Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/3fa711-06b0-41e3-9c72-3cb9e102afe0/1/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.mft
File:                     EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.mft (raw, json)
Hash identifier:          xiXnLDbEhMNEtq54zahja19Q9cO96ghMV+9/XtKGc/M=
Subject key identifier:   DC:50:2D:18:3C:12:92:54:E4:5C:76:4A:68:FE:75:94:A3:29:2B:7E
Authority key identifier: 11:71:64:1F:15:7C:B5:7B:53:26:26:35:9E:71:58:27:42:C2:DC:CB
Certificate issuer:       /CN=1171641f157cb57b532626359e71582742c2dccb
Certificate serial:       0196C871CD1A5BDD43F3E1BF432BD6F9E88D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/3fa711-06b0-41e3-9c72-3cb9e102afe0/1/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.mft
Manifest number:          140B
Signing time:             Tue 13 May 2025 07:00:23 +0000
Manifest this update:     Tue 13 May 2025 07:00:23 +0000
Manifest next update:     Wed 14 May 2025 07:00:23 +0000
Files and hashes:         1: EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.crl (hash: /SncwsVWA/CwgueMAa1rYk8HnaATTeimXHcVnavT1z8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/3fa711-06b0-41e3-9c72-3cb9e102afe0/1/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/3fa711-06b0-41e3-9c72-3cb9e102afe0/1/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c8:71:cd:1a:5b:dd:43:f3:e1:bf:43:2b:d6:f9:e8:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1171641f157cb57b532626359e71582742c2dccb
        Validity
            Not Before: May 13 07:00:23 2025 GMT
            Not After : May 14 07:00:23 2025 GMT
        Subject: CN=dc502d183c129254e45c764a68fe7594a3292b7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:28:ca:af:ba:18:75:61:0f:b8:77:c6:ef:c7:
                    cd:f3:7a:7e:fe:da:34:d7:06:70:d1:94:65:c1:7b:
                    0b:cd:7d:c6:0d:2b:b1:7f:e6:77:e6:37:b8:cf:1f:
                    d6:16:d0:85:1b:d0:10:f1:31:ce:27:98:2b:e8:6c:
                    0f:78:73:f9:3d:a2:2e:60:e9:73:27:6d:9d:8e:86:
                    d7:d7:80:bb:d3:41:ee:13:80:5c:2f:5c:e8:41:e3:
                    ae:a6:aa:ed:86:ae:cb:64:f9:1a:56:c5:92:a9:a6:
                    0e:d9:5f:98:6c:25:eb:12:33:f5:ff:89:da:91:3b:
                    c3:0a:a2:99:50:1f:db:3b:e6:a6:66:35:81:67:31:
                    d9:45:ad:54:90:a8:d7:b6:87:1e:68:e3:4a:ea:8e:
                    dc:3f:3e:45:64:04:bb:ca:42:8b:8b:03:27:26:8b:
                    d5:e0:1c:bf:ce:42:a5:d2:b7:30:7a:55:ad:3d:42:
                    c1:c7:45:34:b2:19:78:b3:c8:9a:ed:d4:be:a4:58:
                    c0:9e:48:ac:0f:97:b0:f6:48:4c:fd:82:6a:0f:6d:
                    a9:a5:89:9c:4c:9e:3f:96:3b:6f:c5:a5:fa:b8:7b:
                    e3:99:8d:71:c8:bf:03:f9:47:3b:8e:5e:2b:c6:29:
                    30:59:66:cc:15:69:29:85:c2:0e:cc:dc:9d:eb:b3:
                    29:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:50:2D:18:3C:12:92:54:E4:5C:76:4A:68:FE:75:94:A3:29:2B:7E
