Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
File:                     3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft (raw, json)
Hash identifier:          78N14AgADsJnUkIv88YYbbc6Lt4HlcVvlPY9riynip0=
Subject key identifier:   86:4B:88:0C:04:7F:20:95:EA:7B:D1:86:5E:3C:A7:75:98:6F:2F:B0
Authority key identifier: DD:B7:B0:01:9E:19:F1:12:F4:D2:BC:FD:6E:A1:2D:90:81:FC:58:7E
Certificate issuer:       /CN=ddb7b0019e19f112f4d2bcfd6ea12d9081fc587e
Certificate serial:       01967E33CFE58431069C12688FC4DF34AB02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
Manifest number:          150E
Signing time:             Mon 28 Apr 2025 21:00:46 +0000
Manifest this update:     Mon 28 Apr 2025 21:00:46 +0000
Manifest next update:     Tue 29 Apr 2025 21:00:46 +0000
Files and hashes:         1: 3bewAZ4Z8RL00rz9bqEtkIH8WH4.crl (hash: aAzN5rw8e1febBwbv0tjE4+K1o+3KSTcszQrOen6MfE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 21:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7e:33:cf:e5:84:31:06:9c:12:68:8f:c4:df:34:ab:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddb7b0019e19f112f4d2bcfd6ea12d9081fc587e
        Validity
            Not Before: Apr 28 21:00:46 2025 GMT
            Not After : Apr 29 21:00:46 2025 GMT
        Subject: CN=864b880c047f2095ea7bd1865e3ca775986f2fb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:46:c9:fe:b7:81:3f:77:45:94:2f:79:50:69:
                    0c:13:f8:23:74:e3:8f:1f:22:42:ad:62:fc:58:3e:
                    5a:3a:7b:8e:6a:1b:ea:d2:8c:69:66:92:3b:14:10:
                    0a:cb:97:6d:65:ac:84:db:23:0b:dd:03:e0:3a:4b:
                    8e:d2:ac:dd:e1:78:70:90:1b:8b:04:95:f1:c2:0e:
                    23:4d:50:d1:94:26:c9:6c:14:c9:89:f2:10:13:13:
                    20:56:43:5d:c9:d5:cb:ff:48:48:88:48:54:39:5b:
                    c0:b0:68:13:ed:ec:ba:73:c1:d7:ec:84:d8:17:b8:
                    39:84:13:1e:c2:90:59:36:ef:4d:e6:6f:0f:f8:c0:
                    ae:05:29:a4:2f:0f:15:64:2e:9f:c5:3d:e0:fc:5e:
                    0c:29:0a:ff:77:2b:b3:11:61:ec:fc:02:f3:38:5c:
                    f6:be:a9:f3:d6:68:39:b3:a4:8c:34:0d:56:04:f7:
                    f1:52:b8:9a:e1:b4:55:1d:2e:97:ef:76:d8:55:36:
                    3e:60:5b:85:dd:b6:3f:2f:bb:ee:5a:fc:d3:36:b6:
                    bb:1f:a1:12:6a:63:68:34:0f:fb:ca:c4:3d:1b:e8:
                    90:bf:bc:7e:36:20:82:87:9d:ab:b1:e3:c6:b0:0c:
                    71:d4:3c:83:59:fb:cd:eb:42:c3:10:08:3b:bf:f0:
                    e4:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:4B:88:0C:04:7F:20:95:EA:7B:D1:86:5E:3C:A7:75:98:6F:2F:B0
            X509v3 Authority Key Identifier:
                keyid:DD:B7:B0:01:9E:19:F1:12:F4:D2:BC:FD:6E:A1:2D:90:81:FC:58:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:82:54:e2:a9:ec:54:21:83:9d:95:ed:59:29:88:44:87:7c:
         a4:d2:e6:7a:14:e0:71:7d:2a:c7:6d:cc:d3:6a:2d:17:4c:59:
         31:8f:2e:a2:be:41:0c:f3:03:db:77:c6:13:77:d0:f4:f7:ba:
         fa:c9:5a:f4:23:49:9d:82:30:c7:74:de:a7:bd:eb:ea:18:9d:
         77:8b:30:61:29:bc:45:0a:16:34:ee:f2:b2:35:c1:8a:d5:1f:
         b3:25:e3:f4:12:e6:37:09:e2:e3:38:6e:6d:37:d4:4e:33:cc:
         e5:9e:18:f5:94:17:54:da:fc:95:53:30:16:e7:6c:1a:9c:73:
         cd:20:78:a7:eb:45:6b:66:9a:95:a5:b7:63:b1:3b:4d:90:8a:
         45:3b:58:a1:84:ac:e1:0a:a1:69:c3:a7:8b:cb:72:21:52:81:
         59:5b:bb:06:1f:c4:29:6a:65:df:69:be:68:46:23:e1:ba:af:
         c2:35:84:29:33:d5:8e:52:07:c4:6d:f9:6a:56:38:ce:74:8a:
         c4:e0:77:54:be:db:28:33:f1:54:f4:21:a1:00:ac:d8:47:a3:
         39:67:46:f8:0a:76:f6:9f:59:55:8d:9b:65:cd:3d:c6:e7:82:
         dd:25:94:d8:2b:9e:29:00:f4:8e:a5:41:14:23:1d:37:4d:4f:
         60:73:14:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+M8/lhDEGnBJoj8TfNKsCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYjdiMDAxOWUxOWYxMTJmNGQyYmNmZDZlYTEyZDkwODFm
YzU4N2UwHhcNMjUwNDI4MjEwMDQ2WhcNMjUwNDI5MjEwMDQ2WjAzMTEwLwYDVQQD
Eyg4NjRiODgwYzA0N2YyMDk1ZWE3YmQxODY1ZTNjYTc3NTk4NmYyZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEbJ/reBP3dFlC95UGkME/gjdOOP
HyJCrWL8WD5aOnuOahvq0oxpZpI7FBAKy5dtZayE2yML3QPgOkuO0qzd4XhwkBuL
BJXxwg4jTVDRlCbJbBTJifIQExMgVkNdydXL/0hIiEhUOVvAsGgT7ey6c8HX7ITY
F7g5hBMewpBZNu9N5m8P+MCuBSmkLw8VZC6fxT3g/F4MKQr/dyuzEWHs/ALzOFz2
vqnz1mg5s6SMNA1WBPfxUria4bRVHS6X73bYVTY+YFuF3bY/L7vuWvzTNra7H6ES
amNoNA/7ysQ9G+iQv7x+NiCCh52rsePGsAxx1DyDWfvN60LDEAg7v/DkYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZLiAwEfyCV6nvRhl48p3WYby+wMB8GA1UdIwQY
MBaAFN23sAGeGfES9NK8/W6hLZCB/Fh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2Jld0FaNFo4UkwwMHJ6OWJxRXRrSUg4V0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9lZmEzZjEtNzY3MS00Y2UzLTlmZTEt
YTg2ZGY5ODNhNzRjLzEvM2Jld0FaNFo4UkwwMHJ6OWJxRXRrSUg4V0g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9lZmEzZjEtNzY3MS00Y2UzLTlmZTEtYTg2ZGY5ODNhNzRj
LzEvM2Jld0FaNFo4UkwwMHJ6OWJxRXRrSUg4V0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQIJU4qns
VCGDnZXtWSmIRId8pNLmehTgcX0qx23M02otF0xZMY8uor5BDPMD23fGE3fQ9Pe6
+sla9CNJnYIwx3Tep73r6hidd4swYSm8RQoWNO7ysjXBitUfsyXj9BLmNwni4zhu
bTfUTjPM5Z4Y9ZQXVNr8lVMwFudsGpxzzSB4p+tFa2aalaW3Y7E7TZCKRTtYoYSs
4QqhacOni8tyIVKBWVu7Bh/EKWpl32m+aEYj4bqvwjWEKTPVjlIHxG35alY4znSK
xOB3VL7bKDPxVPQhoQCs2EejOWdG+Ap29p9ZVY2bZc09xueC3SWU2CueKQD0jqVB
FCMdN01PYHMUIA==
-----END CERTIFICATE-----