Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
File:                     3cwuYUgshl3CU8D6lD49os6X2gU.mft (raw, json)
Hash identifier:          w1SdqhYPrg+qe7+PfxgnnMNzKvt7rB7gVlZWHoeKHQ0=
Subject key identifier:   92:23:A4:36:AE:3F:02:6B:41:33:16:71:B2:D1:B2:9A:A7:CF:96:19
Authority key identifier: DD:CC:2E:61:48:2C:86:5D:C2:53:C0:FA:94:3E:3D:A2:CE:97:DA:05
Certificate issuer:       /CN=ddcc2e61482c865dc253c0fa943e3da2ce97da05
Certificate serial:       0196586F4F927D4D8572A8D59B6AF314DF88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
Manifest number:          0484
Signing time:             Mon 21 Apr 2025 13:00:11 +0000
Manifest this update:     Mon 21 Apr 2025 13:00:11 +0000
Manifest next update:     Tue 22 Apr 2025 13:00:11 +0000
Files and hashes:         1: 3cwuYUgshl3CU8D6lD49os6X2gU.crl (hash: XU7bGPrz4I+d28kMsIaKGXGP7inZmo8ZOXP2+wciufA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:58:6f:4f:92:7d:4d:85:72:a8:d5:9b:6a:f3:14:df:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddcc2e61482c865dc253c0fa943e3da2ce97da05
        Validity
            Not Before: Apr 21 13:00:11 2025 GMT
            Not After : Apr 22 13:00:11 2025 GMT
        Subject: CN=9223a436ae3f026b41331671b2d1b29aa7cf9619
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:98:0a:b9:30:39:29:44:ec:d3:2e:21:43:23:
                    36:b6:cf:51:0e:32:28:9b:31:10:30:36:d4:a5:ee:
                    af:94:7c:f7:72:d7:58:35:dd:38:bc:6c:dc:38:9b:
                    75:14:8f:07:d7:fc:6e:cd:78:82:d9:60:b1:9a:c2:
                    be:a2:e6:fe:c0:06:00:0d:d6:76:e8:5a:28:fe:2e:
                    c8:f7:82:34:c1:7b:cf:28:fa:50:d4:54:69:1d:cf:
                    cb:42:8f:9e:09:5a:4a:80:15:31:88:30:f5:42:83:
                    4f:1b:10:93:ec:37:57:59:8c:4f:49:9c:90:d3:45:
                    89:77:a3:af:96:2a:80:4b:8c:f1:bf:42:6e:a1:bf:
                    e3:73:23:0b:9d:64:87:98:5d:82:d6:37:72:86:65:
                    05:58:a1:89:1b:2c:07:2e:53:6c:3e:56:d6:b1:10:
                    cc:55:07:d1:31:b4:64:45:b3:26:09:9a:82:26:54:
                    f5:64:5d:21:d8:4a:bc:c8:be:80:dd:06:ad:44:d8:
                    67:66:b4:e4:d0:eb:ef:95:f8:e6:bf:43:4d:86:3f:
                    4a:45:5d:f6:32:df:1d:0f:e9:6d:55:a0:2e:5b:47:
                    2f:13:5c:0b:c1:e2:59:c2:e5:c7:37:d5:57:e8:32:
                    bd:7f:e2:b9:e5:21:61:b3:44:9e:49:49:3e:a5:33:
                    81:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:23:A4:36:AE:3F:02:6B:41:33:16:71:B2:D1:B2:9A:A7:CF:96:19
