Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.mft
File:                     3tRskpaCjJwCVTCqaEFgmt8FaaA.mft (raw, json)
Hash identifier:          +2/dQPNPtZ3REcSm9c4Z4qlUw6n21KhCW2uVOBUWUrs=
Subject key identifier:   A2:88:61:AB:E4:A5:3F:AD:E3:C7:A6:5C:8D:00:80:CD:CE:E7:BC:82
Authority key identifier: DE:D4:6C:92:96:82:8C:9C:02:55:30:AA:68:41:60:9A:DF:05:69:A0
Certificate issuer:       /CN=ded46c9296828c9c025530aa6841609adf0569a0
Certificate serial:       019511D9D0D170A3D58F46E5136EE7E49DD1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3tRskpaCjJwCVTCqaEFgmt8FaaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.mft
Manifest number:          016E
Signing time:             Mon 17 Feb 2025 03:00:42 +0000
Manifest this update:     Mon 17 Feb 2025 03:00:42 +0000
Manifest next update:     Tue 18 Feb 2025 03:00:42 +0000
Files and hashes:         1: 3tRskpaCjJwCVTCqaEFgmt8FaaA.crl (hash: BWrcKzSQROigTEcf9YSRh7whTcPPvx5OF+UXEZ4kuFA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3tRskpaCjJwCVTCqaEFgmt8FaaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:d9:d0:d1:70:a3:d5:8f:46:e5:13:6e:e7:e4:9d:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ded46c9296828c9c025530aa6841609adf0569a0
        Validity
            Not Before: Feb 17 03:00:42 2025 GMT
            Not After : Feb 18 03:00:42 2025 GMT
        Subject: CN=a28861abe4a53fade3c7a65c8d0080cdcee7bc82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:f7:67:b7:f0:7a:8e:31:03:01:ef:7c:5b:4f:
                    b5:13:27:d3:28:78:ac:08:92:fb:da:bc:bd:4f:ee:
                    d8:ea:23:a7:56:91:de:c8:31:a9:84:29:5c:d1:2f:
                    91:ec:0d:a5:5c:62:11:2b:22:86:9b:50:b0:a7:c6:
                    50:79:7e:10:9e:5e:19:63:fe:98:e9:7b:0a:1d:97:
                    4a:c6:5f:51:43:1c:0f:18:af:55:90:be:35:4b:a6:
                    e7:ad:ef:6e:34:fd:9d:b1:2c:c0:96:89:7f:ee:1b:
                    d6:1a:bb:02:e9:16:30:2c:9c:17:65:81:6b:94:9c:
                    f9:2b:83:ea:81:cd:02:b2:89:4e:86:75:b5:27:84:
                    c9:45:91:8a:20:0d:c0:77:7c:80:7f:14:1e:47:52:
                    3f:f3:ef:7e:cb:5a:d1:dd:e5:97:ce:0b:dc:dc:1c:
                    c3:64:0f:ac:ec:07:f0:70:62:1a:da:eb:9b:5e:31:
                    e0:86:55:3d:da:8f:74:f0:89:8c:15:72:2e:e6:1d:
                    36:20:36:27:cb:3b:e9:ea:5d:35:68:86:b4:57:a6:
                    1a:eb:c0:0a:56:aa:33:ef:99:d6:2d:35:ed:b4:67:
                    b7:32:be:ea:fd:7d:6e:b0:cf:17:74:db:60:47:bf:
                    b4:f4:33:2a:fe:a3:be:2d:b7:c3:95:c9:33:31:4a:
                    9d:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:88:61:AB:E4:A5:3F:AD:E3:C7:A6:5C:8D:00:80:CD:CE:E7:BC:82
            X509v3 Authority Key Identifier:
