Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
File:                     3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft (raw, json)
Hash identifier:          UeNr9tyOAaJU2SKzP0tVvoyUsSn/schSLVMWjRwHpUQ=
Subject key identifier:   F4:9D:13:AA:E0:2D:47:CD:44:3F:03:88:4E:D9:F2:0A:79:6F:14:7B
Authority key identifier: DD:70:C5:F0:9B:62:68:32:92:FD:91:09:E6:94:71:35:90:28:1F:8D
Certificate issuer:       /CN=dd70c5f09b62683292fd9109e694713590281f8d
Certificate serial:       019686245353FF7BE1C03A0E93A18ADF0336
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
Manifest number:          1514
Signing time:             Wed 30 Apr 2025 10:00:49 +0000
Manifest this update:     Wed 30 Apr 2025 10:00:49 +0000
Manifest next update:     Thu 01 May 2025 10:00:49 +0000
Files and hashes:         1: 3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl (hash: bNkMtEn2+I2CgoHGCwIgEq63pD9lX/+o8/X+5UwLeSo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 09:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:86:24:53:53:ff:7b:e1:c0:3a:0e:93:a1:8a:df:03:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd70c5f09b62683292fd9109e694713590281f8d
        Validity
            Not Before: Apr 30 10:00:49 2025 GMT
            Not After : May  1 10:00:49 2025 GMT
        Subject: CN=f49d13aae02d47cd443f03884ed9f20a796f147b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:f5:6b:c4:ff:bb:c1:80:34:73:36:17:db:25:
                    49:47:d0:60:25:2c:11:bd:a4:5e:13:27:4c:a4:f8:
                    02:57:51:b0:c9:77:d2:b3:fd:ce:99:4d:0e:6a:46:
                    8e:6e:47:17:8a:1e:81:97:b0:8e:10:62:73:7c:1c:
                    bc:f4:75:67:40:3e:b3:eb:5d:58:b0:f9:66:68:5b:
                    c9:86:0c:63:31:a8:6d:5d:25:59:d5:dc:5b:ce:ce:
                    3f:69:b0:13:e6:d7:92:c2:2c:4e:62:fb:ef:fa:4e:
                    50:1d:b6:a1:02:fa:20:ba:7d:39:37:ce:a3:52:39:
                    bf:f3:b8:c8:f6:64:86:1b:12:eb:2c:83:02:71:80:
                    f4:b9:02:17:31:ba:e6:1e:62:91:db:a5:2f:a9:94:
                    fd:e5:8e:ec:c9:ad:f9:b1:71:5b:2d:ab:d4:23:f7:
                    6b:18:8e:4f:3b:41:22:89:46:99:8f:56:b3:2b:73:
                    0b:4c:fe:55:c0:d9:1e:f1:62:f1:c4:61:6d:1f:23:
                    fb:c6:96:9c:1e:37:25:d9:ac:da:9a:85:6b:db:b8:
                    7c:6c:81:0f:a4:c4:e3:61:07:3d:9b:16:af:4e:0a:
                    41:a6:d1:1d:31:67:ec:ac:95:25:9f:79:ae:e0:e0:
                    ce:8a:b2:ca:9f:7f:00:03:48:76:3f:cc:fb:00:29:
                    97:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:9D:13:AA:E0:2D:47:CD:44:3F:03:88:4E:D9:F2:0A:79:6F:14:7B
