Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/c56b1b-4b10-41dc-9ffa-db5160ee74e7/1/8E3LHKHUaLwERw8dtKRuz1uCeEg.mft
File:                     8E3LHKHUaLwERw8dtKRuz1uCeEg.mft (raw, json)
Hash identifier:          UTw6MaaXRa5hoFwDLzJ5/wtYtobeG7RmNMfIn8FaU3s=
Subject key identifier:   EB:5B:DD:4C:18:7F:BC:AE:BC:1B:C5:34:23:80:89:01:3B:74:59:48
Authority key identifier: F0:4D:CB:1C:A1:D4:68:BC:04:47:0F:1D:B4:A4:6E:CF:5B:82:78:48
Certificate issuer:       /CN=f04dcb1ca1d468bc04470f1db4a46ecf5b827848
Certificate serial:       0196B0A109CD9FCF16AFBE623A56D7D4C6F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8E3LHKHUaLwERw8dtKRuz1uCeEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/c56b1b-4b10-41dc-9ffa-db5160ee74e7/1/8E3LHKHUaLwERw8dtKRuz1uCeEg.mft
Manifest number:          01AC
Signing time:             Thu 08 May 2025 16:01:05 +0000
Manifest this update:     Thu 08 May 2025 16:01:05 +0000
Manifest next update:     Fri 09 May 2025 16:01:05 +0000
Files and hashes:         1: 8E3LHKHUaLwERw8dtKRuz1uCeEg.crl (hash: ChUzcDshEaf4MsZaUmO06myW9ZwKn/K05tdL3xV/T5Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/c56b1b-4b10-41dc-9ffa-db5160ee74e7/1/8E3LHKHUaLwERw8dtKRuz1uCeEg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/c56b1b-4b10-41dc-9ffa-db5160ee74e7/1/8E3LHKHUaLwERw8dtKRuz1uCeEg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8E3LHKHUaLwERw8dtKRuz1uCeEg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 15:42:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b0:a1:09:cd:9f:cf:16:af:be:62:3a:56:d7:d4:c6:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f04dcb1ca1d468bc04470f1db4a46ecf5b827848
        Validity
            Not Before: May  8 16:01:05 2025 GMT
            Not After : May  9 16:01:05 2025 GMT
        Subject: CN=eb5bdd4c187fbcaebc1bc534238089013b745948
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:2f:ee:85:9c:21:d3:6f:bf:57:e0:ff:d6:2e:
                    6a:c7:69:c3:4f:9d:37:67:ec:b0:72:de:18:2c:01:
                    77:ea:93:82:15:71:5b:ee:75:f9:9a:07:c8:3c:d2:
                    25:f4:93:79:d9:ed:37:ac:e4:8b:4f:d3:ab:43:9a:
                    81:2a:70:b9:24:f8:0b:dc:36:f5:08:81:4e:0f:66:
                    b7:a7:09:63:3c:a0:d1:dc:d3:47:f3:f5:00:94:8a:
                    e5:7f:9d:22:e6:6e:db:6b:92:c4:35:96:ac:c2:30:
                    73:a3:a1:af:b2:4a:44:fc:a3:94:af:2e:73:dc:6d:
                    17:f3:7b:ff:9c:41:38:44:97:6a:07:18:b8:dc:18:
                    9c:52:bf:bd:f1:e3:c9:b3:ea:8d:2b:cc:c5:12:c6:
                    4f:21:22:14:1a:0c:90:19:42:87:5a:1b:1f:b4:46:
                    d6:29:64:b3:0b:86:6f:c9:b1:3e:5b:48:c3:57:24:
                    a5:a4:24:c3:e0:19:9b:34:56:4a:c5:0a:32:75:e0:
                    e7:26:5b:0c:bf:15:fe:7c:fb:8e:1a:fb:66:d1:d6:
                    92:e7:e1:9d:f5:f7:76:af:9d:79:46:2c:1a:a7:5f:
                    71:2f:27:b8:cf:55:2a:be:02:9d:6b:a5:e0:82:76:
                    ea:3b:30:4a:41:4c:6e:b3:a0:11:60:c8:44:33:a1:
                    bc:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:5B:DD:4C:18:7F:BC:AE:BC:1B:C5:34:23:80:89:01:3B:74:59:48
