7bNhyPupsX+HoAIkwso+2FoKVVppx3vzC22Eb/7mp/wceticRXLhHTgPUPw
EZjU1z+FCUzRLw==
-----END CERTIFICATE-----