Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
File:                     PRf0av89iyHwD-6PY16uNKf0pNc.mft (raw, json)
Hash identifier:          qdVDP5zQpt3uIkEH4LgBFDyAzcoVqsL2CTSVxeDSdEQ=
Subject key identifier:   98:D7:FD:B1:FA:E1:E4:C2:B5:70:3B:4D:7B:7F:C7:45:71:74:3A:3C
Authority key identifier: 3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7
Certificate issuer:       /CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
Certificate serial:       019681A32CF96BFC0BD0F625E5DB9BB0CB6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
Manifest number:          0A03
Signing time:             Tue 29 Apr 2025 13:01:16 +0000
Manifest this update:     Tue 29 Apr 2025 13:01:16 +0000
Manifest next update:     Wed 30 Apr 2025 13:01:16 +0000
Files and hashes:         1: PRf0av89iyHwD-6PY16uNKf0pNc.crl (hash: Y0dYjK0/GuLnuZyuXQG6VaOb+oiS+wJ/UQjxsfAHsfo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 13:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:81:a3:2c:f9:6b:fc:0b:d0:f6:25:e5:db:9b:b0:cb:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
        Validity
            Not Before: Apr 29 13:01:16 2025 GMT
            Not After : Apr 30 13:01:16 2025 GMT
        Subject: CN=98d7fdb1fae1e4c2b5703b4d7b7fc74571743a3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:a9:d0:5f:42:87:7e:0d:33:43:14:2e:77:03:
                    21:9f:32:c2:c0:8e:25:8c:c5:06:96:e8:1a:b8:74:
                    ac:e3:c1:ee:f0:7c:c6:02:a2:ea:fc:f9:93:3c:49:
                    6e:e6:48:bf:89:76:44:5e:3e:36:c0:22:6b:9d:5d:
                    bc:f1:21:7d:c5:cf:27:2a:bb:08:fe:04:a5:bc:16:
                    89:45:77:a6:0a:15:0f:ee:ef:e1:90:5b:50:30:84:
                    b5:c1:c9:bd:e6:5f:0a:b1:1e:04:da:41:e6:97:24:
                    af:ae:ca:a3:bf:44:bb:87:fc:99:48:1c:62:70:21:
                    96:71:22:2e:9a:90:ed:82:a6:a7:d3:bb:54:c5:64:
                    42:9c:76:ab:52:75:ca:f1:75:57:21:8c:a3:22:86:
                    c5:de:28:f3:1e:0b:67:6f:e7:a6:29:17:a9:9e:12:
                    dc:b9:58:b3:fb:4a:e8:70:44:c4:56:42:d9:58:05:
                    9d:39:ef:64:3d:a5:87:2f:21:af:3d:f3:e1:43:ff:
                    ec:2f:72:51:83:21:e9:ff:59:ab:04:e3:3e:57:b6:
                    4b:25:de:75:d7:7b:aa:f9:86:bd:8d:bc:0a:c2:62:
                    b0:ca:b9:d8:46:ab:ad:d5:58:e0:dc:96:96:a6:4c:
                    1c:be:23:35:6f:12:58:9b:84:b1:8f:38:4c:c0:ed:
                    d6:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:D7:FD:B1:FA:E1:E4:C2:B5:70:3B:4D:7B:7F:C7:45:71:74:3A:3C
            X509v3 Authority Key Identifier:
                keyid:3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:d4:a3:e6:75:ad:bd:bb:86:44:20:ff:fb:11:50:c3:27:73:
         0a:dc:46:33:7a:11:f9:2a:43:e7:f4:f6:1f:6d:9e:93:eb:de:
         8a:8d:3b:a0:9f:92:bd:39:a1:d4:c6:ce:01:d5:7d:35:df:06:
         ea:9c:51:22:f0:81:48:0a:4b:f4:00:de:80:2f:f9:26:e3:7e:
         54:83:ad:dd:62:7d:0b:fb:4a:be:c6:7e:56:85:cb:8c:a3:16:
         2c:5d:b6:b6:8b:fb:76:00:b0:f3:2e:90:2f:6b:6a:94:40:6e:
         0d:8a:b1:ae:6b:d7:e2:ec:e7:3f:85:f3:83:03:13:21:21:41:
         e6:6e:2a:40:03:a2:cd:b8:c8:f2:8b:15:49:9f:9e:ba:25:54:
         d8:c7:88:45:5c:48:6f:26:74:ed:ae:a7:29:60:8d:77:8d:ca:
         5b:f9:2f:4a:30:e8:6c:c4:93:a3:41:78:13:37:7e:79:0c:dd:
         5d:42:c0:0e:57:c3:4a:d7:bf:1d:26:e6:fb:d3:33:a5:36:34:
         fa:4b:d1:c7:07:4d:cc:55:15:24:9d:62:9e:7f:48:57:46:cf:
         6e:f8:f5:da:54:f3:1a:53:b0:3a:90:5a:e4:77:8f:a9:d6:15:
         28:e9:6b:c0:9d:91:f7:bb:6b:f6:0e:10:66:b7:36:4e:e0:4e:
         82:9f:59:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaBoyz5a/wL0PYl5dubsMtuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMTdmNDZhZmYzZDhiMjFmMDBmZWU4ZjYzNWVhZTM0YTdm
NGE0ZDcwHhcNMjUwNDI5MTMwMTE2WhcNMjUwNDMwMTMwMTE2WjAzMTEwLwYDVQQD
Eyg5OGQ3ZmRiMWZhZTFlNGMyYjU3MDNiNGQ3YjdmYzc0NTcxNzQzYTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36nQX0KHfg0zQxQudwMhnzLCwI4l
jMUGlugauHSs48Hu8HzGAqLq/PmTPElu5ki/iXZEXj42wCJrnV288SF9xc8nKrsI
/gSlvBaJRXemChUP7u/hkFtQMIS1wcm95l8KsR4E2kHmlySvrsqjv0S7h/yZSBxi
cCGWcSIumpDtgqan07tUxWRCnHarUnXK8XVXIYyjIobF3ijzHgtnb+emKRepnhLc
uViz+0rocETEVkLZWAWdOe9kPaWHLyGvPfPhQ//sL3JRgyHp/1mrBOM+V7ZLJd51
13uq+Ya9jbwKwmKwyrnYRqut1Vjg3JaWpkwcviM1bxJYm4SxjzhMwO3W3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJjX/bH64eTCtXA7TXt/x0VxdDo8MB8GA1UdIwQY
MBaAFD0X9Gr/PYsh8A/uj2NerjSn9KTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEt
ODUxZWQ1MjlmMjIyLzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEtODUxZWQ1MjlmMjIy
LzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApdSj5nWt
vbuGRCD/+xFQwydzCtxGM3oR+SpD5/T2H22ek+veio07oJ+SvTmh1MbOAdV9Nd8G
6pxRIvCBSApL9ADegC/5JuN+VIOt3WJ9C/tKvsZ+VoXLjKMWLF22tov7dgCw8y6Q
L2tqlEBuDYqxrmvX4uznP4XzgwMTISFB5m4qQAOizbjI8osVSZ+euiVU2MeIRVxI
byZ07a6nKWCNd43KW/kvSjDobMSTo0F4Ezd+eQzdXULADlfDSte/HSbm+9MzpTY0
+kvRxwdNzFUVJJ1inn9IV0bPbvj12lTzGlOwOpBa5HePqdYVKOlrwJ2R97tr9g4Q
Zrc2TuBOgp9ZsQ==
-----END CERTIFICATE-----