Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
File:                     RDNmA3i76zplxtyp7Qp3b70gRhA.mft (raw, json)
Hash identifier:          NJVnyw6sGhIlWMFQpbWKEzcdxYwI6/w+TsmFyJ3jG1k=
Subject key identifier:   CC:EB:12:49:9C:9B:6B:4A:D4:59:AC:B6:32:5C:99:3B:93:50:F8:14
Authority key identifier: 44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10
Certificate issuer:       /CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
Certificate serial:       019678D6263DEBA11FA1D3CA948E5744A8D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
Manifest number:          024D
Signing time:             Sun 27 Apr 2025 20:00:22 +0000
Manifest this update:     Sun 27 Apr 2025 20:00:22 +0000
Manifest next update:     Mon 28 Apr 2025 20:00:22 +0000
Files and hashes:         1: RDNmA3i76zplxtyp7Qp3b70gRhA.crl (hash: q0LEs6DHX7rcZijk6pvwQBOLCFBNzPO5WtJo1G0fWE0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:d6:26:3d:eb:a1:1f:a1:d3:ca:94:8e:57:44:a8:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
        Validity
            Not Before: Apr 27 20:00:22 2025 GMT
            Not After : Apr 28 20:00:22 2025 GMT
        Subject: CN=cceb12499c9b6b4ad459acb6325c993b9350f814
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:a2:e7:6e:52:e0:f1:8c:b9:39:49:4a:d0:67:
                    86:1c:d0:aa:fc:60:aa:4f:1a:5a:33:98:8e:a1:56:
                    b8:35:14:e4:11:c4:0d:26:d5:62:72:ae:12:09:f0:
                    7a:02:a8:1c:8c:9d:1f:88:b2:09:e3:6d:0d:27:a5:
                    6b:b6:db:fe:a7:91:0e:37:bc:12:6d:6c:24:a0:72:
                    91:91:42:e8:60:11:fe:91:f8:85:3e:fe:c3:28:96:
                    fb:a5:d4:3e:e9:79:4e:bf:f4:ba:97:63:fe:af:6e:
                    fd:f7:c1:21:88:2e:f4:b8:b6:c8:23:3b:d3:91:06:
                    be:99:ff:ce:25:1b:1f:02:08:98:14:d0:30:fe:4e:
                    82:89:4f:72:a6:06:9a:18:41:66:6f:14:77:4b:fe:
                    73:ce:32:ef:a0:60:96:41:e0:70:3a:2f:86:eb:84:
                    09:89:d4:5d:d7:cc:62:ef:0f:77:1b:c3:be:73:77:
                    32:1a:1d:6f:3b:be:f8:d7:02:9d:6e:de:17:e9:b1:
                    13:30:1f:62:08:2d:bd:9c:10:79:4d:33:d2:75:a9:
                    23:27:4f:9c:bb:fe:17:5b:f0:ae:12:d0:2d:8b:c5:
                    50:2f:07:b4:1f:7d:52:71:f1:0e:4d:dd:fa:54:9c:
                    69:e1:90:72:c5:00:e9:b4:b4:d8:4e:ef:b3:0c:56:
                    73:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:EB:12:49:9C:9B:6B:4A:D4:59:AC:B6:32:5C:99:3B:93:50:F8:14
            X509v3 Authority Key Identifier:
                keyid:44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:e0:0b:54:f1:25:7b:69:47:e4:0c:cb:b8:37:a3:58:02:d8:
         7a:7a:ea:37:31:a5:e1:5b:7c:e5:56:c4:55:a8:6b:84:d1:c4:
         46:3f:7b:80:34:80:60:32:b4:68:b5:4f:4b:e7:29:98:9f:82:
         de:6d:6e:3c:59:ff:a1:0d:24:a2:74:7b:8a:7c:56:aa:cb:9b:
         f2:84:e5:a1:b5:c8:ed:a9:5b:5b:7e:8b:dd:83:04:14:c8:1b:
         63:95:f6:b5:7e:b7:00:16:bf:6f:8d:06:e6:77:94:f1:aa:73:
         5b:56:9d:eb:61:04:62:33:c4:5a:62:a6:02:c2:e7:4c:7c:e5:
         e0:4c:6e:aa:94:e7:11:0a:4d:63:73:11:6d:13:c3:7c:cf:9c:
         2f:12:e8:ef:bd:aa:c0:fc:1e:1c:7a:bc:a7:ed:ab:5b:c0:ed:
         41:df:a0:a7:fc:88:42:44:68:a6:24:04:85:29:09:56:2a:2c:
         f9:77:ea:06:ae:86:0d:fa:5a:2b:23:9b:04:ae:94:33:e0:47:
         b8:a1:73:c6:14:75:1a:97:a5:06:77:0d:64:27:1d:a7:ce:b2:
         4f:3b:44:f9:5c:00:c4:a1:bb:38:09:ed:63:1b:4f:bf:86:65:
         74:63:2c:d2:44:f7:c6:93:b7:c8:15:66:be:85:fd:48:44:94:
         fd:f7:02:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ41iY966EfodPKlI5XRKjSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MzM2NjAzNzhiYmViM2E2NWM2ZGNhOWVkMGE3NzZmYmQy
MDQ2MTAwHhcNMjUwNDI3MjAwMDIyWhcNMjUwNDI4MjAwMDIyWjAzMTEwLwYDVQQD
EyhjY2ViMTI0OTljOWI2YjRhZDQ1OWFjYjYzMjVjOTkzYjkzNTBmODE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqLnblLg8Yy5OUlK0GeGHNCq/GCq
TxpaM5iOoVa4NRTkEcQNJtVicq4SCfB6AqgcjJ0fiLIJ420NJ6Vrttv+p5EON7wS
bWwkoHKRkULoYBH+kfiFPv7DKJb7pdQ+6XlOv/S6l2P+r27998EhiC70uLbIIzvT
kQa+mf/OJRsfAgiYFNAw/k6CiU9ypgaaGEFmbxR3S/5zzjLvoGCWQeBwOi+G64QJ
idRd18xi7w93G8O+c3cyGh1vO7741wKdbt4X6bETMB9iCC29nBB5TTPSdakjJ0+c
u/4XW/CuEtAti8VQLwe0H31ScfEOTd36VJxp4ZByxQDptLTYTu+zDFZzHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMzrEkmcm2tK1FmstjJcmTuTUPgUMB8GA1UdIwQY
MBaAFEQzZgN4u+s6Zcbcqe0Kd2+9IEYQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4Yzgt
ZTA3ZjBhYzc4NTMwLzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4YzgtZTA3ZjBhYzc4NTMw
LzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANeALVPEl
e2lH5AzLuDejWALYenrqNzGl4Vt85VbEVahrhNHERj97gDSAYDK0aLVPS+cpmJ+C
3m1uPFn/oQ0konR7inxWqsub8oTlobXI7albW36L3YMEFMgbY5X2tX63ABa/b40G
5neU8apzW1ad62EEYjPEWmKmAsLnTHzl4ExuqpTnEQpNY3MRbRPDfM+cLxLo772q
wPweHHq8p+2rW8DtQd+gp/yIQkRopiQEhSkJVios+XfqBq6GDfpaKyObBK6UM+BH
uKFzxhR1GpelBncNZCcdp86yTztE+VwAxKG7OAntYxtPv4ZldGMs0kT3xpO3yBVm
voX9SESU/fcC9Q==
-----END CERTIFICATE-----