            X509v3 Authority Key Identifier:
                keyid:11:71:64:1F:15:7C:B5:7B:53:26:26:35:9E:71:58:27:42:C2:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/3fa711-06b0-41e3-9c72-3cb9e102afe0/1/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/3fa711-06b0-41e3-9c72-3cb9e102afe0/1/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:4c:02:25:57:c0:be:e5:59:af:cf:ed:bb:1e:7d:75:b6:24:
         93:5e:b1:4a:d4:88:fd:76:f1:5d:ca:1d:8a:f0:3c:dd:15:86:
         f1:d0:23:8c:2a:ea:c7:5a:97:6a:52:05:f8:0f:d0:ff:62:57:
         c6:0f:f3:5b:de:b3:4a:fb:d3:32:a2:07:2f:30:61:43:c7:c2:
         e7:5d:5b:cd:43:92:83:c4:eb:c4:d2:0e:88:a7:01:3c:8f:d5:
         3b:10:f9:93:95:be:9d:c0:a4:81:1f:a1:33:2b:6b:3e:a9:b9:
         7c:6c:e4:fc:6f:06:0a:dc:b8:33:64:5a:e9:13:48:b3:e0:8f:
         97:87:b0:22:b3:f0:e0:68:04:9c:45:75:32:23:0b:8c:e3:d6:
         2d:d0:f9:9d:3b:18:f7:a7:71:c9:e9:62:7d:32:7b:11:13:09:
         f4:1d:aa:0b:82:bd:15:df:85:68:cb:3d:e7:53:15:49:b2:35:
         32:f2:46:04:85:39:48:03:9c:7d:8d:11:3e:b8:4f:f9:90:06:
         58:15:95:88:85:46:34:14:15:1a:a0:5f:19:9e:d5:49:70:92:
         6f:46:f1:a6:5b:b5:da:ba:01:ce:9c:35:29:bf:17:0f:79:b4:
         50:ab:bc:68:2a:4e:1a:6e:d1:f1:d8:0e:b5:ff:6c:f2:b8:b1:
         df:ff:91:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbIcc0aW91D8+G/QyvW+eiNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNzE2NDFmMTU3Y2I1N2I1MzI2MjYzNTllNzE1ODI3NDJj
MmRjY2IwHhcNMjUwNTEzMDcwMDIzWhcNMjUwNTE0MDcwMDIzWjAzMTEwLwYDVQQD
EyhkYzUwMmQxODNjMTI5MjU0ZTQ1Yzc2NGE2OGZlNzU5NGEzMjkyYjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSjKr7oYdWEPuHfG78fN83p+/to0
1wZw0ZRlwXsLzX3GDSuxf+Z35je4zx/WFtCFG9AQ8THOJ5gr6GwPeHP5PaIuYOlz
J22djobX14C700HuE4BcL1zoQeOupqrthq7LZPkaVsWSqaYO2V+YbCXrEjP1/4na
kTvDCqKZUB/bO+amZjWBZzHZRa1UkKjXtoceaONK6o7cPz5FZAS7ykKLiwMnJovV
4By/zkKl0rcwelWtPULBx0U0shl4s8ia7dS+pFjAnkisD5ew9khM/YJqD22ppYmc
TJ4/ljtvxaX6uHvjmY1xyL8D+Uc7jl4rxikwWWbMFWkphcIOzNyd67MpHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNxQLRg8EpJU5Fx2Smj+dZSjKSt+MB8GA1UdIwQY
MBaAFBFxZB8VfLV7UyYmNZ5xWCdCwtzLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVhGa0h4Vjh0WHRUSmlZMW5uRllKMExDM01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8zZmE3MTEtMDZiMC00MWUzLTljNzIt
M2NiOWUxMDJhZmUwLzEvRVhGa0h4Vjh0WHRUSmlZMW5uRllKMExDM01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8zZmE3MTEtMDZiMC00MWUzLTljNzItM2NiOWUxMDJhZmUw
LzEvRVhGa0h4Vjh0WHRUSmlZMW5uRllKMExDM01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC0wCJVfA
vuVZr8/tux59dbYkk16xStSI/XbxXcodivA83RWG8dAjjCrqx1qXalIF+A/Q/2JX
xg/zW96zSvvTMqIHLzBhQ8fC511bzUOSg8TrxNIOiKcBPI/VOxD5k5W+ncCkgR+h
MytrPqm5fGzk/G8GCty4M2Ra6RNIs+CPl4ewIrPw4GgEnEV1MiMLjOPWLdD5nTsY
96dxyelifTJ7ERMJ9B2qC4K9Fd+FaMs951MVSbI1MvJGBIU5SAOcfY0RPrhP+ZAG
WBWViIVGNBQVGqBfGZ7VSXCSb0bxplu12roBzpw1Kb8XD3m0UKu8aCpOGm7R8dgO
tf9s8rix3/+RVg==
-----END CERTIFICATE-----