Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
File:                     3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json)
Hash identifier:          NzPZOcU0NDrwfXNTZAVy+WZheRVFozlqfygGTxAzob0=
Subject key identifier:   CF:EB:89:30:63:A2:E8:19:A2:6F:A4:F8:C7:00:5E:CB:F0:62:C0:AE
Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9
Certificate issuer:       /CN=dd1738311581228ad28753944be8bcf2169faba9
Certificate serial:       019677FAF8D52EF54E1C8637B7C8A91AB4DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
Manifest number:          0CB1
Signing time:             Sun 27 Apr 2025 16:00:58 +0000
Manifest this update:     Sun 27 Apr 2025 16:00:58 +0000
Manifest next update:     Mon 28 Apr 2025 16:00:58 +0000
Files and hashes:         1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: f/TwpOhFz/ArTzso3ssVMFvLssw4gWpO2o6g2oZgx8M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fa:f8:d5:2e:f5:4e:1c:86:37:b7:c8:a9:1a:b4:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9
        Validity
            Not Before: Apr 27 16:00:58 2025 GMT
            Not After : Apr 28 16:00:58 2025 GMT
        Subject: CN=cfeb893063a2e819a26fa4f8c7005ecbf062c0ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:15:66:80:a9:f4:6f:4a:27:10:dd:08:a3:c1:
                    01:df:a3:47:d9:06:52:e2:c6:b3:76:7e:70:6a:e8:
                    87:84:8d:6d:d0:64:1b:44:2a:43:7d:1a:0b:a3:e9:
                    95:6f:2f:d4:41:dd:ea:a6:13:0b:9e:4f:03:86:bb:
                    bc:b4:39:b7:2b:1c:49:ab:b6:f3:97:f3:fc:d9:27:
                    38:b7:a5:07:e8:4d:f5:ea:47:70:74:37:d6:b8:5e:
                    14:33:44:09:77:76:bf:42:1c:94:ad:0c:2a:4e:aa:
                    b7:74:b2:74:cd:77:53:39:41:54:b1:6a:c3:e2:bb:
                    98:73:9a:b3:a3:08:6a:e7:5f:48:87:9c:2a:f3:76:
                    fc:82:75:13:00:f4:1d:17:9f:25:99:43:21:e4:89:
                    b6:54:5b:8e:63:6b:b7:aa:45:3f:c7:f1:32:69:ce:
                    c2:82:57:ee:b7:13:8c:14:9c:d5:10:d1:66:a2:d5:
                    e8:0e:d0:07:7d:f9:57:df:36:de:b4:8e:05:62:c3:
                    2d:d3:0a:04:83:7a:2b:ba:e7:6a:67:17:e7:61:29:
                    d1:c1:4a:9f:6c:33:aa:38:dd:e3:40:c5:66:0d:d9:
                    1a:28:31:fd:a2:e3:9c:5c:14:8c:c1:76:11:ea:5e:
                    74:f8:c6:7b:d3:dd:7a:35:87:cc:87:2c:be:e2:87:
                    ba:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:EB:89:30:63:A2:E8:19:A2:6F:A4:F8:C7:00:5E:CB:F0:62:C0:AE
            X509v3 Authority Key Identifier:
                keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:7a:30:0f:b3:54:cc:61:09:61:b1:3c:29:b9:73:12:8c:e0:
         bc:78:47:19:c8:d1:2e:b7:5e:7c:be:eb:af:0f:f0:3c:8a:66:
         a5:3b:13:cb:30:a8:77:b3:5b:59:50:bd:5b:86:8d:46:b3:ab:
         96:d9:93:c7:0a:0b:a1:2f:a8:2a:f2:98:bf:f6:5e:a2:ab:a9:
         c4:a1:c1:08:b7:14:11:7a:fe:63:a0:f4:e1:08:22:2b:7d:9d:
         2f:33:37:94:33:85:5a:22:f0:1a:63:b7:7b:98:32:01:e2:8f:
         47:70:ce:69:e5:8a:78:2b:de:6e:0c:06:9b:e2:6a:df:a5:d0:
         4f:a8:8f:77:17:e6:9f:d0:4e:9c:80:bd:78:29:c9:be:7c:fc:
         a0:76:b8:57:9f:7a:11:c0:4c:c6:42:b1:04:71:cb:bc:2e:99:
         fb:bf:5b:d6:84:33:e5:b3:b9:b7:c3:3b:23:55:cd:d6:d2:0e:
         bf:de:b4:d2:8a:15:26:fa:00:a4:c0:fd:ee:bf:79:d4:33:ef:
         85:b9:36:6a:5c:e7:43:5a:fc:c3:f7:23:8c:61:6a:d2:89:db:
         9c:89:db:c9:a5:ed:54:cd:8e:02:23:1e:9e:e2:5b:3a:5f:15:
         ce:d0:81:f9:df:8a:76:d3:6c:21:87:ce:6e:a8:d5:3b:45:a7:
         d7:55:ce:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+vjVLvVOHIY3t8ipGrTaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5
ZmFiYTkwHhcNMjUwNDI3MTYwMDU4WhcNMjUwNDI4MTYwMDU4WjAzMTEwLwYDVQQD
EyhjZmViODkzMDYzYTJlODE5YTI2ZmE0ZjhjNzAwNWVjYmYwNjJjMGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRVmgKn0b0onEN0Io8EB36NH2QZS
4sazdn5wauiHhI1t0GQbRCpDfRoLo+mVby/UQd3qphMLnk8Dhru8tDm3KxxJq7bz
l/P82Sc4t6UH6E316kdwdDfWuF4UM0QJd3a/QhyUrQwqTqq3dLJ0zXdTOUFUsWrD
4ruYc5qzowhq519Ih5wq83b8gnUTAPQdF58lmUMh5Im2VFuOY2u3qkU/x/Eyac7C
glfutxOMFJzVENFmotXoDtAHfflX3zbetI4FYsMt0woEg3oruudqZxfnYSnRwUqf
bDOqON3jQMVmDdkaKDH9ouOcXBSMwXYR6l50+MZ70916NYfMhyy+4oe68wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM/riTBjougZom+k+McAXsvwYsCuMB8GA1UdIwQY
MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt
YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm
LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEHowD7NU
zGEJYbE8KblzEozgvHhHGcjRLrdefL7rrw/wPIpmpTsTyzCod7NbWVC9W4aNRrOr
ltmTxwoLoS+oKvKYv/ZeoqupxKHBCLcUEXr+Y6D04QgiK32dLzM3lDOFWiLwGmO3
e5gyAeKPR3DOaeWKeCvebgwGm+Jq36XQT6iPdxfmn9BOnIC9eCnJvnz8oHa4V596
EcBMxkKxBHHLvC6Z+79b1oQz5bO5t8M7I1XN1tIOv9600ooVJvoApMD97r951DPv
hbk2alznQ1r8w/cjjGFq0onbnInbyaXtVM2OAiMenuJbOl8VztCB+d+KdtNsIYfO
bqjVO0Wn11XOFQ==
-----END CERTIFICATE-----