Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
File:                     ScKchYIxItOsfH9IBdWyQocNLeI.mft (raw, json)
Hash identifier:          eeb3zhCm/MyY2mYFmYp0t2TprR/RAmGqHsIxlIur3GM=
Subject key identifier:   37:43:66:29:CA:6C:DA:D3:63:9E:C5:33:63:C2:86:89:29:7B:2E:35
Authority key identifier: 49:C2:9C:85:82:31:22:D3:AC:7C:7F:48:05:D5:B2:42:87:0D:2D:E2
Certificate issuer:       /CN=49c29c85823122d3ac7c7f4805d5b242870d2de2
Certificate serial:       0196741E8AB8B5BCA55B9182698B08DBF8C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
Manifest number:          12A3
Signing time:             Sat 26 Apr 2025 22:01:20 +0000
Manifest this update:     Sat 26 Apr 2025 22:01:20 +0000
Manifest next update:     Sun 27 Apr 2025 22:01:20 +0000
Files and hashes:         1: ScKchYIxItOsfH9IBdWyQocNLeI.crl (hash: +2+vd0CyUcANymA7UKzhqHLCWpCOFr94eU/SnpVzdLA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 22:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:1e:8a:b8:b5:bc:a5:5b:91:82:69:8b:08:db:f8:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49c29c85823122d3ac7c7f4805d5b242870d2de2
        Validity
            Not Before: Apr 26 22:01:20 2025 GMT
            Not After : Apr 27 22:01:20 2025 GMT
        Subject: CN=37436629ca6cdad3639ec53363c28689297b2e35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:0a:7d:f9:85:1c:7d:2f:55:a4:e6:e2:73:1a:
                    1a:9f:c7:c9:8e:46:36:72:6d:04:74:b5:b8:0c:a5:
                    92:eb:32:d4:90:64:49:1e:db:3d:a0:61:ee:31:1a:
                    9e:fc:46:46:58:d3:74:3b:6f:a7:87:38:9b:c1:3e:
                    6d:52:60:c4:96:1d:0b:2a:b8:75:a2:6f:34:57:33:
                    3b:9d:01:ff:35:05:fe:14:38:3d:d4:0a:e0:ad:6e:
                    72:ed:5d:83:35:5a:c0:52:f6:d6:68:76:18:7d:b7:
                    87:db:f1:c6:18:a8:b2:81:48:2f:85:43:b4:bf:da:
                    e8:cf:12:fc:8e:e0:1f:8e:b0:cb:cf:03:b1:6a:17:
                    c0:ec:46:bd:cf:06:19:17:87:b8:8f:4a:0d:a9:62:
                    09:ec:3e:c8:f4:29:80:43:62:75:3d:8d:df:ab:4f:
                    f4:91:c0:d3:cb:79:07:24:12:e1:dc:90:29:5e:0d:
                    58:d3:e6:ce:ba:28:3b:11:d6:d2:fb:30:75:16:f8:
                    18:79:77:fd:ca:9c:b5:23:f8:42:c2:f3:58:0e:08:
                    89:9c:fa:ce:a1:71:33:69:17:25:7d:ad:e8:a9:b1:
                    b5:98:a6:c2:bb:e4:60:27:38:27:8c:0f:21:fd:db:
                    49:c3:cd:df:2a:1c:73:37:9d:48:43:59:2b:40:e0:
                    eb:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:43:66:29:CA:6C:DA:D3:63:9E:C5:33:63:C2:86:89:29:7B:2E:35
