Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
File:                     3plxFn-T_DSzvEebsh_2LTvzyYQ.mft (raw, json)
Hash identifier:          LB2usNtb7yZpZ0I7DHUlDEMUcY7HBhR4rIsPuvnzpEk=
Subject key identifier:   50:91:BB:14:26:D9:71:96:FB:3D:E2:CB:2E:16:B1:CC:68:5F:88:67
Authority key identifier: DE:99:71:16:7F:93:FC:34:B3:BC:47:9B:B2:1F:F6:2D:3B:F3:C9:84
Certificate issuer:       /CN=de9971167f93fc34b3bc479bb21ff62d3bf3c984
Certificate serial:       0194C4D1663031D0D7C688683935B87B1FD1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
Manifest number:          30
Signing time:             Sun 02 Feb 2025 04:00:44 +0000
Manifest this update:     Sun 02 Feb 2025 04:00:44 +0000
Manifest next update:     Mon 03 Feb 2025 04:00:44 +0000
Files and hashes:         1: 3plxFn-T_DSzvEebsh_2LTvzyYQ.crl (hash: 5ybRJ/TtsxpeujYGogKOORlaZE6g3qQof8r7d5Mecdo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:d1:66:30:31:d0:d7:c6:88:68:39:35:b8:7b:1f:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de9971167f93fc34b3bc479bb21ff62d3bf3c984
        Validity
            Not Before: Feb  2 04:00:44 2025 GMT
            Not After : Feb  3 04:00:44 2025 GMT
        Subject: CN=5091bb1426d97196fb3de2cb2e16b1cc685f8867
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:ac:dd:03:e1:7a:4c:64:da:e8:60:de:c9:73:
                    dd:04:0a:b7:43:5b:d7:89:b8:66:e6:8d:01:29:2f:
                    28:48:18:8f:b6:b8:3d:0f:40:2f:ff:62:7e:3f:94:
                    26:79:92:22:9c:48:b3:ea:0d:dc:15:30:3e:45:da:
                    a3:52:37:d0:f8:a2:bf:61:5e:32:02:de:5f:35:a4:
                    8e:35:74:e3:de:7c:e7:37:a1:26:bd:54:b3:c5:9e:
                    b9:1e:8e:a9:61:05:eb:b8:f0:fa:93:a5:e8:49:06:
                    7f:bc:73:c4:c9:3d:a5:72:a3:b6:38:1d:ac:59:f6:
                    64:fd:4d:98:f1:b3:0b:6f:85:f0:5c:32:e1:8d:0a:
                    9c:28:17:c2:e0:ba:6c:25:83:75:55:5a:2c:97:26:
                    b2:13:e5:a1:f9:8c:60:8f:f8:16:c0:6b:d1:0d:de:
                    28:fa:01:9f:8d:7a:ee:d0:97:c6:6c:44:fc:9d:d3:
                    59:5f:1c:c3:8a:17:34:cc:6f:7c:bd:4b:70:eb:e4:
                    30:5b:b6:25:1a:df:25:19:1a:d6:5c:7d:d7:67:4d:
                    c3:c7:7a:4b:8b:8f:ec:77:cd:ee:fe:57:38:f2:0f:
                    eb:1c:a7:60:a6:b1:65:69:e6:50:fa:15:fe:d8:ca:
                    72:2b:11:b2:2d:de:c2:22:fb:2c:ee:de:c7:b8:57:
                    6f:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:91:BB:14:26:D9:71:96:FB:3D:E2:CB:2E:16:B1:CC:68:5F:88:67
