Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
File:                     3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft (raw, json)
Hash identifier:          kVE27Ps/V15g6qTAN6FSpvuQfIfXkmPBomR5M2bLBjM=
Subject key identifier:   F2:E3:C0:54:C7:0A:C8:5A:9C:29:52:D3:13:07:73:81:BC:F3:B1:F2
Authority key identifier: DD:70:C5:F0:9B:62:68:32:92:FD:91:09:E6:94:71:35:90:28:1F:8D
Certificate issuer:       /CN=dd70c5f09b62683292fd9109e694713590281f8d
Certificate serial:       0194BA84AFF49FB4C65D0BF5D4A7F5B0EF4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
Manifest number:          1426
Signing time:             Fri 31 Jan 2025 04:00:45 +0000
Manifest this update:     Fri 31 Jan 2025 04:00:45 +0000
Manifest next update:     Sat 01 Feb 2025 04:00:45 +0000
Files and hashes:         1: 3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl (hash: yUVRgJ+anqKHrUjEpfk2W8LE37B/pGpkr4ZoF9isWyg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 04:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:84:af:f4:9f:b4:c6:5d:0b:f5:d4:a7:f5:b0:ef:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd70c5f09b62683292fd9109e694713590281f8d
        Validity
            Not Before: Jan 31 04:00:45 2025 GMT
            Not After : Feb  1 04:00:45 2025 GMT
        Subject: CN=f2e3c054c70ac85a9c2952d313077381bcf3b1f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ca:5f:46:35:de:be:07:9b:a2:be:e2:b7:e1:
                    bf:07:05:4b:1c:ec:d3:42:41:fa:4b:31:6a:f0:f8:
                    1d:d8:bc:ec:8e:7e:dc:d3:f3:42:0a:fa:fe:e6:cc:
                    a5:8b:b5:7a:f9:6e:af:24:e2:2f:fd:c1:62:a5:4e:
                    d7:a0:37:ac:9e:b8:da:25:22:f5:23:75:95:c9:3e:
                    9d:fc:60:aa:43:a2:e9:91:95:a3:bd:1a:d8:3d:2d:
                    84:6c:16:bf:de:2a:47:8f:b0:21:40:c4:0f:fe:ff:
                    21:68:a4:57:e4:05:94:1a:8f:41:d9:d6:63:7c:da:
                    7c:f3:97:72:30:98:f6:cb:e1:ee:f0:00:22:96:32:
                    37:66:a4:79:cc:f1:a8:04:11:b2:91:b9:a3:9b:ec:
                    55:66:5f:23:96:05:73:60:e7:50:c4:b8:dc:13:b3:
                    6e:39:3a:45:71:0f:0e:40:1c:81:86:43:5e:98:e8:
                    31:4a:e3:43:a2:6a:46:3c:c3:2b:f8:ce:43:c9:c0:
                    9a:ae:85:8d:d6:b5:eb:4e:8f:f6:f8:4a:71:4b:e0:
                    b9:fd:cb:26:7f:fb:c0:ec:7b:ab:11:95:7c:0a:fb:
                    dd:b5:91:9d:14:2d:6a:11:82:06:0e:6f:a0:76:e2:
                    74:d9:bf:42:cb:d9:02:df:ec:47:31:97:53:70:30:
                    4d:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:E3:C0:54:C7:0A:C8:5A:9C:29:52:D3:13:07:73:81:BC:F3:B1:F2
