Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
File:                     z3P3vZzZk2geMP7FxZtHVlIroxw.mft (raw, json)
Hash identifier:          c9z1gXxDLs5lWpDdDAbvBTI8lxpNtY+/xzmfc+rEr4g=
Subject key identifier:   51:E3:DD:3A:8A:18:30:9A:D3:9F:D2:11:BC:17:E6:E4:BF:D4:CD:E2
Authority key identifier: CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C
Certificate issuer:       /CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
Certificate serial:       0196BC0023A9401D00BB42F8863D34BE6702
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
Manifest number:          152F
Signing time:             Sat 10 May 2025 21:00:47 +0000
Manifest this update:     Sat 10 May 2025 21:00:47 +0000
Manifest next update:     Sun 11 May 2025 21:00:47 +0000
Files and hashes:         1: z3P3vZzZk2geMP7FxZtHVlIroxw.crl (hash: 2VlxP/Ns91VQRfEUNdj52aKX8MKBpzWDetQ+5RhIhdE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 21:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bc:00:23:a9:40:1d:00:bb:42:f8:86:3d:34:be:67:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
        Validity
            Not Before: May 10 21:00:47 2025 GMT
            Not After : May 11 21:00:47 2025 GMT
        Subject: CN=51e3dd3a8a18309ad39fd211bc17e6e4bfd4cde2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:bb:56:59:ec:e6:00:6b:a5:19:6b:73:11:eb:
                    d2:9c:99:4a:f2:9b:a7:48:44:a6:64:fc:97:ae:d8:
                    cd:d5:56:78:e9:64:1e:e8:d9:e8:51:5e:2b:81:b2:
                    32:32:da:74:3b:53:dc:21:48:77:70:49:f7:bd:a3:
                    12:42:4d:90:4b:12:a7:f8:95:29:ae:ca:c3:fa:aa:
                    c5:25:34:16:9c:e3:14:f4:d0:20:34:54:3e:4b:c5:
                    5b:5d:ae:1b:7c:a8:a4:76:2c:a2:9b:64:1c:80:df:
                    d7:ae:7f:dc:94:ae:01:e0:ff:42:58:d1:85:c3:12:
                    e5:04:be:d0:8c:b7:f7:97:d7:af:69:bb:93:34:bb:
                    6d:a9:48:94:35:1c:d5:69:67:4d:c3:0a:9d:c7:68:
                    b0:a5:8e:8f:4e:e7:99:87:3d:61:b7:8c:53:f5:41:
                    95:a3:3b:91:fa:1e:b9:b8:cd:12:23:b1:cd:ad:f3:
                    32:17:5a:11:5c:a7:a6:34:92:8a:b7:b5:2d:7a:76:
                    52:82:0b:d1:98:ff:81:2e:06:6b:a0:59:09:c6:0f:
                    6e:c4:e0:37:1b:76:03:63:d5:a3:a6:76:94:ec:91:
                    38:a0:0d:5d:4c:5e:3f:7a:66:16:2f:19:f3:3e:1d:
                    ec:0a:54:95:4c:a8:1d:96:4b:58:d1:08:a7:15:d7:
                    25:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:E3:DD:3A:8A:18:30:9A:D3:9F:D2:11:BC:17:E6:E4:BF:D4:CD:E2
            X509v3 Authority Key Identifier:
                keyid:CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:de:ac:7a:2e:88:9b:3c:3f:ca:cd:76:a1:48:54:a7:74:cd:
         17:b5:a8:63:07:23:75:d3:08:f1:5d:31:e3:78:68:bc:2a:99:
         07:5d:26:d2:42:ab:f1:9b:e7:98:3d:0b:c1:19:55:20:c8:5f:
         93:51:ba:a8:21:63:f6:7d:cb:88:60:fe:27:66:97:31:a3:e5:
         46:34:80:cb:1e:1c:a2:01:6f:9f:7d:7a:f8:05:40:0a:0c:3f:
         46:90:75:e8:d2:54:1e:5b:aa:67:8d:77:af:86:84:75:b5:7a:
         d8:b1:65:6c:32:1c:eb:30:1c:47:8e:01:49:fd:b6:d5:18:28:
         9c:da:12:b2:5a:93:fc:13:90:15:33:a4:ab:56:c7:32:03:9e:
         64:17:ba:0f:ee:a7:ff:6d:94:12:54:96:f8:a1:3b:74:52:a9:
         de:b5:0b:f1:26:bf:12:9f:76:23:7c:eb:eb:88:cc:48:22:c7:
         a0:8a:28:2e:2c:2d:f5:05:42:87:17:0e:00:0a:a2:8b:cd:07:
         44:d9:42:63:e4:26:99:44:0f:57:86:1c:4b:16:8b:bc:8e:f0:
         03:8b:0a:80:e2:51:58:86:f4:7e:55:3d:fb:d2:4d:ef:1c:77:
         f4:94:3e:12:43:03:f1:d3:96:3e:cf:d6:77:73:d2:2d:25:ef:
         e0:d2:1e:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa8ACOpQB0Au0L4hj00vmcCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNzNmN2JkOWNkOTkzNjgxZTMwZmVjNWM1OWI0NzU2NTIy
YmEzMWMwHhcNMjUwNTEwMjEwMDQ3WhcNMjUwNTExMjEwMDQ3WjAzMTEwLwYDVQQD
Eyg1MWUzZGQzYThhMTgzMDlhZDM5ZmQyMTFiYzE3ZTZlNGJmZDRjZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LtWWezmAGulGWtzEevSnJlK8pun
SESmZPyXrtjN1VZ46WQe6NnoUV4rgbIyMtp0O1PcIUh3cEn3vaMSQk2QSxKn+JUp
rsrD+qrFJTQWnOMU9NAgNFQ+S8VbXa4bfKikdiyim2QcgN/Xrn/clK4B4P9CWNGF
wxLlBL7QjLf3l9evabuTNLttqUiUNRzVaWdNwwqdx2iwpY6PTueZhz1ht4xT9UGV
ozuR+h65uM0SI7HNrfMyF1oRXKemNJKKt7UtenZSggvRmP+BLgZroFkJxg9uxOA3
G3YDY9WjpnaU7JE4oA1dTF4/emYWLxnzPh3sClSVTKgdlktY0QinFdclAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFHj3TqKGDCa05/SEbwX5uS/1M3iMB8GA1UdIwQY
MBaAFM9z972c2ZNoHjD+xcWbR1ZSK6McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEt
N2E3OTM5OTJmYmEwLzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEtN2E3OTM5OTJmYmEw
LzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATt6sei6I
mzw/ys12oUhUp3TNF7WoYwcjddMI8V0x43hovCqZB10m0kKr8ZvnmD0LwRlVIMhf
k1G6qCFj9n3LiGD+J2aXMaPlRjSAyx4cogFvn316+AVACgw/RpB16NJUHluqZ413
r4aEdbV62LFlbDIc6zAcR44BSf221RgonNoSslqT/BOQFTOkq1bHMgOeZBe6D+6n
/22UElSW+KE7dFKp3rUL8Sa/Ep92I3zr64jMSCLHoIooLiwt9QVChxcOAAqii80H
RNlCY+QmmUQPV4YcSxaLvI7wA4sKgOJRWIb0flU9+9JN7xx39JQ+EkMD8dOWPs/W
d3PSLSXv4NIexw==
-----END CERTIFICATE-----