Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
File:                     3XF0IQf16FBis-CuZa-kuuZw4Es.mft (raw, json)
Hash identifier:          e4OW8cs3qQCYKdFWDPwCoUpwG+VcGLs1DtFQ6We04Gc=
Subject key identifier:   01:02:93:2E:E9:9C:76:0F:C5:3B:64:3C:03:A7:62:43:F6:6F:B6:5E
Authority key identifier: DD:71:74:21:07:F5:E8:50:62:B3:E0:AE:65:AF:A4:BA:E6:70:E0:4B
Certificate issuer:       /CN=dd71742107f5e85062b3e0ae65afa4bae670e04b
Certificate serial:       019682EBF22D62CC232B090A386A5DA78767
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
Manifest number:          0396
Signing time:             Tue 29 Apr 2025 19:00:23 +0000
Manifest this update:     Tue 29 Apr 2025 19:00:23 +0000
Manifest next update:     Wed 30 Apr 2025 19:00:23 +0000
Files and hashes:         1: 3XF0IQf16FBis-CuZa-kuuZw4Es.crl (hash: FTi94xMKOwgQvZ/P5xyPpncc0LNa9isVPPU7zfQF45I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:82:eb:f2:2d:62:cc:23:2b:09:0a:38:6a:5d:a7:87:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd71742107f5e85062b3e0ae65afa4bae670e04b
        Validity
            Not Before: Apr 29 19:00:23 2025 GMT
            Not After : Apr 30 19:00:23 2025 GMT
        Subject: CN=0102932ee99c760fc53b643c03a76243f66fb65e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:a5:98:2f:14:b7:65:fc:4d:75:9e:ae:4b:cf:
                    49:b7:d9:7d:d1:ad:9e:bc:2d:16:cd:ac:51:1e:d8:
                    81:43:0a:cf:a1:36:98:5a:7b:2d:66:9f:d7:2f:db:
                    3b:b5:9c:07:5b:11:f5:f8:a8:f1:d3:9d:be:11:d2:
                    3b:e4:8b:60:15:5c:32:d6:5d:ae:ab:34:2b:dd:70:
                    14:32:31:64:10:f9:db:1e:22:bf:de:73:8c:9b:81:
                    0d:a1:cc:2a:1a:8f:cc:f0:00:d0:52:94:24:ec:21:
                    2f:a4:82:d6:8e:dd:51:c7:5e:3a:ef:d0:67:38:e5:
                    d9:9b:e7:f0:1d:7c:1c:27:a8:7a:8c:f3:5c:74:25:
                    c5:02:1f:c5:0f:b8:f5:76:e8:45:43:53:a9:7d:8b:
                    4b:ac:c8:9d:21:a1:a4:64:c7:5a:ee:9a:03:50:c7:
                    c6:8e:0e:5f:f7:6a:4b:e4:ef:de:35:d4:1c:36:b6:
                    33:aa:f7:fe:5c:c3:93:a8:8b:c7:c6:fe:22:79:a8:
                    88:70:94:30:15:a7:72:e0:59:63:aa:79:43:6a:64:
                    77:3f:9a:7e:13:44:df:e5:48:ee:42:10:46:21:c3:
                    3a:df:dd:60:ef:c9:95:a8:5b:e0:96:3a:55:30:65:
                    2f:d0:b3:92:55:2c:53:fb:3d:78:75:10:ee:15:07:
                    01:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:02:93:2E:E9:9C:76:0F:C5:3B:64:3C:03:A7:62:43:F6:6F:B6:5E
