Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft
File:                     0_ULT8CViQuDHAPZliXA7lQZ01o.mft (raw, json)
Hash identifier:          N4aqVg8RmgyQ7VUKVlUuwR3BjNeDGVAumdDb5zeniik=
Subject key identifier:   BC:2D:C3:7C:A6:7E:C9:42:47:49:93:10:1C:DE:0F:9E:B0:CD:20:97
Authority key identifier: D3:F5:0B:4F:C0:95:89:0B:83:1C:03:D9:96:25:C0:EE:54:19:D3:5A
Certificate issuer:       /CN=d3f50b4fc095890b831c03d99625c0ee5419d35a
Certificate serial:       019659F003F00106AB9FB399A633556385DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft
Manifest number:          13B2
Signing time:             Mon 21 Apr 2025 20:00:23 +0000
Manifest this update:     Mon 21 Apr 2025 20:00:23 +0000
Manifest next update:     Tue 22 Apr 2025 20:00:23 +0000
Files and hashes:         1: 0_ULT8CViQuDHAPZliXA7lQZ01o.crl (hash: Yh+pFKK6dxNdFRA5nyjdkFn2eQcE+1qO4YNJDzGUNsY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:f0:03:f0:01:06:ab:9f:b3:99:a6:33:55:63:85:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3f50b4fc095890b831c03d99625c0ee5419d35a
        Validity
            Not Before: Apr 21 20:00:23 2025 GMT
            Not After : Apr 22 20:00:23 2025 GMT
        Subject: CN=bc2dc37ca67ec942474993101cde0f9eb0cd2097
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:43:33:14:50:12:4a:15:6a:ec:32:4c:e4:54:
                    f3:1f:8c:50:0c:16:b6:1e:85:0c:07:3f:44:19:f4:
                    6a:19:d7:6f:bf:03:23:6f:95:91:b3:13:01:7b:0c:
                    a0:5f:1e:c0:1a:94:d2:27:86:4a:d9:2b:51:7f:d8:
                    81:fe:7f:80:75:52:99:8a:77:a3:0b:0f:16:66:13:
                    67:9e:55:4b:fd:ef:50:49:95:a4:86:14:94:71:c3:
                    74:a1:f3:04:e9:95:77:2b:2f:0e:33:04:d2:40:9d:
                    0f:31:40:04:70:93:d2:9d:07:8e:de:c1:1d:f8:8c:
                    11:b4:b7:c3:af:fc:1c:43:a7:bc:9f:9f:65:98:48:
                    ae:50:92:c2:c6:b1:45:dd:6d:43:8e:4e:39:0b:73:
                    a1:cd:d7:7b:ca:2e:83:eb:69:9f:c7:a4:44:de:d6:
                    60:f5:e2:8f:a7:9a:66:7e:03:d8:ed:a4:84:57:b8:
                    35:f0:5f:2b:fc:98:79:a8:d7:ea:85:0a:bc:0b:52:
                    17:22:15:44:16:88:56:97:c3:8b:ef:da:39:dd:de:
                    7a:83:38:d2:4e:86:83:2b:59:72:81:7c:52:76:f7:
                    93:77:e2:54:11:e5:c6:69:1e:2e:34:b8:5c:ab:b9:
                    15:62:56:7b:e5:93:90:8a:6d:86:c4:41:1f:ac:26:
                    2b:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:2D:C3:7C:A6:7E:C9:42:47:49:93:10:1C:DE:0F:9E:B0:CD:20:97
