Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
File:                     435CoUa5C6fNMxrWoT7vHaL7pEA.mft (raw, json)
Hash identifier:          eYybYm81dwfxTIDAnuePoatXPe4cekoB+kLg3a8Rd9s=
Subject key identifier:   81:7F:2D:2C:BB:EB:A9:95:A9:A2:DF:A9:01:A9:0B:81:6D:8E:57:B3
Authority key identifier: E3:7E:42:A1:46:B9:0B:A7:CD:33:1A:D6:A1:3E:EF:1D:A2:FB:A4:40
Certificate issuer:       /CN=e37e42a146b90ba7cd331ad6a13eef1da2fba440
Certificate serial:       0196881290AF0840062FBA5BB1812E8A5E72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
Manifest number:          0725
Signing time:             Wed 30 Apr 2025 19:00:40 +0000
Manifest this update:     Wed 30 Apr 2025 19:00:40 +0000
Manifest next update:     Thu 01 May 2025 19:00:40 +0000
Files and hashes:         1: 435CoUa5C6fNMxrWoT7vHaL7pEA.crl (hash: 5hiE1+SYLyE95ti9sm3hckrBCXMltcUdDiKaNONMUvE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 13:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:88:12:90:af:08:40:06:2f:ba:5b:b1:81:2e:8a:5e:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e37e42a146b90ba7cd331ad6a13eef1da2fba440
        Validity
            Not Before: Apr 30 19:00:40 2025 GMT
            Not After : May  1 19:00:40 2025 GMT
        Subject: CN=817f2d2cbbeba995a9a2dfa901a90b816d8e57b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e3:ef:cb:b0:8d:e5:22:97:11:99:cd:ae:61:
                    7d:6c:dc:e1:d8:22:59:4b:87:3e:fa:ac:a7:61:f4:
                    80:af:a9:7e:13:40:3f:b2:9a:51:f7:91:17:43:53:
                    44:0e:71:ee:60:76:eb:15:46:b4:a1:8a:5f:a0:4e:
                    b3:1e:e3:12:21:89:6d:11:f0:8d:08:72:f0:5a:e9:
                    37:e8:66:2d:50:ab:d3:4e:29:9d:3d:53:3e:13:eb:
                    39:9a:36:04:5a:b7:74:6a:cd:c8:48:a0:0b:3a:f8:
                    a3:d4:1c:0f:60:b0:c4:ba:37:21:be:15:96:1d:63:
                    33:ce:64:4a:4e:33:63:9a:bf:a0:e6:1a:46:4d:96:
                    5a:bc:3d:8d:53:ca:aa:bf:a6:53:df:c0:a8:4d:de:
                    a2:59:74:d6:14:5c:a9:2d:27:3a:00:8a:fd:b8:37:
                    85:87:07:01:ff:de:a8:1b:f1:14:3e:33:9e:e3:42:
                    54:dd:82:21:c5:1a:70:e5:70:f6:62:84:0b:6a:a5:
                    10:e6:c7:72:c0:ea:9c:1e:b7:d7:48:46:bf:66:9d:
                    4e:19:fa:ab:10:d7:4d:da:cc:7c:14:f0:84:de:54:
                    2d:dc:4d:c0:92:27:05:f2:0e:c9:4d:01:53:83:9f:
                    d5:c0:d7:34:1b:96:5e:fa:55:45:41:c5:37:22:01:
                    a1:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:7F:2D:2C:BB:EB:A9:95:A9:A2:DF:A9:01:A9:0B:81:6D:8E:57:B3
