Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
File:                     pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft (raw, json)
Hash identifier:          VVVwIslKvccb/lP8BP/QRxEXS1i0S7jfmXALIBzbquk=
Subject key identifier:   B4:F4:AE:D2:23:7A:BD:89:65:7A:A4:39:8D:59:FC:3D:BC:7E:1F:5F
Authority key identifier: A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34
Certificate issuer:       /CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
Certificate serial:       01969115FE16BF3FDCDC000FFC072B5A23FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
Manifest number:          14ED
Signing time:             Fri 02 May 2025 13:00:59 +0000
Manifest this update:     Fri 02 May 2025 13:00:59 +0000
Manifest next update:     Sat 03 May 2025 13:00:59 +0000
Files and hashes:         1: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl (hash: /2zquApvMb7I/QDg6AZyrdNWQgGQigzWadJc4UVAVgQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:91:15:fe:16:bf:3f:dc:dc:00:0f:fc:07:2b:5a:23:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
        Validity
            Not Before: May  2 13:00:59 2025 GMT
            Not After : May  3 13:00:59 2025 GMT
        Subject: CN=b4f4aed2237abd89657aa4398d59fc3dbc7e1f5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:3c:29:9f:c1:11:4a:29:73:80:25:d6:f4:2c:
                    71:aa:2a:42:4f:c2:b4:32:4d:61:cd:b6:77:dc:c5:
                    51:87:54:fd:f7:8e:63:d8:fd:59:1a:4f:6c:ec:a6:
                    1c:3f:3b:9b:89:fa:08:ff:a4:db:e7:cf:74:6c:18:
                    fd:03:6a:03:0f:96:09:6a:45:78:ef:c5:52:60:41:
                    31:ad:de:03:5f:6a:60:46:3b:9f:e5:37:6a:62:9f:
                    9d:db:58:45:26:41:48:44:2b:9b:66:06:f5:53:6b:
                    d7:69:a9:a1:5e:ff:a3:7f:68:fd:11:32:6f:7b:03:
                    de:42:e3:0b:07:4a:cf:e9:83:e0:40:d9:74:7f:93:
                    ca:86:48:bb:d2:6b:dd:a6:93:1d:12:62:57:ca:d4:
                    29:20:83:be:72:8b:a3:77:68:93:7d:ad:f0:0c:ba:
                    07:94:43:a7:84:90:01:41:9a:a5:f5:93:4d:30:26:
                    5a:49:a2:a1:2c:a3:9f:44:85:25:67:74:d6:08:d9:
                    22:16:72:2d:2a:88:e7:01:fa:dd:59:0d:ca:5f:a6:
                    e6:1e:a2:fb:1f:a1:d9:18:0b:88:ce:6b:c8:31:1f:
                    27:2d:c1:ac:6d:e6:5c:1b:9f:a6:b8:05:6f:e5:18:
                    98:f2:f9:87:5e:c9:65:49:47:c1:13:bf:e7:b4:9c:
                    75:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:F4:AE:D2:23:7A:BD:89:65:7A:A4:39:8D:59:FC:3D:BC:7E:1F:5F
            X509v3 Authority Key Identifier:
                keyid:A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:56:c6:a9:8d:a8:57:40:5f:e7:e3:3b:07:06:f1:07:67:1e:
         f2:6f:55:73:19:f2:ea:19:cd:fc:77:80:38:ee:9c:c8:f5:df:
         2f:70:08:1d:c2:65:9f:b1:4d:e3:92:f0:52:03:59:a1:b5:1b:
         8e:00:8b:db:7c:2c:37:cb:37:bb:5f:ce:75:9e:a3:36:54:6f:
         91:fe:9e:fb:57:a1:8c:82:e9:f2:3e:5a:b5:7d:92:f5:84:d8:
         50:4c:83:87:3b:a8:85:9a:82:c3:54:85:9f:3e:12:00:71:e5:
         b9:77:7a:09:c5:46:b3:21:bf:3d:a3:a8:53:47:2a:62:d5:53:
         33:98:ee:3d:35:4b:8f:17:30:49:7e:5d:7c:68:f0:c4:a4:53:
         80:6b:71:61:a7:94:09:b8:02:93:66:36:1b:e3:58:77:c3:44:
         81:22:25:d4:50:a3:40:64:8c:8e:43:df:96:56:14:98:9e:2e:
         59:3c:50:70:54:14:65:cd:1e:46:dc:31:23:0d:d0:b2:9b:96:
         75:33:be:48:38:aa:70:0a:58:68:a9:78:7f:08:ac:75:8d:bf:
         ef:2f:33:5d:3b:2f:86:86:55:4e:c6:48:02:e3:cf:47:dc:81:
         19:0d:e5:03:c6:16:05:3e:f1:16:3b:f2:c9:d0:1c:77:d0:0d:
         d9:e7:59:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaRFf4Wvz/c3AAP/AcrWiP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZDM4MDQxYWU0ZTczMTU3NzI0YWE5ZjNlZTA0MzA1ZTVm
MTI4MzQwHhcNMjUwNTAyMTMwMDU5WhcNMjUwNTAzMTMwMDU5WjAzMTEwLwYDVQQD
EyhiNGY0YWVkMjIzN2FiZDg5NjU3YWE0Mzk4ZDU5ZmMzZGJjN2UxZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTwpn8ERSilzgCXW9CxxqipCT8K0
Mk1hzbZ33MVRh1T9945j2P1ZGk9s7KYcPzubifoI/6Tb5890bBj9A2oDD5YJakV4
78VSYEExrd4DX2pgRjuf5TdqYp+d21hFJkFIRCubZgb1U2vXaamhXv+jf2j9ETJv
ewPeQuMLB0rP6YPgQNl0f5PKhki70mvdppMdEmJXytQpIIO+coujd2iTfa3wDLoH
lEOnhJABQZql9ZNNMCZaSaKhLKOfRIUlZ3TWCNkiFnItKojnAfrdWQ3KX6bmHqL7
H6HZGAuIzmvIMR8nLcGsbeZcG5+muAVv5RiY8vmHXsllSUfBE7/ntJx1RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLT0rtIjer2JZXqkOY1Z/D28fh9fMB8GA1UdIwQY
MBaAFKTTgEGuTnMVdySqnz7gQwXl8Sg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYt
MTg2YjI4Njg1NGJlLzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYtMTg2YjI4Njg1NGJl
LzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN1bGqY2o
V0Bf5+M7BwbxB2ce8m9Vcxny6hnN/HeAOO6cyPXfL3AIHcJln7FN45LwUgNZobUb
jgCL23wsN8s3u1/OdZ6jNlRvkf6e+1ehjILp8j5atX2S9YTYUEyDhzuohZqCw1SF
nz4SAHHluXd6CcVGsyG/PaOoU0cqYtVTM5juPTVLjxcwSX5dfGjwxKRTgGtxYaeU
CbgCk2Y2G+NYd8NEgSIl1FCjQGSMjkPfllYUmJ4uWTxQcFQUZc0eRtwxIw3QspuW
dTO+SDiqcApYaKl4fwisdY2/7y8zXTsvhoZVTsZIAuPPR9yBGQ3lA8YWBT7xFjvy
ydAcd9AN2edZwg==
-----END CERTIFICATE-----