Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft
File:                     3EviU3WUInayZECX3D1ah1r7ivE.mft (raw, json)
Hash identifier:          xRIMmGDQQwu15vQ1stAOOSVFI+3OBLk2o8xa6SeW1ic=
Subject key identifier:   B8:CC:74:72:DC:DA:F2:F6:9E:27:F3:72:CC:E2:2F:FB:8A:E0:57:3D
Authority key identifier: DC:4B:E2:53:75:94:22:76:B2:64:40:97:DC:3D:5A:87:5A:FB:8A:F1
Certificate issuer:       /CN=dc4be25375942276b2644097dc3d5a875afb8af1
Certificate serial:       0196AE0D3F523298A30EB49C976F4F6D5C6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft
Manifest number:          07E0
Signing time:             Thu 08 May 2025 04:00:25 +0000
Manifest this update:     Thu 08 May 2025 04:00:25 +0000
Manifest next update:     Fri 09 May 2025 04:00:25 +0000
Files and hashes:         1: 3EviU3WUInayZECX3D1ah1r7ivE.crl (hash: G/TZN1D4c47DY3YRCmjhFu4xpSHt2j4O8Z0Thdzu/lY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ae:0d:3f:52:32:98:a3:0e:b4:9c:97:6f:4f:6d:5c:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc4be25375942276b2644097dc3d5a875afb8af1
        Validity
            Not Before: May  8 04:00:25 2025 GMT
            Not After : May  9 04:00:25 2025 GMT
        Subject: CN=b8cc7472dcdaf2f69e27f372cce22ffb8ae0573d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:42:d3:a2:4d:2c:96:15:79:85:3a:b6:6d:74:
                    00:45:fd:0a:51:c0:fa:50:e8:7b:a5:61:30:89:57:
                    70:7e:f4:17:d1:67:73:c3:7f:26:49:b2:0a:bd:53:
                    eb:13:96:54:47:d9:36:00:af:68:aa:8d:34:24:b3:
                    f7:48:42:6c:dd:4c:b2:36:7e:d8:22:71:f8:7e:b0:
                    d7:e3:e9:f8:a1:f1:9d:1d:d6:2f:11:06:2a:30:ee:
                    1d:de:1d:10:1b:88:b7:01:84:a5:a4:54:14:1e:f5:
                    2e:34:49:3d:63:b1:5a:76:49:86:66:f7:4c:b4:be:
                    39:d4:36:6b:19:62:07:a1:58:2a:48:5e:a7:54:ae:
                    1c:e2:1b:79:2f:a5:be:12:da:11:4c:07:08:8f:42:
                    31:a7:d4:7d:8f:58:7f:a0:48:e7:79:ce:17:56:6d:
                    07:2b:2b:fe:9c:64:75:37:bf:03:94:7d:fb:fa:1b:
                    2d:db:3b:ff:06:43:04:a7:4a:a1:9c:9f:bf:45:19:
                    9c:05:b8:24:35:32:70:7c:0e:51:93:14:72:dd:f9:
                    f7:54:fe:2b:9a:08:fa:12:1d:82:99:ab:98:5f:b1:
                    c9:e4:d9:9c:01:d8:39:6d:d6:ec:6a:eb:fc:78:16:
                    a1:c7:75:e4:82:6a:aa:d8:a8:80:52:08:57:24:c1:
                    ba:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:CC:74:72:DC:DA:F2:F6:9E:27:F3:72:CC:E2:2F:FB:8A:E0:57:3D
