Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
File:                     3DC4_dBG72WGgJfwNrinyFVyqtA.mft (raw, json)
Hash identifier:          y0w94bxvHsYuX7ytwcnwfjWauJOD64rP/kIROOVLlzQ=
Subject key identifier:   2D:73:9A:4D:07:47:D7:2F:13:56:B9:79:8B:A7:15:AE:A1:3F:58:AF
Authority key identifier: DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0
Certificate issuer:       /CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
Certificate serial:       01958EBCE8DAFC830DE056FA948EDC9AC4C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
Manifest number:          1494
Signing time:             Thu 13 Mar 2025 09:01:39 +0000
Manifest this update:     Thu 13 Mar 2025 09:01:39 +0000
Manifest next update:     Fri 14 Mar 2025 09:01:39 +0000
Files and hashes:         1: 3DC4_dBG72WGgJfwNrinyFVyqtA.crl (hash: CoN3owhsE6Rfm0HEfXXK+XbtUxI4xdCUjXJy8IA+9E0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 09:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8e:bc:e8:da:fc:83:0d:e0:56:fa:94:8e:dc:9a:c4:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
        Validity
            Not Before: Mar 13 09:01:39 2025 GMT
            Not After : Mar 14 09:01:39 2025 GMT
        Subject: CN=2d739a4d0747d72f1356b9798ba715aea13f58af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b4:13:48:62:96:74:7d:a0:d6:bd:7f:09:2f:
                    e5:09:23:c4:ee:8e:11:53:f4:b2:29:ff:24:45:33:
                    fc:4c:21:48:bc:4f:44:b1:6a:59:1b:e3:d0:f8:15:
                    f4:5d:d7:e8:f9:6e:fd:2e:56:33:71:4f:cd:5c:c6:
                    39:2e:3a:54:40:9b:ac:5a:54:5b:40:ae:47:e0:2c:
                    a7:6d:39:c8:74:68:4b:55:12:87:2b:1d:3e:37:ea:
                    43:6b:e1:8c:04:ae:24:84:66:21:8c:41:c1:67:35:
                    13:d9:79:b7:ed:1f:45:26:d3:3e:74:73:25:a5:b3:
                    d2:c1:b7:79:11:b0:fc:db:8f:6b:aa:51:6a:78:3b:
                    93:77:8f:36:6a:3d:2d:ed:f4:c3:63:48:4e:a6:42:
                    f9:59:c9:0a:b1:76:bf:1f:7a:75:85:0a:1d:aa:5a:
                    68:88:ee:6f:4c:ea:4d:57:d2:4f:05:78:77:85:de:
                    62:f4:56:eb:b9:f8:1e:da:ca:06:73:2d:bd:c2:41:
                    e2:65:de:73:29:cf:8f:ea:5b:4c:08:63:5f:32:1e:
                    01:9b:fa:c9:2e:80:cc:9f:0c:91:8b:d2:0c:85:9c:
                    32:ee:3d:9c:3b:68:8f:00:75:fc:a9:a7:97:2c:fb:
                    12:5a:98:89:ea:17:cd:32:27:c0:3c:9f:e7:7e:fc:
                    36:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:73:9A:4D:07:47:D7:2F:13:56:B9:79:8B:A7:15:AE:A1:3F:58:AF
            X509v3 Authority Key Identifier:
                keyid:DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:8c:3f:f7:51:87:da:b7:16:e6:c3:66:ea:70:0a:35:0b:6c:
         02:c8:f2:d9:54:b1:4f:66:1b:9d:9e:1c:31:6f:b0:ba:39:3c:
         8b:be:07:b9:2b:23:c5:b8:b1:cd:79:f6:18:2a:49:5c:64:28:
         14:c6:c4:d1:ab:e4:c7:e4:2f:4b:bd:32:c8:31:6a:11:99:1e:
         fb:94:d1:60:91:fa:46:28:dc:c2:cd:65:aa:af:75:77:34:92:
         1e:d1:4a:ab:61:b9:53:38:48:e9:d4:05:7a:79:73:d9:1f:ab:
         b1:31:db:7e:d9:c6:58:b9:2c:ab:69:e2:01:42:96:55:97:43:
         86:81:d1:db:cb:58:9c:f4:a5:ff:ae:19:e6:53:57:40:ca:f4:
         09:3c:6e:63:7c:f2:0d:ba:bd:fc:9b:24:31:96:75:1c:57:d8:
         36:20:d0:1c:73:bf:fa:14:2f:2b:7e:64:28:3c:13:e7:48:25:
         b5:d2:16:5b:1b:d2:ac:34:f9:0c:7f:c0:4d:2c:b6:66:5b:7c:
         d0:a6:e8:0b:7c:b1:44:c3:9c:dc:b3:2d:ae:c4:2b:7b:e0:bc:
         a3:e5:09:7b:05:9a:2e:6c:54:f6:cb:c8:b9:e1:cb:9f:9e:16:
         6f:c8:a6:e5:9c:df:7b:2f:ae:92:2c:ef:c7:b9:3d:45:3a:ca:
         b2:a0:eb:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWOvOja/IMN4Fb6lI7cmsTJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzBiOGZkZDA0NmVmNjU4NjgwOTdmMDM2YjhhN2M4NTU3
MmFhZDAwHhcNMjUwMzEzMDkwMTM5WhcNMjUwMzE0MDkwMTM5WjAzMTEwLwYDVQQD
EygyZDczOWE0ZDA3NDdkNzJmMTM1NmI5Nzk4YmE3MTVhZWExM2Y1OGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbQTSGKWdH2g1r1/CS/lCSPE7o4R
U/SyKf8kRTP8TCFIvE9EsWpZG+PQ+BX0Xdfo+W79LlYzcU/NXMY5LjpUQJusWlRb
QK5H4CynbTnIdGhLVRKHKx0+N+pDa+GMBK4khGYhjEHBZzUT2Xm37R9FJtM+dHMl
pbPSwbd5EbD8249rqlFqeDuTd482aj0t7fTDY0hOpkL5WckKsXa/H3p1hQodqlpo
iO5vTOpNV9JPBXh3hd5i9Fbrufge2soGcy29wkHiZd5zKc+P6ltMCGNfMh4Bm/rJ
LoDMnwyRi9IMhZwy7j2cO2iPAHX8qaeXLPsSWpiJ6hfNMifAPJ/nfvw24wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC1zmk0HR9cvE1a5eYunFa6hP1ivMB8GA1UdIwQY
MBaAFNwwuP3QRu9lhoCX8Da4p8hVcqrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYt
MjlhMGFhNmM0YWQxLzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYtMjlhMGFhNmM0YWQx
LzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu4w/91GH
2rcW5sNm6nAKNQtsAsjy2VSxT2YbnZ4cMW+wujk8i74HuSsjxbixzXn2GCpJXGQo
FMbE0avkx+QvS70yyDFqEZke+5TRYJH6Rijcws1lqq91dzSSHtFKq2G5UzhI6dQF
enlz2R+rsTHbftnGWLksq2niAUKWVZdDhoHR28tYnPSl/64Z5lNXQMr0CTxuY3zy
Dbq9/JskMZZ1HFfYNiDQHHO/+hQvK35kKDwT50gltdIWWxvSrDT5DH/ATSy2Zlt8
0KboC3yxRMOc3LMtrsQre+C8o+UJewWaLmxU9svIueHLn54Wb8im5Zzfey+ukizv
x7k9RTrKsqDr+Q==
-----END CERTIFICATE-----