Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
File:                     8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft (raw, json)
Hash identifier:          pFiZHnLIvoBodzpOmmIu/2lM2SazFSxPRnp8pU/+eG4=
Subject key identifier:   0F:8E:CB:89:0E:4D:EE:1C:A3:DF:E4:2C:95:D9:EC:B6:C5:F1:A4:E4
Authority key identifier: F0:37:74:A2:76:21:4B:86:E0:A5:B4:FA:77:21:BD:B0:E3:22:E0:80
Certificate issuer:       /CN=f03774a276214b86e0a5b4fa7721bdb0e322e080
Certificate serial:       01967E33CE3454676A8D774A552D9BD3F88B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
Manifest number:          09F3
Signing time:             Mon 28 Apr 2025 21:00:46 +0000
Manifest this update:     Mon 28 Apr 2025 21:00:46 +0000
Manifest next update:     Tue 29 Apr 2025 21:00:46 +0000
Files and hashes:         1: 8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl (hash: JB+q4B2inYFF+FPnmcqJltdhhlfNNKAbhvrhqDaysOw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 21:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7e:33:ce:34:54:67:6a:8d:77:4a:55:2d:9b:d3:f8:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f03774a276214b86e0a5b4fa7721bdb0e322e080
        Validity
            Not Before: Apr 28 21:00:46 2025 GMT
            Not After : Apr 29 21:00:46 2025 GMT
        Subject: CN=0f8ecb890e4dee1ca3dfe42c95d9ecb6c5f1a4e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:2d:c5:c1:ba:57:6b:ff:71:80:4f:6c:eb:1f:
                    6e:45:69:4e:42:94:9d:de:02:3c:a9:57:ae:df:fa:
                    1b:c3:7c:3e:f7:3a:33:58:83:a1:b7:40:b5:43:04:
                    85:b2:ec:4f:8b:30:93:9e:09:2f:fe:e1:b2:12:26:
                    9e:9f:3e:10:f7:01:e5:25:b5:a7:a0:2c:c1:32:16:
                    d6:59:1f:04:5b:1a:6a:ac:e0:37:ae:09:5b:11:ed:
                    38:64:51:26:e4:27:95:e7:00:3e:c0:4c:c1:45:13:
                    46:31:7e:03:f1:c7:c7:fa:60:2b:6b:86:20:d0:87:
                    d5:66:ba:f6:11:d3:c8:5d:b7:9d:4a:67:ad:9f:45:
                    19:02:80:63:de:2c:cc:e0:a0:fb:2e:7b:b8:43:2f:
                    3a:e3:de:e3:b7:a1:82:8a:0d:5b:95:02:2a:5c:d3:
                    e8:9e:8b:4e:d1:10:c2:6b:67:52:60:cb:ad:92:e8:
                    e3:d1:2e:f4:9b:de:a8:ad:80:8a:8b:03:8d:16:8b:
                    a8:29:bd:34:d1:87:3a:84:68:d8:71:e4:d6:b1:3b:
                    7e:a5:d4:3f:a2:e8:bd:b8:6b:7d:58:19:fa:25:50:
                    5c:f9:5d:74:4f:17:be:e5:12:01:51:7f:e0:74:17:
                    7a:bb:9f:c9:d1:6c:19:c9:f8:26:28:48:e0:51:4c:
                    07:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:8E:CB:89:0E:4D:EE:1C:A3:DF:E4:2C:95:D9:EC:B6:C5:F1:A4:E4
