Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
File:                     3dStS_QUF7o4OE1lvC0HwPaFCeE.mft (raw, json)
Hash identifier:          H+8KTSSx+CmmEQvMlDr3EcQCK6d7aljOYFS3RJtRRLQ=
Subject key identifier:   56:81:41:71:98:F1:76:0D:EB:EA:2E:D1:BA:F7:02:C6:61:6E:5E:65
Authority key identifier: DD:D4:AD:4B:F4:14:17:BA:38:38:4D:65:BC:2D:07:C0:F6:85:09:E1
Certificate issuer:       /CN=ddd4ad4bf41417ba38384d65bc2d07c0f68509e1
Certificate serial:       0196A6C1719F9CE22E6700587389AC5E2FDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
Manifest number:          14B9
Signing time:             Tue 06 May 2025 18:00:17 +0000
Manifest this update:     Tue 06 May 2025 18:00:17 +0000
Manifest next update:     Wed 07 May 2025 18:00:17 +0000
Files and hashes:         1: 3dStS_QUF7o4OE1lvC0HwPaFCeE.crl (hash: VECjhCZxewtR3Q4Vq6qwfgrdmThqz2tCqs0lHzNPUHA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 16:14:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a6:c1:71:9f:9c:e2:2e:67:00:58:73:89:ac:5e:2f:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddd4ad4bf41417ba38384d65bc2d07c0f68509e1
        Validity
            Not Before: May  6 18:00:17 2025 GMT
            Not After : May  7 18:00:17 2025 GMT
        Subject: CN=5681417198f1760debea2ed1baf702c6616e5e65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:95:00:fe:fa:ee:9b:e5:35:4f:9f:66:d1:f4:
                    5c:05:c8:5b:38:7f:4d:f4:ca:08:cb:ed:8d:6b:fb:
                    0b:17:ce:7c:be:d1:9f:50:3c:fc:dd:cf:7b:f6:89:
                    b8:04:ff:2c:ef:f9:50:1d:4f:e5:a4:f0:15:89:70:
                    73:b8:46:58:01:f6:31:30:71:5c:cc:38:f3:15:4f:
                    e7:84:88:ae:af:1f:90:31:11:0c:33:5a:21:60:6c:
                    85:83:d1:8c:98:42:15:61:d2:b4:af:4d:7d:0d:93:
                    27:9c:18:a6:b0:39:5a:e6:17:c3:6e:23:8d:59:57:
                    2f:50:51:38:6d:3d:c5:ec:d3:76:f0:1a:22:ab:3c:
                    70:2c:c0:b2:d6:75:6a:27:ff:b3:df:46:a0:85:90:
                    89:d2:4f:c6:b3:67:68:1c:be:8b:bf:be:bf:53:b1:
                    6a:f7:5b:c3:f3:f2:ed:b1:ec:82:09:bb:f6:3d:fc:
                    ba:4d:7f:e5:57:16:87:4c:02:0e:74:b5:2e:2d:88:
                    1c:0a:d8:54:e6:db:f7:31:1a:26:95:15:06:22:f8:
                    01:4e:9b:f7:14:a6:31:36:f6:3c:5f:e2:ed:b5:5f:
                    61:53:f3:30:7f:2b:cb:cf:ba:92:01:59:6e:a7:52:
                    c2:6e:ce:69:52:d5:2a:5f:c0:b4:3a:b6:c9:47:6f:
                    f8:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:81:41:71:98:F1:76:0D:EB:EA:2E:D1:BA:F7:02:C6:61:6E:5E:65
