Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
File:                     3DC4_dBG72WGgJfwNrinyFVyqtA.mft (raw, json)
Hash identifier:          5DtfwL47gmrGBHRJ2qIhEuWQsEufAJh6nMQGGJBkjxY=
Subject key identifier:   EB:9A:D6:18:01:70:0F:FC:AB:EC:38:98:F7:56:0F:F0:C0:C7:0F:6E
Authority key identifier: DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0
Certificate issuer:       /CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
Certificate serial:       019659827FD9FB9FD4847AC3C33FB61DBC45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
Manifest number:          14FD
Signing time:             Mon 21 Apr 2025 18:00:46 +0000
Manifest this update:     Mon 21 Apr 2025 18:00:46 +0000
Manifest next update:     Tue 22 Apr 2025 18:00:46 +0000
Files and hashes:         1: 3DC4_dBG72WGgJfwNrinyFVyqtA.crl (hash: rlEKX/yPqo7KO5h9loycz0dzc6HtgqiK2wmtWzEKDnw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 18:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:82:7f:d9:fb:9f:d4:84:7a:c3:c3:3f:b6:1d:bc:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
        Validity
            Not Before: Apr 21 18:00:46 2025 GMT
            Not After : Apr 22 18:00:46 2025 GMT
        Subject: CN=eb9ad61801700ffcabec3898f7560ff0c0c70f6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:9e:fe:b2:ea:b7:43:d2:60:a6:ea:ce:b1:d6:
                    75:70:d2:ac:f0:ff:a3:49:52:ef:1f:d1:6a:b1:90:
                    f4:54:60:16:c6:7e:88:30:df:99:04:b0:5b:8b:ef:
                    5b:6a:de:fc:77:c1:c5:95:a5:e1:97:9f:f9:86:73:
                    e2:96:c9:07:93:18:63:37:3d:bd:44:c8:75:fc:08:
                    17:ac:e4:8d:2b:e9:05:25:79:0c:fc:ed:d9:1e:fc:
                    60:28:2a:9f:41:ae:dd:63:0f:a7:c6:85:9b:cc:85:
                    1e:5a:82:ff:60:12:81:14:6a:66:de:5f:ba:31:d9:
                    31:f2:8d:b7:49:e8:05:bf:84:f2:42:90:4e:a0:0a:
                    7a:89:81:18:73:61:e1:da:af:93:a9:4c:2d:be:d3:
                    f0:1e:89:3c:50:4a:c2:a2:ad:bb:02:62:59:b5:67:
                    3b:a9:fd:b8:19:cc:15:b1:5d:4f:91:01:97:00:2f:
                    32:43:17:a3:94:50:3e:27:ca:7e:ee:16:85:37:63:
                    d9:ec:b5:67:81:51:30:64:38:70:79:ad:77:be:28:
                    5b:be:84:e1:b3:2c:5c:12:6a:81:2c:24:92:21:6d:
                    61:b0:d9:7d:82:94:76:60:20:54:79:40:b9:01:78:
                    9c:0c:a6:73:83:0b:cd:eb:0e:39:d7:66:88:5a:70:
                    63:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:9A:D6:18:01:70:0F:FC:AB:EC:38:98:F7:56:0F:F0:C0:C7:0F:6E
            X509v3 Authority Key Identifier:
                keyid:DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:75:72:5b:cd:eb:e0:94:c2:0e:a0:ff:14:89:28:5b:95:bb:
         c6:dd:93:7a:dc:da:62:4a:4a:6b:d9:23:a6:8c:e5:b4:f9:b7:
         8f:bd:00:d7:50:7f:9c:b0:fc:75:cb:90:f4:c7:f4:68:80:5d:
         41:c5:8e:69:8e:a8:21:1f:d7:35:2c:45:a7:2c:bb:02:26:7a:
         82:d4:db:9b:96:ea:20:8f:c3:0c:d7:4f:fa:9f:09:a8:01:72:
         74:72:d3:90:fc:04:d2:2f:2b:07:17:e2:7c:e5:9f:52:9b:db:
         f9:ee:94:24:d7:25:35:fe:1e:cb:b8:47:d4:89:99:69:d8:ca:
         c5:df:66:d8:06:f8:4c:93:0a:74:f7:61:77:f2:5f:30:8f:d7:
         3e:88:e1:a4:60:1d:79:d1:0e:d3:9c:d1:7e:1c:b2:c6:d1:3e:
         98:18:d8:53:cd:9d:08:2c:51:5f:fe:3c:4a:a1:6e:06:43:4e:
         3d:72:16:ea:93:a2:87:1f:4f:a8:0b:b6:fb:9e:6c:60:03:c4:
         d4:49:6a:f5:4e:99:b6:20:1e:8a:39:96:3c:26:2c:8f:52:3c:
         b0:6f:c0:4c:81:08:62:16:f8:33:47:b7:9f:6e:5c:5c:ef:38:
         ab:32:8d:c6:05:25:95:16:b1:07:df:23:e0:e2:a8:66:f5:7e:
         c9:3d:e8:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZgn/Z+5/UhHrDwz+2HbxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzBiOGZkZDA0NmVmNjU4NjgwOTdmMDM2YjhhN2M4NTU3
MmFhZDAwHhcNMjUwNDIxMTgwMDQ2WhcNMjUwNDIyMTgwMDQ2WjAzMTEwLwYDVQQD
EyhlYjlhZDYxODAxNzAwZmZjYWJlYzM4OThmNzU2MGZmMGMwYzcwZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx57+suq3Q9JgpurOsdZ1cNKs8P+j
SVLvH9FqsZD0VGAWxn6IMN+ZBLBbi+9bat78d8HFlaXhl5/5hnPilskHkxhjNz29
RMh1/AgXrOSNK+kFJXkM/O3ZHvxgKCqfQa7dYw+nxoWbzIUeWoL/YBKBFGpm3l+6
Mdkx8o23SegFv4TyQpBOoAp6iYEYc2Hh2q+TqUwtvtPwHok8UErCoq27AmJZtWc7
qf24GcwVsV1PkQGXAC8yQxejlFA+J8p+7haFN2PZ7LVngVEwZDhwea13vihbvoTh
syxcEmqBLCSSIW1hsNl9gpR2YCBUeUC5AXicDKZzgwvN6w4512aIWnBj6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOua1hgBcA/8q+w4mPdWD/DAxw9uMB8GA1UdIwQY
MBaAFNwwuP3QRu9lhoCX8Da4p8hVcqrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYt
MjlhMGFhNmM0YWQxLzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYtMjlhMGFhNmM0YWQx
LzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALnVyW83r
4JTCDqD/FIkoW5W7xt2TetzaYkpKa9kjpozltPm3j70A11B/nLD8dcuQ9Mf0aIBd
QcWOaY6oIR/XNSxFpyy7AiZ6gtTbm5bqII/DDNdP+p8JqAFydHLTkPwE0i8rBxfi
fOWfUpvb+e6UJNclNf4ey7hH1ImZadjKxd9m2Ab4TJMKdPdhd/JfMI/XPojhpGAd
edEO05zRfhyyxtE+mBjYU82dCCxRX/48SqFuBkNOPXIW6pOihx9PqAu2+55sYAPE
1Elq9U6ZtiAeijmWPCYsj1I8sG/ATIEIYhb4M0e3n25cXO84qzKNxgUllRaxB98j
4OKoZvV+yT3oNQ==
-----END CERTIFICATE-----