Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
File:                     I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft (raw, json)
Hash identifier:          NmQn7O160G5BG2BL8/WEbgpf4hhFHc2e0CMOprpUKRo=
Subject key identifier:   21:4D:5F:F7:45:E0:2E:35:5B:96:6D:FD:8E:FA:AF:23:65:B1:DA:30
Authority key identifier: 23:74:3F:E3:17:C3:24:BF:79:43:EA:73:A7:D4:B7:86:CF:DC:1E:9F
Certificate issuer:       /CN=23743fe317c324bf7943ea73a7d4b786cfdc1e9f
Certificate serial:       0196876E76B197B97FE4FE8FE5ADDC6BEDF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
Manifest number:          1514
Signing time:             Wed 30 Apr 2025 16:01:25 +0000
Manifest this update:     Wed 30 Apr 2025 16:01:25 +0000
Manifest next update:     Thu 01 May 2025 16:01:25 +0000
Files and hashes:         1: I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl (hash: SjjN0LKn8eyBzDXDe2I47nqtPv4WXHI5RQNeP0Lec6k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 13:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:87:6e:76:b1:97:b9:7f:e4:fe:8f:e5:ad:dc:6b:ed:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23743fe317c324bf7943ea73a7d4b786cfdc1e9f
        Validity
            Not Before: Apr 30 16:01:25 2025 GMT
            Not After : May  1 16:01:25 2025 GMT
        Subject: CN=214d5ff745e02e355b966dfd8efaaf2365b1da30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:80:cd:74:5e:88:7b:bb:b7:6b:0b:b0:3e:99:
                    fa:9c:cf:0f:6c:34:8f:9a:31:26:58:ad:9f:e2:97:
                    f9:4c:84:dc:f3:7d:af:60:2e:90:5e:e4:9b:a6:bb:
                    4f:07:05:7c:9b:cb:22:bd:0a:0f:cb:e9:ad:ad:49:
                    43:c4:06:79:2b:d6:23:5d:25:7f:35:b8:8f:ae:0a:
                    12:80:8f:70:41:05:4a:9b:92:05:27:83:c5:38:68:
                    b9:6a:82:8d:03:89:7e:9c:4e:ad:ad:3b:bb:4a:41:
                    a7:9c:07:9b:41:91:59:bd:36:35:7c:94:88:ee:5a:
                    19:0b:3d:8b:25:b0:cb:88:27:f3:b7:94:8c:fd:6a:
                    6b:8b:45:d2:1c:52:d1:01:bd:85:3c:f6:71:f6:9a:
                    80:7c:ff:10:f3:ce:b0:8d:a0:d9:df:fa:92:43:ef:
                    67:f0:3b:df:2a:8f:e6:b0:e6:0b:4f:39:5e:e0:4f:
                    51:64:c5:ad:52:cf:c9:9f:0b:68:ea:dc:3f:0a:6e:
                    b6:54:a5:84:ed:b3:c9:37:84:f3:f0:b0:cd:56:20:
                    6a:ce:9b:cc:94:9c:c4:29:04:6d:67:14:2d:73:69:
                    03:96:f4:aa:e6:65:4b:95:cc:59:c4:1a:65:02:db:
                    a0:7e:11:81:62:7e:76:2e:87:4c:50:31:43:86:e3:
                    e5:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:4D:5F:F7:45:E0:2E:35:5B:96:6D:FD:8E:FA:AF:23:65:B1:DA:30
