Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
File:                     db3TijiDJA5GxLGsi7-DF96P-IU.mft (raw, json)
Hash identifier:          i4qXLaLEOCYQ2GAOLISq8c17z37hnws/WqHY+SRAgNA=
Subject key identifier:   1F:ED:60:0E:ED:FA:3D:FF:F5:00:D3:B7:11:C9:02:F0:5B:97:46:3F
Authority key identifier: 75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85
Certificate issuer:       /CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885
Certificate serial:       019675678AB646EC9329623882F22DED8EEF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
Manifest number:          121B
Signing time:             Sun 27 Apr 2025 04:00:42 +0000
Manifest this update:     Sun 27 Apr 2025 04:00:42 +0000
Manifest next update:     Mon 28 Apr 2025 04:00:42 +0000
Files and hashes:         1: db3TijiDJA5GxLGsi7-DF96P-IU.crl (hash: 82TUUEZvkJBM8dlZovGIAJlHN8CvmQa+aX+rifkIKCQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 02:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:75:67:8a:b6:46:ec:93:29:62:38:82:f2:2d:ed:8e:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885
        Validity
            Not Before: Apr 27 04:00:42 2025 GMT
            Not After : Apr 28 04:00:42 2025 GMT
        Subject: CN=1fed600eedfa3dfff500d3b711c902f05b97463f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:46:c4:68:30:79:be:6c:a3:5b:f8:99:35:cc:
                    fa:df:b2:a5:3e:ec:13:76:7e:57:24:a1:81:21:8b:
                    c2:53:b1:cc:00:55:31:97:a2:93:97:fd:6d:92:b4:
                    ed:3d:d5:f1:fa:c9:aa:52:62:e9:9a:82:ed:09:e7:
                    78:18:f0:92:9d:cb:a3:ce:40:46:57:49:a4:0c:0c:
                    67:87:db:b2:32:1c:09:b2:5c:bc:75:db:a4:f5:69:
                    9f:5e:6b:77:28:df:61:f1:64:d7:39:d8:bb:f2:78:
                    01:22:59:07:23:e7:23:d0:98:fd:6a:80:ca:de:54:
                    b5:31:c3:1c:02:2c:22:0e:6a:a8:ef:b4:eb:15:fa:
                    00:df:3a:41:6c:12:d0:d3:b7:6c:e1:c0:24:bd:26:
                    22:0c:0b:fb:4c:22:a5:06:d4:f9:23:74:76:b9:66:
                    0c:39:b0:f6:9a:02:41:91:4f:ff:99:7d:56:d8:20:
                    53:c6:44:f4:53:7e:17:f9:41:54:44:01:46:df:e1:
                    ee:24:1b:92:23:9c:17:48:64:0c:91:e0:1a:19:ed:
                    7e:d0:51:45:73:88:61:de:22:f6:12:11:fc:ee:f6:
                    ae:6e:c7:49:1c:f2:5e:8a:d3:5a:48:db:c3:ec:18:
                    47:e9:0a:64:70:79:bf:fa:9e:43:6c:c7:65:c7:e2:
                    df:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:ED:60:0E:ED:FA:3D:FF:F5:00:D3:B7:11:C9:02:F0:5B:97:46:3F
            X509v3 Authority Key Identifier:
                keyid:75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:9c:41:58:0e:44:d0:4f:f2:db:ad:93:c3:4a:7b:a7:50:8d:
         27:f1:14:36:87:8d:2d:2c:f7:99:a3:bf:a1:4c:b5:0a:b5:dc:
         71:30:07:72:45:15:18:b4:dc:8e:c5:29:b5:8a:20:87:59:67:
         7b:ec:f0:bb:20:09:75:95:b6:c3:e2:9a:c2:62:07:8b:e8:3d:
         01:e9:ff:b6:2d:99:46:97:8d:30:3d:78:18:da:21:b6:a0:41:
         bb:b7:5e:e7:80:65:bc:76:33:0d:eb:33:50:4f:62:84:30:c7:
         d3:b6:37:4e:7d:85:80:b0:9d:1b:4c:26:51:9e:b1:0d:f5:b5:
         57:40:53:9d:b7:d5:a3:09:70:10:8e:d0:b7:0a:92:e7:88:4a:
         e6:fe:51:3f:1a:fa:8b:cc:f0:18:84:62:eb:75:82:cc:d9:e5:
         5d:11:20:7b:da:f0:6f:cd:80:13:4f:8b:ea:45:9f:92:32:29:
         7d:13:fc:ce:11:9d:df:23:6a:66:66:4f:25:77:7a:b0:49:da:
         a3:21:30:bb:be:e7:34:0b:f8:c3:fc:b3:a7:af:42:4e:30:11:
         f3:a2:2f:3a:f0:64:95:3b:fb:f6:b9:f1:b7:42:06:d7:9e:a2:
         f4:e3:e6:0b:75:09:93:7d:db:03:55:1d:3b:46:8e:ce:62:a3:
         6c:f3:8b:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ1Z4q2RuyTKWI4gvIt7Y7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YmRkMzhhMzg4MzI0MGU0NmM0YjFhYzhiYmY4MzE3ZGU4
ZmY4ODUwHhcNMjUwNDI3MDQwMDQyWhcNMjUwNDI4MDQwMDQyWjAzMTEwLwYDVQQD
EygxZmVkNjAwZWVkZmEzZGZmZjUwMGQzYjcxMWM5MDJmMDViOTc0NjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kbEaDB5vmyjW/iZNcz637KlPuwT
dn5XJKGBIYvCU7HMAFUxl6KTl/1tkrTtPdXx+smqUmLpmoLtCed4GPCSncujzkBG
V0mkDAxnh9uyMhwJsly8dduk9WmfXmt3KN9h8WTXOdi78ngBIlkHI+cj0Jj9aoDK
3lS1McMcAiwiDmqo77TrFfoA3zpBbBLQ07ds4cAkvSYiDAv7TCKlBtT5I3R2uWYM
ObD2mgJBkU//mX1W2CBTxkT0U34X+UFURAFG3+HuJBuSI5wXSGQMkeAaGe1+0FFF
c4hh3iL2EhH87vaubsdJHPJeitNaSNvD7BhH6QpkcHm/+p5DbMdlx+LfcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB/tYA7t+j3/9QDTtxHJAvBbl0Y/MB8GA1UdIwQY
MBaAFHW904o4gyQORsSxrIu/gxfej/iFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGIt
OGRhNjA1MzVlNmEwLzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGItOGRhNjA1MzVlNmEw
LzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEJxBWA5E
0E/y262Tw0p7p1CNJ/EUNoeNLSz3maO/oUy1CrXccTAHckUVGLTcjsUptYogh1ln
e+zwuyAJdZW2w+KawmIHi+g9Aen/ti2ZRpeNMD14GNohtqBBu7de54BlvHYzDesz
UE9ihDDH07Y3Tn2FgLCdG0wmUZ6xDfW1V0BTnbfVowlwEI7QtwqS54hK5v5RPxr6
i8zwGIRi63WCzNnlXREge9rwb82AE0+L6kWfkjIpfRP8zhGd3yNqZmZPJXd6sEna
oyEwu77nNAv4w/yzp69CTjAR86IvOvBklTv79rnxt0IG156i9OPmC3UJk33bA1Ud
O0aOzmKjbPOLLQ==
-----END CERTIFICATE-----