            X509v3 Authority Key Identifier:
                keyid:DC:4B:E2:53:75:94:22:76:B2:64:40:97:DC:3D:5A:87:5A:FB:8A:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:f1:ee:f0:e4:23:ed:e8:a1:ae:53:3c:ab:ad:8f:e5:57:fb:
         a8:44:f1:fa:35:22:c0:38:f6:a5:6f:b4:fb:f3:fa:dd:77:68:
         97:f4:2a:e5:ca:95:72:bc:db:13:49:5e:da:3c:00:b9:73:83:
         53:72:21:65:ab:72:38:57:aa:d4:f5:bf:d0:e5:e2:4f:d0:a6:
         2a:8b:d4:c5:48:50:80:cc:5c:1a:ea:86:d9:f0:85:84:ae:1c:
         70:43:cb:6f:84:41:b2:d4:72:76:7e:74:42:30:0c:79:be:ea:
         b1:cd:8c:0c:51:f8:d2:40:8c:8e:5d:76:e5:3a:eb:e2:48:d0:
         a6:b8:e6:d1:b0:2a:54:b8:9c:bd:b7:76:f6:10:07:06:be:4e:
         dd:6b:c6:5f:00:56:97:15:86:f9:8e:56:b9:9d:cf:6c:5f:ad:
         45:3f:93:03:4e:e6:63:d7:30:95:16:b4:82:46:98:75:4b:ff:
         4b:8b:02:f9:53:bd:39:5d:e2:43:fa:6c:63:86:ee:15:60:4c:
         5a:5f:59:06:25:07:4a:61:4f:e8:19:e3:cd:43:24:b2:b3:21:
         eb:09:c9:51:d2:c7:4c:3e:ab:96:5a:36:a8:e8:9c:a2:69:02:
         46:d2:7d:54:a5:4b:1f:36:73:06:b1:9a:a0:8e:2e:62:83:3a:
         32:d8:db:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZauDT9SMpijDrScl29PbVxuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGJlMjUzNzU5NDIyNzZiMjY0NDA5N2RjM2Q1YTg3NWFm
YjhhZjEwHhcNMjUwNTA4MDQwMDI1WhcNMjUwNTA5MDQwMDI1WjAzMTEwLwYDVQQD
EyhiOGNjNzQ3MmRjZGFmMmY2OWUyN2YzNzJjY2UyMmZmYjhhZTA1NzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkLTok0slhV5hTq2bXQARf0KUcD6
UOh7pWEwiVdwfvQX0Wdzw38mSbIKvVPrE5ZUR9k2AK9oqo00JLP3SEJs3UyyNn7Y
InH4frDX4+n4ofGdHdYvEQYqMO4d3h0QG4i3AYSlpFQUHvUuNEk9Y7FadkmGZvdM
tL451DZrGWIHoVgqSF6nVK4c4ht5L6W+EtoRTAcIj0Ixp9R9j1h/oEjnec4XVm0H
Kyv+nGR1N78DlH37+hst2zv/BkMEp0qhnJ+/RRmcBbgkNTJwfA5RkxRy3fn3VP4r
mgj6Eh2CmauYX7HJ5NmcAdg5bdbsauv8eBahx3Xkgmqq2KiAUghXJMG6KwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLjMdHLc2vL2nifzcsziL/uK4Fc9MB8GA1UdIwQY
MBaAFNxL4lN1lCJ2smRAl9w9Woda+4rxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC81M2QxMDAtOTk3Ni00OTRiLWFlMjEt
MGI4NTEwMzhhNWRlLzEvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC81M2QxMDAtOTk3Ni00OTRiLWFlMjEtMGI4NTEwMzhhNWRl
LzEvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAivHu8OQj
7eihrlM8q62P5Vf7qETx+jUiwDj2pW+0+/P63Xdol/Qq5cqVcrzbE0le2jwAuXOD
U3IhZatyOFeq1PW/0OXiT9CmKovUxUhQgMxcGuqG2fCFhK4ccEPLb4RBstRydn50
QjAMeb7qsc2MDFH40kCMjl125Trr4kjQprjm0bAqVLicvbd29hAHBr5O3WvGXwBW
lxWG+Y5WuZ3PbF+tRT+TA07mY9cwlRa0gkaYdUv/S4sC+VO9OV3iQ/psY4buFWBM
Wl9ZBiUHSmFP6BnjzUMksrMh6wnJUdLHTD6rllo2qOicomkCRtJ9VKVLHzZzBrGa
oI4uYoM6MtjbAw==
-----END CERTIFICATE-----