Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
File:                     tj8U3_NUhamVlBKGMDe4XfqfE9g.mft (raw, json)
Hash identifier:          BZzQ1gxYh00GiZEVLS30Y6WkED5zRt4OzrDoeWH7mlQ=
Subject key identifier:   18:53:91:6F:38:26:BD:28:43:99:E4:0B:DB:8C:74:15:9B:53:F5:01
Authority key identifier: B6:3F:14:DF:F3:54:85:A9:95:94:12:86:30:37:B8:5D:FA:9F:13:D8
Certificate issuer:       /CN=b63f14dff35485a9959412863037b85dfa9f13d8
Certificate serial:       01967567BB44341C1DA8A4029893E7353E71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
Manifest number:          0444
Signing time:             Sun 27 Apr 2025 04:00:54 +0000
Manifest this update:     Sun 27 Apr 2025 04:00:54 +0000
Manifest next update:     Mon 28 Apr 2025 04:00:54 +0000
Files and hashes:         1: tj8U3_NUhamVlBKGMDe4XfqfE9g.crl (hash: AR6ni69/dWqA8N+Bd0CwVp9GcMA8b7TXa4a54kTl/hs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 04:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:75:67:bb:44:34:1c:1d:a8:a4:02:98:93:e7:35:3e:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b63f14dff35485a9959412863037b85dfa9f13d8
        Validity
            Not Before: Apr 27 04:00:54 2025 GMT
            Not After : Apr 28 04:00:54 2025 GMT
        Subject: CN=1853916f3826bd284399e40bdb8c74159b53f501
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:bf:fc:37:7a:5c:34:07:67:0f:ed:5e:50:34:
                    ba:79:d3:f0:7b:ef:a0:23:03:4c:66:ca:a5:21:b8:
                    6e:59:4e:ae:19:f4:84:e2:5e:6f:fe:bc:23:11:e6:
                    51:ad:c7:b2:ea:db:8e:d1:44:fc:48:c2:fc:40:2b:
                    8a:04:1c:ff:e7:1c:7d:76:79:64:98:e7:40:4d:2a:
                    a3:91:98:4e:8a:ae:1f:3e:00:fa:73:1a:d3:50:23:
                    8f:93:9f:4b:44:1a:a0:24:d0:f1:2f:95:6e:21:f6:
                    03:df:35:37:97:c2:99:51:eb:6a:e6:68:44:5c:76:
                    0f:82:88:a2:ed:7f:16:65:b7:99:00:2b:a0:0f:34:
                    9c:dd:7a:08:cd:86:ea:d1:6a:7f:cf:5c:3c:65:2c:
                    69:0c:ce:7b:5a:41:b3:25:bd:8f:63:7e:50:6a:40:
                    93:19:a1:2a:13:8d:7e:34:36:f3:af:e4:41:93:2f:
                    62:26:72:9d:3a:0d:31:a9:82:2c:7f:69:e7:1a:b0:
                    35:38:6d:05:27:5f:a0:21:cc:0b:79:d2:6d:cd:2c:
                    23:9c:bf:c2:c7:f7:f8:aa:df:0d:ed:f6:ef:44:72:
                    b1:8c:bc:7e:eb:d8:e6:87:b0:5b:ca:02:14:75:e1:
                    20:69:e5:1f:d4:27:5e:44:f0:7e:50:7a:c7:0e:b8:
                    16:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:53:91:6F:38:26:BD:28:43:99:E4:0B:DB:8C:74:15:9B:53:F5:01
