Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft
File:                     N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft (raw, json)
Hash identifier:          WY+RygWboeR8CaN0MV0jURNWBKh2WiHabROY/fHZQ+Y=
Subject key identifier:   63:C3:35:AE:B7:B7:38:90:05:5A:10:E8:82:49:08:FB:C1:08:80:0F
Authority key identifier: 37:71:BD:6E:2D:DA:5F:A3:05:7C:4B:C2:83:FA:F7:13:A9:15:A5:D9
Certificate issuer:       /CN=3771bd6e2dda5fa3057c4bc283faf713a915a5d9
Certificate serial:       01957910679B5FF9DE31A9FE1257EFC7713F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N3G9bi3aX6MFfEvCg_r3E6kVpdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft
Manifest number:          0996
Signing time:             Sun 09 Mar 2025 04:01:13 +0000
Manifest this update:     Sun 09 Mar 2025 04:01:13 +0000
Manifest next update:     Mon 10 Mar 2025 04:01:13 +0000
Files and hashes:         1: N3G9bi3aX6MFfEvCg_r3E6kVpdk.crl (hash: mSq0AB204SWpAB8EQgL81rpbif1e62Hl735o918zqmw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N3G9bi3aX6MFfEvCg_r3E6kVpdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 10 Mar 2025 02:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:79:10:67:9b:5f:f9:de:31:a9:fe:12:57:ef:c7:71:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3771bd6e2dda5fa3057c4bc283faf713a915a5d9
        Validity
            Not Before: Mar  9 04:01:13 2025 GMT
            Not After : Mar 10 04:01:13 2025 GMT
        Subject: CN=63c335aeb7b73890055a10e8824908fbc108800f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:f4:0f:5e:27:a5:9a:31:30:5f:8e:a6:48:6f:
                    12:20:47:29:ea:20:88:ac:6d:6e:71:91:88:ef:ec:
                    59:64:ea:b4:d5:cf:0b:91:99:8f:6a:a7:b4:c5:bf:
                    4f:0d:e6:21:71:57:08:6f:1f:1b:c5:ae:01:95:e0:
                    af:15:b0:2c:e2:59:4e:db:df:52:6e:f1:48:37:9e:
                    0d:c9:bc:3b:85:15:69:1f:d8:c5:1d:e1:68:3f:d9:
                    2a:4f:a0:e9:be:fd:88:c5:10:3b:38:f1:31:46:f8:
                    c2:0b:aa:37:73:7c:df:5a:2e:f9:be:05:47:4b:85:
                    e8:19:e0:0c:71:13:46:f7:18:4b:48:41:f3:24:b0:
                    55:f0:9c:10:6a:6a:15:50:f8:f6:76:45:63:e0:99:
                    88:96:a7:32:c3:47:d5:83:35:4b:75:39:e5:a2:c0:
                    6d:ae:b3:dd:b3:db:7b:09:4b:5e:a5:85:7b:11:3d:
                    5d:3f:20:7f:cb:21:a7:ff:26:cb:28:4f:e6:60:ba:
                    ee:4d:ce:ff:e9:a2:8a:36:79:56:38:bb:06:12:7c:
                    8a:d2:8a:aa:9c:cf:12:c8:97:5b:26:c1:80:dc:be:
                    6e:07:ef:17:ac:b2:96:40:01:0c:2f:8f:bf:59:91:
                    d9:72:0e:b9:27:a9:40:ee:49:2c:5b:cd:9c:d9:78:
                    81:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:C3:35:AE:B7:B7:38:90:05:5A:10:E8:82:49:08:FB:C1:08:80:0F
