Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
File:                     M1lkDZyLY0Pghqr4vosw6MMdK40.mft (raw, json)
Hash identifier:          zgzSE72OFFS+5gbNmJ7gAQm8NIQx9TGzR1xFbMTBreo=
Subject key identifier:   F2:C8:E5:7D:0D:8E:60:9A:11:2F:F7:0E:71:48:08:F0:2D:68:76:93
Authority key identifier: 33:59:64:0D:9C:8B:63:43:E0:86:AA:F8:BE:8B:30:E8:C3:1D:2B:8D
Certificate issuer:       /CN=3359640d9c8b6343e086aaf8be8b30e8c31d2b8d
Certificate serial:       0196741E3500B5A331D38B8A0B86FA1A7C70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
Manifest number:          0295
Signing time:             Sat 26 Apr 2025 22:00:58 +0000
Manifest this update:     Sat 26 Apr 2025 22:00:58 +0000
Manifest next update:     Sun 27 Apr 2025 22:00:58 +0000
Files and hashes:         1: M1lkDZyLY0Pghqr4vosw6MMdK40.crl (hash: lKDMyRxuJLI7E1y/xRR70rQoF6NCMt7rrHtNjTiQk/8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 20:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:1e:35:00:b5:a3:31:d3:8b:8a:0b:86:fa:1a:7c:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3359640d9c8b6343e086aaf8be8b30e8c31d2b8d
        Validity
            Not Before: Apr 26 22:00:58 2025 GMT
            Not After : Apr 27 22:00:58 2025 GMT
        Subject: CN=f2c8e57d0d8e609a112ff70e714808f02d687693
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:89:1a:d6:84:b6:cb:1f:c1:30:f0:14:1a:fd:
                    23:60:48:ef:b2:db:55:0b:28:24:53:43:08:2c:17:
                    82:05:61:e6:cc:0c:29:73:b3:77:1f:84:80:90:d3:
                    06:29:fe:a6:ce:35:c5:ff:1e:08:1b:47:e2:74:ef:
                    31:8c:47:94:a2:f8:16:2e:d2:d9:d9:89:7e:cf:c5:
                    62:cb:db:5d:92:5b:1e:88:9b:79:22:69:65:8c:2c:
                    bb:f0:1b:5a:b5:97:66:c3:39:39:6d:8f:36:f4:2e:
                    ce:9b:59:7b:7e:f6:62:4e:73:de:7d:9b:66:e8:9e:
                    36:18:4d:51:2d:57:b1:06:3a:5a:93:87:36:13:fd:
                    80:2a:0e:4b:6a:76:bb:a4:10:9e:d8:b8:d9:14:48:
                    83:77:b8:c8:f6:22:63:13:18:c4:8e:24:4a:99:64:
                    c8:08:3f:d0:da:a3:32:61:1d:63:72:c5:c1:4a:38:
                    e6:52:7a:28:1f:e2:03:63:be:b7:df:50:9f:07:55:
                    21:fa:2f:13:09:10:6e:a4:95:59:fc:59:21:30:d7:
                    62:ae:9c:83:51:66:eb:41:26:b9:d8:4f:36:59:6d:
                    19:75:ce:3a:33:bb:fc:cd:8d:0a:a8:cd:50:fe:45:
                    03:f2:bc:6d:fe:97:d3:31:15:90:e4:ff:ee:b4:73:
                    8c:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:C8:E5:7D:0D:8E:60:9A:11:2F:F7:0E:71:48:08:F0:2D:68:76:93
