Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
File:                     3frtS0AyNuLKi-twkcug4GpUPQo.mft (raw, json)
Hash identifier:          RM2BhQNqk+/9r3/Ry9llrVPs5B44YAXzyoGI8iOH2eY=
Subject key identifier:   42:08:A4:9E:C0:EF:71:9F:F5:46:D5:B4:B9:6F:75:69:B8:F1:B5:51
Authority key identifier: DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A
Certificate issuer:       /CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a
Certificate serial:       0196C34C22881A32EFB3D6013DAEE7387CBF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
Manifest number:          7A
Signing time:             Mon 12 May 2025 07:01:08 +0000
Manifest this update:     Mon 12 May 2025 07:01:08 +0000
Manifest next update:     Tue 13 May 2025 07:01:08 +0000
Files and hashes:         1: 3frtS0AyNuLKi-twkcug4GpUPQo.crl (hash: UbxIctTY0z1X7NQh1jX3zgglFHe20nK04CMwi+UsCuE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 07:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:4c:22:88:1a:32:ef:b3:d6:01:3d:ae:e7:38:7c:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a
        Validity
            Not Before: May 12 07:01:08 2025 GMT
            Not After : May 13 07:01:08 2025 GMT
        Subject: CN=4208a49ec0ef719ff546d5b4b96f7569b8f1b551
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:b9:19:c3:28:94:7a:df:31:55:03:4a:51:9a:
                    10:71:b9:52:ce:6d:08:93:b5:c5:d8:5d:df:8e:2c:
                    b6:ce:43:5d:4f:a7:ee:e1:7f:a3:5e:b7:a1:84:e8:
                    c8:7c:3f:6e:15:1c:d7:61:fe:ee:fd:3b:3b:c4:8a:
                    d8:a3:43:a5:e8:c7:70:aa:8d:1b:28:df:e7:9f:84:
                    7d:49:c9:5c:55:e1:65:a3:25:46:d5:48:de:7a:8c:
                    67:4b:6e:5a:98:82:08:81:bc:8e:20:66:8a:16:b4:
                    d8:d4:b7:18:6f:a7:4b:fb:3b:6e:a0:7a:f5:82:70:
                    b2:33:43:1c:29:f3:b7:6e:08:d7:88:fe:d0:c1:6b:
                    55:01:11:b1:49:ba:75:28:55:15:3e:ca:0b:2a:a9:
                    28:d7:c7:52:37:e1:e1:a1:43:a3:9e:9a:e9:10:bc:
                    f5:86:f6:78:06:24:4f:87:a4:df:ec:7f:82:73:dd:
                    3f:d0:be:56:90:24:bf:2b:42:06:ce:e5:8a:a5:ca:
                    ae:7c:83:86:5b:98:9b:6e:43:38:95:00:8e:af:ed:
                    de:02:5d:30:e5:35:45:3c:fe:97:08:ce:3a:38:61:
                    43:95:d9:ac:b5:6c:f2:82:fc:50:fc:2d:64:2c:fe:
                    b7:ca:2f:a2:88:86:10:fb:9f:9d:d6:24:1a:76:b8:
                    4b:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:08:A4:9E:C0:EF:71:9F:F5:46:D5:B4:B9:6F:75:69:B8:F1:B5:51
            X509v3 Authority Key Identifier:
                keyid:DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:34:9b:c3:7c:77:9e:0b:fa:1f:e4:50:28:5c:5e:8e:b4:7c:
         1b:5f:dc:86:c7:14:59:e1:f8:6a:8b:1a:21:ca:e5:37:4a:0a:
         16:df:d7:9e:9f:e7:a3:8b:c1:7a:f9:f4:ee:32:26:70:2f:a2:
         da:09:12:72:39:f6:4b:52:e4:e9:6e:3e:72:b8:a3:c5:11:b3:
         7a:f3:e3:97:c5:4a:bb:4f:a0:d4:f5:7f:04:6e:f5:c3:c3:98:
         90:4f:46:c0:ec:4b:c7:68:a0:1d:42:65:59:f2:d8:ad:1c:d7:
         4c:44:20:58:5f:f7:ed:50:f9:2c:a2:5c:f7:b8:e9:20:31:96:
         eb:d4:d3:db:e4:f4:ab:dd:da:35:e0:31:59:58:2e:f4:89:d3:
         16:8a:82:27:5d:a1:4c:00:9b:a0:55:e3:c3:51:72:db:af:c1:
         15:d1:a6:4f:76:7c:bc:51:ad:36:dd:ff:55:d1:ab:b7:90:53:
         7f:bc:37:80:a7:56:23:9f:ad:77:1b:64:82:69:b0:66:02:91:
         65:e3:9f:c6:64:4a:d7:cf:a9:eb:b5:9b:86:8b:4f:c5:5d:42:
         bf:ad:23:03:26:5c:9d:8d:fc:b0:31:ae:13:95:17:1d:c2:3e:
         69:f7:f5:94:a2:52:c1:50:f9:5a:e1:3d:33:d5:26:3d:6e:1e:
         76:89:b3:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDTCKIGjLvs9YBPa7nOHy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZmFlZDRiNDAzMjM2ZTJjYThiZWI3MDkxY2JhMGUwNmE1
NDNkMGEwHhcNMjUwNTEyMDcwMTA4WhcNMjUwNTEzMDcwMTA4WjAzMTEwLwYDVQQD
Eyg0MjA4YTQ5ZWMwZWY3MTlmZjU0NmQ1YjRiOTZmNzU2OWI4ZjFiNTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLkZwyiUet8xVQNKUZoQcblSzm0I
k7XF2F3fjiy2zkNdT6fu4X+jXrehhOjIfD9uFRzXYf7u/Ts7xIrYo0Ol6Mdwqo0b
KN/nn4R9SclcVeFloyVG1UjeeoxnS25amIIIgbyOIGaKFrTY1LcYb6dL+ztuoHr1
gnCyM0McKfO3bgjXiP7QwWtVARGxSbp1KFUVPsoLKqko18dSN+HhoUOjnprpELz1
hvZ4BiRPh6Tf7H+Cc90/0L5WkCS/K0IGzuWKpcqufIOGW5ibbkM4lQCOr+3eAl0w
5TVFPP6XCM46OGFDldmstWzygvxQ/C1kLP63yi+iiIYQ+5+d1iQadrhLjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIIpJ7A73Gf9UbVtLlvdWm48bVRMB8GA1UdIwQY
MBaAFN367UtAMjbiyovrcJHLoOBqVD0KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEt
YjkzN2QxMjA1YWIxLzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEtYjkzN2QxMjA1YWIx
LzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPjSbw3x3
ngv6H+RQKFxejrR8G1/chscUWeH4aosaIcrlN0oKFt/Xnp/no4vBevn07jImcC+i
2gkScjn2S1Lk6W4+crijxRGzevPjl8VKu0+g1PV/BG71w8OYkE9GwOxLx2igHUJl
WfLYrRzXTEQgWF/37VD5LKJc97jpIDGW69TT2+T0q93aNeAxWVgu9InTFoqCJ12h
TACboFXjw1Fy26/BFdGmT3Z8vFGtNt3/VdGrt5BTf7w3gKdWI5+tdxtkgmmwZgKR
ZeOfxmRK18+p67WbhotPxV1Cv60jAyZcnY38sDGuE5UXHcI+aff1lKJSwVD5WuE9
M9UmPW4edomzWA==
-----END CERTIFICATE-----