Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
File:                     3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft (raw, json)
Hash identifier:          3wemfGqHO0cN2NgpciKp0LCfDiN2chpAkqmrIjFKUB8=
Subject key identifier:   EF:F8:6D:C2:5E:65:C0:7C:4E:6D:8A:18:50:6D:1A:2D:A1:51:59:3B
Authority key identifier: DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6
Certificate issuer:       /CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
Certificate serial:       01968C26982E2BEFBACD07FD03899BAF3DC9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
Manifest number:          0E1C
Signing time:             Thu 01 May 2025 14:01:01 +0000
Manifest this update:     Thu 01 May 2025 14:01:01 +0000
Manifest next update:     Fri 02 May 2025 14:01:01 +0000
Files and hashes:         1: 3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl (hash: zj2Cr4XvIK0AswrgQrNKIMNVZZTW4O/KG9y1WPH5UPg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 14:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8c:26:98:2e:2b:ef:ba:cd:07:fd:03:89:9b:af:3d:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
        Validity
            Not Before: May  1 14:01:01 2025 GMT
            Not After : May  2 14:01:01 2025 GMT
        Subject: CN=eff86dc25e65c07c4e6d8a18506d1a2da151593b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:4f:32:9a:d4:71:6c:f2:d2:11:cf:96:f4:30:
                    e0:da:1b:95:b3:5c:27:f0:86:7c:86:a7:e4:20:6f:
                    7b:b7:40:ff:1b:a0:2f:99:bb:e3:8e:66:77:33:db:
                    83:ef:b2:38:6c:10:25:44:57:f9:01:99:d9:11:be:
                    d1:89:4e:fd:83:52:1d:91:51:50:85:e1:d3:33:e8:
                    27:f8:31:1a:98:55:66:73:85:16:31:1a:48:e3:3e:
                    2c:93:8a:d3:53:9c:20:ac:c5:ad:66:65:cc:2c:7b:
                    d9:ac:1e:d1:65:40:05:da:cb:11:f2:dd:64:ff:3f:
                    55:e2:6e:16:bb:07:9b:5a:e1:2a:17:6c:7d:9e:e6:
                    5d:a9:c3:a0:a1:b6:10:6d:f1:92:25:1d:89:73:84:
                    2c:8d:9c:a9:88:1d:e3:5d:cd:bc:c7:c7:7b:ca:80:
                    da:0f:53:43:0e:4d:5f:65:5a:8e:ec:58:57:ff:a1:
                    88:78:16:7d:fe:e8:c8:57:c0:64:7b:e9:8e:bc:75:
                    86:d2:d7:52:6e:1f:24:1b:2b:59:11:2e:b7:08:68:
                    13:68:0e:30:de:59:13:52:ff:31:3e:05:63:1b:b3:
                    fa:3c:66:e3:87:a2:b9:57:ab:fd:a7:bf:51:80:45:
                    81:75:ce:c2:50:50:e0:13:8d:03:19:01:9f:7e:9f:
                    d0:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:F8:6D:C2:5E:65:C0:7C:4E:6D:8A:18:50:6D:1A:2D:A1:51:59:3B
            X509v3 Authority Key Identifier:
                keyid:DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:a1:43:d8:59:de:d0:ee:29:ed:6c:31:d7:34:ec:d1:7b:45:
         74:46:3e:f5:a7:1c:f8:78:4d:8c:f0:a7:0e:ed:d5:60:bf:a6:
         5f:5d:aa:49:37:41:2e:38:e5:55:a6:23:96:ad:2a:f9:53:0f:
         8f:71:04:16:53:7d:3b:e0:87:b2:fb:73:85:e2:d7:15:94:51:
         32:e8:fd:d0:e8:d9:60:d4:79:9b:3a:01:00:21:53:0b:22:ab:
         8f:cd:85:5a:92:43:3b:e3:e2:0b:af:86:8a:27:e1:fe:07:9f:
         b7:e4:19:c6:46:7c:01:b5:3a:c5:12:29:40:a1:c6:e9:27:cd:
         3f:c4:f1:a8:6d:0b:26:c2:e1:3b:d1:fa:fb:ce:fa:e8:2a:bf:
         04:da:14:15:84:23:59:b0:29:9f:20:45:1d:f8:bc:fd:bf:90:
         89:91:55:63:c3:d0:16:c6:e1:9e:52:12:ba:fa:07:bd:1e:65:
         d9:31:3f:c2:76:60:da:f7:87:1e:be:dd:95:e9:34:5a:e9:de:
         40:ad:9b:14:0a:a2:11:42:87:0d:b0:41:d9:6d:05:be:91:13:
         4f:ab:67:4a:93:58:37:3a:72:47:26:d9:fc:49:61:51:ff:db:
         36:59:84:9e:e0:ee:61:7c:44:da:65:3f:98:20:fa:10:af:73:
         75:48:ab:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaMJpguK++6zQf9A4mbrz3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzNiZTM4N2FmNTUyOTcwY2Y2MmY2OTUxN2UzZjNjOWMx
MmQyZjYwHhcNMjUwNTAxMTQwMTAxWhcNMjUwNTAyMTQwMTAxWjAzMTEwLwYDVQQD
EyhlZmY4NmRjMjVlNjVjMDdjNGU2ZDhhMTg1MDZkMWEyZGExNTE1OTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmU8ymtRxbPLSEc+W9DDg2huVs1wn
8IZ8hqfkIG97t0D/G6AvmbvjjmZ3M9uD77I4bBAlRFf5AZnZEb7RiU79g1IdkVFQ
heHTM+gn+DEamFVmc4UWMRpI4z4sk4rTU5wgrMWtZmXMLHvZrB7RZUAF2ssR8t1k
/z9V4m4WuwebWuEqF2x9nuZdqcOgobYQbfGSJR2Jc4QsjZypiB3jXc28x8d7yoDa
D1NDDk1fZVqO7FhX/6GIeBZ9/ujIV8Bke+mOvHWG0tdSbh8kGytZES63CGgTaA4w
3lkTUv8xPgVjG7P6PGbjh6K5V6v9p79RgEWBdc7CUFDgE40DGQGffp/QbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO/4bcJeZcB8Tm2KGFBtGi2hUVk7MB8GA1UdIwQY
MBaAFNxzvjh69VKXDPYvaVF+PzycEtL2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUt
YzcxZjE3YWZjNzQ5LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUtYzcxZjE3YWZjNzQ5
LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACqFD2Fne
0O4p7Wwx1zTs0XtFdEY+9acc+HhNjPCnDu3VYL+mX12qSTdBLjjlVaYjlq0q+VMP
j3EEFlN9O+CHsvtzheLXFZRRMuj90OjZYNR5mzoBACFTCyKrj82FWpJDO+PiC6+G
iifh/geft+QZxkZ8AbU6xRIpQKHG6SfNP8TxqG0LJsLhO9H6+8766Cq/BNoUFYQj
WbApnyBFHfi8/b+QiZFVY8PQFsbhnlISuvoHvR5l2TE/wnZg2veHHr7dlek0Wune
QK2bFAqiEUKHDbBB2W0FvpETT6tnSpNYNzpyRybZ/ElhUf/bNlmEnuDuYXxE2mU/
mCD6EK9zdUirSQ==
-----END CERTIFICATE-----