Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/55b634-eed5-4e32-bb6f-6096931ffebe/1/P0wCam4nQwkwPOoMF-CUk2E8Hy4.mft
File:                     P0wCam4nQwkwPOoMF-CUk2E8Hy4.mft (raw, json)
Hash identifier:          H+IeDJO3K9+TgRKIy62ngLMle3owRjkd5ujN5QJpZvQ=
Subject key identifier:   D1:AE:BB:A8:E7:DC:C1:23:C0:D0:48:22:25:FC:A5:B0:1E:59:D5:A7
Authority key identifier: 3F:4C:02:6A:6E:27:43:09:30:3C:EA:0C:17:E0:94:93:61:3C:1F:2E
Certificate issuer:       /CN=3f4c026a6e274309303cea0c17e09493613c1f2e
Certificate serial:       01965B39D4B85410A173365C5278CF5B5EAE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P0wCam4nQwkwPOoMF-CUk2E8Hy4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/55b634-eed5-4e32-bb6f-6096931ffebe/1/P0wCam4nQwkwPOoMF-CUk2E8Hy4.mft
Manifest number:          09A6
Signing time:             Tue 22 Apr 2025 02:00:38 +0000
Manifest this update:     Tue 22 Apr 2025 02:00:38 +0000
Manifest next update:     Wed 23 Apr 2025 02:00:38 +0000
Files and hashes:         1: P0wCam4nQwkwPOoMF-CUk2E8Hy4.crl (hash: vSZ0S/BJCwZLELoDicqJJ2zmUMh8OMop8ZJCqnbI8VE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8c/55b634-eed5-4e32-bb6f-6096931ffebe/1/P0wCam4nQwkwPOoMF-CUk2E8Hy4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8c/55b634-eed5-4e32-bb6f-6096931ffebe/1/P0wCam4nQwkwPOoMF-CUk2E8Hy4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/P0wCam4nQwkwPOoMF-CUk2E8Hy4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5b:39:d4:b8:54:10:a1:73:36:5c:52:78:cf:5b:5e:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f4c026a6e274309303cea0c17e09493613c1f2e
        Validity
            Not Before: Apr 22 02:00:38 2025 GMT
            Not After : Apr 23 02:00:38 2025 GMT
        Subject: CN=d1aebba8e7dcc123c0d0482225fca5b01e59d5a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:19:44:a9:c9:9b:5a:fd:90:18:1a:ad:02:f5:
                    2a:92:0a:2e:45:ef:66:fa:5d:24:48:bf:32:03:b7:
                    e3:21:d7:a4:a8:2b:67:24:69:44:b8:38:81:fb:01:
                    ed:41:8d:1a:15:cd:30:97:00:6c:d0:84:e3:ff:4d:
                    e3:bb:75:25:c7:5a:8d:85:13:06:75:e1:98:9a:ee:
                    75:fd:f8:42:29:f8:78:2b:77:9f:d1:59:a0:50:ab:
                    a2:2b:8d:14:14:d3:fc:01:75:91:74:f7:46:3f:8c:
                    60:46:18:09:f6:70:b3:2c:f1:7e:e0:45:79:6e:58:
                    33:f4:d6:d3:72:c0:f8:e9:a5:39:1c:2b:4c:b3:08:
                    0d:10:76:ba:5b:b9:01:3f:af:e7:e5:99:04:97:1d:
                    5a:fb:ba:31:f8:ab:9c:ba:8a:b9:5f:49:d3:44:85:
                    f2:1f:2a:37:12:8e:6b:0f:93:5e:38:d1:5b:9f:81:
                    c7:07:1a:1b:75:61:8e:4e:8d:2a:f1:d7:28:72:38:
                    57:6e:c2:a0:9d:17:34:f2:7a:d3:bd:87:6b:08:09:
                    ca:b2:75:04:30:90:ec:31:10:da:1a:f2:57:05:bd:
                    a9:f6:8c:fa:67:a0:3b:f8:e6:f0:40:6b:59:fa:da:
                    68:9c:7a:46:69:59:4b:6f:39:c2:a2:d5:88:3b:75:
                    a4:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:AE:BB:A8:E7:DC:C1:23:C0:D0:48:22:25:FC:A5:B0:1E:59:D5:A7
