Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
File:                     3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft (raw, json)
Hash identifier:          /M16Ue1TQfXihEZurehe4gKx3qOb6SXV84yr8cxzNw8=
Subject key identifier:   3C:72:6A:AC:8B:00:1E:55:92:33:EB:9D:03:8A:8C:1B:8A:6C:55:F9
Authority key identifier: DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91
Certificate issuer:       /CN=dd399e494189f691a5ed64f3be3a6a3b50225091
Certificate serial:       019657CBA263D7C59E3409A44C42495F78D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
Manifest number:          046C
Signing time:             Mon 21 Apr 2025 10:01:25 +0000
Manifest this update:     Mon 21 Apr 2025 10:01:25 +0000
Manifest next update:     Tue 22 Apr 2025 10:01:25 +0000
Files and hashes:         1: 3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl (hash: 24NlnI4YkWLXrOtiSna1znLr4dn89P1jR6o+Fde8aoQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:cb:a2:63:d7:c5:9e:34:09:a4:4c:42:49:5f:78:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd399e494189f691a5ed64f3be3a6a3b50225091
        Validity
            Not Before: Apr 21 10:01:25 2025 GMT
            Not After : Apr 22 10:01:25 2025 GMT
        Subject: CN=3c726aac8b001e559233eb9d038a8c1b8a6c55f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:c8:51:2e:59:52:96:76:95:9d:5b:0c:e6:de:
                    33:31:f8:a1:99:74:a1:11:18:3c:fa:81:fe:bb:e9:
                    d0:0c:49:23:c0:b9:4b:88:50:3b:85:98:f2:fd:fc:
                    f2:13:f6:98:89:d1:58:0c:3e:e7:08:fe:d4:34:f5:
                    54:ac:b0:46:20:10:bf:1c:99:cb:09:d9:c9:7e:92:
                    2d:90:bb:e3:a3:92:fe:83:3d:cd:4b:c4:ef:b2:28:
                    ef:7e:f4:1b:4b:9c:56:2b:12:e7:a9:85:4f:53:e6:
                    50:1f:f6:92:3c:a3:d1:93:6b:d0:e7:4b:73:7f:ea:
                    04:d9:64:9e:af:45:3c:01:64:30:8f:84:dd:be:41:
                    ef:89:23:a8:73:a5:0a:cd:bf:dd:ed:cb:00:62:70:
                    57:d9:37:76:9a:f2:12:29:83:08:03:4d:95:96:71:
                    7e:f8:e4:1b:4a:72:fb:1a:8f:53:d5:f7:72:a9:af:
                    b2:2b:70:2f:65:4d:b0:2a:7d:70:82:eb:f8:f6:16:
                    a9:74:59:84:d3:fb:1f:35:1b:e8:53:b4:58:db:5c:
                    b4:4b:1d:95:3e:9d:e3:66:ce:8a:cd:1d:f3:90:37:
                    fa:6c:ec:53:13:a8:eb:20:cb:9a:ac:20:62:b1:32:
                    60:e1:43:e7:71:88:ac:62:ca:6f:de:7b:a7:0d:4a:
                    df:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:72:6A:AC:8B:00:1E:55:92:33:EB:9D:03:8A:8C:1B:8A:6C:55:F9
            X509v3 Authority Key Identifier:
                keyid:DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:7a:92:6f:87:43:11:c4:96:c9:b7:02:e4:a7:45:8a:1e:b8:
         d8:68:d0:96:32:af:e4:f3:1a:a7:08:ca:95:1b:9b:02:f1:15:
         01:fb:2a:08:4d:0b:c2:8d:f5:b4:70:70:f9:77:97:36:0f:90:
         13:0e:f1:79:6e:57:0d:de:67:42:85:20:a4:11:a5:1c:1b:36:
         fb:95:6a:96:0d:8c:44:b1:23:cb:5f:90:a2:bf:c2:55:8c:e2:
         6b:15:06:3b:ac:61:71:ea:46:80:f2:24:1a:fa:c4:77:78:98:
         95:43:24:f2:b4:30:57:00:45:67:e2:04:62:23:b6:b2:87:9b:
         4c:fc:75:93:e3:9c:57:62:21:7c:07:28:76:6c:cc:57:1b:6e:
         d6:fa:49:64:53:35:ad:d5:f8:de:56:77:c5:28:5b:64:83:7d:
         6b:af:4a:14:71:80:3e:36:f9:20:03:2a:52:84:d1:0b:37:fd:
         bd:08:c6:19:db:bd:7e:79:1f:c4:56:69:71:b4:fe:d4:ad:1c:
         29:5a:68:9b:94:61:d3:fc:ba:f8:2e:28:64:e4:c9:6e:8d:4b:
         5b:13:6b:78:ec:69:5e:8b:47:fd:c2:95:9e:04:b8:2c:da:e0:
         16:8b:43:41:66:e5:a1:f2:2e:a7:06:b7:17:a8:72:af:2d:cb:
         e8:63:18:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXy6Jj18WeNAmkTEJJX3jYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMzk5ZTQ5NDE4OWY2OTFhNWVkNjRmM2JlM2E2YTNiNTAy
MjUwOTEwHhcNMjUwNDIxMTAwMTI1WhcNMjUwNDIyMTAwMTI1WjAzMTEwLwYDVQQD
EygzYzcyNmFhYzhiMDAxZTU1OTIzM2ViOWQwMzhhOGMxYjhhNmM1NWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlshRLllSlnaVnVsM5t4zMfihmXSh
ERg8+oH+u+nQDEkjwLlLiFA7hZjy/fzyE/aYidFYDD7nCP7UNPVUrLBGIBC/HJnL
CdnJfpItkLvjo5L+gz3NS8TvsijvfvQbS5xWKxLnqYVPU+ZQH/aSPKPRk2vQ50tz
f+oE2WSer0U8AWQwj4TdvkHviSOoc6UKzb/d7csAYnBX2Td2mvISKYMIA02VlnF+
+OQbSnL7Go9T1fdyqa+yK3AvZU2wKn1wguv49hapdFmE0/sfNRvoU7RY21y0Sx2V
Pp3jZs6KzR3zkDf6bOxTE6jrIMuarCBisTJg4UPncYisYspv3nunDUrfcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDxyaqyLAB5VkjPrnQOKjBuKbFX5MB8GA1UdIwQY
MBaAFN05nklBifaRpe1k8746ajtQIlCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTct
NDQyYTAzYjdmMDg0LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTctNDQyYTAzYjdmMDg0
LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUHqSb4dD
EcSWybcC5KdFih642GjQljKv5PMapwjKlRubAvEVAfsqCE0Lwo31tHBw+XeXNg+Q
Ew7xeW5XDd5nQoUgpBGlHBs2+5Vqlg2MRLEjy1+Qor/CVYziaxUGO6xhcepGgPIk
GvrEd3iYlUMk8rQwVwBFZ+IEYiO2soebTPx1k+OcV2IhfAcodmzMVxtu1vpJZFM1
rdX43lZ3xShbZIN9a69KFHGAPjb5IAMqUoTRCzf9vQjGGdu9fnkfxFZpcbT+1K0c
KVpom5Rh0/y6+C4oZOTJbo1LWxNreOxpXotH/cKVngS4LNrgFotDQWblofIupwa3
F6hyry3L6GMYwA==
-----END CERTIFICATE-----