Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
File:                     syznolxromOxucmrdrjS3DoNaAY.mft (raw, json)
Hash identifier:          gHIgdBYP/NYkawfdsbEGBDymjpjz0YgQJgAAo4lYdlY=
Subject key identifier:   68:92:B1:6F:DD:D5:EF:8E:2E:D1:B6:2C:77:9B:95:1E:D5:BD:5A:1C
Authority key identifier: B3:2C:E7:A2:5C:6B:A2:63:B1:B9:C9:AB:76:B8:D2:DC:3A:0D:68:06
Certificate issuer:       /CN=b32ce7a25c6ba263b1b9c9ab76b8d2dc3a0d6806
Certificate serial:       0196760C4799F1214F53B5E0B620F8E6151F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
Manifest number:          03C0
Signing time:             Sun 27 Apr 2025 07:00:38 +0000
Manifest this update:     Sun 27 Apr 2025 07:00:38 +0000
Manifest next update:     Mon 28 Apr 2025 07:00:38 +0000
Files and hashes:         1: syznolxromOxucmrdrjS3DoNaAY.crl (hash: joB3DGDTh7iaj6aEk/z07ea1U0iEl3h5S8g3S3iYvhQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:47:99:f1:21:4f:53:b5:e0:b6:20:f8:e6:15:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b32ce7a25c6ba263b1b9c9ab76b8d2dc3a0d6806
        Validity
            Not Before: Apr 27 07:00:38 2025 GMT
            Not After : Apr 28 07:00:38 2025 GMT
        Subject: CN=6892b16fddd5ef8e2ed1b62c779b951ed5bd5a1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:a6:ae:e0:1a:d0:35:07:99:9c:de:9a:10:b6:
                    14:0f:ce:b1:d6:22:84:a4:3f:77:3a:a1:89:0c:08:
                    b0:d0:0c:03:ca:ba:ac:25:91:ef:60:b0:d0:a6:c6:
                    cf:2c:44:ef:b9:9d:ca:3c:31:ef:59:ba:26:b9:05:
                    26:59:f0:0f:70:a5:46:95:49:7b:43:a7:20:d4:a4:
                    88:93:62:4c:de:f5:41:78:a2:2f:9b:38:6e:10:56:
                    32:e0:8d:9a:f1:e3:1b:c3:32:6d:d2:f3:09:52:ce:
                    d8:c4:47:c0:ae:dd:93:b6:17:83:71:4c:96:12:6b:
                    e8:f5:6f:1d:9a:36:45:d9:13:8d:38:c1:29:79:e6:
                    3e:a1:06:74:e3:01:9c:e3:27:1d:34:46:be:0a:01:
                    80:79:32:bb:40:f3:ce:58:01:a2:41:28:52:3b:11:
                    01:d5:a0:c6:66:d8:ec:ee:9e:50:75:d5:ce:bf:9a:
                    b0:9c:13:89:f3:e8:a4:b2:a3:37:08:8c:b1:71:6b:
                    cb:29:5f:eb:c1:62:68:e8:48:44:06:3d:9e:a4:af:
                    e9:bf:06:7f:6c:25:22:70:a8:cd:e1:79:60:73:f8:
                    c2:ae:98:d7:44:7d:62:a2:33:62:81:7a:70:f4:63:
                    c1:9f:19:da:f3:c2:c1:8f:bf:bd:7a:cf:44:1c:6f:
                    e7:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:92:B1:6F:DD:D5:EF:8E:2E:D1:B6:2C:77:9B:95:1E:D5:BD:5A:1C
            X509v3 Authority Key Identifier:
