Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
File:                     3ySnzbcPLOjN3aURtEWeA0_375s.mft (raw, json)
Hash identifier:          oQU170aZD/BDcz/ILk4Hqu56HJazKFrQq9SzLF4clzA=
Subject key identifier:   8D:A7:9E:81:AC:18:EB:DF:26:F2:0B:4F:E4:CB:AB:AC:FC:3D:F9:F7
Authority key identifier: DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B
Certificate issuer:       /CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
Certificate serial:       0196802235D653D33D3D634E64BD66074919
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
Manifest number:          0CBF
Signing time:             Tue 29 Apr 2025 06:00:47 +0000
Manifest this update:     Tue 29 Apr 2025 06:00:47 +0000
Manifest next update:     Wed 30 Apr 2025 06:00:47 +0000
Files and hashes:         1: 3ySnzbcPLOjN3aURtEWeA0_375s.crl (hash: 4LBAuAcOeg6w4xCs97yU2OE0cMRo5Bt1c37q5/LEcao=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 06:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:80:22:35:d6:53:d3:3d:3d:63:4e:64:bd:66:07:49:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
        Validity
            Not Before: Apr 29 06:00:47 2025 GMT
            Not After : Apr 30 06:00:47 2025 GMT
        Subject: CN=8da79e81ac18ebdf26f20b4fe4cbabacfc3df9f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:5a:b2:da:02:c9:b8:f5:9c:c0:ef:26:78:63:
                    42:fc:94:e5:53:28:51:1f:17:e2:e3:90:fc:79:34:
                    d3:b6:04:df:07:27:5d:35:6b:8d:f3:93:67:3a:ac:
                    56:59:ed:3f:e2:07:f3:72:df:75:46:57:a0:c8:7d:
                    23:78:bc:8c:e1:45:a8:4f:d9:ab:8e:5a:c7:4a:48:
                    32:22:42:fc:75:92:73:64:e9:33:b7:8b:bb:16:d1:
                    71:56:a8:9e:6f:35:fe:2a:9e:0e:d4:6a:51:b2:b3:
                    8a:47:85:55:e9:ce:01:32:d0:b6:96:f0:62:d9:f8:
                    ab:c7:20:a1:26:15:0f:61:cd:2a:22:e1:88:d5:48:
                    2d:d2:cf:7a:57:e1:31:0c:94:1b:b7:ad:aa:0e:e0:
                    a6:49:72:22:0f:4d:41:7d:e9:6e:94:02:2c:8f:a4:
                    b5:cb:11:6d:d7:b9:59:29:54:32:a9:8d:d7:9e:13:
                    ec:b9:4f:ce:20:56:81:06:9a:b7:b8:b7:46:a9:b5:
                    ee:33:11:34:b9:77:c6:02:1d:f3:fb:66:9b:07:c2:
                    97:1d:9c:bb:26:90:f0:e3:cf:49:7f:f4:ff:93:8d:
                    7f:59:6b:d8:f8:ee:6d:58:88:8e:f2:30:7f:be:95:
                    2d:b6:c3:16:ac:97:97:9e:d6:cb:45:0a:22:31:42:
                    a1:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:A7:9E:81:AC:18:EB:DF:26:F2:0B:4F:E4:CB:AB:AC:FC:3D:F9:F7
            X509v3 Authority Key Identifier:
                keyid:DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:63:15:27:f1:3d:f6:c8:3a:07:d9:39:88:fc:98:e0:24:95:
         8c:f8:17:9a:1c:62:52:77:22:0c:24:91:5d:02:8d:3b:dc:0c:
         af:6a:88:a7:95:6f:17:43:62:c6:ac:f2:99:a7:fe:59:d1:cf:
         f7:74:c2:00:81:5e:d9:2c:24:3e:fc:77:28:0f:b3:0d:ba:07:
         2d:de:ab:43:ab:3e:06:b1:79:9c:6e:0b:83:1b:a5:d0:07:c3:
         c2:6a:3e:db:9e:18:a9:55:ce:75:c5:2d:16:11:32:59:56:fa:
         cb:98:77:ab:af:9d:d2:22:a0:1f:b2:b6:a7:fb:15:04:6b:d3:
         c2:6a:06:9e:a8:63:df:1c:d5:83:21:11:89:72:31:da:8f:47:
         d5:6b:e4:88:9b:ba:71:dc:a1:33:24:f6:9e:5d:9c:06:6e:48:
         a8:4c:eb:78:a2:06:9a:e0:e2:44:e4:1e:bf:69:9f:af:89:78:
         ab:16:47:1f:c9:5b:73:75:5b:9d:19:33:41:69:6f:5e:b6:28:
         d4:c7:52:a3:ff:2e:17:af:9b:f4:da:45:0d:1a:a6:ff:3d:78:
         60:42:b7:22:32:3f:47:e0:b0:5a:c0:53:89:71:58:21:08:f0:
         7e:27:7c:a2:0b:85:07:57:d8:45:c7:e8:dc:17:ad:bf:62:c6:
         ac:11:c6:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAIjXWU9M9PWNOZL1mB0kZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjRhN2NkYjcwZjJjZThjZGRkYTUxMWI0NDU5ZTAzNGZm
N2VmOWIwHhcNMjUwNDI5MDYwMDQ3WhcNMjUwNDMwMDYwMDQ3WjAzMTEwLwYDVQQD
Eyg4ZGE3OWU4MWFjMThlYmRmMjZmMjBiNGZlNGNiYWJhY2ZjM2RmOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVqy2gLJuPWcwO8meGNC/JTlUyhR
Hxfi45D8eTTTtgTfByddNWuN85NnOqxWWe0/4gfzct91RlegyH0jeLyM4UWoT9mr
jlrHSkgyIkL8dZJzZOkzt4u7FtFxVqiebzX+Kp4O1GpRsrOKR4VV6c4BMtC2lvBi
2firxyChJhUPYc0qIuGI1Ugt0s96V+ExDJQbt62qDuCmSXIiD01BfelulAIsj6S1
yxFt17lZKVQyqY3XnhPsuU/OIFaBBpq3uLdGqbXuMxE0uXfGAh3z+2abB8KXHZy7
JpDw489Jf/T/k41/WWvY+O5tWIiO8jB/vpUttsMWrJeXntbLRQoiMUKhRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI2nnoGsGOvfJvILT+TLq6z8Pfn3MB8GA1UdIwQY
MBaAFN8kp823Dyzozd2lEbRFngNP9++bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjIt
ZjY5ZDczOTc0NThlLzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjItZjY5ZDczOTc0NThl
LzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxGMVJ/E9
9sg6B9k5iPyY4CSVjPgXmhxiUnciDCSRXQKNO9wMr2qIp5VvF0Nixqzymaf+WdHP
93TCAIFe2SwkPvx3KA+zDboHLd6rQ6s+BrF5nG4Lgxul0AfDwmo+254YqVXOdcUt
FhEyWVb6y5h3q6+d0iKgH7K2p/sVBGvTwmoGnqhj3xzVgyERiXIx2o9H1WvkiJu6
cdyhMyT2nl2cBm5IqEzreKIGmuDiROQev2mfr4l4qxZHH8lbc3VbnRkzQWlvXrYo
1MdSo/8uF6+b9NpFDRqm/z14YEK3IjI/R+CwWsBTiXFYIQjwfid8oguFB1fYRcfo
3Betv2LGrBHG6A==
-----END CERTIFICATE-----