Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/bb8f62-6bb9-4076-890a-7d4b033f1307/1/3RFhaPeJvdQI5uuZYi4-vJpzEAo.mft
File:                     3RFhaPeJvdQI5uuZYi4-vJpzEAo.mft (raw, json)
Hash identifier:          mU0hOXQri6/NvXzxJflgESyie7K2RXiBoiUGcUHhlzo=
Subject key identifier:   8A:28:9C:A0:51:03:D5:12:27:A4:1B:31:97:FB:34:02:96:C2:54:39
Authority key identifier: DD:11:61:68:F7:89:BD:D4:08:E6:EB:99:62:2E:3E:BC:9A:73:10:0A
Certificate issuer:       /CN=dd116168f789bdd408e6eb99622e3ebc9a73100a
Certificate serial:       019655381F6B5C672750882699B1E9E5615F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3RFhaPeJvdQI5uuZYi4-vJpzEAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/bb8f62-6bb9-4076-890a-7d4b033f1307/1/3RFhaPeJvdQI5uuZYi4-vJpzEAo.mft
Manifest number:          11B9
Signing time:             Sun 20 Apr 2025 22:01:03 +0000
Manifest this update:     Sun 20 Apr 2025 22:01:03 +0000
Manifest next update:     Mon 21 Apr 2025 22:01:03 +0000
Files and hashes:         1: 3RFhaPeJvdQI5uuZYi4-vJpzEAo.crl (hash: oGKdhW5jvNXfzR1xS/6Gry/YP1JJfJhPOJjESdix1rQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/81/bb8f62-6bb9-4076-890a-7d4b033f1307/1/3RFhaPeJvdQI5uuZYi4-vJpzEAo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/81/bb8f62-6bb9-4076-890a-7d4b033f1307/1/3RFhaPeJvdQI5uuZYi4-vJpzEAo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3RFhaPeJvdQI5uuZYi4-vJpzEAo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:38:1f:6b:5c:67:27:50:88:26:99:b1:e9:e5:61:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd116168f789bdd408e6eb99622e3ebc9a73100a
        Validity
            Not Before: Apr 20 22:01:03 2025 GMT
            Not After : Apr 21 22:01:03 2025 GMT
        Subject: CN=8a289ca05103d51227a41b3197fb340296c25439
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:c2:e2:cf:49:5d:87:99:90:06:a8:c0:77:a5:
                    88:3a:a9:3e:a6:e4:a8:fa:75:46:f9:95:47:83:54:
                    aa:57:44:c2:d1:17:1b:a0:76:79:73:4b:04:06:63:
                    d5:95:a9:9a:82:58:c6:76:7a:5b:af:a7:9a:82:bf:
                    88:2d:95:9c:4c:93:8b:b5:25:2f:7c:ad:15:cc:76:
                    0d:7f:5b:d5:b0:c8:dc:60:76:ab:d5:9f:91:c9:3b:
                    1a:d7:2d:b3:65:ae:2f:b2:5f:f2:30:c3:d2:78:bd:
                    e5:f8:ba:34:7f:b2:10:b0:bc:2e:c8:3f:8f:1e:2f:
                    2c:14:f7:7f:5f:12:67:2a:87:53:55:ca:2a:75:f8:
                    90:8e:0a:ad:19:c2:2b:0b:ad:f6:cd:1c:dc:89:7f:
                    e9:d7:c6:cc:bb:f4:08:f6:eb:a4:15:aa:3c:c2:67:
                    48:a8:fa:f9:6d:ef:3c:cd:6f:ae:8e:32:0c:a0:b2:
                    0b:8d:9c:40:01:19:62:16:b1:d4:63:ce:dc:04:e3:
                    56:3c:bf:db:f0:41:27:67:24:97:69:86:d1:b7:c7:
                    46:a2:56:45:7c:75:74:6e:36:e5:7c:cb:60:7f:3b:
                    e2:63:7c:01:42:e0:2b:b0:fb:e2:61:ed:0a:c3:b0:
                    74:4b:f2:5f:04:fc:27:1a:c1:f0:80:ec:3b:1e:72:
                    e1:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:28:9C:A0:51:03:D5:12:27:A4:1B:31:97:FB:34:02:96:C2:54:39
