Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
File:                     dzW3DconD8uOS5CStyADZBOPXfE.mft (raw, json)
Hash identifier:          h3mkIdXheHMMj70VnQp77A7p6UFx4iGsQwpFDZ4RTew=
Subject key identifier:   CF:31:92:E1:4B:B7:A0:F6:96:EB:DB:92:86:C8:1E:F6:CE:10:16:DF
Authority key identifier: 77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1
Certificate issuer:       /CN=7735b70dca270fcb8e4b9092b7200364138f5df1
Certificate serial:       019655375E7D0641D6AEA1E2C1CA89EE1C30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
Manifest number:          14FB
Signing time:             Sun 20 Apr 2025 22:00:14 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:14 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:14 +0000
Files and hashes:         1: dzW3DconD8uOS5CStyADZBOPXfE.crl (hash: vYFQrIWn//q33xUR5tHgtaJ6LaLekAEtXtXJslXGz40=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:5e:7d:06:41:d6:ae:a1:e2:c1:ca:89:ee:1c:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7735b70dca270fcb8e4b9092b7200364138f5df1
        Validity
            Not Before: Apr 20 22:00:14 2025 GMT
            Not After : Apr 21 22:00:14 2025 GMT
        Subject: CN=cf3192e14bb7a0f696ebdb9286c81ef6ce1016df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:4e:c3:6f:17:71:dd:fd:87:b6:58:49:ee:41:
                    ae:6a:25:59:41:0d:d7:8c:9a:22:c3:93:e4:7f:4d:
                    39:35:c3:32:47:f7:01:86:a9:5a:0b:81:01:36:1b:
                    4d:13:b9:2b:59:62:8f:58:8e:3b:bc:ff:92:1c:9a:
                    1b:6b:10:cb:0f:81:62:f3:9e:da:b9:b5:3f:16:df:
                    ad:e9:96:c0:e3:ab:c3:5e:aa:7d:a8:2b:b3:4b:a4:
                    db:2c:89:de:4e:dd:59:ca:d2:02:36:31:72:f6:86:
                    53:56:40:91:f9:a3:3b:16:80:36:45:20:bf:63:86:
                    df:1b:fa:17:f2:0c:5a:3e:ba:cf:35:64:7b:a6:8e:
                    b0:b5:48:aa:32:18:fa:b3:4b:e5:26:8f:db:63:60:
                    99:71:a9:4e:d1:ad:c5:c7:e2:7e:aa:9d:39:c3:a6:
                    95:9b:2a:75:ec:9d:40:43:be:c0:14:f6:5c:90:ec:
                    09:a0:46:82:ee:cc:d3:88:f2:d1:a1:e2:2b:31:ff:
                    c3:7a:64:f6:c8:62:6a:e6:ab:d8:34:4c:6c:8d:e7:
                    05:9e:7b:92:d9:5e:09:6d:d9:cd:04:f0:71:10:40:
                    be:8e:6b:6e:37:67:f3:40:3c:48:32:c7:2f:c6:50:
                    8d:86:75:96:26:cb:b4:06:e2:bb:7c:01:59:03:7b:
                    7e:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:31:92:E1:4B:B7:A0:F6:96:EB:DB:92:86:C8:1E:F6:CE:10:16:DF
            X509v3 Authority Key Identifier:
                keyid:77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:cb:46:72:a2:77:be:8f:f4:95:a4:a2:58:74:5e:e5:ce:af:
         1b:db:00:af:0f:b3:fb:ad:e8:85:9a:3a:ab:19:02:6e:2e:00:
         d9:21:bf:8b:a9:d4:c3:3a:06:20:c6:15:17:51:f4:21:53:31:
         07:07:5e:b9:aa:fe:41:c7:34:fe:3e:c4:98:f3:37:1c:99:cf:
         c7:a5:c1:14:08:fc:be:19:ae:cd:87:f8:67:f0:45:f2:82:24:
         1e:e9:e4:03:f2:21:12:a6:ad:37:93:46:2d:5f:50:c4:48:9e:
         c5:a8:ed:30:f2:46:fb:89:1e:7d:e0:b8:35:50:49:e3:26:bf:
         84:2e:9c:14:b2:74:e9:a7:48:8b:cb:bd:b1:56:9a:b3:14:47:
         ff:40:cd:c2:59:6b:64:f0:25:82:d8:a1:eb:62:04:8a:1a:d9:
         0c:68:1a:76:f9:75:b0:4b:ae:91:45:a0:d5:af:32:b5:69:c8:
         4e:99:7a:f7:eb:f0:33:67:10:26:37:f2:76:38:05:b7:b6:ff:
         12:52:9e:68:0e:5d:d6:b4:45:d2:33:a7:d0:10:e0:96:ec:be:
         59:51:08:7c:65:b3:24:2b:d0:92:c6:cf:8e:69:48:9a:98:f1:
         8e:bd:ba:cf:a2:02:e8:4e:89:c3:00:b6:e5:de:a8:bd:49:75:
         90:6c:0b:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN159BkHWrqHiwcqJ7hwwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzViNzBkY2EyNzBmY2I4ZTRiOTA5MmI3MjAwMzY0MTM4
ZjVkZjEwHhcNMjUwNDIwMjIwMDE0WhcNMjUwNDIxMjIwMDE0WjAzMTEwLwYDVQQD
EyhjZjMxOTJlMTRiYjdhMGY2OTZlYmRiOTI4NmM4MWVmNmNlMTAxNmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr07Dbxdx3f2HtlhJ7kGuaiVZQQ3X
jJoiw5Pkf005NcMyR/cBhqlaC4EBNhtNE7krWWKPWI47vP+SHJobaxDLD4Fi857a
ubU/Ft+t6ZbA46vDXqp9qCuzS6TbLIneTt1ZytICNjFy9oZTVkCR+aM7FoA2RSC/
Y4bfG/oX8gxaPrrPNWR7po6wtUiqMhj6s0vlJo/bY2CZcalO0a3Fx+J+qp05w6aV
myp17J1AQ77AFPZckOwJoEaC7szTiPLRoeIrMf/DemT2yGJq5qvYNExsjecFnnuS
2V4JbdnNBPBxEEC+jmtuN2fzQDxIMscvxlCNhnWWJsu0BuK7fAFZA3t+dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM8xkuFLt6D2luvbkobIHvbOEBbfMB8GA1UdIwQY
MBaAFHc1tw3KJw/LjkuQkrcgA2QTj13xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3Zjkt
YzZkZGViNDk0NzM1LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3ZjktYzZkZGViNDk0NzM1
LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvstGcqJ3
vo/0laSiWHRe5c6vG9sArw+z+63ohZo6qxkCbi4A2SG/i6nUwzoGIMYVF1H0IVMx
Bwdeuar+Qcc0/j7EmPM3HJnPx6XBFAj8vhmuzYf4Z/BF8oIkHunkA/IhEqatN5NG
LV9QxEiexajtMPJG+4kefeC4NVBJ4ya/hC6cFLJ06adIi8u9sVaasxRH/0DNwllr
ZPAlgtih62IEihrZDGgadvl1sEuukUWg1a8ytWnITpl69+vwM2cQJjfydjgFt7b/
ElKeaA5d1rRF0jOn0BDgluy+WVEIfGWzJCvQksbPjmlImpjxjr26z6IC6E6JwwC2
5d6ovUl1kGwLtw==
-----END CERTIFICATE-----