            X509v3 Authority Key Identifier:
                keyid:3F:4C:02:6A:6E:27:43:09:30:3C:EA:0C:17:E0:94:93:61:3C:1F:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P0wCam4nQwkwPOoMF-CUk2E8Hy4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/55b634-eed5-4e32-bb6f-6096931ffebe/1/P0wCam4nQwkwPOoMF-CUk2E8Hy4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/55b634-eed5-4e32-bb6f-6096931ffebe/1/P0wCam4nQwkwPOoMF-CUk2E8Hy4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:85:f7:a9:bd:e2:31:1e:30:bf:8f:59:1e:22:76:09:42:e4:
         4d:83:bc:6d:6b:e2:f7:be:55:7d:da:5a:67:72:b5:d7:a8:2d:
         bc:19:a4:fa:bc:04:bc:2b:18:24:f2:fa:7c:18:46:6f:8a:24:
         0b:47:67:57:41:7a:3d:c3:31:bc:0a:0f:ee:f9:0d:bb:7b:c3:
         00:6a:f3:11:ca:64:e0:cc:6f:14:e6:83:cb:61:19:e5:d8:a8:
         92:57:80:a0:bb:2b:0c:fe:8e:07:44:01:30:8e:dd:b3:88:25:
         e8:8a:a7:74:24:24:12:53:a7:90:c6:1f:78:87:42:20:d7:5c:
         ce:f7:9b:e7:db:0e:5e:de:bb:bb:39:3d:41:a6:43:97:01:8c:
         b2:50:0c:da:9e:c1:e2:b8:d4:98:7c:48:7b:92:ad:bb:0e:5e:
         13:8d:62:cb:31:21:28:cc:a3:36:c0:bc:c0:10:43:e9:02:27:
         e1:94:62:f6:c8:57:58:dc:d0:5c:e7:99:4e:f5:97:ac:45:74:
         dc:5e:88:74:68:78:39:03:95:56:58:b8:81:a9:5a:ff:8a:81:
         ae:9b:e4:28:29:bf:41:b1:fb:63:9e:06:7f:12:7b:65:20:37:
         07:d4:f4:b6:de:00:fa:05:c9:49:5a:2e:85:40:ea:f5:77:54:
         a3:be:f4:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZbOdS4VBChczZcUnjPW16uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNGMwMjZhNmUyNzQzMDkzMDNjZWEwYzE3ZTA5NDkzNjEz
YzFmMmUwHhcNMjUwNDIyMDIwMDM4WhcNMjUwNDIzMDIwMDM4WjAzMTEwLwYDVQQD
EyhkMWFlYmJhOGU3ZGNjMTIzYzBkMDQ4MjIyNWZjYTViMDFlNTlkNWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhlEqcmbWv2QGBqtAvUqkgouRe9m
+l0kSL8yA7fjIdekqCtnJGlEuDiB+wHtQY0aFc0wlwBs0ITj/03ju3Ulx1qNhRMG
deGYmu51/fhCKfh4K3ef0VmgUKuiK40UFNP8AXWRdPdGP4xgRhgJ9nCzLPF+4EV5
blgz9NbTcsD46aU5HCtMswgNEHa6W7kBP6/n5ZkElx1a+7ox+Kucuoq5X0nTRIXy
Hyo3Eo5rD5NeONFbn4HHBxobdWGOTo0q8dcocjhXbsKgnRc08nrTvYdrCAnKsnUE
MJDsMRDaGvJXBb2p9oz6Z6A7+ObwQGtZ+tponHpGaVlLbznCotWIO3Wk9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNGuu6jn3MEjwNBIIiX8pbAeWdWnMB8GA1UdIwQY
MBaAFD9MAmpuJ0MJMDzqDBfglJNhPB8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDB3Q2FtNG5Rd2t3UE9vTUYtQ1VrMkU4SHk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy81NWI2MzQtZWVkNS00ZTMyLWJiNmYt
NjA5NjkzMWZmZWJlLzEvUDB3Q2FtNG5Rd2t3UE9vTUYtQ1VrMkU4SHk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy81NWI2MzQtZWVkNS00ZTMyLWJiNmYtNjA5NjkzMWZmZWJl
LzEvUDB3Q2FtNG5Rd2t3UE9vTUYtQ1VrMkU4SHk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgoX3qb3i
MR4wv49ZHiJ2CULkTYO8bWvi975VfdpaZ3K116gtvBmk+rwEvCsYJPL6fBhGb4ok
C0dnV0F6PcMxvAoP7vkNu3vDAGrzEcpk4MxvFOaDy2EZ5diokleAoLsrDP6OB0QB
MI7ds4gl6IqndCQkElOnkMYfeIdCINdczveb59sOXt67uzk9QaZDlwGMslAM2p7B
4rjUmHxIe5Ktuw5eE41iyzEhKMyjNsC8wBBD6QIn4ZRi9shXWNzQXOeZTvWXrEV0
3F6IdGh4OQOVVli4gala/4qBrpvkKCm/QbH7Y54GfxJ7ZSA3B9T0tt4A+gXJSVou
hUDq9XdUo770lg==
-----END CERTIFICATE-----