Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
File:                     PP7M1r9kBrDPRPaCuTzYbjNGUko.mft (raw, json)
Hash identifier:          +fiNb2gq7T+TlHbQRsm/DFm3qtdy1aX1zEF7I9AdH2Y=
Subject key identifier:   84:9F:4D:5E:3E:93:EF:7C:32:F0:86:2B:DE:42:CB:24:11:98:65:42
Authority key identifier: 3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A
Certificate issuer:       /CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
Certificate serial:       019696E0936B2F09E09282C432D5A6A14934
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
Manifest number:          1096
Signing time:             Sat 03 May 2025 16:00:22 +0000
Manifest this update:     Sat 03 May 2025 16:00:22 +0000
Manifest next update:     Sun 04 May 2025 16:00:22 +0000
Files and hashes:         1: PP7M1r9kBrDPRPaCuTzYbjNGUko.crl (hash: j6sPOLMyaK9VgZdiUSThqDNumAxa6ViNyj+YBdKzsbc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 04 May 2025 10:06:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:96:e0:93:6b:2f:09:e0:92:82:c4:32:d5:a6:a1:49:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
        Validity
            Not Before: May  3 16:00:22 2025 GMT
            Not After : May  4 16:00:22 2025 GMT
        Subject: CN=849f4d5e3e93ef7c32f0862bde42cb2411986542
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:08:a1:3b:8f:36:f5:02:f4:68:a9:6e:d8:72:
                    25:19:db:9b:d4:cb:a2:84:4e:4b:0e:da:48:70:01:
                    07:51:6f:15:70:fb:67:9b:ff:95:0f:4a:64:95:8c:
                    84:dc:19:5f:37:ff:50:b9:b6:b6:83:4c:06:16:b7:
                    a8:41:2b:2d:03:42:29:61:f6:ae:20:f5:eb:b7:70:
                    54:23:60:aa:8f:36:b0:e9:28:55:f1:5c:80:ce:07:
                    c4:da:e8:a7:d0:fb:e1:60:28:23:d5:9f:2c:03:6a:
                    64:60:91:3b:94:b8:cd:54:8b:4d:4a:89:69:f0:83:
                    c1:c1:be:fa:a4:9b:90:a5:2e:03:71:60:90:52:71:
                    b9:5b:8c:df:3d:26:94:7d:72:46:d3:3a:e7:56:53:
                    53:6a:eb:a0:41:80:91:1d:df:60:59:12:8c:81:0f:
                    25:39:b1:84:2c:78:da:9a:b4:10:d3:31:a3:5c:84:
                    78:09:84:1a:0b:4b:19:d2:7f:03:3f:4c:4f:9a:49:
                    aa:df:b9:e0:5e:17:41:2b:41:47:52:a1:d9:aa:05:
                    2f:87:3c:d6:13:5d:81:e7:31:10:43:83:db:c9:df:
                    00:81:81:50:e1:03:72:a1:d6:f8:78:77:5e:6c:1a:
                    2f:c1:3d:cf:3b:64:82:75:01:15:c2:99:c7:3e:20:
                    be:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:9F:4D:5E:3E:93:EF:7C:32:F0:86:2B:DE:42:CB:24:11:98:65:42
            X509v3 Authority Key Identifier:
                keyid:3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:8a:8b:16:d5:13:97:a6:92:7a:bb:50:b5:f3:66:f4:3d:1a:
         14:59:6e:74:d6:22:46:0b:71:28:b2:26:9a:06:5f:ee:79:0b:
         60:8c:7a:a2:1d:b2:0c:59:35:75:e5:54:c8:18:35:df:67:32:
         fb:f8:ce:a7:ac:4d:45:00:1c:3d:9d:f4:5f:1c:eb:f9:cc:6f:
         4b:0d:50:ed:2d:f8:92:7c:d7:c6:3e:bd:13:38:5d:15:2a:30:
         c6:08:33:23:fd:e2:85:81:7b:18:04:ee:46:dd:90:64:3a:f3:
         ad:bf:7d:21:8f:e2:b6:16:7f:3a:d1:60:0c:a2:ad:bc:0e:ad:
         d0:a3:82:ee:97:8c:f1:86:53:56:59:8c:df:f8:2d:af:35:a0:
         ab:95:39:ba:ec:8f:ce:6a:86:6d:97:36:3b:3f:fa:29:49:af:
         4a:a9:29:e1:36:a7:f8:00:dc:db:70:b5:8c:c3:22:ed:02:29:
         fe:1b:3f:33:08:9b:f3:cd:b3:63:7a:06:5b:59:81:57:90:f0:
         31:c2:71:53:46:74:52:12:1d:8e:6e:88:1b:f2:ed:b4:46:b4:
         90:67:df:9c:72:20:39:14:da:52:00:f7:69:30:07:8d:cf:fb:
         15:82:70:7a:9e:91:53:e9:dc:e2:f4:27:eb:d4:da:bf:87:9e:
         c2:fe:2d:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaW4JNrLwngkoLEMtWmoUk0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZmVjY2Q2YmY2NDA2YjBjZjQ0ZjY4MmI5M2NkODZlMzM0
NjUyNGEwHhcNMjUwNTAzMTYwMDIyWhcNMjUwNTA0MTYwMDIyWjAzMTEwLwYDVQQD
Eyg4NDlmNGQ1ZTNlOTNlZjdjMzJmMDg2MmJkZTQyY2IyNDExOTg2NTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAihO4829QL0aKlu2HIlGdub1Mui
hE5LDtpIcAEHUW8VcPtnm/+VD0pklYyE3BlfN/9Quba2g0wGFreoQSstA0IpYfau
IPXrt3BUI2Cqjzaw6ShV8VyAzgfE2uin0PvhYCgj1Z8sA2pkYJE7lLjNVItNSolp
8IPBwb76pJuQpS4DcWCQUnG5W4zfPSaUfXJG0zrnVlNTauugQYCRHd9gWRKMgQ8l
ObGELHjamrQQ0zGjXIR4CYQaC0sZ0n8DP0xPmkmq37ngXhdBK0FHUqHZqgUvhzzW
E12B5zEQQ4Pbyd8AgYFQ4QNyodb4eHdebBovwT3PO2SCdQEVwpnHPiC+OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFISfTV4+k+98MvCGK95CyyQRmGVCMB8GA1UdIwQY
MBaAFDz+zNa/ZAawz0T2grk82G4zRlJKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2Qt
MjNiODYxMWNjZTIzLzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2QtMjNiODYxMWNjZTIz
LzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGIqLFtUT
l6aSertQtfNm9D0aFFludNYiRgtxKLImmgZf7nkLYIx6oh2yDFk1deVUyBg132cy
+/jOp6xNRQAcPZ30Xxzr+cxvSw1Q7S34knzXxj69EzhdFSowxggzI/3ihYF7GATu
Rt2QZDrzrb99IY/ithZ/OtFgDKKtvA6t0KOC7peM8YZTVlmM3/gtrzWgq5U5uuyP
zmqGbZc2Oz/6KUmvSqkp4Tan+ADc23C1jMMi7QIp/hs/Mwib882zY3oGW1mBV5Dw
McJxU0Z0UhIdjm6IG/LttEa0kGffnHIgORTaUgD3aTAHjc/7FYJwep6RU+nc4vQn
69Tav4eewv4t3w==
-----END CERTIFICATE-----