            X509v3 Authority Key Identifier:
                keyid:DE:99:71:16:7F:93:FC:34:B3:BC:47:9B:B2:1F:F6:2D:3B:F3:C9:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:d9:1d:1e:c8:88:ae:92:95:11:ea:04:5d:ca:2b:c6:cc:fc:
         20:c3:96:92:d7:a2:05:bd:e0:20:dc:d7:29:9d:7c:ad:f0:bd:
         70:f0:75:4c:f7:ef:64:e2:51:c2:89:f4:f0:7a:81:3e:3d:c1:
         33:96:7d:a6:a6:a5:6b:3b:52:e2:58:ad:e5:75:1b:06:7e:10:
         28:c2:bb:b7:ab:d8:5c:9f:5f:3a:90:6b:2f:4d:c0:f0:86:75:
         c7:79:a8:45:4b:12:8a:51:6f:16:15:ce:c5:80:34:4e:1a:ff:
         8e:69:f0:45:3f:21:d3:c7:e9:c1:6b:44:ae:6d:27:06:fc:ac:
         04:d7:fe:ab:b5:0d:1c:47:da:52:1e:76:d4:ec:f8:5c:19:c2:
         fc:c9:db:d0:a9:61:a4:dd:c3:84:49:a8:99:17:21:fa:8a:ed:
         ee:60:7f:83:40:bc:30:d5:60:27:c4:4a:3b:7e:a7:b4:d0:28:
         39:41:4f:1b:cf:06:01:a8:2e:bb:a2:84:a8:13:24:1b:47:00:
         e8:33:06:27:cb:65:cc:a3:67:ba:07:88:03:c0:d3:e3:f2:39:
         e4:92:71:a5:fe:ed:7e:c6:09:16:43:60:53:87:0d:f4:18:aa:
         9d:a6:61:4d:8e:d2:87:6f:23:4b:c7:89:5d:11:50:40:0b:9d:
         f9:42:0d:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTE0WYwMdDXxohoOTW4ex/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTk3MTE2N2Y5M2ZjMzRiM2JjNDc5YmIyMWZmNjJkM2Jm
M2M5ODQwHhcNMjUwMjAyMDQwMDQ0WhcNMjUwMjAzMDQwMDQ0WjAzMTEwLwYDVQQD
Eyg1MDkxYmIxNDI2ZDk3MTk2ZmIzZGUyY2IyZTE2YjFjYzY4NWY4ODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0azdA+F6TGTa6GDeyXPdBAq3Q1vX
ibhm5o0BKS8oSBiPtrg9D0Av/2J+P5QmeZIinEiz6g3cFTA+RdqjUjfQ+KK/YV4y
At5fNaSONXTj3nznN6EmvVSzxZ65Ho6pYQXruPD6k6XoSQZ/vHPEyT2lcqO2OB2s
WfZk/U2Y8bMLb4XwXDLhjQqcKBfC4LpsJYN1VVoslyayE+Wh+Yxgj/gWwGvRDd4o
+gGfjXru0JfGbET8ndNZXxzDihc0zG98vUtw6+QwW7YlGt8lGRrWXH3XZ03Dx3pL
i4/sd83u/lc48g/rHKdgprFlaeZQ+hX+2MpyKxGyLd7CIvss7t7HuFdviQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFCRuxQm2XGW+z3iyy4WscxoX4hnMB8GA1UdIwQY
MBaAFN6ZcRZ/k/w0s7xHm7If9i0788mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOWJlNDAtY2Q0Mi00YTZjLTlkNGUt
MWRmYmQxZWZkNWQ0LzEvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOWJlNDAtY2Q0Mi00YTZjLTlkNGUtMWRmYmQxZWZkNWQ0
LzEvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAetkdHsiI
rpKVEeoEXcorxsz8IMOWkteiBb3gINzXKZ18rfC9cPB1TPfvZOJRwon08HqBPj3B
M5Z9pqalaztS4lit5XUbBn4QKMK7t6vYXJ9fOpBrL03A8IZ1x3moRUsSilFvFhXO
xYA0Thr/jmnwRT8h08fpwWtErm0nBvysBNf+q7UNHEfaUh521Oz4XBnC/Mnb0Klh
pN3DhEmomRch+ort7mB/g0C8MNVgJ8RKO36ntNAoOUFPG88GAaguu6KEqBMkG0cA
6DMGJ8tlzKNnugeIA8DT4/I55JJxpf7tfsYJFkNgU4cN9BiqnaZhTY7Sh28jS8eJ
XRFQQAud+UINgg==
-----END CERTIFICATE-----