            X509v3 Authority Key Identifier:
                keyid:DD:70:C5:F0:9B:62:68:32:92:FD:91:09:E6:94:71:35:90:28:1F:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:f8:e2:da:7c:6e:18:c3:c3:9a:2d:01:22:d9:95:ef:8e:d7:
         e2:4b:34:51:fc:d8:52:07:09:cd:a7:65:08:4a:5b:ce:63:ae:
         8c:60:da:b3:1f:db:93:d0:bc:0f:0a:39:e1:eb:94:45:95:aa:
         73:1c:89:3c:98:bf:78:65:8e:98:39:8f:f2:14:15:d7:6f:77:
         e3:b8:d3:43:c2:cc:fd:1e:c7:df:f7:e3:76:00:a7:01:ea:0d:
         cf:aa:60:c2:09:fa:cb:42:e8:9e:8c:ca:08:f6:f8:19:35:a5:
         87:c2:8c:c4:df:68:3d:0b:ee:ae:50:b5:df:9b:e7:3f:e6:48:
         fa:60:68:f1:c2:d9:fd:26:9b:22:3d:ac:b9:b9:f4:59:82:71:
         a5:e2:35:dd:02:9b:d0:1f:bd:43:f0:01:1f:74:f1:0c:ee:c7:
         e8:c9:4a:10:f8:39:19:67:58:ff:b7:45:c7:be:92:12:90:57:
         e5:4f:4b:df:82:5a:df:5f:d1:fd:89:1b:46:76:af:92:a9:9b:
         dc:d2:7a:d3:4e:e3:4d:bd:3e:f5:6e:fe:6c:3b:e0:5e:50:12:
         1d:29:88:a3:d4:10:5d:2a:47:34:51:c2:74:e9:ca:a0:0f:0d:
         b5:4c:0d:90:00:23:0d:61:a3:32:ee:7e:ef:34:b7:71:ac:c0:
         e4:39:12:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6hK/0n7TGXQv11Kf1sO9KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzBjNWYwOWI2MjY4MzI5MmZkOTEwOWU2OTQ3MTM1OTAy
ODFmOGQwHhcNMjUwMTMxMDQwMDQ1WhcNMjUwMjAxMDQwMDQ1WjAzMTEwLwYDVQQD
EyhmMmUzYzA1NGM3MGFjODVhOWMyOTUyZDMxMzA3NzM4MWJjZjNiMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcpfRjXevgebor7it+G/BwVLHOzT
QkH6SzFq8Pgd2Lzsjn7c0/NCCvr+5syli7V6+W6vJOIv/cFipU7XoDesnrjaJSL1
I3WVyT6d/GCqQ6LpkZWjvRrYPS2EbBa/3ipHj7AhQMQP/v8haKRX5AWUGo9B2dZj
fNp885dyMJj2y+Hu8AAiljI3ZqR5zPGoBBGykbmjm+xVZl8jlgVzYOdQxLjcE7Nu
OTpFcQ8OQByBhkNemOgxSuNDompGPMMr+M5DycCaroWN1rXrTo/2+EpxS+C5/csm
f/vA7HurEZV8CvvdtZGdFC1qEYIGDm+gduJ02b9Cy9kC3+xHMZdTcDBNAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPLjwFTHCshanClS0xMHc4G887HyMB8GA1UdIwQY
MBaAFN1wxfCbYmgykv2RCeaUcTWQKB+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9hNjc1NTctZDg5YS00ZWYxLWJkNjMt
YTdmY2FiOWFhN2FhLzEvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9hNjc1NTctZDg5YS00ZWYxLWJkNjMtYTdmY2FiOWFhN2Fh
LzEvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdPji2nxu
GMPDmi0BItmV747X4ks0UfzYUgcJzadlCEpbzmOujGDasx/bk9C8Dwo54euURZWq
cxyJPJi/eGWOmDmP8hQV129347jTQ8LM/R7H3/fjdgCnAeoNz6pgwgn6y0LonozK
CPb4GTWlh8KMxN9oPQvurlC135vnP+ZI+mBo8cLZ/SabIj2subn0WYJxpeI13QKb
0B+9Q/ABH3TxDO7H6MlKEPg5GWdY/7dFx76SEpBX5U9L34Ja31/R/YkbRnavkqmb
3NJ6007jTb0+9W7+bDvgXlASHSmIo9QQXSpHNFHCdOnKoA8NtUwNkAAjDWGjMu5+
7zS3cazA5DkSTg==
-----END CERTIFICATE-----