Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
File:                     PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft (raw, json)
Hash identifier:          GlRgKqoNcBUGcLi351lKccXbArj27yK3XTWIpviRz8g=
Subject key identifier:   01:74:A4:C2:42:00:4A:AF:73:67:A9:C4:2F:05:D0:1A:BB:26:73:21
Authority key identifier: 3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6
Certificate issuer:       /CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
Certificate serial:       0196857FDEA2330C3B9A8EA12CDA111162F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
Manifest number:          029B
Signing time:             Wed 30 Apr 2025 07:01:11 +0000
Manifest this update:     Wed 30 Apr 2025 07:01:11 +0000
Manifest next update:     Thu 01 May 2025 07:01:11 +0000
Files and hashes:         1: PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl (hash: Svx96WelptCMNgDrAFeMqTX0sCf2J9ByAO1B7QJuD/g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:85:7f:de:a2:33:0c:3b:9a:8e:a1:2c:da:11:11:62:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
        Validity
            Not Before: Apr 30 07:01:11 2025 GMT
            Not After : May  1 07:01:11 2025 GMT
        Subject: CN=0174a4c242004aaf7367a9c42f05d01abb267321
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:9a:72:ac:d9:4d:57:e7:29:54:71:1d:88:34:
                    96:39:12:e1:6c:c8:f5:6d:f1:d5:19:ee:d0:1e:8f:
                    e3:ee:b1:e9:48:1e:71:d0:b6:37:81:ec:f5:c1:58:
                    51:47:2f:bd:13:f2:3b:fd:f5:a4:82:7a:b1:ba:0d:
                    5a:49:cd:7a:51:e2:b4:5f:05:e1:10:c6:f4:e1:c7:
                    2a:8b:9d:ee:61:fc:bb:0b:9a:9b:95:98:a4:72:2e:
                    68:40:e4:2d:62:90:fd:7f:86:d5:21:fa:22:78:4a:
                    e6:1d:b9:22:17:a2:95:6b:2e:e4:6d:33:1b:ef:47:
                    c9:89:3c:61:61:d1:f1:cd:49:ba:5b:a7:23:f7:90:
                    6f:d7:71:2c:80:e6:1f:60:c7:71:7d:8a:e2:27:58:
                    df:9b:2e:de:96:4f:7c:6d:c1:2b:49:30:84:4e:74:
                    9d:4e:a0:90:d1:70:0d:19:a7:a9:57:31:7b:c9:a4:
                    6c:d0:b0:cd:47:16:c4:65:30:0a:0b:b1:5e:59:73:
                    43:72:70:b0:5e:6b:77:ca:3d:41:5b:ee:2d:4a:b9:
                    eb:0d:28:c4:90:4d:37:63:92:73:b6:08:ba:52:ee:
                    fb:e9:e0:c9:9a:72:d5:b0:1b:d7:34:d1:d7:c0:15:
                    31:90:fc:2f:a0:57:4c:d5:ff:7a:3f:c4:d5:e3:be:
                    48:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:74:A4:C2:42:00:4A:AF:73:67:A9:C4:2F:05:D0:1A:BB:26:73:21
            X509v3 Authority Key Identifier:
                keyid:3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:6b:79:7e:60:c9:dd:01:b6:4e:55:39:8d:de:e5:b9:12:dd:
         21:1d:74:19:76:88:6d:37:81:06:19:21:f2:b8:06:0c:05:2a:
         d9:9d:99:d0:1a:e9:56:59:e0:a9:6d:5e:35:1f:04:bd:6b:4f:
         eb:97:79:c6:b1:71:20:44:fd:b5:82:25:21:cc:9e:70:87:eb:
         fb:f5:9d:be:88:c9:0d:fb:e5:3f:b0:66:ae:38:fe:90:8f:4e:
         d1:8d:2c:1b:24:9e:c7:ac:6a:56:cc:5e:dd:9a:ef:8a:27:34:
         fc:ae:40:67:1c:7b:d8:25:11:1f:52:ac:88:ef:63:de:63:3d:
         89:ad:24:3d:d7:7b:29:d1:3a:18:c7:35:c5:4f:10:b8:c4:71:
         86:63:f1:3a:77:67:b4:ed:f5:7d:5e:b5:a7:86:ae:2e:7c:dc:
         19:41:41:e8:43:f3:39:5f:43:5f:49:ca:28:bd:15:4a:a1:ef:
         f9:19:66:6f:d6:f5:d9:80:b2:dc:03:31:24:1e:08:f7:e9:8b:
         f0:c4:89:3c:b6:92:b0:db:ea:b8:63:20:3d:90:78:22:6f:8a:
         8d:1d:6f:95:27:42:69:e8:f3:ee:c6:ee:06:56:97:b0:e7:7e:
         9a:ab:c3:e8:ac:cf:c2:3d:d4:38:b5:cd:07:30:37:ff:2c:52:
         ff:9b:54:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaFf96iMww7mo6hLNoREWL2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMWI2N2NjZGE0OWM4ZGU0ODkyOTM0MWY2ZGU4YTJiNjAy
NWIzYTYwHhcNMjUwNDMwMDcwMTExWhcNMjUwNTAxMDcwMTExWjAzMTEwLwYDVQQD
EygwMTc0YTRjMjQyMDA0YWFmNzM2N2E5YzQyZjA1ZDAxYWJiMjY3MzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JpyrNlNV+cpVHEdiDSWORLhbMj1
bfHVGe7QHo/j7rHpSB5x0LY3gez1wVhRRy+9E/I7/fWkgnqxug1aSc16UeK0XwXh
EMb04ccqi53uYfy7C5qblZikci5oQOQtYpD9f4bVIfoieErmHbkiF6KVay7kbTMb
70fJiTxhYdHxzUm6W6cj95Bv13EsgOYfYMdxfYriJ1jfmy7elk98bcErSTCETnSd
TqCQ0XANGaepVzF7yaRs0LDNRxbEZTAKC7FeWXNDcnCwXmt3yj1BW+4tSrnrDSjE
kE03Y5Jztgi6Uu776eDJmnLVsBvXNNHXwBUxkPwvoFdM1f96P8TV475ISQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAF0pMJCAEqvc2epxC8F0Bq7JnMhMB8GA1UdIwQY
MBaAFD0bZ8zaScjeSJKTQfbeiitgJbOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMt
MDhiMjRiZTEyNjg5LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMtMDhiMjRiZTEyNjg5
LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdmt5fmDJ
3QG2TlU5jd7luRLdIR10GXaIbTeBBhkh8rgGDAUq2Z2Z0BrpVlngqW1eNR8EvWtP
65d5xrFxIET9tYIlIcyecIfr+/WdvojJDfvlP7Bmrjj+kI9O0Y0sGySex6xqVsxe
3Zrviic0/K5AZxx72CURH1KsiO9j3mM9ia0kPdd7KdE6GMc1xU8QuMRxhmPxOndn
tO31fV61p4auLnzcGUFB6EPzOV9DX0nKKL0VSqHv+Rlmb9b12YCy3AMxJB4I9+mL
8MSJPLaSsNvquGMgPZB4Im+KjR1vlSdCaejz7sbuBlaXsOd+mqvD6KzPwj3UOLXN
BzA3/yxS/5tUDw==
-----END CERTIFICATE-----