Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
File:                     HR3nlQkjqWQxniwzg0m9Emh75K4.mft (raw, json)
Hash identifier:          mdsofSiYBXuxneWNN8VMdT185DANdGvOwshp3RZ9qdI=
Subject key identifier:   3F:C7:36:87:DD:DB:86:9A:7B:87:55:98:11:23:EF:B1:1B:41:97:BE
Authority key identifier: 1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE
Certificate issuer:       /CN=1d1de7950923a964319e2c338349bd12687be4ae
Certificate serial:       019645C4A20F1F63F4347279A8287EEC350A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
Manifest number:          096C
Signing time:             Thu 17 Apr 2025 22:00:36 +0000
Manifest this update:     Thu 17 Apr 2025 22:00:36 +0000
Manifest next update:     Fri 18 Apr 2025 22:00:36 +0000
Files and hashes:         1: HR3nlQkjqWQxniwzg0m9Emh75K4.crl (hash: rvLpl3FctvFB41PtzUVcngCKL+EP9WKGkGKk4B9aIBg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:45:c4:a2:0f:1f:63:f4:34:72:79:a8:28:7e:ec:35:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d1de7950923a964319e2c338349bd12687be4ae
        Validity
            Not Before: Apr 17 22:00:36 2025 GMT
            Not After : Apr 18 22:00:36 2025 GMT
        Subject: CN=3fc73687dddb869a7b8755981123efb11b4197be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:60:db:e2:9c:e3:7c:3d:29:93:07:ee:58:97:
                    12:17:9b:1f:f2:ff:88:ea:0a:62:d9:3a:8c:54:09:
                    82:22:26:30:ce:56:8e:62:d9:3e:f9:d6:46:2f:49:
                    41:04:8e:77:29:ed:d9:c7:a4:8e:3d:94:50:2f:3c:
                    75:e3:dc:9a:7e:08:50:83:68:a3:91:37:6a:67:ab:
                    31:52:1b:d8:64:7e:ce:b1:43:ff:61:b7:cc:a3:9d:
                    84:7e:21:c2:4c:1b:98:a9:ca:82:0b:83:e6:fe:35:
                    25:b2:8f:99:19:00:63:f7:46:61:8b:95:f2:63:17:
                    81:61:9b:c6:cb:81:97:e5:30:dd:1c:16:b9:ac:d9:
                    fd:d1:49:c8:02:f8:de:a5:0d:0a:6c:07:23:da:d6:
                    ae:0e:44:c2:08:e9:f7:21:1e:a1:35:4f:b8:1f:75:
                    c5:e0:99:2f:af:c0:81:ba:fc:e9:bf:f8:29:5c:6c:
                    be:9d:b5:ff:dd:1a:97:e6:68:5b:bb:c8:a5:2d:eb:
                    82:93:8a:35:67:0e:6f:18:2b:4c:cc:f9:ce:35:b4:
                    15:24:69:34:21:1d:c7:b6:9c:0b:39:17:ad:05:d3:
                    4d:fe:23:a3:a5:74:62:09:af:3c:98:56:b2:d9:a9:
                    b7:2f:94:72:e0:f8:db:d4:23:38:4f:11:3b:5a:ec:
                    37:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:C7:36:87:DD:DB:86:9A:7B:87:55:98:11:23:EF:B1:1B:41:97:BE
            X509v3 Authority Key Identifier:
                keyid:1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:35:c2:c1:22:f8:5f:54:06:6d:8f:71:fc:d9:09:1e:f9:2d:
         fc:3d:36:4f:12:f2:be:95:31:4e:c9:40:c9:0e:e6:e0:38:c2:
         ff:8d:c4:54:63:0d:e1:80:6b:09:45:bc:c8:2c:54:bf:e1:b0:
         9d:44:b0:ba:29:11:57:bd:95:f2:63:40:d5:fb:0b:3c:f4:33:
         c7:02:35:6d:a5:b7:da:3e:2d:58:15:88:de:20:4e:ab:bd:d6:
         da:5b:23:27:5f:f8:0e:8a:84:de:99:4f:66:cd:fa:a2:0b:52:
         d4:91:42:65:b0:f2:75:8d:b3:95:7a:4f:fd:c2:6f:3e:0f:86:
         4f:ec:8f:6d:31:d6:6f:bc:01:bc:5d:5a:43:1f:73:95:80:a5:
         13:0b:1f:f7:49:31:bc:9f:34:04:56:6e:00:99:25:2b:b6:6e:
         f7:35:69:4a:73:96:41:24:70:35:66:da:26:07:a9:b6:7a:fb:
         d6:33:dc:32:2c:53:25:4a:51:7e:dd:1c:46:f0:82:a8:0a:b5:
         25:c5:13:e1:bf:7b:68:68:86:16:4a:90:7d:20:0c:b7:44:39:
         e3:ea:9c:49:ff:fc:09:3e:e0:76:ce:97:a9:4a:71:6f:10:3e:
         3e:9c:a4:e6:bc:ac:c8:25:f9:e9:e8:8b:b4:ff:19:6e:af:82:
         97:10:06:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZFxKIPH2P0NHJ5qCh+7DUKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWRlNzk1MDkyM2E5NjQzMTllMmMzMzgzNDliZDEyNjg3
YmU0YWUwHhcNMjUwNDE3MjIwMDM2WhcNMjUwNDE4MjIwMDM2WjAzMTEwLwYDVQQD
EygzZmM3MzY4N2RkZGI4NjlhN2I4NzU1OTgxMTIzZWZiMTFiNDE5N2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWDb4pzjfD0pkwfuWJcSF5sf8v+I
6gpi2TqMVAmCIiYwzlaOYtk++dZGL0lBBI53Ke3Zx6SOPZRQLzx149yafghQg2ij
kTdqZ6sxUhvYZH7OsUP/YbfMo52EfiHCTBuYqcqCC4Pm/jUlso+ZGQBj90Zhi5Xy
YxeBYZvGy4GX5TDdHBa5rNn90UnIAvjepQ0KbAcj2tauDkTCCOn3IR6hNU+4H3XF
4Jkvr8CBuvzpv/gpXGy+nbX/3RqX5mhbu8ilLeuCk4o1Zw5vGCtMzPnONbQVJGk0
IR3HtpwLORetBdNN/iOjpXRiCa88mFay2am3L5Ry4Pjb1CM4TxE7Wuw3wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD/HNofd24aae4dVmBEj77EbQZe+MB8GA1UdIwQY
MBaAFB0d55UJI6lkMZ4sM4NJvRJoe+SuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3Mzct
ZDhkMDBlMTZjNTkwLzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3MzctZDhkMDBlMTZjNTkw
LzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZjXCwSL4
X1QGbY9x/NkJHvkt/D02TxLyvpUxTslAyQ7m4DjC/43EVGMN4YBrCUW8yCxUv+Gw
nUSwuikRV72V8mNA1fsLPPQzxwI1baW32j4tWBWI3iBOq73W2lsjJ1/4DoqE3plP
Zs36ogtS1JFCZbDydY2zlXpP/cJvPg+GT+yPbTHWb7wBvF1aQx9zlYClEwsf90kx
vJ80BFZuAJklK7Zu9zVpSnOWQSRwNWbaJgeptnr71jPcMixTJUpRft0cRvCCqAq1
JcUT4b97aGiGFkqQfSAMt0Q54+qcSf/8CT7gds6XqUpxbxA+Ppyk5rysyCX56eiL
tP8Zbq+ClxAGjg==
-----END CERTIFICATE-----