Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft
File:                     g-3hynyzX11h-NWctQNumT6kO3A.mft (raw, json)
Hash identifier:          ZZXY+QSFjk6UBGygaScWvN/TZfskgFfvYFBuUJ+E5k4=
Subject key identifier:   3B:10:01:6E:C7:4F:4C:C5:E9:B8:71:8C:FB:3F:57:6C:8F:C7:5A:E0
Authority key identifier: 83:ED:E1:CA:7C:B3:5F:5D:61:F8:D5:9C:B5:03:6E:99:3E:A4:3B:70
Certificate issuer:       /CN=83ede1ca7cb35f5d61f8d59cb5036e993ea43b70
Certificate serial:       01965CF146A857A3CE3555A80CDE986AB23B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g-3hynyzX11h-NWctQNumT6kO3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft
Manifest number:          0D29
Signing time:             Tue 22 Apr 2025 10:00:38 +0000
Manifest this update:     Tue 22 Apr 2025 10:00:38 +0000
Manifest next update:     Wed 23 Apr 2025 10:00:38 +0000
Files and hashes:         1: g-3hynyzX11h-NWctQNumT6kO3A.crl (hash: tZZgvDbWzwRszxWxXv76RYQEh8fyxjHXhycnF7Nkoaw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/g-3hynyzX11h-NWctQNumT6kO3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 10:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5c:f1:46:a8:57:a3:ce:35:55:a8:0c:de:98:6a:b2:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83ede1ca7cb35f5d61f8d59cb5036e993ea43b70
        Validity
            Not Before: Apr 22 10:00:38 2025 GMT
            Not After : Apr 23 10:00:38 2025 GMT
        Subject: CN=3b10016ec74f4cc5e9b8718cfb3f576c8fc75ae0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:be:ae:66:3f:10:d6:bc:19:29:54:4c:4f:bb:
                    a3:d0:14:43:69:76:e6:24:5e:93:8c:4a:13:8c:a6:
                    d9:48:b3:c9:b3:16:26:81:3d:9a:b3:b1:21:4f:ec:
                    3d:2c:79:bc:c3:c6:5c:85:1f:e7:2b:f9:cd:15:4d:
                    cb:8b:2c:b5:17:68:12:9d:00:3c:7b:9a:d6:33:79:
                    58:a7:81:39:bf:ad:93:bd:3a:34:4d:3e:e5:c7:39:
                    54:dd:0c:a4:1c:3f:43:ba:f5:e8:f7:a5:61:c0:12:
                    df:82:28:79:a4:8f:ab:b1:83:69:0d:16:af:e2:17:
                    e0:4f:6a:ca:b0:fb:e4:28:b8:6a:d7:86:c2:3a:21:
                    73:b0:55:5c:49:25:78:1b:77:03:24:c2:14:43:26:
                    e4:ef:ea:86:9c:c4:53:50:57:23:48:df:16:85:1f:
                    72:2f:f9:cf:e9:c3:aa:69:ab:97:20:7c:fd:ef:86:
                    1a:9f:33:b1:b7:2c:90:50:85:d7:b6:d0:d0:50:32:
                    b2:81:8e:2d:97:77:6c:08:d8:d5:3a:2e:ea:6e:85:
                    28:f7:41:f6:2b:f8:06:aa:50:3b:55:d8:40:c2:db:
                    1b:3e:03:aa:bd:cf:11:54:66:d3:a1:c9:33:fb:7d:
                    e2:2c:a3:c4:71:e8:b3:0c:07:17:14:f9:e4:db:ca:
                    22:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:10:01:6E:C7:4F:4C:C5:E9:B8:71:8C:FB:3F:57:6C:8F:C7:5A:E0