                keyid:DE:D4:6C:92:96:82:8C:9C:02:55:30:AA:68:41:60:9A:DF:05:69:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tRskpaCjJwCVTCqaEFgmt8FaaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:de:59:c1:12:ca:8c:fd:8f:70:15:20:f3:9e:1d:c1:0d:e9:
         55:3a:5e:9c:7f:35:47:a2:88:02:75:ce:91:cf:80:3e:fb:8a:
         c1:16:33:ea:45:a4:cc:fa:98:d2:b8:cc:37:94:19:ff:9d:89:
         53:2e:b8:9c:5c:e2:8d:c7:d6:2c:de:99:76:71:2b:dd:82:a4:
         2a:02:ac:2b:9f:ea:aa:c2:38:2a:3d:81:87:77:b8:60:6a:82:
         93:d5:65:bd:f8:a6:cb:f7:23:d5:2d:84:03:ca:d2:3d:38:ca:
         e7:a6:04:12:9f:07:fe:b0:74:96:5c:f7:ed:ea:32:0a:0b:73:
         1d:05:64:47:19:2a:ed:23:78:3b:14:3d:1e:bb:f0:b3:69:0c:
         48:25:8d:79:05:64:0a:63:ed:29:b8:4e:93:22:fb:df:86:3b:
         62:c1:32:b6:72:cc:7e:15:ac:65:81:eb:57:0a:17:5e:ba:f9:
         98:a5:82:28:36:04:24:35:a1:51:97:87:8a:cc:d5:e5:88:2d:
         ab:9c:b3:1b:5b:ef:b0:0c:09:d0:68:c9:49:b5:e8:0b:a5:f4:
         27:f8:99:3e:df:1d:6e:02:1c:d9:21:b6:e3:bd:ec:f2:dc:2e:
         5d:84:87:c6:bd:ee:c9:5b:e6:1d:79:7c:3e:9f:5e:68:88:b6:
         b7:7f:16:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUR2dDRcKPVj0blE27n5J3RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZDQ2YzkyOTY4MjhjOWMwMjU1MzBhYTY4NDE2MDlhZGYw
NTY5YTAwHhcNMjUwMjE3MDMwMDQyWhcNMjUwMjE4MDMwMDQyWjAzMTEwLwYDVQQD
EyhhMjg4NjFhYmU0YTUzZmFkZTNjN2E2NWM4ZDAwODBjZGNlZTdiYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vdnt/B6jjEDAe98W0+1EyfTKHis
CJL72ry9T+7Y6iOnVpHeyDGphClc0S+R7A2lXGIRKyKGm1Cwp8ZQeX4Qnl4ZY/6Y
6XsKHZdKxl9RQxwPGK9VkL41S6bnre9uNP2dsSzAlol/7hvWGrsC6RYwLJwXZYFr
lJz5K4Pqgc0CsolOhnW1J4TJRZGKIA3Ad3yAfxQeR1I/8+9+y1rR3eWXzgvc3BzD
ZA+s7AfwcGIa2uubXjHghlU92o908ImMFXIu5h02IDYnyzvp6l01aIa0V6Ya68AK
Vqoz75nWLTXttGe3Mr7q/X1usM8XdNtgR7+09DMq/qO+LbfDlckzMUqdpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKKIYavkpT+t48emXI0AgM3O57yCMB8GA1UdIwQY
MBaAFN7UbJKWgoycAlUwqmhBYJrfBWmgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3RSc2twYUNqSndDVlRDcWFFRmdtdDhGYWFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC85MzZmOTMtMDkyMi00ZjVkLThlM2Et
YTAwMDdiZDVhY2U3LzEvM3RSc2twYUNqSndDVlRDcWFFRmdtdDhGYWFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC85MzZmOTMtMDkyMi00ZjVkLThlM2EtYTAwMDdiZDVhY2U3
LzEvM3RSc2twYUNqSndDVlRDcWFFRmdtdDhGYWFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGd5ZwRLK
jP2PcBUg854dwQ3pVTpenH81R6KIAnXOkc+APvuKwRYz6kWkzPqY0rjMN5QZ/52J
Uy64nFzijcfWLN6ZdnEr3YKkKgKsK5/qqsI4Kj2Bh3e4YGqCk9Vlvfimy/cj1S2E
A8rSPTjK56YEEp8H/rB0llz37eoyCgtzHQVkRxkq7SN4OxQ9Hrvws2kMSCWNeQVk
CmPtKbhOkyL734Y7YsEytnLMfhWsZYHrVwoXXrr5mKWCKDYEJDWhUZeHiszV5Ygt
q5yzG1vvsAwJ0GjJSbXoC6X0J/iZPt8dbgIc2SG2473s8twuXYSHxr3uyVvmHXl8
Pp9eaIi2t38WlA==
-----END CERTIFICATE-----