            X509v3 Authority Key Identifier:
                keyid:F0:4D:CB:1C:A1:D4:68:BC:04:47:0F:1D:B4:A4:6E:CF:5B:82:78:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E3LHKHUaLwERw8dtKRuz1uCeEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c56b1b-4b10-41dc-9ffa-db5160ee74e7/1/8E3LHKHUaLwERw8dtKRuz1uCeEg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c56b1b-4b10-41dc-9ffa-db5160ee74e7/1/8E3LHKHUaLwERw8dtKRuz1uCeEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:03:06:02:05:dd:76:87:ac:bc:54:e1:9e:97:ba:91:87:db:
         32:1f:97:6c:e5:f7:89:56:c5:ed:e3:32:46:00:16:a5:ea:15:
         19:cd:28:32:b1:96:ae:8d:f3:4a:24:28:3c:a0:4d:98:8b:24:
         70:33:6b:f0:5c:11:5a:47:25:23:36:d4:a3:c8:ee:55:61:63:
         4e:85:94:00:47:c3:60:1c:4b:d3:7a:86:82:7b:53:c8:11:25:
         02:da:38:f3:5c:ed:1a:b8:3e:7e:18:c6:21:03:ba:be:bf:8c:
         86:cf:0c:cf:25:ff:4d:d5:27:f0:43:94:9e:7a:c7:b8:aa:ec:
         ad:22:07:bf:ed:4b:dc:60:ec:35:bd:e0:cb:ff:71:f2:62:dd:
         0b:7b:0b:16:9a:a4:71:17:84:24:90:75:06:45:95:af:be:f5:
         46:43:16:ad:0e:45:d8:dc:51:fa:61:9a:19:74:21:e9:ad:4a:
         a7:64:91:66:de:d4:d9:bc:0b:c3:ce:bf:f7:0e:4a:ef:0e:50:
         aa:e6:2b:06:6a:de:7d:83:93:59:3a:a2:8b:1a:a0:08:75:b5:
         db:85:5b:6f:92:5a:97:ca:26:b5:ec:72:bd:19:53:25:1a:d2:
         d2:b0:57:20:84:fd:bf:21:33:e1:a9:a8:5e:34:6b:7a:39:d2:
         86:c6:ca:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZawoQnNn88Wr75iOlbX1Mb4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGRjYjFjYTFkNDY4YmMwNDQ3MGYxZGI0YTQ2ZWNmNWI4
Mjc4NDgwHhcNMjUwNTA4MTYwMTA1WhcNMjUwNTA5MTYwMTA1WjAzMTEwLwYDVQQD
EyhlYjViZGQ0YzE4N2ZiY2FlYmMxYmM1MzQyMzgwODkwMTNiNzQ1OTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC/uhZwh02+/V+D/1i5qx2nDT503
Z+ywct4YLAF36pOCFXFb7nX5mgfIPNIl9JN52e03rOSLT9OrQ5qBKnC5JPgL3Db1
CIFOD2a3pwljPKDR3NNH8/UAlIrlf50i5m7ba5LENZaswjBzo6GvskpE/KOUry5z
3G0X83v/nEE4RJdqBxi43BicUr+98ePJs+qNK8zFEsZPISIUGgyQGUKHWhsftEbW
KWSzC4ZvybE+W0jDVySlpCTD4BmbNFZKxQoydeDnJlsMvxX+fPuOGvtm0daS5+Gd
9fd2r515Riwap19xLye4z1UqvgKda6XggnbqOzBKQUxus6ARYMhEM6G8/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOtb3UwYf7yuvBvFNCOAiQE7dFlIMB8GA1UdIwQY
MBaAFPBNyxyh1Gi8BEcPHbSkbs9bgnhIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEUzTEhLSFVhTHdFUnc4ZHRLUnV6MXVDZUVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9jNTZiMWItNGIxMC00MWRjLTlmZmEt
ZGI1MTYwZWU3NGU3LzEvOEUzTEhLSFVhTHdFUnc4ZHRLUnV6MXVDZUVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9jNTZiMWItNGIxMC00MWRjLTlmZmEtZGI1MTYwZWU3NGU3
LzEvOEUzTEhLSFVhTHdFUnc4ZHRLUnV6MXVDZUVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIQMGAgXd
doesvFThnpe6kYfbMh+XbOX3iVbF7eMyRgAWpeoVGc0oMrGWro3zSiQoPKBNmIsk
cDNr8FwRWkclIzbUo8juVWFjToWUAEfDYBxL03qGgntTyBElAto481ztGrg+fhjG
IQO6vr+Mhs8MzyX/TdUn8EOUnnrHuKrsrSIHv+1L3GDsNb3gy/9x8mLdC3sLFpqk
cReEJJB1BkWVr771RkMWrQ5F2NxR+mGaGXQh6a1Kp2SRZt7U2bwLw86/9w5K7w5Q
quYrBmrefYOTWTqiixqgCHW124Vbb5Jal8omtexyvRlTJRrS0rBXIIT9vyEz4amo
XjRrejnShsbKlQ==
-----END CERTIFICATE-----