            X509v3 Authority Key Identifier:
                keyid:23:74:3F:E3:17:C3:24:BF:79:43:EA:73:A7:D4:B7:86:CF:DC:1E:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:f3:ab:7c:fe:f7:c1:cb:2f:64:21:9d:77:a5:3f:4d:a0:db:
         0f:7f:2a:33:ca:51:6c:a5:d9:9f:81:31:98:e7:41:34:2e:5d:
         35:f3:bb:14:c9:22:be:86:68:4f:a0:ae:28:dd:5c:1d:41:23:
         cb:79:9b:68:e6:12:42:01:27:ef:4e:97:d4:7a:60:f6:61:ac:
         ed:d1:8e:84:a8:55:87:65:70:be:03:56:51:e4:f5:79:7c:b1:
         f1:95:d7:74:20:b1:8a:62:8a:d4:6b:f9:83:a1:a9:fe:dd:1c:
         10:ad:05:e3:7d:21:d9:38:25:8d:5d:d6:b7:1c:d9:bd:a2:fd:
         47:6a:06:ef:80:91:c2:c1:d2:98:3f:2c:7c:5f:77:cf:15:49:
         3c:03:e2:64:fa:bb:7e:6d:73:f5:fc:55:ef:49:18:0d:96:66:
         91:75:11:81:b2:f2:6f:09:f5:60:ca:61:1f:2c:9b:92:81:c2:
         b7:36:09:48:54:16:79:82:02:f9:6a:12:79:db:8f:de:74:b8:
         87:d9:24:66:0b:ea:6a:6c:0a:bc:0d:0c:16:e8:af:76:dc:ca:
         78:ac:37:73:8a:ba:fe:36:75:46:e6:e5:9d:46:69:3f:50:64:
         49:5a:00:ea:9d:ff:a4:63:1d:3f:55:b0:10:fa:c7:13:29:dc:
         a5:2f:96:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaHbnaxl7l/5P6P5a3ca+32MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzQzZmUzMTdjMzI0YmY3OTQzZWE3M2E3ZDRiNzg2Y2Zk
YzFlOWYwHhcNMjUwNDMwMTYwMTI1WhcNMjUwNTAxMTYwMTI1WjAzMTEwLwYDVQQD
EygyMTRkNWZmNzQ1ZTAyZTM1NWI5NjZkZmQ4ZWZhYWYyMzY1YjFkYTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14DNdF6Ie7u3awuwPpn6nM8PbDSP
mjEmWK2f4pf5TITc832vYC6QXuSbprtPBwV8m8sivQoPy+mtrUlDxAZ5K9YjXSV/
NbiPrgoSgI9wQQVKm5IFJ4PFOGi5aoKNA4l+nE6trTu7SkGnnAebQZFZvTY1fJSI
7loZCz2LJbDLiCfzt5SM/Wpri0XSHFLRAb2FPPZx9pqAfP8Q886wjaDZ3/qSQ+9n
8DvfKo/msOYLTzle4E9RZMWtUs/Jnwto6tw/Cm62VKWE7bPJN4Tz8LDNViBqzpvM
lJzEKQRtZxQtc2kDlvSq5mVLlcxZxBplAtugfhGBYn52LodMUDFDhuPl9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCFNX/dF4C41W5Zt/Y76ryNlsdowMB8GA1UdIwQY
MBaAFCN0P+MXwyS/eUPqc6fUt4bP3B6fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zZWY4NDYtZjg0ZC00NTVmLThlZTgt
Zjk2MTNkYTA5ZWViLzEvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zZWY4NDYtZjg0ZC00NTVmLThlZTgtZjk2MTNkYTA5ZWVi
LzEvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu/OrfP73
wcsvZCGdd6U/TaDbD38qM8pRbKXZn4ExmOdBNC5dNfO7FMkivoZoT6CuKN1cHUEj
y3mbaOYSQgEn706X1Hpg9mGs7dGOhKhVh2VwvgNWUeT1eXyx8ZXXdCCximKK1Gv5
g6Gp/t0cEK0F430h2TgljV3WtxzZvaL9R2oG74CRwsHSmD8sfF93zxVJPAPiZPq7
fm1z9fxV70kYDZZmkXURgbLybwn1YMphHyybkoHCtzYJSFQWeYIC+WoSeduP3nS4
h9kkZgvqamwKvA0MFuivdtzKeKw3c4q6/jZ1RublnUZpP1BkSVoA6p3/pGMdP1Ww
EPrHEyncpS+WNg==
-----END CERTIFICATE-----