            X509v3 Authority Key Identifier:
                keyid:D3:F5:0B:4F:C0:95:89:0B:83:1C:03:D9:96:25:C0:EE:54:19:D3:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:7d:59:3a:35:fb:23:9b:83:00:c9:9f:68:a0:e3:8b:5d:ee:
         7f:3e:0c:e8:c5:44:68:d6:c9:68:78:2b:5e:a6:b1:4c:2e:05:
         40:b4:48:76:e3:bf:5d:53:9b:a2:7f:52:cf:34:51:78:20:82:
         8f:10:ed:d7:71:06:ee:9c:79:81:ca:74:66:86:fc:4c:c9:9f:
         39:58:32:15:bb:b2:9f:b0:e3:e3:00:0c:08:1c:58:95:b3:ea:
         76:fc:a8:b6:40:cb:12:e2:82:96:68:3a:c7:14:f9:b4:8c:d4:
         be:ed:0d:72:9b:d1:d5:b1:af:b0:c7:18:23:d9:98:94:19:b0:
         ed:39:ab:ac:79:8c:d3:98:4e:53:ca:5f:15:7f:61:1c:96:a6:
         45:58:de:a9:1d:02:8b:68:ac:f5:a9:c0:3a:e9:1d:74:aa:77:
         64:b6:8d:10:4e:4d:c0:a1:49:2b:5d:16:e2:e3:ed:73:8f:80:
         b7:12:5d:0a:65:a9:0f:f9:6b:f9:40:d0:ed:ea:e4:80:17:ae:
         2b:18:b1:6e:4b:ea:0d:c3:6a:65:01:6e:e4:4f:87:a1:3e:2e:
         bf:85:6c:7f:50:fe:40:d6:0b:3e:08:fa:b3:f2:c0:7a:93:44:
         ab:f9:30:bc:cc:ab:f3:b9:32:7d:8e:8e:fc:49:0e:05:cb:5c:
         b0:cc:a3:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZ8APwAQarn7OZpjNVY4XcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZjUwYjRmYzA5NTg5MGI4MzFjMDNkOTk2MjVjMGVlNTQx
OWQzNWEwHhcNMjUwNDIxMjAwMDIzWhcNMjUwNDIyMjAwMDIzWjAzMTEwLwYDVQQD
EyhiYzJkYzM3Y2E2N2VjOTQyNDc0OTkzMTAxY2RlMGY5ZWIwY2QyMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0MzFFASShVq7DJM5FTzH4xQDBa2
HoUMBz9EGfRqGddvvwMjb5WRsxMBewygXx7AGpTSJ4ZK2StRf9iB/n+AdVKZinej
Cw8WZhNnnlVL/e9QSZWkhhSUccN0ofME6ZV3Ky8OMwTSQJ0PMUAEcJPSnQeO3sEd
+IwRtLfDr/wcQ6e8n59lmEiuUJLCxrFF3W1Djk45C3Ohzdd7yi6D62mfx6RE3tZg
9eKPp5pmfgPY7aSEV7g18F8r/Jh5qNfqhQq8C1IXIhVEFohWl8OL79o53d56gzjS
ToaDK1lygXxSdveTd+JUEeXGaR4uNLhcq7kVYlZ75ZOQim2GxEEfrCYrBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwtw3ymfslCR0mTEBzeD56wzSCXMB8GA1UdIwQY
MBaAFNP1C0/AlYkLgxwD2ZYlwO5UGdNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8zYjMwMzctNjJiZC00YjRkLWFmNGQt
NzdlMzIxN2NkMzlmLzEvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8zYjMwMzctNjJiZC00YjRkLWFmNGQtNzdlMzIxN2NkMzlm
LzEvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFH1ZOjX7
I5uDAMmfaKDji13ufz4M6MVEaNbJaHgrXqaxTC4FQLRIduO/XVObon9SzzRReCCC
jxDt13EG7px5gcp0Zob8TMmfOVgyFbuyn7Dj4wAMCBxYlbPqdvyotkDLEuKClmg6
xxT5tIzUvu0NcpvR1bGvsMcYI9mYlBmw7TmrrHmM05hOU8pfFX9hHJamRVjeqR0C
i2is9anAOukddKp3ZLaNEE5NwKFJK10W4uPtc4+AtxJdCmWpD/lr+UDQ7erkgBeu
KxixbkvqDcNqZQFu5E+HoT4uv4Vsf1D+QNYLPgj6s/LAepNEq/kwvMyr87kyfY6O
/EkOBctcsMyj1g==
-----END CERTIFICATE-----