Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
File:                     RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft (raw, json)
Hash identifier:          bG7nHvnmgawaeMPjuwKusvl/2R4Lgal/qIL5uHB/fh0=
Subject key identifier:   2F:3D:1E:66:E6:17:A2:51:8B:30:0E:E7:F9:33:66:38:13:24:BE:AD
Authority key identifier: 44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C
Certificate issuer:       /CN=44f5ceb34bb77228982ecf41a400fab1046d966c
Certificate serial:       019676435A31E63269FA5957724FB7A7900A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
Manifest number:          0D8F
Signing time:             Sun 27 Apr 2025 08:00:47 +0000
Manifest this update:     Sun 27 Apr 2025 08:00:47 +0000
Manifest next update:     Mon 28 Apr 2025 08:00:47 +0000
Files and hashes:         1: RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl (hash: dFEqejnFz3jQn5fGflDK+LXUZGtB3cqYsNW0XoGlxZo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:43:5a:31:e6:32:69:fa:59:57:72:4f:b7:a7:90:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44f5ceb34bb77228982ecf41a400fab1046d966c
        Validity
            Not Before: Apr 27 08:00:47 2025 GMT
            Not After : Apr 28 08:00:47 2025 GMT
        Subject: CN=2f3d1e66e617a2518b300ee7f93366381324bead
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:90:ef:8d:0f:c1:86:ed:9e:aa:b1:c0:17:b9:
                    f8:da:08:1c:a4:c1:f1:cd:c9:21:03:6b:35:b1:6d:
                    30:13:5f:3d:8a:d4:59:64:7b:68:8f:51:1d:d0:69:
                    22:15:3b:50:d3:c0:9a:39:89:31:59:1a:45:e4:99:
                    2c:29:f6:5a:af:40:25:a8:b1:71:eb:32:ac:82:5e:
                    2c:3e:c2:0b:35:fe:a2:e4:31:df:3a:b3:e9:fd:04:
                    9c:6c:ce:c1:9f:2b:cf:1d:fc:a2:7d:98:1b:36:d7:
                    9a:67:90:57:47:18:82:19:f2:fd:42:f6:a6:c5:8c:
                    e7:f8:ac:c9:46:81:e4:93:6d:c7:2e:0f:c0:ae:60:
                    cf:19:2b:02:63:e0:fe:ff:12:72:2e:5c:f2:13:48:
                    72:8d:10:59:45:34:63:16:5f:97:e7:62:a5:85:cc:
                    f4:cd:cf:39:8a:94:8b:ae:cb:35:1a:f4:42:07:90:
                    c5:db:2f:50:02:18:b9:7b:60:15:de:80:48:19:31:
                    13:b4:92:5b:42:4e:37:9d:05:2e:79:0d:c6:2d:4e:
                    77:c8:3b:ea:0a:25:7b:84:8a:c9:80:41:36:e8:d7:
                    29:6b:0b:be:f0:51:cb:76:c5:20:09:eb:22:03:48:
                    51:18:dd:7e:2d:72:5c:23:4c:79:09:43:6f:4d:c2:
                    ec:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:3D:1E:66:E6:17:A2:51:8B:30:0E:E7:F9:33:66:38:13:24:BE:AD
            X509v3 Authority Key Identifier:
                keyid:44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:6a:60:0d:14:2f:39:80:cc:74:38:67:b1:be:9b:cb:0e:23:
         51:15:e7:50:1e:42:e5:b6:d0:c5:83:e9:88:78:5d:3c:f3:f5:
         61:56:eb:87:38:35:e2:6e:a0:70:08:59:40:8d:d0:82:0c:11:
         1d:58:6c:7f:68:49:1f:82:55:00:66:b1:9f:23:ec:a1:ae:ee:
         03:19:69:3e:f5:3a:02:55:4e:60:3b:f9:47:2a:e8:5a:cd:8f:
         4c:92:db:dd:66:54:f1:cd:db:d8:b9:40:b1:c3:5d:de:91:10:
         10:2d:85:c0:6a:99:bc:26:84:a4:74:1c:d7:70:42:b3:b6:af:
         66:e5:f8:76:92:3b:a8:48:c4:4e:43:3a:e5:0c:78:e8:ad:64:
         a1:ab:68:63:51:8c:da:c5:a5:e9:53:e8:3e:39:b8:c0:c0:3e:
         82:fd:05:24:06:12:26:a3:88:ba:ab:4e:1d:28:f3:87:11:51:
         36:7d:79:3a:06:a8:98:12:cf:2e:de:17:da:5e:7e:90:56:bc:
         a9:5b:e7:cf:34:48:94:63:b7:64:62:e3:ba:8a:59:8d:c8:c5:
         e3:e9:56:bd:b9:2c:71:6d:fa:6d:2b:f5:da:2e:fc:fb:a4:b7:
         71:f4:cf:71:4e:f4:f9:c7:52:65:3a:3a:dc:d2:8c:fb:ac:e2:
         e3:9b:13:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2Q1ox5jJp+llXck+3p5AKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjVjZWIzNGJiNzcyMjg5ODJlY2Y0MWE0MDBmYWIxMDQ2
ZDk2NmMwHhcNMjUwNDI3MDgwMDQ3WhcNMjUwNDI4MDgwMDQ3WjAzMTEwLwYDVQQD
EygyZjNkMWU2NmU2MTdhMjUxOGIzMDBlZTdmOTMzNjYzODEzMjRiZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25DvjQ/Bhu2eqrHAF7n42ggcpMHx
zckhA2s1sW0wE189itRZZHtoj1Ed0GkiFTtQ08CaOYkxWRpF5JksKfZar0AlqLFx
6zKsgl4sPsILNf6i5DHfOrPp/QScbM7BnyvPHfyifZgbNteaZ5BXRxiCGfL9Qvam
xYzn+KzJRoHkk23HLg/ArmDPGSsCY+D+/xJyLlzyE0hyjRBZRTRjFl+X52Klhcz0
zc85ipSLrss1GvRCB5DF2y9QAhi5e2AV3oBIGTETtJJbQk43nQUueQ3GLU53yDvq
CiV7hIrJgEE26Ncpawu+8FHLdsUgCesiA0hRGN1+LXJcI0x5CUNvTcLsBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC89HmbmF6JRizAO5/kzZjgTJL6tMB8GA1UdIwQY
MBaAFET1zrNLt3IomC7PQaQA+rEEbZZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMt
MTQ0OGFhZjkyZTI2LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMtMTQ0OGFhZjkyZTI2
LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASGpgDRQv
OYDMdDhnsb6byw4jURXnUB5C5bbQxYPpiHhdPPP1YVbrhzg14m6gcAhZQI3QggwR
HVhsf2hJH4JVAGaxnyPsoa7uAxlpPvU6AlVOYDv5RyroWs2PTJLb3WZU8c3b2LlA
scNd3pEQEC2FwGqZvCaEpHQc13BCs7avZuX4dpI7qEjETkM65Qx46K1koatoY1GM
2sWl6VPoPjm4wMA+gv0FJAYSJqOIuqtOHSjzhxFRNn15OgaomBLPLt4X2l5+kFa8
qVvnzzRIlGO3ZGLjuopZjcjF4+lWvbkscW36bSv12i78+6S3cfTPcU70+cdSZTo6
3NKM+6zi45sTQw==
-----END CERTIFICATE-----