            X509v3 Authority Key Identifier:
                keyid:33:59:64:0D:9C:8B:63:43:E0:86:AA:F8:BE:8B:30:E8:C3:1D:2B:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:f5:15:90:14:44:bc:bb:cf:8d:fb:75:3b:25:27:fa:cf:96:
         6d:0f:3c:c6:16:00:1c:d0:b8:a9:e6:d5:12:cc:0e:3f:d2:f9:
         df:a3:ea:84:26:db:6c:22:61:2b:89:9d:00:e5:f2:7e:ea:ca:
         69:6a:1a:6a:b5:a2:ec:50:41:55:74:21:a1:a8:02:ae:8e:36:
         74:dc:f3:01:da:22:40:17:02:c8:e2:fe:97:6b:ed:1a:da:8d:
         80:ee:19:13:56:d8:c0:75:02:19:15:86:55:3b:1d:86:b0:e3:
         57:b2:d3:56:5c:fe:88:ef:90:7a:8c:45:d8:33:df:73:72:b0:
         89:a8:19:3c:0a:d6:d0:88:fe:42:92:35:ec:56:cd:58:c1:db:
         7c:45:83:d9:bd:63:36:89:21:bf:93:3c:76:0d:1f:a3:81:79:
         cc:aa:1f:73:d3:4e:54:af:30:ae:8e:36:d1:3c:47:cd:4d:39:
         55:e8:94:d3:59:14:d6:d8:41:ce:e1:10:69:5b:bb:80:cf:2e:
         ce:da:70:ec:5d:e5:01:b0:e5:7a:06:c0:4d:b3:78:df:83:d3:
         1c:d4:d1:88:ae:35:7a:15:aa:d4:40:64:b6:e2:be:c6:e0:a1:
         f3:97:8d:9d:53:ef:0f:7e:96:72:c4:fd:b6:e9:ec:84:32:3c:
         96:74:5b:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0HjUAtaMx04uKC4b6GnxwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNTk2NDBkOWM4YjYzNDNlMDg2YWFmOGJlOGIzMGU4YzMx
ZDJiOGQwHhcNMjUwNDI2MjIwMDU4WhcNMjUwNDI3MjIwMDU4WjAzMTEwLwYDVQQD
EyhmMmM4ZTU3ZDBkOGU2MDlhMTEyZmY3MGU3MTQ4MDhmMDJkNjg3NjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24ka1oS2yx/BMPAUGv0jYEjvsttV
CygkU0MILBeCBWHmzAwpc7N3H4SAkNMGKf6mzjXF/x4IG0fidO8xjEeUovgWLtLZ
2Yl+z8Viy9tdklseiJt5ImlljCy78BtatZdmwzk5bY829C7Om1l7fvZiTnPefZtm
6J42GE1RLVexBjpak4c2E/2AKg5Lana7pBCe2LjZFEiDd7jI9iJjExjEjiRKmWTI
CD/Q2qMyYR1jcsXBSjjmUnooH+IDY76331CfB1Uh+i8TCRBupJVZ/FkhMNdirpyD
UWbrQSa52E82WW0Zdc46M7v8zY0KqM1Q/kUD8rxt/pfTMRWQ5P/utHOMzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPLI5X0NjmCaES/3DnFICPAtaHaTMB8GA1UdIwQY
MBaAFDNZZA2ci2ND4Iaq+L6LMOjDHSuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9kMzMwYzktM2EwMC00ZTg1LThhNzQt
YmRkYzMxNDNiMzEzLzEvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9kMzMwYzktM2EwMC00ZTg1LThhNzQtYmRkYzMxNDNiMzEz
LzEvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANvUVkBRE
vLvPjft1OyUn+s+WbQ88xhYAHNC4qebVEswOP9L536PqhCbbbCJhK4mdAOXyfurK
aWoaarWi7FBBVXQhoagCro42dNzzAdoiQBcCyOL+l2vtGtqNgO4ZE1bYwHUCGRWG
VTsdhrDjV7LTVlz+iO+QeoxF2DPfc3KwiagZPArW0Ij+QpI17FbNWMHbfEWD2b1j
Nokhv5M8dg0fo4F5zKofc9NOVK8wro420TxHzU05VeiU01kU1thBzuEQaVu7gM8u
ztpw7F3lAbDlegbATbN434PTHNTRiK41ehWq1EBktuK+xuCh85eNnVPvD36WcsT9
tunshDI8lnRbdQ==
-----END CERTIFICATE-----