            X509v3 Authority Key Identifier:
                keyid:37:71:BD:6E:2D:DA:5F:A3:05:7C:4B:C2:83:FA:F7:13:A9:15:A5:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N3G9bi3aX6MFfEvCg_r3E6kVpdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:4e:d7:f5:80:92:74:5e:85:c8:54:17:b9:fe:90:89:19:85:
         6d:f0:0d:77:08:59:90:2f:ae:4e:f3:22:4c:21:a3:da:55:17:
         25:c5:33:c9:1b:68:21:85:49:eb:43:32:c1:62:ce:19:05:2f:
         1a:74:f4:67:9d:a2:5e:48:e6:7c:16:b8:69:81:28:e6:b1:6e:
         d4:16:2e:66:08:19:f3:3d:cf:6d:90:f9:43:a6:dc:dc:b1:1e:
         c5:a8:da:a0:79:ca:ab:83:d2:af:f9:64:85:76:36:3b:a4:77:
         f9:34:22:89:3f:1a:46:ba:40:17:6d:ed:74:0e:15:62:40:21:
         33:60:43:a0:93:2d:53:01:07:2c:9b:9a:60:1c:a8:ec:73:25:
         17:df:a1:ed:fd:4c:46:10:76:40:b4:ea:5e:d6:c8:d9:17:e1:
         67:0e:44:46:22:ab:b2:4f:b7:fb:bb:70:4a:3f:2d:66:7e:3c:
         ad:23:77:35:77:13:fc:9d:4d:40:10:aa:e9:8e:51:10:b3:87:
         5e:66:1a:33:b5:6f:8c:00:00:36:d6:8c:fc:4e:ce:97:66:f4:
         0b:25:50:d3:1e:b3:52:8a:c8:50:d0:d1:60:24:d0:57:48:91:
         60:09:4b:a3:13:e9:f9:53:5b:e2:d6:08:39:1c:a9:0f:4f:35:
         ef:35:78:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV5EGebX/neMan+Elfvx3E/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NzFiZDZlMmRkYTVmYTMwNTdjNGJjMjgzZmFmNzEzYTkx
NWE1ZDkwHhcNMjUwMzA5MDQwMTEzWhcNMjUwMzEwMDQwMTEzWjAzMTEwLwYDVQQD
Eyg2M2MzMzVhZWI3YjczODkwMDU1YTEwZTg4MjQ5MDhmYmMxMDg4MDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PQPXielmjEwX46mSG8SIEcp6iCI
rG1ucZGI7+xZZOq01c8LkZmPaqe0xb9PDeYhcVcIbx8bxa4BleCvFbAs4llO299S
bvFIN54Nybw7hRVpH9jFHeFoP9kqT6Dpvv2IxRA7OPExRvjCC6o3c3zfWi75vgVH
S4XoGeAMcRNG9xhLSEHzJLBV8JwQamoVUPj2dkVj4JmIlqcyw0fVgzVLdTnlosBt
rrPds9t7CUtepYV7ET1dPyB/yyGn/ybLKE/mYLruTc7/6aKKNnlWOLsGEnyK0oqq
nM8SyJdbJsGA3L5uB+8XrLKWQAEML4+/WZHZcg65J6lA7kksW82c2XiBRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGPDNa63tziQBVoQ6IJJCPvBCIAPMB8GA1UdIwQY
MBaAFDdxvW4t2l+jBXxLwoP69xOpFaXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjNHOWJpM2FYNk1GZkV2Q2dfcjNFNmtWcGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC84NmY5M2ItY2Q5ZC00ZTgyLWJlZjAt
OWRjZjZiM2MwNzk3LzEvTjNHOWJpM2FYNk1GZkV2Q2dfcjNFNmtWcGRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC84NmY5M2ItY2Q5ZC00ZTgyLWJlZjAtOWRjZjZiM2MwNzk3
LzEvTjNHOWJpM2FYNk1GZkV2Q2dfcjNFNmtWcGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgk7X9YCS
dF6FyFQXuf6QiRmFbfANdwhZkC+uTvMiTCGj2lUXJcUzyRtoIYVJ60MywWLOGQUv
GnT0Z52iXkjmfBa4aYEo5rFu1BYuZggZ8z3PbZD5Q6bc3LEexajaoHnKq4PSr/lk
hXY2O6R3+TQiiT8aRrpAF23tdA4VYkAhM2BDoJMtUwEHLJuaYByo7HMlF9+h7f1M
RhB2QLTqXtbI2RfhZw5ERiKrsk+3+7twSj8tZn48rSN3NXcT/J1NQBCq6Y5RELOH
XmYaM7VvjAAANtaM/E7Ol2b0CyVQ0x6zUorIUNDRYCTQV0iRYAlLoxPp+VNb4tYI
ORypD0817zV4dQ==
-----END CERTIFICATE-----