            X509v3 Authority Key Identifier:
                keyid:DD:CC:2E:61:48:2C:86:5D:C2:53:C0:FA:94:3E:3D:A2:CE:97:DA:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:a4:f8:87:30:c1:01:9f:85:4a:5a:65:c8:8a:7e:5b:55:f7:
         72:ad:02:7e:3d:55:53:e3:28:31:bb:aa:5c:02:8e:a0:00:1d:
         6d:30:89:4a:46:bd:9e:d3:d1:43:9b:1d:ed:8e:fc:be:0f:7a:
         2d:d6:d1:fd:73:ff:a1:13:ac:fb:9a:f3:58:25:e9:70:64:d9:
         ae:fa:c1:8a:fc:63:29:64:80:30:a5:9b:e3:01:e4:cd:16:34:
         95:cc:96:94:0c:cd:57:aa:d6:7d:25:64:6b:96:6d:22:eb:43:
         63:2d:99:5d:c9:a9:f1:e7:9b:3b:8c:2a:b8:8d:85:bb:1c:ed:
         70:fe:5d:30:d0:e3:65:79:5e:39:ba:37:29:42:21:60:a1:cd:
         58:99:bb:65:f7:cc:58:f0:a8:5d:a2:0c:db:98:52:c3:cd:0e:
         3a:ed:fb:da:ad:f3:ff:b4:e1:ce:3b:23:af:16:b6:cf:7f:ad:
         9d:06:e8:bc:b2:84:9c:c0:bb:51:60:25:9e:c5:7a:1e:8d:94:
         0d:70:26:10:b4:a5:94:4d:b0:63:3e:1d:ed:ce:5e:82:73:af:
         68:d5:34:05:28:8d:0e:e8:37:ec:b8:3d:9e:8a:ea:7b:80:69:
         2b:21:25:8d:b3:db:37:44:2c:f5:4a:0c:a3:b4:9a:77:e8:a9:
         59:ae:6c:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZYb0+SfU2FcqjVm2rzFN+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkY2MyZTYxNDgyYzg2NWRjMjUzYzBmYTk0M2UzZGEyY2U5
N2RhMDUwHhcNMjUwNDIxMTMwMDExWhcNMjUwNDIyMTMwMDExWjAzMTEwLwYDVQQD
Eyg5MjIzYTQzNmFlM2YwMjZiNDEzMzE2NzFiMmQxYjI5YWE3Y2Y5NjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJgKuTA5KUTs0y4hQyM2ts9RDjIo
mzEQMDbUpe6vlHz3ctdYNd04vGzcOJt1FI8H1/xuzXiC2WCxmsK+oub+wAYADdZ2
6Foo/i7I94I0wXvPKPpQ1FRpHc/LQo+eCVpKgBUxiDD1QoNPGxCT7DdXWYxPSZyQ
00WJd6OvliqAS4zxv0Juob/jcyMLnWSHmF2C1jdyhmUFWKGJGywHLlNsPlbWsRDM
VQfRMbRkRbMmCZqCJlT1ZF0h2Eq8yL6A3QatRNhnZrTk0Ovvlfjmv0NNhj9KRV32
Mt8dD+ltVaAuW0cvE1wLweJZwuXHN9VX6DK9f+K55SFhs0SeSUk+pTOBhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJIjpDauPwJrQTMWcbLRspqnz5YZMB8GA1UdIwQY
MBaAFN3MLmFILIZdwlPA+pQ+PaLOl9oFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iZjczNDMtNjVhNC00NzE0LThmOTAt
MzU4ZjU5NTMyMjU4LzEvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iZjczNDMtNjVhNC00NzE0LThmOTAtMzU4ZjU5NTMyMjU4
LzEvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVaT4hzDB
AZ+FSlplyIp+W1X3cq0Cfj1VU+MoMbuqXAKOoAAdbTCJSka9ntPRQ5sd7Y78vg96
LdbR/XP/oROs+5rzWCXpcGTZrvrBivxjKWSAMKWb4wHkzRY0lcyWlAzNV6rWfSVk
a5ZtIutDYy2ZXcmp8eebO4wquI2FuxztcP5dMNDjZXleObo3KUIhYKHNWJm7ZffM
WPCoXaIM25hSw80OOu372q3z/7Thzjsjrxa2z3+tnQbovLKEnMC7UWAlnsV6Ho2U
DXAmELSllE2wYz4d7c5egnOvaNU0BSiNDug37Lg9norqe4BpKyEljbPbN0Qs9UoM
o7Sad+ipWa5sEQ==
-----END CERTIFICATE-----