            X509v3 Authority Key Identifier:
                keyid:83:ED:E1:CA:7C:B3:5F:5D:61:F8:D5:9C:B5:03:6E:99:3E:A4:3B:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g-3hynyzX11h-NWctQNumT6kO3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:c8:a3:5f:25:23:64:e9:c7:2b:26:6a:51:e0:26:99:88:d4:
         18:99:64:09:e0:70:ee:f5:e6:22:c6:2f:f7:79:5a:fe:19:21:
         97:92:39:f7:0f:4c:34:25:dc:40:61:03:b3:30:1d:b9:a5:82:
         eb:c9:22:a3:6d:c9:63:56:ef:61:57:28:b1:c2:d0:3e:b0:f1:
         2b:c1:40:57:c1:4a:1c:32:a6:7e:37:67:77:cc:e3:23:d2:00:
         6d:33:40:a2:e7:db:4e:24:13:f8:50:55:9c:1e:3e:e5:5a:0b:
         bf:ff:18:29:af:63:69:62:d1:e0:04:32:5e:ee:a2:82:f5:f4:
         42:54:e9:25:0b:ed:c1:59:52:a1:f2:77:51:0d:65:ff:40:8c:
         91:3d:26:94:36:98:56:24:24:56:78:4a:8a:eb:3c:39:03:d4:
         54:28:25:93:82:f1:7b:67:f0:ca:2f:60:85:f5:b4:d2:71:e8:
         9d:96:fe:9a:67:1c:be:16:06:de:77:bf:4f:14:8d:e8:1b:06:
         78:51:d6:6d:70:e9:1a:84:22:be:af:96:16:78:e3:09:c5:9b:
         6a:f1:10:35:56:49:97:de:b1:87:ae:48:1f:5e:8f:fe:2f:c2:
         f1:90:56:7c:da:a3:78:85:f4:4e:cd:f8:59:8b:a1:01:7a:e5:
         ad:70:37:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZc8UaoV6PONVWoDN6YarI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZWRlMWNhN2NiMzVmNWQ2MWY4ZDU5Y2I1MDM2ZTk5M2Vh
NDNiNzAwHhcNMjUwNDIyMTAwMDM4WhcNMjUwNDIzMTAwMDM4WjAzMTEwLwYDVQQD
EygzYjEwMDE2ZWM3NGY0Y2M1ZTliODcxOGNmYjNmNTc2YzhmYzc1YWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyr6uZj8Q1rwZKVRMT7uj0BRDaXbm
JF6TjEoTjKbZSLPJsxYmgT2as7EhT+w9LHm8w8ZchR/nK/nNFU3Liyy1F2gSnQA8
e5rWM3lYp4E5v62TvTo0TT7lxzlU3QykHD9DuvXo96VhwBLfgih5pI+rsYNpDRav
4hfgT2rKsPvkKLhq14bCOiFzsFVcSSV4G3cDJMIUQybk7+qGnMRTUFcjSN8WhR9y
L/nP6cOqaauXIHz974YanzOxtyyQUIXXttDQUDKygY4tl3dsCNjVOi7qboUo90H2
K/gGqlA7VdhAwtsbPgOqvc8RVGbTockz+33iLKPEceizDAcXFPnk28oicwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDsQAW7HT0zF6bhxjPs/V2yPx1rgMB8GA1UdIwQY
MBaAFIPt4cp8s19dYfjVnLUDbpk+pDtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZy0zaHlueXpYMTFoLU5XY3RRTnVtVDZrTzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9mM2ViMTktODVlZS00ODdmLWFkMTIt
OGIzNjYwZWQ1ZWQwLzEvZy0zaHlueXpYMTFoLU5XY3RRTnVtVDZrTzNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9mM2ViMTktODVlZS00ODdmLWFkMTItOGIzNjYwZWQ1ZWQw
LzEvZy0zaHlueXpYMTFoLU5XY3RRTnVtVDZrTzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbsijXyUj
ZOnHKyZqUeAmmYjUGJlkCeBw7vXmIsYv93la/hkhl5I59w9MNCXcQGEDszAduaWC
68kio23JY1bvYVcoscLQPrDxK8FAV8FKHDKmfjdnd8zjI9IAbTNAoufbTiQT+FBV
nB4+5VoLv/8YKa9jaWLR4AQyXu6igvX0QlTpJQvtwVlSofJ3UQ1l/0CMkT0mlDaY
ViQkVnhKius8OQPUVCglk4Lxe2fwyi9ghfW00nHonZb+mmccvhYG3ne/TxSN6BsG
eFHWbXDpGoQivq+WFnjjCcWbavEQNVZJl96xh65IH16P/i/C8ZBWfNqjeIX0Ts34
WYuhAXrlrXA3RQ==
-----END CERTIFICATE-----