            X509v3 Authority Key Identifier:
                keyid:DD:D4:AD:4B:F4:14:17:BA:38:38:4D:65:BC:2D:07:C0:F6:85:09:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:e1:8b:62:62:ee:f5:9d:ba:7d:60:64:ed:69:45:03:93:2e:
         ed:53:f5:65:35:21:8a:c1:22:e0:b8:5b:9d:37:cd:21:59:39:
         37:ce:c9:85:8c:00:31:ba:6d:c0:61:3a:53:74:56:b2:01:a9:
         df:11:21:e4:81:10:99:71:7f:f2:a8:ba:a9:e6:fb:8f:3c:6e:
         95:24:56:ee:b0:fb:66:4a:47:ce:25:3f:41:fa:2b:17:a0:05:
         f8:e8:98:61:23:ec:ae:95:66:ee:c7:f7:93:d9:47:4d:0b:29:
         a6:6a:91:e2:4a:67:62:9b:8d:a5:82:3d:29:76:d7:e2:fd:fc:
         d8:91:07:3a:6f:2d:49:77:c2:8a:99:63:95:32:2d:15:00:0e:
         07:03:6e:f0:ca:7d:8c:8c:bb:12:3c:54:43:4f:a8:a4:5e:59:
         3c:f4:c0:58:c0:41:fb:5d:08:42:6b:63:45:d9:b1:28:43:3a:
         2a:fd:ff:29:ed:8a:60:30:51:9a:2a:66:ca:00:2b:17:7f:8f:
         ec:40:9e:ad:67:d3:20:de:04:9a:77:aa:87:6a:1b:d7:e1:e3:
         f5:ce:f4:d9:d4:9c:a4:09:1a:8f:94:3a:d7:0d:f0:7b:c2:9d:
         66:3c:d2:b8:a6:45:b8:b2:6e:73:88:1e:99:e6:f7:81:7f:b6:
         50:c6:20:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZamwXGfnOIuZwBYc4msXi/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZDRhZDRiZjQxNDE3YmEzODM4NGQ2NWJjMmQwN2MwZjY4
NTA5ZTEwHhcNMjUwNTA2MTgwMDE3WhcNMjUwNTA3MTgwMDE3WjAzMTEwLwYDVQQD
Eyg1NjgxNDE3MTk4ZjE3NjBkZWJlYTJlZDFiYWY3MDJjNjYxNmU1ZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5UA/vrum+U1T59m0fRcBchbOH9N
9MoIy+2Na/sLF858vtGfUDz83c979om4BP8s7/lQHU/lpPAViXBzuEZYAfYxMHFc
zDjzFU/nhIiurx+QMREMM1ohYGyFg9GMmEIVYdK0r019DZMnnBimsDla5hfDbiON
WVcvUFE4bT3F7NN28BoiqzxwLMCy1nVqJ/+z30aghZCJ0k/Gs2doHL6Lv76/U7Fq
91vD8/LtseyCCbv2Pfy6TX/lVxaHTAIOdLUuLYgcCthU5tv3MRomlRUGIvgBTpv3
FKYxNvY8X+LttV9hU/MwfyvLz7qSAVlup1LCbs5pUtUqX8C0OrbJR2/4PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFaBQXGY8XYN6+ou0br3AsZhbl5lMB8GA1UdIwQY
MBaAFN3UrUv0FBe6ODhNZbwtB8D2hQnhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8wOTQ5NjktMTNlZC00YzE0LTg1NzUt
N2JjOGMyMGEyMzVhLzEvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8wOTQ5NjktMTNlZC00YzE0LTg1NzUtN2JjOGMyMGEyMzVh
LzEvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASuGLYmLu
9Z26fWBk7WlFA5Mu7VP1ZTUhisEi4LhbnTfNIVk5N87JhYwAMbptwGE6U3RWsgGp
3xEh5IEQmXF/8qi6qeb7jzxulSRW7rD7ZkpHziU/QforF6AF+OiYYSPsrpVm7sf3
k9lHTQsppmqR4kpnYpuNpYI9KXbX4v382JEHOm8tSXfCipljlTItFQAOBwNu8Mp9
jIy7EjxUQ0+opF5ZPPTAWMBB+10IQmtjRdmxKEM6Kv3/Ke2KYDBRmipmygArF3+P
7ECerWfTIN4Emneqh2ob1+Hj9c702dScpAkaj5Q61w3we8KdZjzSuKZFuLJuc4ge
meb3gX+2UMYgKg==
-----END CERTIFICATE-----