            X509v3 Authority Key Identifier:
                keyid:F0:37:74:A2:76:21:4B:86:E0:A5:B4:FA:77:21:BD:B0:E3:22:E0:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:7b:07:74:59:35:64:fe:0f:23:4f:78:83:08:10:e8:52:36:
         a7:fd:9f:ca:9c:3d:b4:15:82:31:d0:7c:21:e7:e2:24:d2:fd:
         bf:c3:79:86:f3:ed:63:b9:a4:e5:90:b9:cb:b4:5c:61:4f:10:
         81:dd:20:3a:b5:6a:25:d6:71:7a:f9:e7:9b:ad:1b:2b:fb:7b:
         d9:4d:98:e4:a9:a1:da:6c:75:f7:06:ff:87:40:fb:0a:ed:e2:
         47:dc:a0:64:3a:74:e0:ed:49:dc:3b:8d:72:20:cd:98:17:8d:
         ef:ac:19:c0:9e:2d:f4:31:53:16:91:e7:8a:a8:14:48:cf:43:
         aa:26:1d:c3:ef:0d:bc:1d:da:86:e7:b8:b4:3c:bc:20:b3:a4:
         7e:78:5c:7a:22:37:cc:3b:27:7e:e7:cb:97:bf:22:c8:8c:a1:
         3b:68:c1:4f:da:e6:7f:a0:a8:d2:70:6b:93:16:8d:b5:4c:ae:
         2c:0d:c0:c7:ff:63:f5:c2:b3:4e:7a:5a:6a:3e:a1:3e:19:88:
         ee:86:f5:60:61:da:81:b3:a6:6d:0e:f3:e5:68:0d:ef:11:7d:
         70:0d:21:b9:4f:59:2a:f0:c9:a7:e4:b5:5a:8e:1c:a4:df:ec:
         59:ad:08:f9:9d:25:7e:47:f7:ff:ba:c3:9c:8e:20:3e:98:7b:
         95:0b:9e:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+M840VGdqjXdKVS2b0/iLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzc3NGEyNzYyMTRiODZlMGE1YjRmYTc3MjFiZGIwZTMy
MmUwODAwHhcNMjUwNDI4MjEwMDQ2WhcNMjUwNDI5MjEwMDQ2WjAzMTEwLwYDVQQD
EygwZjhlY2I4OTBlNGRlZTFjYTNkZmU0MmM5NWQ5ZWNiNmM1ZjFhNGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAui3FwbpXa/9xgE9s6x9uRWlOQpSd
3gI8qVeu3/obw3w+9zozWIOht0C1QwSFsuxPizCTngkv/uGyEiaenz4Q9wHlJbWn
oCzBMhbWWR8EWxpqrOA3rglbEe04ZFEm5CeV5wA+wEzBRRNGMX4D8cfH+mAra4Yg
0IfVZrr2EdPIXbedSmetn0UZAoBj3izM4KD7Lnu4Qy86497jt6GCig1blQIqXNPo
notO0RDCa2dSYMutkujj0S70m96orYCKiwONFouoKb000Yc6hGjYceTWsTt+pdQ/
oui9uGt9WBn6JVBc+V10Txe+5RIBUX/gdBd6u5/J0WwZyfgmKEjgUUwHsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+Oy4kOTe4co9/kLJXZ7LbF8aTkMB8GA1UdIwQY
MBaAFPA3dKJ2IUuG4KW0+nchvbDjIuCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8xZWQ4ODMtMzc2YS00NWY5LTg4ODQt
YjgxNjIyNjAxMjRmLzEvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8xZWQ4ODMtMzc2YS00NWY5LTg4ODQtYjgxNjIyNjAxMjRm
LzEvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP3sHdFk1
ZP4PI094gwgQ6FI2p/2fypw9tBWCMdB8IefiJNL9v8N5hvPtY7mk5ZC5y7RcYU8Q
gd0gOrVqJdZxevnnm60bK/t72U2Y5Kmh2mx19wb/h0D7Cu3iR9ygZDp04O1J3DuN
ciDNmBeN76wZwJ4t9DFTFpHniqgUSM9DqiYdw+8NvB3ahue4tDy8ILOkfnhceiI3
zDsnfufLl78iyIyhO2jBT9rmf6Co0nBrkxaNtUyuLA3Ax/9j9cKzTnpaaj6hPhmI
7ob1YGHagbOmbQ7z5WgN7xF9cA0huU9ZKvDJp+S1Wo4cpN/sWa0I+Z0lfkf3/7rD
nI4gPph7lQueSQ==
-----END CERTIFICATE-----