            X509v3 Authority Key Identifier:
                keyid:B6:3F:14:DF:F3:54:85:A9:95:94:12:86:30:37:B8:5D:FA:9F:13:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:f0:37:88:d8:eb:3b:e6:e3:7e:fe:9e:80:5d:cb:ab:96:3b:
         6c:93:af:e7:93:94:a6:16:58:e8:82:5c:ba:76:a7:d1:ce:95:
         2b:eb:20:15:02:89:c2:47:2c:3e:04:ad:3a:8a:e1:67:66:69:
         45:25:4d:d4:21:63:e9:a1:b6:3d:d4:4f:68:f7:cb:ae:87:a5:
         79:f6:0a:7f:3b:f2:1d:75:b7:4c:23:e1:81:77:a9:2a:74:ec:
         f0:c5:30:6d:56:3c:de:73:0f:c6:c8:0c:b8:dc:80:29:65:f5:
         e1:df:d9:94:3e:86:7b:30:8b:80:e9:9b:a0:e6:81:0c:3d:6a:
         45:54:d6:a0:b8:e8:5d:2c:ec:db:42:32:0d:23:33:32:c4:9d:
         08:7d:bc:d6:9a:05:3c:9c:e2:ae:bb:bc:3f:36:ac:c0:b4:1b:
         81:c7:a9:8d:96:55:5f:08:9d:b3:e1:77:11:f8:2c:8e:7d:54:
         07:e2:c0:0d:b7:e4:2e:d4:e4:72:ef:b9:f1:8e:e7:9e:23:df:
         15:05:b6:69:fb:29:e7:54:f1:36:31:f4:b4:80:7d:3e:76:ec:
         4d:0d:46:27:a9:11:60:1b:f5:ac:7f:f6:f1:ed:3f:71:3f:bc:
         02:b4:96:4e:ec:8a:3a:9e:9f:31:34:62:ae:32:25:7b:27:17:
         d8:cc:e9:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ1Z7tENBwdqKQCmJPnNT5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2M2YxNGRmZjM1NDg1YTk5NTk0MTI4NjMwMzdiODVkZmE5
ZjEzZDgwHhcNMjUwNDI3MDQwMDU0WhcNMjUwNDI4MDQwMDU0WjAzMTEwLwYDVQQD
EygxODUzOTE2ZjM4MjZiZDI4NDM5OWU0MGJkYjhjNzQxNTliNTNmNTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhL/8N3pcNAdnD+1eUDS6edPwe++g
IwNMZsqlIbhuWU6uGfSE4l5v/rwjEeZRrcey6tuO0UT8SML8QCuKBBz/5xx9dnlk
mOdATSqjkZhOiq4fPgD6cxrTUCOPk59LRBqgJNDxL5VuIfYD3zU3l8KZUetq5mhE
XHYPgoii7X8WZbeZACugDzSc3XoIzYbq0Wp/z1w8ZSxpDM57WkGzJb2PY35QakCT
GaEqE41+NDbzr+RBky9iJnKdOg0xqYIsf2nnGrA1OG0FJ1+gIcwLedJtzSwjnL/C
x/f4qt8N7fbvRHKxjLx+69jmh7BbygIUdeEgaeUf1CdeRPB+UHrHDrgWzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBhTkW84Jr0oQ5nkC9uMdBWbU/UBMB8GA1UdIwQY
MBaAFLY/FN/zVIWplZQShjA3uF36nxPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zYmM4NjUtMzg2Yi00YmVhLWFiYTAt
NjZjOThjMDFkZmQ3LzEvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zYmM4NjUtMzg2Yi00YmVhLWFiYTAtNjZjOThjMDFkZmQ3
LzEvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABPA3iNjr
O+bjfv6egF3Lq5Y7bJOv55OUphZY6IJcunan0c6VK+sgFQKJwkcsPgStOorhZ2Zp
RSVN1CFj6aG2PdRPaPfLroelefYKfzvyHXW3TCPhgXepKnTs8MUwbVY83nMPxsgM
uNyAKWX14d/ZlD6GezCLgOmboOaBDD1qRVTWoLjoXSzs20IyDSMzMsSdCH281poF
PJzirru8PzaswLQbgcepjZZVXwids+F3Efgsjn1UB+LADbfkLtTkcu+58Y7nniPf
FQW2afsp51TxNjH0tIB9PnbsTQ1GJ6kRYBv1rH/28e0/cT+8ArSWTuyKOp6fMTRi
rjIleycX2MzpGQ==
-----END CERTIFICATE-----