Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.mft
File:                     cs3rVmQuM1iXcef9pxu3HgF_nZY.mft (raw, json)
Hash identifier:          JMdUGsHZcnrWhNhFyMB3xqG+pHOP84givnDAYpuVpE4=
Subject key identifier:   8C:D5:F2:AD:17:9C:59:F6:C1:7F:77:6A:18:47:AA:1C:06:78:AD:6A
Authority key identifier: 72:CD:EB:56:64:2E:33:58:97:71:E7:FD:A7:1B:B7:1E:01:7F:9D:96
Certificate issuer:       /CN=72cdeb56642e33589771e7fda71bb71e017f9d96
Certificate serial:       01967AFB8CDA0D811AFE1AFA0822A7A667AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cs3rVmQuM1iXcef9pxu3HgF_nZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.mft
Manifest number:          0A2F
Signing time:             Mon 28 Apr 2025 06:00:27 +0000
Manifest this update:     Mon 28 Apr 2025 06:00:27 +0000
Manifest next update:     Tue 29 Apr 2025 06:00:27 +0000
Files and hashes:         1: cs3rVmQuM1iXcef9pxu3HgF_nZY.crl (hash: gB9jN4q9K6yzF0WC+RpebdEtLiHaChnqpYjuHR0zKdw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cs3rVmQuM1iXcef9pxu3HgF_nZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 06:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7a:fb:8c:da:0d:81:1a:fe:1a:fa:08:22:a7:a6:67:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72cdeb56642e33589771e7fda71bb71e017f9d96
        Validity
            Not Before: Apr 28 06:00:27 2025 GMT
            Not After : Apr 29 06:00:27 2025 GMT
        Subject: CN=8cd5f2ad179c59f6c17f776a1847aa1c0678ad6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:1d:64:70:9d:31:e9:24:f4:66:ae:7b:66:a4:
                    98:7f:fd:3f:96:1a:5a:79:c9:e9:f9:59:e8:ec:74:
                    23:82:6e:6e:45:7d:15:18:ca:e7:cf:a9:8e:0d:80:
                    f6:68:f4:2a:08:65:5e:de:a4:b9:ea:97:92:a9:27:
                    d2:00:69:47:e9:cf:ae:5b:60:c7:de:07:6b:7a:ef:
                    d5:a4:d1:db:0d:37:72:ad:0e:37:56:ee:c4:25:8d:
                    b0:59:f4:29:5e:e2:d0:39:91:3b:3a:33:ff:3c:b8:
                    6e:91:6a:42:a2:cc:02:64:57:b9:d2:75:f3:d0:86:
                    e5:b6:24:6d:6b:41:77:13:5a:0c:7a:47:b2:03:08:
                    b6:97:5a:d5:86:60:23:05:1b:47:20:15:6c:19:f2:
                    e7:f6:d2:cf:f3:73:9d:e6:15:aa:8c:c9:2a:34:74:
                    25:a7:c5:86:7b:71:1d:79:e7:d9:5a:34:2f:04:f5:
                    0e:d6:59:c3:73:9f:ce:a7:bf:bd:b5:5d:08:19:1b:
                    89:c4:11:bf:09:84:f3:c8:c5:ed:58:4f:68:f4:63:
                    22:94:50:54:0a:d6:36:2f:84:ff:4f:12:33:15:43:
                    d0:f5:b1:05:98:1f:48:2f:d9:a5:48:af:10:d9:8b:
                    bf:89:9c:35:26:c4:98:a9:75:c1:d8:74:cc:55:89:
                    70:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:D5:F2:AD:17:9C:59:F6:C1:7F:77:6A:18:47:AA:1C:06:78:AD:6A
