Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
File:                     z3P3vZzZk2geMP7FxZtHVlIroxw.mft (raw, json)
Hash identifier:          N8Qn/Hnx/igWeSvC5B2SbvJQn7OCr3Toi2u0abFZ9zk=
Subject key identifier:   AB:56:EB:89:25:50:A8:96:EE:1E:64:0E:54:2A:49:3D:E4:30:5D:B8
Authority key identifier: CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C
Certificate issuer:       /CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
Certificate serial:       019683FFB32DAC0B8E99B6D99B72074627FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
Manifest number:          1512
Signing time:             Wed 30 Apr 2025 00:01:34 +0000
Manifest this update:     Wed 30 Apr 2025 00:01:34 +0000
Manifest next update:     Thu 01 May 2025 00:01:34 +0000
Files and hashes:         1: z3P3vZzZk2geMP7FxZtHVlIroxw.crl (hash: /tQlYBtN9vWGzwkV6y3wXyAnwq9e7YYA2D/KXRPiyfM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:ff:b3:2d:ac:0b:8e:99:b6:d9:9b:72:07:46:27:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
        Validity
            Not Before: Apr 30 00:01:34 2025 GMT
            Not After : May  1 00:01:34 2025 GMT
        Subject: CN=ab56eb892550a896ee1e640e542a493de4305db8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:28:83:d0:f4:00:75:54:7e:4b:d2:d1:d3:bd:
                    0f:f0:20:04:90:3c:00:0c:e5:6f:b1:dd:80:a6:3b:
                    1b:f9:91:94:ac:25:71:28:d6:35:81:b5:77:ff:d5:
                    cf:47:6d:73:b2:34:2d:05:3f:68:c0:81:17:8e:d5:
                    8c:cf:39:47:2e:97:8d:d1:51:ce:ab:cd:8d:65:d2:
                    ec:57:10:62:20:b8:48:53:50:82:8c:32:a1:40:ae:
                    d4:c9:cb:81:fc:26:dc:6e:ef:63:d8:1f:06:ee:6e:
                    8f:17:26:64:2c:d4:f7:53:1b:fa:44:22:9c:6f:d9:
                    39:8a:d1:2c:be:84:27:6c:21:b4:58:3f:d9:0d:4d:
                    b0:4e:3b:1a:af:65:7e:61:3e:c4:17:d0:f5:61:4c:
                    41:12:38:e4:2d:8c:4d:12:bd:eb:b7:58:12:4f:22:
                    fa:0c:b6:be:95:a7:18:3c:7d:b6:eb:63:94:cc:75:
                    c7:77:9e:f1:81:93:4b:3d:4a:a9:5f:7b:70:51:eb:
                    3d:dc:2a:ea:31:16:04:ca:bb:9b:1c:48:47:2c:79:
                    34:60:64:a5:ea:ac:d3:10:9d:1f:7c:a9:4b:13:40:
                    61:fa:2e:b2:4b:38:c7:8e:46:e7:17:01:17:ff:56:
                    4e:bd:96:6d:24:b7:19:e2:76:aa:2b:b6:59:de:d7:
                    ea:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:56:EB:89:25:50:A8:96:EE:1E:64:0E:54:2A:49:3D:E4:30:5D:B8
            X509v3 Authority Key Identifier:
                keyid:CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:37:2e:f3:03:27:b2:13:6e:13:85:85:b6:7d:b1:18:f8:e7:
         9e:5f:99:8c:3f:53:ed:9d:0e:28:96:1c:99:86:d0:c9:ab:4a:
         6c:ae:ef:9e:b0:f3:67:31:ee:33:ed:ed:f1:30:d9:12:d0:0b:
         c5:0a:ff:49:02:2c:a5:8b:8e:a5:e6:ee:96:8a:8e:44:b5:90:
         09:81:cf:3b:22:0e:cb:84:d9:a8:52:a6:c6:6f:9b:5b:e2:12:
         1f:82:1d:d8:35:ac:c5:31:4a:dd:1b:27:d9:07:9b:04:f6:c1:
         aa:7c:56:54:c0:db:b4:ec:19:d7:54:fc:59:20:64:4d:2d:8b:
         c0:71:fe:91:9d:bc:c5:06:86:0f:b3:14:5a:3d:5f:ff:9e:10:
         ce:37:8a:e9:be:11:83:6c:43:af:54:59:1f:9b:51:1d:74:14:
         a6:6f:65:2c:87:24:a9:9f:c1:ca:1e:2a:f5:1b:bb:2f:34:8e:
         ad:18:c7:d0:a1:e0:d1:ae:b0:26:96:d7:68:cb:d4:a8:8f:49:
         47:6b:bc:6e:86:76:46:92:09:ab:e9:49:b9:d5:6a:da:1b:a7:
         96:cc:e2:c9:9f:4b:1b:5b:d6:94:85:b4:20:f7:b7:ec:e1:07:
         f8:ce:da:91:48:b6:08:93:a4:af:92:50:37:3c:7c:64:b4:44:
         97:dd:a6:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaD/7MtrAuOmbbZm3IHRif+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNzNmN2JkOWNkOTkzNjgxZTMwZmVjNWM1OWI0NzU2NTIy
YmEzMWMwHhcNMjUwNDMwMDAwMTM0WhcNMjUwNTAxMDAwMTM0WjAzMTEwLwYDVQQD
EyhhYjU2ZWI4OTI1NTBhODk2ZWUxZTY0MGU1NDJhNDkzZGU0MzA1ZGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSiD0PQAdVR+S9LR070P8CAEkDwA
DOVvsd2Apjsb+ZGUrCVxKNY1gbV3/9XPR21zsjQtBT9owIEXjtWMzzlHLpeN0VHO
q82NZdLsVxBiILhIU1CCjDKhQK7UycuB/Cbcbu9j2B8G7m6PFyZkLNT3Uxv6RCKc
b9k5itEsvoQnbCG0WD/ZDU2wTjsar2V+YT7EF9D1YUxBEjjkLYxNEr3rt1gSTyL6
DLa+lacYPH2262OUzHXHd57xgZNLPUqpX3twUes93CrqMRYEyrubHEhHLHk0YGSl
6qzTEJ0ffKlLE0Bh+i6ySzjHjkbnFwEX/1ZOvZZtJLcZ4naqK7ZZ3tfq6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKtW64klUKiW7h5kDlQqST3kMF24MB8GA1UdIwQY
MBaAFM9z972c2ZNoHjD+xcWbR1ZSK6McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEt
N2E3OTM5OTJmYmEwLzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEtN2E3OTM5OTJmYmEw
LzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZzcu8wMn
shNuE4WFtn2xGPjnnl+ZjD9T7Z0OKJYcmYbQyatKbK7vnrDzZzHuM+3t8TDZEtAL
xQr/SQIspYuOpebuloqORLWQCYHPOyIOy4TZqFKmxm+bW+ISH4Id2DWsxTFK3Rsn
2QebBPbBqnxWVMDbtOwZ11T8WSBkTS2LwHH+kZ28xQaGD7MUWj1f/54QzjeK6b4R
g2xDr1RZH5tRHXQUpm9lLIckqZ/Byh4q9Ru7LzSOrRjH0KHg0a6wJpbXaMvUqI9J
R2u8boZ2RpIJq+lJudVq2hunlsziyZ9LG1vWlIW0IPe37OEH+M7akUi2CJOkr5JQ
Nzx8ZLREl92mHw==
-----END CERTIFICATE-----