Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b5ee32-c703-494d-89c0-6f830269899b/1/jTgcV7CbXiZ91UcVDbRVg46si6M.mft
File:                     jTgcV7CbXiZ91UcVDbRVg46si6M.mft (raw, json)
Hash identifier:          k6VaTOz/1kcNgyd4gAv2xtlmhCxwq1Uo+jlDezvCcsA=
Subject key identifier:   41:40:C1:E3:76:8F:F0:94:84:49:E2:A8:B3:5A:E6:03:FA:24:0A:29
Authority key identifier: 8D:38:1C:57:B0:9B:5E:26:7D:D5:47:15:0D:B4:55:83:8E:AC:8B:A3
Certificate issuer:       /CN=8d381c57b09b5e267dd547150db455838eac8ba3
Certificate serial:       01969115887FD0C26E52EEFCAC4BF3B54277
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jTgcV7CbXiZ91UcVDbRVg46si6M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/b5ee32-c703-494d-89c0-6f830269899b/1/jTgcV7CbXiZ91UcVDbRVg46si6M.mft
Manifest number:          02A3
Signing time:             Fri 02 May 2025 13:00:29 +0000
Manifest this update:     Fri 02 May 2025 13:00:29 +0000
Manifest next update:     Sat 03 May 2025 13:00:29 +0000
Files and hashes:         1: jTgcV7CbXiZ91UcVDbRVg46si6M.crl (hash: 6IvBViUbEsAvbPRuuGXu9NtllV6VNzAeyQH9chDkdaw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/b5ee32-c703-494d-89c0-6f830269899b/1/jTgcV7CbXiZ91UcVDbRVg46si6M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/b5ee32-c703-494d-89c0-6f830269899b/1/jTgcV7CbXiZ91UcVDbRVg46si6M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jTgcV7CbXiZ91UcVDbRVg46si6M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:91:15:88:7f:d0:c2:6e:52:ee:fc:ac:4b:f3:b5:42:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d381c57b09b5e267dd547150db455838eac8ba3
        Validity
            Not Before: May  2 13:00:29 2025 GMT
            Not After : May  3 13:00:29 2025 GMT
        Subject: CN=4140c1e3768ff0948449e2a8b35ae603fa240a29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:28:54:e0:4e:c6:1d:df:e5:46:ba:e8:9d:c5:
                    cb:83:57:a8:68:57:ed:b7:74:0c:2c:b8:85:39:33:
                    2d:8f:3f:cf:2a:ee:58:ca:00:82:0c:fd:e6:3f:b2:
                    85:9d:23:42:9c:9b:3f:d7:cc:51:9f:26:fa:87:1d:
                    f5:6f:87:ad:54:09:ca:79:f6:d1:be:5e:05:61:a0:
                    8e:f3:38:28:82:72:e4:cc:61:4f:35:67:fd:55:70:
                    21:a4:31:f4:36:6d:21:16:e7:e4:a8:f0:37:e3:da:
                    d5:91:d6:4f:ef:02:ba:38:20:90:da:dd:49:ac:ce:
                    a9:2d:77:77:f0:6d:78:26:48:33:d1:8f:91:f2:10:
                    27:56:96:e2:d8:07:e1:34:d7:a6:86:3b:76:e9:50:
                    6c:d9:2f:ff:5a:54:d5:a7:53:cf:4c:c0:5e:22:09:
                    e2:d6:22:db:12:51:e7:55:6b:b3:3d:71:3b:1c:1a:
                    ce:92:ea:b7:13:3b:f5:a3:67:a1:0b:fc:a4:21:3c:
                    1a:98:3c:08:77:7c:62:c3:08:41:73:0c:c0:ec:30:
                    b8:3a:78:9e:a3:f1:60:39:67:9f:ad:83:9f:ab:cf:
                    e2:80:e9:41:4a:d7:d2:bd:0a:29:3a:92:9f:7a:e0:
                    82:cc:37:88:d7:3f:c1:39:e2:8f:22:63:62:c6:da:
                    5b:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:40:C1:E3:76:8F:F0:94:84:49:E2:A8:B3:5A:E6:03:FA:24:0A:29