            X509v3 Authority Key Identifier:
                keyid:72:CD:EB:56:64:2E:33:58:97:71:E7:FD:A7:1B:B7:1E:01:7F:9D:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cs3rVmQuM1iXcef9pxu3HgF_nZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:9e:a9:72:c1:b9:55:57:7e:b4:22:01:70:4d:50:a4:23:87:
         73:a5:64:ae:26:08:88:5f:d7:64:ce:02:5e:5f:58:79:08:2f:
         b3:5b:22:53:8c:31:d8:90:52:8f:ce:14:a7:0d:d0:48:21:da:
         37:0a:fe:62:77:72:aa:70:c1:cf:8a:13:a0:2b:de:f3:80:5a:
         56:ee:db:3a:8c:37:e2:ac:26:22:23:be:36:b1:be:ac:30:08:
         0a:b8:f6:c3:ab:7f:7e:66:f6:b9:63:ea:00:f8:bf:90:40:18:
         0b:57:75:93:f9:19:fe:9b:88:c2:34:49:bf:6d:9a:01:76:8b:
         7e:b7:10:33:22:74:c5:67:34:6e:be:3a:58:02:ae:a3:5a:c1:
         2b:fb:4f:b1:66:4f:98:e8:04:1c:79:8c:89:7b:23:37:ef:c0:
         00:d2:69:b2:c1:e0:46:91:a7:72:bf:54:aa:94:01:07:f2:62:
         f2:a1:7c:e3:6e:03:e4:be:ec:11:1b:05:ff:dc:83:a1:6a:99:
         ae:33:d6:67:04:5b:ac:46:fc:f9:83:ce:ae:e8:a5:7b:08:77:
         5f:18:f9:23:8a:58:ed:26:3b:9c:95:fc:a8:22:49:fe:eb:f8:
         0d:fb:15:31:52:42:7e:c2:0d:99:c9:c7:64:c9:67:49:60:02:
         69:27:b0:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ6+4zaDYEa/hr6CCKnpmeuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyY2RlYjU2NjQyZTMzNTg5NzcxZTdmZGE3MWJiNzFlMDE3
ZjlkOTYwHhcNMjUwNDI4MDYwMDI3WhcNMjUwNDI5MDYwMDI3WjAzMTEwLwYDVQQD
Eyg4Y2Q1ZjJhZDE3OWM1OWY2YzE3Zjc3NmExODQ3YWExYzA2NzhhZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6h1kcJ0x6ST0Zq57ZqSYf/0/lhpa
ecnp+Vno7HQjgm5uRX0VGMrnz6mODYD2aPQqCGVe3qS56peSqSfSAGlH6c+uW2DH
3gdreu/VpNHbDTdyrQ43Vu7EJY2wWfQpXuLQOZE7OjP/PLhukWpCoswCZFe50nXz
0IbltiRta0F3E1oMekeyAwi2l1rVhmAjBRtHIBVsGfLn9tLP83Od5hWqjMkqNHQl
p8WGe3EdeefZWjQvBPUO1lnDc5/Op7+9tV0IGRuJxBG/CYTzyMXtWE9o9GMilFBU
CtY2L4T/TxIzFUPQ9bEFmB9IL9mlSK8Q2Yu/iZw1JsSYqXXB2HTMVYlwRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIzV8q0XnFn2wX93ahhHqhwGeK1qMB8GA1UdIwQY
MBaAFHLN61ZkLjNYl3Hn/acbtx4Bf52WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3MzclZtUXVNMWlYY2VmOXB4dTNIZ0ZfblpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8zYzg0NDgtYWY0YS00YjQ4LWE3MmEt
ZTgyNzc0YTE2YTU3LzEvY3MzclZtUXVNMWlYY2VmOXB4dTNIZ0ZfblpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8zYzg0NDgtYWY0YS00YjQ4LWE3MmEtZTgyNzc0YTE2YTU3
LzEvY3MzclZtUXVNMWlYY2VmOXB4dTNIZ0ZfblpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW56pcsG5
VVd+tCIBcE1QpCOHc6VkriYIiF/XZM4CXl9YeQgvs1siU4wx2JBSj84Upw3QSCHa
Nwr+YndyqnDBz4oToCve84BaVu7bOow34qwmIiO+NrG+rDAICrj2w6t/fmb2uWPq
APi/kEAYC1d1k/kZ/puIwjRJv22aAXaLfrcQMyJ0xWc0br46WAKuo1rBK/tPsWZP
mOgEHHmMiXsjN+/AANJpssHgRpGncr9UqpQBB/Ji8qF8424D5L7sERsF/9yDoWqZ
rjPWZwRbrEb8+YPOruilewh3Xxj5I4pY7SY7nJX8qCJJ/uv4DfsVMVJCfsINmcnH
ZMlnSWACaSewHw==
-----END CERTIFICATE-----