                keyid:B3:2C:E7:A2:5C:6B:A2:63:B1:B9:C9:AB:76:B8:D2:DC:3A:0D:68:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:cb:84:71:15:91:2f:b9:04:67:11:17:f4:72:f1:e0:a4:93:
         11:cb:83:e8:04:b3:53:33:be:68:cb:c6:ee:4e:84:e6:00:50:
         ac:b6:ff:e9:89:d1:2e:2b:e2:d8:57:51:6c:cf:02:67:88:8e:
         51:d2:8c:ed:62:4a:70:4c:cf:6c:a3:56:25:93:c6:ce:dd:49:
         72:87:fa:ee:92:52:ad:7d:02:dc:f5:18:e3:8a:c9:cc:85:ce:
         05:2b:90:8c:1a:17:da:50:02:b9:75:e1:d7:20:0d:17:09:81:
         93:11:75:53:b8:8e:b7:f5:04:f2:66:5f:88:42:1a:f9:53:35:
         d4:d7:2f:e9:04:3f:1f:25:46:9f:56:5a:2b:37:56:d5:70:2d:
         3f:0d:6c:79:c4:7d:d9:17:a4:71:33:0e:a3:39:a0:51:39:1b:
         27:59:0f:9e:dd:e6:78:fd:1a:28:0a:e3:72:83:fe:0b:ca:2e:
         a2:0b:4d:4a:eb:fe:68:d1:47:c8:eb:3d:e4:66:a2:7b:39:89:
         f3:39:b7:e1:1a:86:a9:12:fa:b1:e0:e3:c6:e1:c0:a9:e8:48:
         3c:24:bb:69:ca:6c:52:6d:9f:f9:fd:d7:28:19:9f:42:b4:5d:
         c9:d2:2f:6b:4a:f3:e5:87:b7:bc:a2:04:3d:06:fc:c6:8a:01:
         ae:f4:da:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DEeZ8SFPU7XgtiD45hUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmNlN2EyNWM2YmEyNjNiMWI5YzlhYjc2YjhkMmRjM2Ew
ZDY4MDYwHhcNMjUwNDI3MDcwMDM4WhcNMjUwNDI4MDcwMDM4WjAzMTEwLwYDVQQD
Eyg2ODkyYjE2ZmRkZDVlZjhlMmVkMWI2MmM3NzliOTUxZWQ1YmQ1YTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06au4BrQNQeZnN6aELYUD86x1iKE
pD93OqGJDAiw0AwDyrqsJZHvYLDQpsbPLETvuZ3KPDHvWbomuQUmWfAPcKVGlUl7
Q6cg1KSIk2JM3vVBeKIvmzhuEFYy4I2a8eMbwzJt0vMJUs7YxEfArt2TtheDcUyW
Emvo9W8dmjZF2RONOMEpeeY+oQZ04wGc4ycdNEa+CgGAeTK7QPPOWAGiQShSOxEB
1aDGZtjs7p5QddXOv5qwnBOJ8+iksqM3CIyxcWvLKV/rwWJo6EhEBj2epK/pvwZ/
bCUicKjN4Xlgc/jCrpjXRH1iojNigXpw9GPBnxna88LBj7+9es9EHG/n8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGiSsW/d1e+OLtG2LHeblR7VvVocMB8GA1UdIwQY
MBaAFLMs56Jca6JjsbnJq3a40tw6DWgGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l6bm9seHJvbU94dWNtcmRyalMzRG9OYUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hM2E2NTMtYWVmYS00OGNkLWFhYzct
MzQwM2E4NDI5N2IxLzEvc3l6bm9seHJvbU94dWNtcmRyalMzRG9OYUFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hM2E2NTMtYWVmYS00OGNkLWFhYzctMzQwM2E4NDI5N2Ix
LzEvc3l6bm9seHJvbU94dWNtcmRyalMzRG9OYUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvMuEcRWR
L7kEZxEX9HLx4KSTEcuD6ASzUzO+aMvG7k6E5gBQrLb/6YnRLivi2FdRbM8CZ4iO
UdKM7WJKcEzPbKNWJZPGzt1Jcof67pJSrX0C3PUY44rJzIXOBSuQjBoX2lACuXXh
1yANFwmBkxF1U7iOt/UE8mZfiEIa+VM11Ncv6QQ/HyVGn1ZaKzdW1XAtPw1secR9
2RekcTMOozmgUTkbJ1kPnt3meP0aKArjcoP+C8ouogtNSuv+aNFHyOs95GaiezmJ
8zm34RqGqRL6seDjxuHAqehIPCS7acpsUm2f+f3XKBmfQrRdydIva0rz5Ye3vKIE
PQb8xooBrvTa+w==
-----END CERTIFICATE-----