Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft
File:                     pU3VdP7HLUOUwlU2uoUyydOPQLo.mft (raw, json)
Hash identifier:          vaP+TDykkQChN7kBBbxdW4o1Vlvw/PmSKheAUbXCWNg=
Subject key identifier:   DC:FA:B6:FB:D7:A1:5F:D4:9C:29:5C:5F:F7:07:F6:A3:13:15:65:EE
Authority key identifier: A5:4D:D5:74:FE:C7:2D:43:94:C2:55:36:BA:85:32:C9:D3:8F:40:BA
Certificate issuer:       /CN=a54dd574fec72d4394c25536ba8532c9d38f40ba
Certificate serial:       01969E9A2805A588EA8E2A4F280592471102
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pU3VdP7HLUOUwlU2uoUyydOPQLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft
Manifest number:          0839
Signing time:             Mon 05 May 2025 04:00:25 +0000
Manifest this update:     Mon 05 May 2025 04:00:25 +0000
Manifest next update:     Tue 06 May 2025 04:00:25 +0000
Files and hashes:         1: pU3VdP7HLUOUwlU2uoUyydOPQLo.crl (hash: khSnyjhFvFkkwjgg6ZP3OlxZ8Z+QoIDFqMwRWwrHpf4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pU3VdP7HLUOUwlU2uoUyydOPQLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9e:9a:28:05:a5:88:ea:8e:2a:4f:28:05:92:47:11:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a54dd574fec72d4394c25536ba8532c9d38f40ba
        Validity
            Not Before: May  5 04:00:25 2025 GMT
            Not After : May  6 04:00:25 2025 GMT
        Subject: CN=dcfab6fbd7a15fd49c295c5ff707f6a3131565ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:6e:ff:cc:7c:c2:75:8c:6e:14:bc:0c:dd:b3:
                    2c:d7:75:31:d7:bd:08:09:c7:6e:da:01:e6:76:51:
                    7e:35:28:ee:7d:e4:c1:37:3d:88:24:4e:f1:99:df:
                    38:dd:11:f3:da:c8:f0:4e:fa:b8:27:3d:da:56:70:
                    82:5a:98:66:6a:3c:1e:56:40:19:1c:c4:5e:e9:97:
                    f1:7c:af:51:c2:42:86:cc:3b:f7:b1:59:ca:08:e0:
                    57:b4:4e:9d:2c:16:ad:f3:d2:16:12:c5:c8:a6:83:
                    d1:c2:9a:87:8b:28:45:ac:25:fe:36:00:b6:cd:12:
                    cb:fd:3f:59:19:12:af:54:53:aa:c3:16:5d:14:f8:
                    8e:c0:ae:ee:a3:98:c6:55:11:d2:13:b7:e9:13:76:
                    81:b0:ed:b3:a7:02:f3:38:5f:ad:c2:97:e1:10:4c:
                    99:22:ee:d3:41:00:49:03:5d:25:e9:9e:2b:17:c7:
                    cd:1a:1f:ef:eb:a4:3c:99:f9:e9:f9:59:0f:16:35:
                    f2:8e:9c:47:df:4e:58:cc:c3:8b:9b:95:8a:82:86:
                    3a:7f:32:43:58:ac:7b:14:a4:ea:75:fc:5f:94:6b:
                    1f:0e:f4:bc:5d:50:02:1b:23:ef:ba:d4:91:f3:cc:
                    26:7d:ea:3a:1c:45:5f:f1:33:81:ae:82:3d:0d:a1:
                    1e:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:FA:B6:FB:D7:A1:5F:D4:9C:29:5C:5F:F7:07:F6:A3:13:15:65:EE
            X509v3 Authority Key Identifier:
