Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
File:                     3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json)
Hash identifier:          Oc6BQQJ8jjMECgdDxZM6x9vhRG1aTSm4Cd3zUhcydZU=
Subject key identifier:   2B:74:16:52:6A:25:A4:7F:B0:9A:7A:29:53:5C:F3:22:20:B2:EB:A1
Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52
Certificate issuer:       /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
Certificate serial:       01968391D8454C823243E9799A8041EF1C7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
Manifest number:          05A7
Signing time:             Tue 29 Apr 2025 22:01:35 +0000
Manifest this update:     Tue 29 Apr 2025 22:01:35 +0000
Manifest next update:     Wed 30 Apr 2025 22:01:35 +0000
Files and hashes:         1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: SGGntCoD1TeMG/oPwfjp9jsnEr6o8rvsrr3ok7V/Wik=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 22:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:91:d8:45:4c:82:32:43:e9:79:9a:80:41:ef:1c:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
        Validity
            Not Before: Apr 29 22:01:35 2025 GMT
            Not After : Apr 30 22:01:35 2025 GMT
        Subject: CN=2b7416526a25a47fb09a7a29535cf32220b2eba1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:0c:a6:05:d4:08:5b:fe:64:f1:6a:60:b8:67:
                    6c:b7:16:97:86:12:60:85:86:1c:e9:9e:61:0d:5f:
                    f3:65:e8:90:0d:8d:ec:bb:e9:3d:9d:a7:89:3f:92:
                    25:c3:9b:f5:d0:2f:1b:0f:7e:f1:01:d5:87:fd:f5:
                    7f:9a:38:cc:fa:2c:8c:05:70:a2:f0:7c:79:c3:f2:
                    cc:6a:32:1a:cc:d3:e7:4e:e5:93:f6:d4:f6:5e:5c:
                    ea:6a:95:cf:5c:26:b3:60:1e:73:76:49:ec:95:c2:
                    80:4a:c4:3c:6a:2f:91:d6:e5:96:67:63:b8:fe:2b:
                    e2:39:f3:2e:75:2c:2e:ff:c3:88:c7:f6:29:e4:ef:
                    f5:57:ad:b6:6a:48:70:1d:fe:c9:aa:ed:30:8b:4e:
                    dd:b1:8d:13:d8:cb:2d:f1:54:1f:87:fa:11:fb:5c:
                    37:24:bb:22:b0:b6:2e:66:76:88:46:46:8e:37:07:
                    d8:47:cb:f8:6e:e1:aa:8e:a0:57:b7:c8:6b:40:dc:
                    13:71:fc:cb:3d:06:db:73:76:ed:e1:c4:e8:b3:db:
                    76:96:2d:3d:ef:ad:6c:fa:80:35:c1:a5:e5:ec:49:
                    05:0b:48:55:6f:fb:c2:0c:ec:20:b5:9f:09:bd:f9:
                    0b:89:16:f4:44:18:e4:80:26:db:19:89:2c:49:12:
                    ed:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:74:16:52:6A:25:A4:7F:B0:9A:7A:29:53:5C:F3:22:20:B2:EB:A1
            X509v3 Authority Key Identifier:
                keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:a9:1a:f2:c1:a8:e9:22:52:eb:fd:d3:34:26:7e:ed:24:d1:
         f0:03:ab:2f:a9:15:f1:7f:0c:d8:90:fb:c5:e4:8b:3e:9b:f8:
         fa:1e:22:4c:1d:4e:24:0b:fc:79:5a:28:16:95:29:ea:b3:ff:
         99:0f:2f:fd:93:e4:c3:94:7c:22:9d:5f:22:37:a3:45:49:1e:
         8a:e0:ac:cc:41:c0:9a:b8:49:27:16:b6:ef:75:51:ac:db:61:
         5b:e6:c6:40:b8:33:49:29:24:61:a0:dd:39:cd:46:31:a9:c4:
         59:3d:7c:ce:84:45:4c:b3:dc:4d:fd:f8:93:5a:2d:66:21:5d:
         e6:0a:71:ae:4e:ec:8c:3c:e1:64:ee:a7:a5:c0:5b:c3:0e:f3:
         d0:c5:7f:42:00:57:45:30:87:f9:09:9f:98:a5:c3:57:7a:79:
         ee:be:e6:d3:c7:78:af:97:8d:e2:b0:f6:52:3a:31:f5:9f:9a:
         9b:a8:2a:88:be:09:c8:7c:c7:e4:f7:62:2b:59:fc:f6:d7:12:
         8f:4d:4f:8f:e8:d5:f6:24:40:7d:8b:20:67:45:fe:1b:bd:ab:
         ba:7f:48:44:dc:eb:6e:61:91:76:29:b0:36:5c:45:ea:00:6d:
         3a:1e:1f:79:3e:89:7f:54:70:19:7e:c0:a5:23:43:a2:1c:5a:
         c4:8f:80:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaDkdhFTIIyQ+l5moBB7xx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh
OTIxNTIwHhcNMjUwNDI5MjIwMTM1WhcNMjUwNDMwMjIwMTM1WjAzMTEwLwYDVQQD
EygyYjc0MTY1MjZhMjVhNDdmYjA5YTdhMjk1MzVjZjMyMjIwYjJlYmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgymBdQIW/5k8WpguGdstxaXhhJg
hYYc6Z5hDV/zZeiQDY3su+k9naeJP5Ilw5v10C8bD37xAdWH/fV/mjjM+iyMBXCi
8Hx5w/LMajIazNPnTuWT9tT2XlzqapXPXCazYB5zdknslcKASsQ8ai+R1uWWZ2O4
/iviOfMudSwu/8OIx/Yp5O/1V622akhwHf7Jqu0wi07dsY0T2Mst8VQfh/oR+1w3
JLsisLYuZnaIRkaONwfYR8v4buGqjqBXt8hrQNwTcfzLPQbbc3bt4cTos9t2li09
761s+oA1waXl7EkFC0hVb/vCDOwgtZ8JvfkLiRb0RBjkgCbbGYksSRLt4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCt0FlJqJaR/sJp6KVNc8yIgsuuhMB8GA1UdIwQY
MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It
YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz
LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXaka8sGo
6SJS6/3TNCZ+7STR8AOrL6kV8X8M2JD7xeSLPpv4+h4iTB1OJAv8eVooFpUp6rP/
mQ8v/ZPkw5R8Ip1fIjejRUkeiuCszEHAmrhJJxa273VRrNthW+bGQLgzSSkkYaDd
Oc1GManEWT18zoRFTLPcTf34k1otZiFd5gpxrk7sjDzhZO6npcBbww7z0MV/QgBX
RTCH+QmfmKXDV3p57r7m08d4r5eN4rD2Ujox9Z+am6gqiL4JyHzH5PdiK1n89tcS
j01Pj+jV9iRAfYsgZ0X+G72run9IRNzrbmGRdimwNlxF6gBtOh4feT6Jf1RwGX7A
pSNDohxaxI+Aig==
-----END CERTIFICATE-----