            X509v3 Authority Key Identifier:
                keyid:DD:11:61:68:F7:89:BD:D4:08:E6:EB:99:62:2E:3E:BC:9A:73:10:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3RFhaPeJvdQI5uuZYi4-vJpzEAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/bb8f62-6bb9-4076-890a-7d4b033f1307/1/3RFhaPeJvdQI5uuZYi4-vJpzEAo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/bb8f62-6bb9-4076-890a-7d4b033f1307/1/3RFhaPeJvdQI5uuZYi4-vJpzEAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:29:63:03:bf:cd:57:01:e2:53:4a:5e:9a:97:c3:38:34:71:
         83:69:21:4f:ae:8e:23:4d:bb:89:09:54:0d:69:d4:aa:b6:bc:
         25:43:9d:5a:09:ec:56:cb:fa:27:01:d7:80:f7:99:25:09:76:
         48:cc:b9:c0:8e:79:01:1f:20:a6:b2:8d:12:36:a0:72:85:05:
         18:5c:1c:07:92:4d:14:de:98:46:e5:40:13:c0:ef:0f:60:5f:
         95:ff:47:6d:59:2e:e4:1b:a0:92:f1:6b:72:7a:ca:f1:53:91:
         30:59:47:eb:b7:45:26:b3:7a:a6:22:58:13:f6:11:0f:8e:f1:
         ee:26:4b:88:7c:00:55:8d:43:3d:7f:5e:b4:f0:a8:53:02:33:
         98:fe:14:9f:38:25:1d:c3:d0:5a:eb:d7:0d:05:b7:b9:1d:1f:
         2f:61:63:a0:4f:39:a3:1e:57:1a:0b:11:5e:34:f5:bc:cb:05:
         98:13:c0:d2:cb:4f:98:33:c2:a6:61:aa:4a:78:9b:d7:a2:5f:
         10:36:38:08:83:db:a8:f9:08:41:f9:ff:e6:1c:b9:a0:39:9d:
         fd:a8:20:d4:83:65:c7:a4:6d:50:4e:55:08:18:35:e0:88:b3:
         b9:91:60:26:a5:12:35:10:86:76:77:32:0d:0c:e1:d7:97:d4:
         2b:fe:0e:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVOB9rXGcnUIgmmbHp5WFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTE2MTY4Zjc4OWJkZDQwOGU2ZWI5OTYyMmUzZWJjOWE3
MzEwMGEwHhcNMjUwNDIwMjIwMTAzWhcNMjUwNDIxMjIwMTAzWjAzMTEwLwYDVQQD
Eyg4YTI4OWNhMDUxMDNkNTEyMjdhNDFiMzE5N2ZiMzQwMjk2YzI1NDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8Liz0ldh5mQBqjAd6WIOqk+puSo
+nVG+ZVHg1SqV0TC0RcboHZ5c0sEBmPVlamagljGdnpbr6eagr+ILZWcTJOLtSUv
fK0VzHYNf1vVsMjcYHar1Z+RyTsa1y2zZa4vsl/yMMPSeL3l+Lo0f7IQsLwuyD+P
Hi8sFPd/XxJnKodTVcoqdfiQjgqtGcIrC632zRzciX/p18bMu/QI9uukFao8wmdI
qPr5be88zW+ujjIMoLILjZxAARliFrHUY87cBONWPL/b8EEnZySXaYbRt8dGolZF
fHV0bjblfMtgfzviY3wBQuArsPviYe0Kw7B0S/JfBPwnGsHwgOw7HnLhWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIoonKBRA9USJ6QbMZf7NAKWwlQ5MB8GA1UdIwQY
MBaAFN0RYWj3ib3UCObrmWIuPryacxAKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JGaGFQZUp2ZFFJNXV1WllpNC12SnB6RUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9iYjhmNjItNmJiOS00MDc2LTg5MGEt
N2Q0YjAzM2YxMzA3LzEvM1JGaGFQZUp2ZFFJNXV1WllpNC12SnB6RUFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9iYjhmNjItNmJiOS00MDc2LTg5MGEtN2Q0YjAzM2YxMzA3
LzEvM1JGaGFQZUp2ZFFJNXV1WllpNC12SnB6RUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAayljA7/N
VwHiU0pempfDODRxg2khT66OI027iQlUDWnUqra8JUOdWgnsVsv6JwHXgPeZJQl2
SMy5wI55AR8gprKNEjagcoUFGFwcB5JNFN6YRuVAE8DvD2Bflf9HbVku5BugkvFr
cnrK8VORMFlH67dFJrN6piJYE/YRD47x7iZLiHwAVY1DPX9etPCoUwIzmP4Unzgl
HcPQWuvXDQW3uR0fL2FjoE85ox5XGgsRXjT1vMsFmBPA0stPmDPCpmGqSnib16Jf
EDY4CIPbqPkIQfn/5hy5oDmd/agg1INlx6RtUE5VCBg14IizuZFgJqUSNRCGdncy
DQzh15fUK/4ODg==
-----END CERTIFICATE-----