Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.mft
File:                     3tvumMupuOYloRR7s7VRl9LQoFc.mft (raw, json)
Hash identifier:          r+o/mwi4m4J38uOMyw/aftLoKNkiZt/Sc5XD/xnDTMs=
Subject key identifier:   E6:9F:FA:99:6F:39:75:15:AA:D4:C8:79:AA:62:3F:68:C0:00:5C:FF
Authority key identifier: DE:DB:EE:98:CB:A9:B8:E6:25:A1:14:7B:B3:B5:51:97:D2:D0:A0:57
Certificate issuer:       /CN=dedbee98cba9b8e625a1147bb3b55197d2d0a057
Certificate serial:       01968D3916770E8D5D1EB37E3676F3AB7050
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3tvumMupuOYloRR7s7VRl9LQoFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.mft
Manifest number:          0583
Signing time:             Thu 01 May 2025 19:00:50 +0000
Manifest this update:     Thu 01 May 2025 19:00:50 +0000
Manifest next update:     Fri 02 May 2025 19:00:50 +0000
Files and hashes:         1: 3tvumMupuOYloRR7s7VRl9LQoFc.crl (hash: 9M4kgMIXYIRwj6VbNLHhd0lXAcIQbrQ892Y/vBTBdIM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3tvumMupuOYloRR7s7VRl9LQoFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8d:39:16:77:0e:8d:5d:1e:b3:7e:36:76:f3:ab:70:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dedbee98cba9b8e625a1147bb3b55197d2d0a057
        Validity
            Not Before: May  1 19:00:50 2025 GMT
            Not After : May  2 19:00:50 2025 GMT
        Subject: CN=e69ffa996f397515aad4c879aa623f68c0005cff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:e6:e3:21:79:20:78:7a:91:6f:42:31:17:d3:
                    60:01:74:82:b5:bb:5b:e7:cf:c5:da:44:9e:76:b5:
                    ac:f5:e3:e5:36:1b:82:61:0e:56:85:96:63:19:18:
                    f3:ce:e5:84:96:1a:c4:9b:22:47:d7:ca:4c:dc:68:
                    10:1a:0b:ff:68:9b:17:57:53:26:58:bb:ee:b1:b2:
                    17:f5:0e:d9:6b:0c:1f:87:3c:a8:07:0b:97:0d:0a:
                    73:32:4c:ec:6f:64:9b:16:f9:c2:89:9f:47:70:49:
                    c9:cb:b6:d5:d4:6a:37:7e:91:dd:3e:fd:e4:33:46:
                    2f:86:06:9b:28:ed:00:e1:d6:f5:fd:e6:99:1f:4f:
                    30:43:57:3d:2f:46:3f:6e:c2:88:d3:a8:f1:6e:eb:
                    c1:ee:bd:2c:2a:79:61:a1:45:24:d4:08:2e:d2:18:
                    0d:2c:30:9b:2a:bb:9c:fd:bf:28:ae:86:a8:60:45:
                    59:f5:a1:eb:d9:43:8d:2f:12:23:f0:ff:5e:82:07:
                    04:a6:4f:00:2b:5a:96:3e:24:be:fc:45:b8:61:e7:
                    61:1a:45:d5:21:ab:72:03:cb:3f:8c:e3:5c:09:f8:
                    2e:65:de:9a:6b:73:21:af:11:47:bd:a2:52:ad:75:
                    72:d6:95:ba:a9:de:da:7b:d0:97:af:d5:2e:da:94:
                    86:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:9F:FA:99:6F:39:75:15:AA:D4:C8:79:AA:62:3F:68:C0:00:5C:FF
            X509v3 Authority Key Identifier:
                keyid:DE:DB:EE:98:CB:A9:B8:E6:25:A1:14:7B:B3:B5:51:97:D2:D0:A0:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tvumMupuOYloRR7s7VRl9LQoFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:17:db:be:eb:be:c3:f0:d8:8e:38:7f:17:4b:18:f4:0d:c2:
         c9:c5:52:f3:62:ab:46:51:5a:20:5f:18:8b:a4:56:cd:aa:a8:
         66:75:78:b3:d0:05:2f:ab:cb:a5:81:e5:0d:b7:ff:13:e9:6a:
         45:ac:06:9e:bf:06:e2:16:e5:d5:b1:40:15:c8:e2:6c:ca:4b:
         a2:ed:ba:68:3d:bd:b4:78:e7:6e:2a:73:ba:11:00:3b:19:77:
         e5:c2:7d:0c:a6:02:a8:52:35:13:55:29:ba:a9:cf:1a:b1:42:
         c3:fc:fb:7a:52:9c:a7:86:7e:0a:01:31:cb:16:c4:b1:61:6a:
         02:f3:53:69:e5:09:f7:d7:82:99:9c:0a:50:36:2c:9d:0b:e5:
         61:2e:2c:d0:20:46:ca:b6:8d:75:a7:53:32:7a:f2:ca:b4:54:
         83:eb:38:63:7d:a2:28:3f:e8:f5:de:fc:c3:69:bb:77:38:d5:
         23:52:95:ca:2e:3f:69:c9:be:df:02:56:29:51:3c:81:8a:5c:
         42:8b:09:11:a3:1c:d0:92:23:bc:31:9d:5e:46:4f:8f:74:53:
         e8:08:44:05:18:2f:72:6a:8f:f5:70:7f:23:b4:6d:eb:fc:42:
         91:87:16:d7:83:ad:cf:42:32:6f:f7:5b:89:e6:2e:31:47:6d:
         77:ed:b1:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaNORZ3Do1dHrN+Nnbzq3BQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZGJlZTk4Y2JhOWI4ZTYyNWExMTQ3YmIzYjU1MTk3ZDJk
MGEwNTcwHhcNMjUwNTAxMTkwMDUwWhcNMjUwNTAyMTkwMDUwWjAzMTEwLwYDVQQD
EyhlNjlmZmE5OTZmMzk3NTE1YWFkNGM4NzlhYTYyM2Y2OGMwMDA1Y2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+bjIXkgeHqRb0IxF9NgAXSCtbtb
58/F2kSedrWs9ePlNhuCYQ5WhZZjGRjzzuWElhrEmyJH18pM3GgQGgv/aJsXV1Mm
WLvusbIX9Q7ZawwfhzyoBwuXDQpzMkzsb2SbFvnCiZ9HcEnJy7bV1Go3fpHdPv3k
M0YvhgabKO0A4db1/eaZH08wQ1c9L0Y/bsKI06jxbuvB7r0sKnlhoUUk1Agu0hgN
LDCbKruc/b8oroaoYEVZ9aHr2UONLxIj8P9eggcEpk8AK1qWPiS+/EW4YedhGkXV
IatyA8s/jONcCfguZd6aa3MhrxFHvaJSrXVy1pW6qd7ae9CXr9Uu2pSGGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOaf+plvOXUVqtTIeapiP2jAAFz/MB8GA1UdIwQY
MBaAFN7b7pjLqbjmJaEUe7O1UZfS0KBXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3R2dW1NdXB1T1lsb1JSN3M3VlJsOUxRb0ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8wZWY2NzgtNzg3MC00ZTA4LWFiMjUt
MThmMGI4MGYyNTBkLzEvM3R2dW1NdXB1T1lsb1JSN3M3VlJsOUxRb0ZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8wZWY2NzgtNzg3MC00ZTA4LWFiMjUtMThmMGI4MGYyNTBk
LzEvM3R2dW1NdXB1T1lsb1JSN3M3VlJsOUxRb0ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqRfbvuu+
w/DYjjh/F0sY9A3CycVS82KrRlFaIF8Yi6RWzaqoZnV4s9AFL6vLpYHlDbf/E+lq
RawGnr8G4hbl1bFAFcjibMpLou26aD29tHjnbipzuhEAOxl35cJ9DKYCqFI1E1Up
uqnPGrFCw/z7elKcp4Z+CgExyxbEsWFqAvNTaeUJ99eCmZwKUDYsnQvlYS4s0CBG
yraNdadTMnryyrRUg+s4Y32iKD/o9d78w2m7dzjVI1KVyi4/acm+3wJWKVE8gYpc
QosJEaMc0JIjvDGdXkZPj3RT6AhEBRgvcmqP9XB/I7Rt6/xCkYcW14Otz0Iyb/db
ieYuMUdtd+2xPw==
-----END CERTIFICATE-----