Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
File:                     3DC4_dBG72WGgJfwNrinyFVyqtA.mft (raw, json)
Hash identifier:          CzJhaEzc3A5hBVfhGQnUojFGYEppmUAyKLsytTf5F7w=
Subject key identifier:   9C:35:61:17:13:83:8D:3B:05:24:63:F2:9C:DC:BC:53:DB:AD:2B:DF
Authority key identifier: DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0
Certificate issuer:       /CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
Certificate serial:       01967679D5B5470D22B5F37DA72C56B9CCB6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
Manifest number:          150C
Signing time:             Sun 27 Apr 2025 09:00:18 +0000
Manifest this update:     Sun 27 Apr 2025 09:00:18 +0000
Manifest next update:     Mon 28 Apr 2025 09:00:18 +0000
Files and hashes:         1: 3DC4_dBG72WGgJfwNrinyFVyqtA.crl (hash: QXA/o+MEqT5RsSNd6Yaatdu23niOUadISdqeIhRMjVw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:79:d5:b5:47:0d:22:b5:f3:7d:a7:2c:56:b9:cc:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
        Validity
            Not Before: Apr 27 09:00:18 2025 GMT
            Not After : Apr 28 09:00:18 2025 GMT
        Subject: CN=9c35611713838d3b052463f29cdcbc53dbad2bdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:3d:50:89:ff:05:a5:96:03:aa:26:0d:06:50:
                    50:17:ac:bd:4b:f8:b0:7d:97:e2:0e:e3:6e:90:cf:
                    4c:42:51:38:b6:f2:3b:fe:d4:63:8c:8b:4f:48:f6:
                    b6:8d:27:8e:eb:da:38:83:00:87:c8:31:dc:04:5f:
                    29:8b:85:84:a9:06:c7:d0:31:70:d1:67:b2:c2:a9:
                    69:70:c9:d6:57:e1:a7:32:f3:54:f5:56:e5:22:2c:
                    7b:f5:a9:20:b8:10:cd:1e:5a:c9:e9:d2:6e:dd:23:
                    b2:e8:4e:54:5d:68:8c:2b:83:d4:4b:eb:27:0c:02:
                    95:28:74:8e:a6:91:5b:7c:08:4b:19:3a:76:b0:bb:
                    d3:73:e5:3b:f6:1d:77:87:2f:52:59:d7:c7:0e:fa:
                    e4:48:34:c8:ef:25:44:5f:8c:c7:11:f2:08:2c:49:
                    5d:19:c8:cd:5c:72:c5:a7:bf:04:3e:df:04:ff:0c:
                    b3:5d:4b:f6:be:fa:bf:53:c9:93:aa:9d:d4:e7:99:
                    47:4b:ad:41:10:f8:16:e3:a1:f1:e2:22:e5:a0:0f:
                    d0:18:6e:db:a5:67:ed:8f:8b:66:42:85:f8:38:b7:
                    60:80:3d:cf:6b:71:51:7b:de:2d:c0:7a:2b:27:4d:
                    77:2d:2c:f4:0f:4f:db:ca:93:a7:88:cc:4b:94:02:
                    a3:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:35:61:17:13:83:8D:3B:05:24:63:F2:9C:DC:BC:53:DB:AD:2B:DF
            X509v3 Authority Key Identifier:
                keyid:DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:05:7d:d4:62:7d:ee:83:99:56:8b:fb:08:e2:4b:51:fa:4e:
         10:f6:f6:2d:e6:e1:b3:7b:ad:06:01:1b:c2:21:85:d3:96:da:
         3c:13:f8:76:59:11:35:3a:5f:8c:fe:a0:19:a6:45:41:c8:74:
         34:8b:47:91:ce:87:83:57:12:21:f2:aa:7d:d7:2c:b7:13:ec:
         8f:4c:d1:00:a4:76:45:6d:a7:01:6d:9a:42:8f:71:cb:e3:f1:
         85:f1:7b:5e:cb:0b:47:08:c9:32:5c:73:2d:4d:9b:2e:ab:0e:
         d0:79:49:7c:f1:91:ec:0c:c9:1d:dd:7c:99:51:c0:9c:25:1b:
         f0:9a:78:30:cd:ff:1b:77:a4:da:22:55:a4:41:70:7b:c0:12:
         9b:83:09:b0:91:b5:26:75:a1:b8:22:a7:cc:8e:ba:98:e7:1e:
         92:ea:40:77:eb:b7:a4:a2:8d:c5:0d:74:d2:1b:66:37:e6:8c:
         4e:6a:87:80:a1:92:28:ad:0c:60:35:73:96:91:69:ad:9e:6a:
         2d:3c:c2:d5:37:8a:dd:3a:d1:d7:00:22:65:90:3d:20:e7:c7:
         c3:97:e0:3f:51:66:34:55:cd:cd:43:9b:fa:99:81:91:06:cf:
         2d:51:95:3f:95:09:86:59:28:da:c3:92:d7:33:15:ad:f6:16:
         8e:ad:41:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2edW1Rw0itfN9pyxWucy2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzBiOGZkZDA0NmVmNjU4NjgwOTdmMDM2YjhhN2M4NTU3
MmFhZDAwHhcNMjUwNDI3MDkwMDE4WhcNMjUwNDI4MDkwMDE4WjAzMTEwLwYDVQQD
Eyg5YzM1NjExNzEzODM4ZDNiMDUyNDYzZjI5Y2RjYmM1M2RiYWQyYmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj1Qif8FpZYDqiYNBlBQF6y9S/iw
fZfiDuNukM9MQlE4tvI7/tRjjItPSPa2jSeO69o4gwCHyDHcBF8pi4WEqQbH0DFw
0WeywqlpcMnWV+GnMvNU9VblIix79akguBDNHlrJ6dJu3SOy6E5UXWiMK4PUS+sn
DAKVKHSOppFbfAhLGTp2sLvTc+U79h13hy9SWdfHDvrkSDTI7yVEX4zHEfIILEld
GcjNXHLFp78EPt8E/wyzXUv2vvq/U8mTqp3U55lHS61BEPgW46Hx4iLloA/QGG7b
pWftj4tmQoX4OLdggD3Pa3FRe94twHorJ013LSz0D0/bypOniMxLlAKjVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJw1YRcTg407BSRj8pzcvFPbrSvfMB8GA1UdIwQY
MBaAFNwwuP3QRu9lhoCX8Da4p8hVcqrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYt
MjlhMGFhNmM0YWQxLzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYtMjlhMGFhNmM0YWQx
LzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtQV91GJ9
7oOZVov7COJLUfpOEPb2Lebhs3utBgEbwiGF05baPBP4dlkRNTpfjP6gGaZFQch0
NItHkc6Hg1cSIfKqfdcstxPsj0zRAKR2RW2nAW2aQo9xy+PxhfF7XssLRwjJMlxz
LU2bLqsO0HlJfPGR7AzJHd18mVHAnCUb8Jp4MM3/G3ek2iJVpEFwe8ASm4MJsJG1
JnWhuCKnzI66mOcekupAd+u3pKKNxQ100htmN+aMTmqHgKGSKK0MYDVzlpFprZ5q
LTzC1TeK3TrR1wAiZZA9IOfHw5fgP1FmNFXNzUOb+pmBkQbPLVGVP5UJhlko2sOS
1zMVrfYWjq1Bng==
-----END CERTIFICATE-----