            X509v3 Authority Key Identifier:
                keyid:49:C2:9C:85:82:31:22:D3:AC:7C:7F:48:05:D5:B2:42:87:0D:2D:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:40:b9:88:26:04:a5:23:48:bb:63:69:7f:e8:fb:f9:6f:ad:
         8c:77:fd:cd:3b:cc:7a:8a:be:4b:70:56:c1:3e:e1:54:8f:33:
         d4:82:a8:77:ba:3e:2a:b0:b1:10:86:40:42:c4:d4:a7:54:60:
         17:f1:69:77:2e:25:22:ec:cf:a6:f0:88:e0:5f:84:08:11:73:
         66:2c:12:c7:b5:5e:cd:81:28:02:a5:c3:a0:c6:e9:b4:17:ce:
         b1:cf:7e:42:34:5f:dc:7a:f9:6c:63:27:c0:07:61:db:09:8e:
         88:cc:62:34:8a:63:f9:48:c8:73:7f:da:7a:3d:57:22:16:53:
         b5:3f:21:34:44:36:eb:36:68:53:4a:e2:ac:23:e0:74:ef:53:
         70:54:bd:ab:44:b3:ca:63:66:d1:be:6b:33:13:d5:1b:a0:64:
         84:7b:48:17:08:3a:35:8c:f5:09:05:ed:74:1f:be:5e:7e:47:
         5b:e3:75:ee:1d:1e:2a:0d:1f:1f:69:ab:ee:a5:b8:47:dc:77:
         01:9f:a0:fc:05:5d:4d:f0:6f:e2:07:56:39:67:e9:f5:b6:28:
         49:b8:d1:de:3b:91:00:64:6a:eb:dd:c0:b7:7e:7e:52:46:d8:
         6c:7b:2f:31:40:e7:84:e2:ba:e8:ff:48:79:ee:3c:7e:c6:5d:
         eb:bf:de:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0Hoq4tbylW5GCaYsI2/jIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YzI5Yzg1ODIzMTIyZDNhYzdjN2Y0ODA1ZDViMjQyODcw
ZDJkZTIwHhcNMjUwNDI2MjIwMTIwWhcNMjUwNDI3MjIwMTIwWjAzMTEwLwYDVQQD
EygzNzQzNjYyOWNhNmNkYWQzNjM5ZWM1MzM2M2MyODY4OTI5N2IyZTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngp9+YUcfS9VpObicxoan8fJjkY2
cm0EdLW4DKWS6zLUkGRJHts9oGHuMRqe/EZGWNN0O2+nhzibwT5tUmDElh0LKrh1
om80VzM7nQH/NQX+FDg91ArgrW5y7V2DNVrAUvbWaHYYfbeH2/HGGKiygUgvhUO0
v9rozxL8juAfjrDLzwOxahfA7Ea9zwYZF4e4j0oNqWIJ7D7I9CmAQ2J1PY3fq0/0
kcDTy3kHJBLh3JApXg1Y0+bOuig7EdbS+zB1FvgYeXf9ypy1I/hCwvNYDgiJnPrO
oXEzaRclfa3oqbG1mKbCu+RgJzgnjA8h/dtJw83fKhxzN51IQ1krQODr5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDdDZinKbNrTY57FM2PChokpey41MB8GA1UdIwQY
MBaAFEnCnIWCMSLTrHx/SAXVskKHDS3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hNTdhNjMtYTZiNC00MTY1LTllNWUt
OWMyZDA0NGRkNGFmLzEvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hNTdhNjMtYTZiNC00MTY1LTllNWUtOWMyZDA0NGRkNGFm
LzEvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqUC5iCYE
pSNIu2Npf+j7+W+tjHf9zTvMeoq+S3BWwT7hVI8z1IKod7o+KrCxEIZAQsTUp1Rg
F/Fpdy4lIuzPpvCI4F+ECBFzZiwSx7VezYEoAqXDoMbptBfOsc9+QjRf3Hr5bGMn
wAdh2wmOiMxiNIpj+UjIc3/aej1XIhZTtT8hNEQ26zZoU0rirCPgdO9TcFS9q0Sz
ymNm0b5rMxPVG6BkhHtIFwg6NYz1CQXtdB++Xn5HW+N17h0eKg0fH2mr7qW4R9x3
AZ+g/AVdTfBv4gdWOWfp9bYoSbjR3juRAGRq693At35+UkbYbHsvMUDnhOK66P9I
ee48fsZd67/euw==
-----END CERTIFICATE-----