            X509v3 Authority Key Identifier:
                keyid:E3:7E:42:A1:46:B9:0B:A7:CD:33:1A:D6:A1:3E:EF:1D:A2:FB:A4:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:e5:ce:a4:87:d6:2c:30:af:a6:ef:b5:81:cb:28:7a:77:14:
         65:44:25:67:7d:af:4e:82:00:35:28:16:1e:bb:26:a6:ed:30:
         f8:75:68:32:40:0a:26:7e:d1:65:b6:af:94:ee:44:cb:d0:f9:
         1d:5c:64:92:3a:b5:6c:c8:2e:c8:04:40:a3:0e:f0:d9:8a:8c:
         87:90:73:4b:69:d4:bb:6f:14:d5:62:7e:53:bb:62:43:09:4f:
         56:51:23:45:27:f0:c4:8a:05:32:24:fc:d0:7f:3f:74:49:95:
         39:4e:41:60:5b:76:29:83:72:93:f5:7b:1b:16:32:57:26:56:
         ce:45:05:bd:9a:58:f6:f8:22:6c:60:67:9b:a3:bc:8a:1d:5e:
         11:db:07:a4:da:b5:66:cf:ff:38:83:89:e8:25:22:70:92:bf:
         b4:1d:8d:53:7b:b3:fc:c8:fc:8b:13:f0:93:87:38:d9:63:09:
         97:3c:e5:27:82:7f:0b:5f:7d:f2:2c:d1:21:a8:e2:9e:df:8d:
         6e:37:1c:75:c9:52:f2:c0:21:a6:9d:81:ad:e3:35:61:b7:47:
         e9:2e:a6:4f:7c:42:08:f3:95:64:d7:5e:2d:40:81:94:d1:55:
         1d:31:fd:76:9a:37:cd:54:60:51:2b:52:57:f0:36:56:8c:7d:
         a5:cb:7c:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaIEpCvCEAGL7pbsYEuil5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2U0MmExNDZiOTBiYTdjZDMzMWFkNmExM2VlZjFkYTJm
YmE0NDAwHhcNMjUwNDMwMTkwMDQwWhcNMjUwNTAxMTkwMDQwWjAzMTEwLwYDVQQD
Eyg4MTdmMmQyY2JiZWJhOTk1YTlhMmRmYTkwMWE5MGI4MTZkOGU1N2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOPvy7CN5SKXEZnNrmF9bNzh2CJZ
S4c++qynYfSAr6l+E0A/sppR95EXQ1NEDnHuYHbrFUa0oYpfoE6zHuMSIYltEfCN
CHLwWuk36GYtUKvTTimdPVM+E+s5mjYEWrd0as3ISKALOvij1BwPYLDEujchvhWW
HWMzzmRKTjNjmr+g5hpGTZZavD2NU8qqv6ZT38CoTd6iWXTWFFypLSc6AIr9uDeF
hwcB/96oG/EUPjOe40JU3YIhxRpw5XD2YoQLaqUQ5sdywOqcHrfXSEa/Zp1OGfqr
ENdN2sx8FPCE3lQt3E3AkicF8g7JTQFTg5/VwNc0G5Ze+lVFQcU3IgGhgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIF/LSy766mVqaLfqQGpC4FtjlezMB8GA1UdIwQY
MBaAFON+QqFGuQunzTMa1qE+7x2i+6RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8zZWNlNzYtMDU3NS00NmIxLTk0YmYt
MDYzMjlmNmUwNDc1LzEvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8zZWNlNzYtMDU3NS00NmIxLTk0YmYtMDYzMjlmNmUwNDc1
LzEvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAneXOpIfW
LDCvpu+1gcsoencUZUQlZ32vToIANSgWHrsmpu0w+HVoMkAKJn7RZbavlO5Ey9D5
HVxkkjq1bMguyARAow7w2YqMh5BzS2nUu28U1WJ+U7tiQwlPVlEjRSfwxIoFMiT8
0H8/dEmVOU5BYFt2KYNyk/V7GxYyVyZWzkUFvZpY9vgibGBnm6O8ih1eEdsHpNq1
Zs//OIOJ6CUicJK/tB2NU3uz/Mj8ixPwk4c42WMJlzzlJ4J/C1998izRIajint+N
bjccdclS8sAhpp2BreM1YbdH6S6mT3xCCPOVZNdeLUCBlNFVHTH9dpo3zVRgUStS
V/A2Vox9pct89A==
-----END CERTIFICATE-----