Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
File:                     3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft (raw, json)
Hash identifier:          T7I1xqheUKTYDOc5FnD7Is6bm4ShhvYMgfktxI4WWY4=
Subject key identifier:   69:22:6F:B8:61:8F:96:F7:8D:23:CB:DE:88:04:11:0D:09:33:BF:3E
Authority key identifier: DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B
Certificate issuer:       /CN=de11cc6df13366fc595a6e72ed03c53800792b4b
Certificate serial:       0196748B7A2303A9C77685728F4CCE048101
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
Manifest number:          0C71
Signing time:             Sun 27 Apr 2025 00:00:19 +0000
Manifest this update:     Sun 27 Apr 2025 00:00:19 +0000
Manifest next update:     Mon 28 Apr 2025 00:00:19 +0000
Files and hashes:         1: 3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl (hash: 3/bAT8KfBnfMb3W98wAbnORqC6J3/yHkluFn6biKekk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:8b:7a:23:03:a9:c7:76:85:72:8f:4c:ce:04:81:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de11cc6df13366fc595a6e72ed03c53800792b4b
        Validity
            Not Before: Apr 27 00:00:19 2025 GMT
            Not After : Apr 28 00:00:19 2025 GMT
        Subject: CN=69226fb8618f96f78d23cbde8804110d0933bf3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:22:c6:fa:67:8b:65:41:ba:14:53:6c:f0:18:
                    84:9f:6e:f6:13:0e:bf:8d:05:71:65:8f:ec:62:8e:
                    06:ea:96:a6:ac:11:d5:01:d1:13:cc:88:2d:4b:fe:
                    b6:b5:83:06:85:c0:8e:1e:91:4c:7d:ac:33:12:1f:
                    cc:cb:a5:f0:70:69:6a:6e:d6:27:b5:ee:ac:99:e2:
                    7e:45:53:53:c3:6b:64:02:2c:b8:42:e0:77:6e:c9:
                    a9:b1:d9:11:4e:f7:9d:5a:31:58:1f:3c:be:7f:ad:
                    ab:0c:93:10:48:b9:e8:f9:6a:46:78:ba:e0:35:18:
                    84:f6:e9:18:a5:83:3d:d5:03:23:d4:89:0a:aa:b6:
                    d8:62:73:19:80:02:e6:64:33:47:38:a1:2b:27:a7:
                    e1:01:dd:91:de:08:76:f3:d2:4b:95:5e:7a:d3:ef:
                    de:ee:ed:3b:8a:c9:5d:16:23:94:f0:d4:f3:f7:b1:
                    19:ef:0e:5e:09:06:ce:d2:f8:14:21:1e:7c:2b:3c:
                    4e:00:15:65:cf:d9:c9:14:fe:1d:de:73:c1:93:30:
                    6e:61:68:72:42:45:ea:51:27:0b:74:dd:88:0f:48:
                    57:b0:d2:b3:40:35:30:d2:d5:cd:61:17:4c:3c:61:
                    35:43:21:61:8b:b0:3b:39:19:44:0d:63:ae:b4:51:
                    6a:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:22:6F:B8:61:8F:96:F7:8D:23:CB:DE:88:04:11:0D:09:33:BF:3E
            X509v3 Authority Key Identifier:
                keyid:DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:b2:d3:1d:e4:38:68:c2:e6:f0:68:2c:22:22:13:92:58:89:
         97:bf:3d:d4:9f:1c:b0:13:f0:07:c4:9b:1a:07:b5:7c:60:d6:
         1e:56:d3:0a:d8:2a:f9:86:a0:31:b1:48:b8:f8:16:3c:8f:e7:
         8f:7a:38:2f:f9:a4:19:a2:3d:63:5f:bb:ce:19:0f:ae:56:86:
         22:b2:a7:d5:0a:ef:73:a8:55:9a:14:c8:3f:ca:ee:c0:6b:a5:
         de:a0:66:b6:6a:40:bd:bd:d1:f5:a9:c7:5b:54:a1:d0:cc:a6:
         23:ef:50:ea:e7:c1:83:4e:62:ec:4c:29:08:21:d5:52:0b:60:
         a5:ba:54:db:44:10:e9:20:75:bb:0e:a7:79:6f:3a:ac:26:c9:
         0d:42:26:72:0f:a5:fe:9e:89:95:61:35:1a:72:b7:50:a1:87:
         0a:8d:cd:55:a8:17:68:b1:5a:28:90:7f:b9:f1:cb:ac:17:49:
         97:b8:9a:25:05:c3:14:7e:95:a1:23:f4:9b:bf:2c:7c:28:e8:
         38:98:99:b5:6f:19:24:c6:20:b3:61:62:f3:30:af:e2:cd:91:
         2d:39:7a:63:c2:84:cf:e3:e6:6c:27:2d:34:68:3e:25:c0:4f:
         13:40:ef:56:90:44:35:87:6d:f1:43:aa:16:01:2d:cb:21:36:
         ec:37:29:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0i3ojA6nHdoVyj0zOBIEBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTFjYzZkZjEzMzY2ZmM1OTVhNmU3MmVkMDNjNTM4MDA3
OTJiNGIwHhcNMjUwNDI3MDAwMDE5WhcNMjUwNDI4MDAwMDE5WjAzMTEwLwYDVQQD
Eyg2OTIyNmZiODYxOGY5NmY3OGQyM2NiZGU4ODA0MTEwZDA5MzNiZjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7yLG+meLZUG6FFNs8BiEn272Ew6/
jQVxZY/sYo4G6pamrBHVAdETzIgtS/62tYMGhcCOHpFMfawzEh/My6XwcGlqbtYn
te6smeJ+RVNTw2tkAiy4QuB3bsmpsdkRTvedWjFYHzy+f62rDJMQSLno+WpGeLrg
NRiE9ukYpYM91QMj1IkKqrbYYnMZgALmZDNHOKErJ6fhAd2R3gh289JLlV560+/e
7u07isldFiOU8NTz97EZ7w5eCQbO0vgUIR58KzxOABVlz9nJFP4d3nPBkzBuYWhy
QkXqUScLdN2ID0hXsNKzQDUw0tXNYRdMPGE1QyFhi7A7ORlEDWOutFFqNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGkib7hhj5b3jSPL3ogEEQ0JM78+MB8GA1UdIwQY
MBaAFN4RzG3xM2b8WVpucu0DxTgAeStLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMt
ZTZjNGRmNDZmMDRkLzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMtZTZjNGRmNDZmMDRk
LzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARbLTHeQ4
aMLm8GgsIiITkliJl7891J8csBPwB8SbGge1fGDWHlbTCtgq+YagMbFIuPgWPI/n
j3o4L/mkGaI9Y1+7zhkPrlaGIrKn1Qrvc6hVmhTIP8ruwGul3qBmtmpAvb3R9anH
W1Sh0MymI+9Q6ufBg05i7EwpCCHVUgtgpbpU20QQ6SB1uw6neW86rCbJDUImcg+l
/p6JlWE1GnK3UKGHCo3NVagXaLFaKJB/ufHLrBdJl7iaJQXDFH6VoSP0m78sfCjo
OJiZtW8ZJMYgs2Fi8zCv4s2RLTl6Y8KEz+PmbCctNGg+JcBPE0DvVpBENYdt8UOq
FgEtyyE27Dcp0Q==
-----END CERTIFICATE-----