            X509v3 Authority Key Identifier:
                keyid:8D:38:1C:57:B0:9B:5E:26:7D:D5:47:15:0D:B4:55:83:8E:AC:8B:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jTgcV7CbXiZ91UcVDbRVg46si6M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b5ee32-c703-494d-89c0-6f830269899b/1/jTgcV7CbXiZ91UcVDbRVg46si6M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b5ee32-c703-494d-89c0-6f830269899b/1/jTgcV7CbXiZ91UcVDbRVg46si6M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:15:ab:6b:b0:61:dd:63:86:37:b1:08:5e:81:46:2b:d0:e8:
         9b:51:9d:8a:80:4a:a1:8e:e0:4b:04:6e:c3:f8:16:eb:c2:69:
         23:d2:ae:a3:57:78:c1:b8:de:92:7b:09:53:62:bd:13:90:ea:
         38:bd:80:3f:fe:85:08:0a:ad:5d:c4:85:84:ef:f6:dd:be:f4:
         29:37:fb:86:65:da:f2:7f:be:26:4a:7f:74:28:7a:56:2f:ca:
         74:e4:58:10:eb:2e:7d:cd:59:0e:5a:e6:21:e1:85:54:5d:61:
         9d:d2:b1:f5:be:3e:8e:99:20:d8:94:86:97:11:e5:f4:f8:81:
         fc:6c:69:e9:06:ee:11:b4:f3:92:f3:93:fe:30:62:e1:93:8d:
         48:d2:88:02:45:a1:98:85:1a:24:f1:0b:f8:f6:ee:5b:71:e7:
         d7:de:3c:ff:87:63:6f:1a:18:44:81:68:4d:32:4d:2e:2c:4d:
         77:31:0f:51:71:93:24:18:a5:a0:8e:cf:d4:de:3a:4a:9a:02:
         70:ed:f8:f7:98:13:f8:d6:55:3e:c4:a4:9d:41:5a:5f:d5:d7:
         95:47:bd:60:88:c4:dd:15:73:0f:7c:a1:8a:57:29:04:a0:73:
         ea:ed:9b:5d:99:fe:3a:77:99:b8:9b:ee:58:74:90:15:0a:05:
         b6:de:1a:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaRFYh/0MJuUu78rEvztUJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMzgxYzU3YjA5YjVlMjY3ZGQ1NDcxNTBkYjQ1NTgzOGVh
YzhiYTMwHhcNMjUwNTAyMTMwMDI5WhcNMjUwNTAzMTMwMDI5WjAzMTEwLwYDVQQD
Eyg0MTQwYzFlMzc2OGZmMDk0ODQ0OWUyYThiMzVhZTYwM2ZhMjQwYTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyhU4E7GHd/lRrroncXLg1eoaFft
t3QMLLiFOTMtjz/PKu5YygCCDP3mP7KFnSNCnJs/18xRnyb6hx31b4etVAnKefbR
vl4FYaCO8zgognLkzGFPNWf9VXAhpDH0Nm0hFufkqPA349rVkdZP7wK6OCCQ2t1J
rM6pLXd38G14Jkgz0Y+R8hAnVpbi2AfhNNemhjt26VBs2S//WlTVp1PPTMBeIgni
1iLbElHnVWuzPXE7HBrOkuq3Ezv1o2ehC/ykITwamDwId3xiwwhBcwzA7DC4Onie
o/FgOWefrYOfq8/igOlBStfSvQopOpKfeuCCzDeI1z/BOeKPImNixtpbNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEFAweN2j/CUhEniqLNa5gP6JAopMB8GA1UdIwQY
MBaAFI04HFewm14mfdVHFQ20VYOOrIujMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalRnY1Y3Q2JYaVo5MVVjVkRiUlZnNDZzaTZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNWVlMzItYzcwMy00OTRkLTg5YzAt
NmY4MzAyNjk4OTliLzEvalRnY1Y3Q2JYaVo5MVVjVkRiUlZnNDZzaTZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNWVlMzItYzcwMy00OTRkLTg5YzAtNmY4MzAyNjk4OTli
LzEvalRnY1Y3Q2JYaVo5MVVjVkRiUlZnNDZzaTZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHBWra7Bh
3WOGN7EIXoFGK9Dom1GdioBKoY7gSwRuw/gW68JpI9Kuo1d4wbjeknsJU2K9E5Dq
OL2AP/6FCAqtXcSFhO/23b70KTf7hmXa8n++Jkp/dCh6Vi/KdORYEOsufc1ZDlrm
IeGFVF1hndKx9b4+jpkg2JSGlxHl9PiB/Gxp6QbuEbTzkvOT/jBi4ZONSNKIAkWh
mIUaJPEL+PbuW3Hn1948/4djbxoYRIFoTTJNLixNdzEPUXGTJBiloI7P1N46SpoC
cO3495gT+NZVPsSknUFaX9XXlUe9YIjE3RVzD3yhilcpBKBz6u2bXZn+OneZuJvu
WHSQFQoFtt4aUg==
-----END CERTIFICATE-----