                keyid:A5:4D:D5:74:FE:C7:2D:43:94:C2:55:36:BA:85:32:C9:D3:8F:40:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pU3VdP7HLUOUwlU2uoUyydOPQLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:35:ec:51:94:66:46:e3:f8:5a:af:57:13:0a:e2:84:8c:06:
         d4:80:a3:d3:ae:ab:ad:21:81:60:e8:b1:6c:66:1c:6a:cf:47:
         f9:77:3f:82:d1:b0:80:29:7e:e9:59:08:49:18:5e:b2:37:56:
         50:4d:d6:22:91:7c:ce:10:fd:84:ee:64:9e:3c:38:ab:d0:eb:
         e4:6e:9f:8b:3c:4e:a4:7d:99:b0:c6:e9:12:6c:55:16:25:77:
         53:1a:df:b5:9f:b6:6f:a1:56:44:95:e8:17:2a:a7:1b:c8:1f:
         96:30:ba:37:a6:2c:ef:49:f3:0f:61:a4:33:8c:3b:04:bf:72:
         0a:1e:c7:f0:c1:11:f9:3c:00:a5:9c:f0:cf:71:37:d9:88:15:
         34:d2:06:54:1d:27:f0:01:1c:e2:db:87:df:57:cb:49:ad:e1:
         c2:2d:93:c8:3b:01:92:b7:97:c8:85:75:b9:af:b4:c7:b0:fa:
         f0:f2:7f:d0:94:b4:9a:9f:3b:9e:b8:7d:9a:2a:74:48:54:6f:
         c8:4e:86:fd:8c:f9:52:9d:41:85:a3:f5:57:26:82:37:00:10:
         60:b4:9e:cf:e1:14:93:8b:fa:39:2d:d4:88:56:16:08:65:09:
         39:76:89:bd:8c:4b:2b:4e:fd:3e:c5:57:5f:a8:95:20:f3:d7:
         43:b3:d7:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaemigFpYjqjipPKAWSRxECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NGRkNTc0ZmVjNzJkNDM5NGMyNTUzNmJhODUzMmM5ZDM4
ZjQwYmEwHhcNMjUwNTA1MDQwMDI1WhcNMjUwNTA2MDQwMDI1WjAzMTEwLwYDVQQD
EyhkY2ZhYjZmYmQ3YTE1ZmQ0OWMyOTVjNWZmNzA3ZjZhMzEzMTU2NWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuW7/zHzCdYxuFLwM3bMs13Ux170I
Ccdu2gHmdlF+NSjufeTBNz2IJE7xmd843RHz2sjwTvq4Jz3aVnCCWphmajweVkAZ
HMRe6ZfxfK9RwkKGzDv3sVnKCOBXtE6dLBat89IWEsXIpoPRwpqHiyhFrCX+NgC2
zRLL/T9ZGRKvVFOqwxZdFPiOwK7uo5jGVRHSE7fpE3aBsO2zpwLzOF+twpfhEEyZ
Iu7TQQBJA10l6Z4rF8fNGh/v66Q8mfnp+VkPFjXyjpxH305YzMOLm5WKgoY6fzJD
WKx7FKTqdfxflGsfDvS8XVACGyPvutSR88wmfeo6HEVf8TOBroI9DaEeVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNz6tvvXoV/UnClcX/cH9qMTFWXuMB8GA1UdIwQY
MBaAFKVN1XT+xy1DlMJVNrqFMsnTj0C6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFUzVmRQN0hMVU9Vd2xVMnVvVXl5ZE9QUUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS82OTM0YjUtOTZjMC00NzZkLWJmNTQt
MjM3ZjY1YjY0MzI3LzEvcFUzVmRQN0hMVU9Vd2xVMnVvVXl5ZE9QUUxvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS82OTM0YjUtOTZjMC00NzZkLWJmNTQtMjM3ZjY1YjY0MzI3
LzEvcFUzVmRQN0hMVU9Vd2xVMnVvVXl5ZE9QUUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsDXsUZRm
RuP4Wq9XEwrihIwG1ICj066rrSGBYOixbGYcas9H+Xc/gtGwgCl+6VkISRhesjdW
UE3WIpF8zhD9hO5knjw4q9Dr5G6fizxOpH2ZsMbpEmxVFiV3UxrftZ+2b6FWRJXo
FyqnG8gfljC6N6Ys70nzD2GkM4w7BL9yCh7H8MER+TwApZzwz3E32YgVNNIGVB0n
8AEc4tuH31fLSa3hwi2TyDsBkreXyIV1ua+0x7D68PJ/0JS0mp87nrh9mip0SFRv
yE6G/Yz5Up1BhaP1VyaCNwAQYLSez+EUk4v6OS3UiFYWCGUJOXaJvYxLK079PsVX
X6iVIPPXQ7PXeA==
-----END CERTIFICATE-----