            X509v3 Authority Key Identifier:
                keyid:DD:71:74:21:07:F5:E8:50:62:B3:E0:AE:65:AF:A4:BA:E6:70:E0:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:58:61:80:5d:73:35:55:1a:cb:76:a7:99:ce:4c:70:3f:aa:
         0a:a6:8b:5e:75:94:1c:6a:ea:2b:0c:ab:f2:aa:30:63:26:ad:
         e9:d3:63:f6:e3:9b:b9:00:99:43:41:0b:be:85:9e:b9:a8:9e:
         b0:a2:f4:35:d8:2a:e5:c6:82:7c:a8:5f:e3:da:ab:50:4e:41:
         ad:84:69:83:19:7f:c5:f3:6e:65:e5:e4:2f:bf:6c:da:89:ba:
         e6:69:16:e0:81:a6:2d:92:08:f7:85:c2:0e:5a:39:95:48:58:
         08:98:c8:bc:d0:4b:93:6e:52:0a:77:72:d6:e1:81:d0:1e:70:
         db:08:2f:40:d7:40:08:93:8a:6d:9f:70:fd:ad:b2:bc:a5:2b:
         18:80:54:a5:c2:00:a3:d6:55:7c:db:bf:3e:fc:09:04:d9:c4:
         89:e0:fb:ab:5a:d7:40:24:ec:4f:5c:62:15:c1:a0:62:da:8b:
         0a:5a:0a:c0:ad:5a:89:62:1d:e7:fb:75:f3:fd:aa:c8:5d:db:
         89:77:7b:6c:ba:5a:21:a3:1e:74:1f:30:4c:a3:b9:1d:8d:dc:
         8e:cb:40:0d:b7:2d:05:68:d2:9f:47:c5:dc:2a:ad:98:b9:f5:
         27:1a:41:3a:34:35:cf:02:97:85:25:32:3a:49:83:fc:73:11:
         8b:69:53:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaC6/ItYswjKwkKOGpdp4dnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzE3NDIxMDdmNWU4NTA2MmIzZTBhZTY1YWZhNGJhZTY3
MGUwNGIwHhcNMjUwNDI5MTkwMDIzWhcNMjUwNDMwMTkwMDIzWjAzMTEwLwYDVQQD
EygwMTAyOTMyZWU5OWM3NjBmYzUzYjY0M2MwM2E3NjI0M2Y2NmZiNjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKWYLxS3ZfxNdZ6uS89Jt9l90a2e
vC0WzaxRHtiBQwrPoTaYWnstZp/XL9s7tZwHWxH1+Kjx052+EdI75ItgFVwy1l2u
qzQr3XAUMjFkEPnbHiK/3nOMm4ENocwqGo/M8ADQUpQk7CEvpILWjt1Rx14679Bn
OOXZm+fwHXwcJ6h6jPNcdCXFAh/FD7j1duhFQ1OpfYtLrMidIaGkZMda7poDUMfG
jg5f92pL5O/eNdQcNrYzqvf+XMOTqIvHxv4ieaiIcJQwFady4FljqnlDamR3P5p+
E0Tf5UjuQhBGIcM6391g78mVqFvgljpVMGUv0LOSVSxT+z14dRDuFQcBCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAECky7pnHYPxTtkPAOnYkP2b7ZeMB8GA1UdIwQY
MBaAFN1xdCEH9ehQYrPgrmWvpLrmcOBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8yZGU0YTktNjU4Yy00MDZiLThlZTct
YTc3MDZiYTMwODg5LzEvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8yZGU0YTktNjU4Yy00MDZiLThlZTctYTc3MDZiYTMwODg5
LzEvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhFhhgF1z
NVUay3anmc5McD+qCqaLXnWUHGrqKwyr8qowYyat6dNj9uObuQCZQ0ELvoWeuaie
sKL0Ndgq5caCfKhf49qrUE5BrYRpgxl/xfNuZeXkL79s2om65mkW4IGmLZII94XC
Dlo5lUhYCJjIvNBLk25SCndy1uGB0B5w2wgvQNdACJOKbZ9w/a2yvKUrGIBUpcIA
o9ZVfNu/PvwJBNnEieD7q1rXQCTsT1xiFcGgYtqLCloKwK1aiWId5/t18/2qyF3b
iXd7bLpaIaMedB8wTKO5HY3cjstADbctBWjSn0fF3CqtmLn1JxpBOjQ1zwKXhSUy
OkmD/HMRi2lT5w==
-----END CERTIFICATE-----