            X509v3 Authority Key Identifier:
                keyid:DD:70:C5:F0:9B:62:68:32:92:FD:91:09:E6:94:71:35:90:28:1F:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:66:93:06:44:97:79:38:8f:e0:f2:0c:c6:b4:48:0b:fb:ae:
         13:e3:47:fa:d4:48:e8:ed:5c:be:c8:b6:cb:fa:94:12:34:10:
         7b:0b:ed:0a:11:d5:7c:99:46:40:29:e2:e3:9b:41:f4:3c:b2:
         58:db:2c:fe:ac:f2:da:d0:69:17:bf:33:72:83:2c:9a:4a:1f:
         67:e1:eb:40:c8:4c:8e:cf:29:e0:e2:b2:d8:d1:5e:eb:4b:93:
         84:f6:c8:90:15:4a:66:45:38:26:50:57:c3:12:be:e3:db:7c:
         e6:80:7d:f4:0b:ca:c6:bf:e2:9f:a2:6a:86:3e:29:a7:c4:dd:
         ee:ad:2b:02:68:e7:77:2c:14:e1:ce:bb:2e:38:bf:71:26:66:
         c9:c6:95:d6:23:03:69:93:54:ae:d4:28:46:07:3a:91:53:d0:
         03:66:31:41:76:0c:0f:a0:db:2c:6a:4c:d6:8f:50:c9:d5:65:
         c2:e4:88:af:c5:9a:7b:73:a3:bc:72:f6:87:e0:92:d5:ac:df:
         9c:4b:bc:9d:a4:d2:1a:3c:93:1e:ec:5d:8e:81:4e:98:57:da:
         fd:2e:86:7a:80:ae:3c:6c:27:26:9c:52:02:cf:df:eb:c8:95:
         a5:d9:79:bd:20:de:a4:c4:e7:bc:0d:52:ae:1b:59:9d:d3:50:
         22:ab:6e:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaGJFNT/3vhwDoOk6GK3wM2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzBjNWYwOWI2MjY4MzI5MmZkOTEwOWU2OTQ3MTM1OTAy
ODFmOGQwHhcNMjUwNDMwMTAwMDQ5WhcNMjUwNTAxMTAwMDQ5WjAzMTEwLwYDVQQD
EyhmNDlkMTNhYWUwMmQ0N2NkNDQzZjAzODg0ZWQ5ZjIwYTc5NmYxNDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6fVrxP+7wYA0czYX2yVJR9BgJSwR
vaReEydMpPgCV1GwyXfSs/3OmU0OakaObkcXih6Bl7COEGJzfBy89HVnQD6z611Y
sPlmaFvJhgxjMahtXSVZ1dxbzs4/abAT5teSwixOYvvv+k5QHbahAvogun05N86j
Ujm/87jI9mSGGxLrLIMCcYD0uQIXMbrmHmKR26UvqZT95Y7sya35sXFbLavUI/dr
GI5PO0EiiUaZj1azK3MLTP5VwNke8WLxxGFtHyP7xpacHjcl2azamoVr27h8bIEP
pMTjYQc9mxavTgpBptEdMWfsrJUln3mu4ODOirLKn38AA0h2P8z7ACmXhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPSdE6rgLUfNRD8DiE7Z8gp5bxR7MB8GA1UdIwQY
MBaAFN1wxfCbYmgykv2RCeaUcTWQKB+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9hNjc1NTctZDg5YS00ZWYxLWJkNjMt
YTdmY2FiOWFhN2FhLzEvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9hNjc1NTctZDg5YS00ZWYxLWJkNjMtYTdmY2FiOWFhN2Fh
LzEvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKWaTBkSX
eTiP4PIMxrRIC/uuE+NH+tRI6O1cvsi2y/qUEjQQewvtChHVfJlGQCni45tB9Dyy
WNss/qzy2tBpF78zcoMsmkofZ+HrQMhMjs8p4OKy2NFe60uThPbIkBVKZkU4JlBX
wxK+49t85oB99AvKxr/in6Jqhj4pp8Td7q0rAmjndywU4c67Lji/cSZmycaV1iMD
aZNUrtQoRgc6kVPQA2YxQXYMD6DbLGpM1o9QydVlwuSIr8Wae3OjvHL2h+CS1azf
nEu8naTSGjyTHuxdjoFOmFfa/S6GeoCuPGwnJpxSAs/f68iVpdl5vSDepMTnvA1S
rhtZndNQIqtuyQ==
-----END CERTIFICATE-----