Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
File:                     3IiUXIhnpyYro3mzpphACRpPGQQ.mft (raw, json)
Hash identifier:          4aKwuOxH2hs/+ixj/Bm9IUFBVPF6GXGRM2JiJ7/kjd8=
Subject key identifier:   9B:05:9E:06:C1:68:49:35:C2:4E:5C:DA:4F:4A:E0:37:5D:D3:BE:7D
Authority key identifier: DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04
Certificate issuer:       /CN=dc88945c8867a7262ba379b3a69840091a4f1904
Certificate serial:       019646696FA4635DBBCE9AE4645242FDD2B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
Manifest number:          08C8
Signing time:             Fri 18 Apr 2025 01:00:36 +0000
Manifest this update:     Fri 18 Apr 2025 01:00:36 +0000
Manifest next update:     Sat 19 Apr 2025 01:00:36 +0000
Files and hashes:         1: 3IiUXIhnpyYro3mzpphACRpPGQQ.crl (hash: lHNJ59nfX0lPu2dVaSmUzkssJUZ9SunhFzg1MVW9EzY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:46:69:6f:a4:63:5d:bb:ce:9a:e4:64:52:42:fd:d2:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc88945c8867a7262ba379b3a69840091a4f1904
        Validity
            Not Before: Apr 18 01:00:36 2025 GMT
            Not After : Apr 19 01:00:36 2025 GMT
        Subject: CN=9b059e06c1684935c24e5cda4f4ae0375dd3be7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:42:3b:f3:80:5e:06:99:da:93:48:cc:8a:5c:
                    49:dd:f3:fa:e2:32:80:6a:a9:37:cd:e8:1c:63:ef:
                    9e:27:b4:2d:de:e9:dc:b0:1e:03:cd:82:1a:ae:1e:
                    f0:f1:fb:a3:bd:48:17:b8:7c:ae:d1:f6:fa:de:04:
                    9a:1c:81:b6:86:80:e9:55:d0:b4:00:08:29:94:30:
                    af:2c:c5:76:72:67:2c:5a:a9:e5:8f:26:7f:98:8c:
                    80:2c:c4:1f:5f:d8:ad:5d:32:64:42:3a:88:04:fc:
                    e1:e8:79:00:22:70:9e:7b:1f:ba:2f:d0:0c:39:7a:
                    64:18:7a:1d:b9:f5:74:27:a0:89:3c:3f:ca:84:3d:
                    3b:1e:7c:a0:01:63:79:2f:c3:42:a7:d3:3a:ce:49:
                    9e:d6:94:b9:8e:20:a0:6b:6a:66:b5:3b:39:06:44:
                    25:ea:ff:f8:40:c9:66:85:00:c4:6f:c9:ed:7b:07:
                    5b:69:b9:ce:ae:ec:c7:fb:a6:05:13:07:00:dc:59:
                    9c:d1:0c:84:16:61:e0:cb:61:90:f6:4f:db:19:cb:
                    98:49:6f:e1:1d:f4:2e:61:58:a3:dc:3c:e2:6b:7e:
                    5d:71:38:8f:f6:3f:87:82:01:89:c5:2b:ed:d7:cb:
                    04:5f:a4:ba:a2:4d:5b:e2:d5:18:e6:fc:e3:77:bc:
                    4f:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:05:9E:06:C1:68:49:35:C2:4E:5C:DA:4F:4A:E0:37:5D:D3:BE:7D
            X509v3 Authority Key Identifier:
                keyid:DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:cd:e7:00:67:58:69:88:ec:e7:f2:0c:1c:2f:26:81:88:0b:
         f2:dd:bf:17:7d:b0:d6:7f:c2:4e:8f:a6:0a:ff:86:21:79:72:
         f0:f6:79:74:41:7c:1f:15:95:f6:c1:26:a7:54:4d:7e:e4:c7:
         fa:4d:d8:8c:9b:b6:e9:76:1e:2b:6c:6b:cc:fd:01:31:ee:86:
         aa:6b:8f:a9:25:0a:c0:9d:36:4e:20:8f:f2:0a:50:62:e3:d8:
         5b:22:16:3c:22:af:5d:b2:cd:0c:42:51:3d:7e:3e:e2:7c:d8:
         e3:ee:47:9b:98:6f:b0:ab:dc:dc:e7:de:cc:4d:d9:0d:b9:cc:
         04:65:e7:56:91:66:b0:65:27:5e:95:d9:33:b2:b9:04:18:3a:
         97:7d:c8:d9:d4:27:96:f5:44:a1:1f:66:93:14:e4:5f:3a:8c:
         0d:4f:5b:05:de:13:fa:36:f0:4d:af:16:c0:1d:ca:1b:d6:4f:
         d9:05:dc:55:52:3e:8b:52:a2:41:00:5c:4b:98:15:83:62:e8:
         23:6c:9d:30:b5:6c:45:d0:16:4a:7d:60:79:e6:5a:1e:4e:f7:
         9d:e0:af:78:ee:79:43:68:c1:3b:94:be:3d:72:6c:7d:fc:37:
         cb:28:82:12:38:45:6c:78:cb:54:54:54:18:38:1e:fd:7e:4d:
         91:58:d3:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZGaW+kY127zprkZFJC/dK4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODg5NDVjODg2N2E3MjYyYmEzNzliM2E2OTg0MDA5MWE0
ZjE5MDQwHhcNMjUwNDE4MDEwMDM2WhcNMjUwNDE5MDEwMDM2WjAzMTEwLwYDVQQD
Eyg5YjA1OWUwNmMxNjg0OTM1YzI0ZTVjZGE0ZjRhZTAzNzVkZDNiZTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkI784BeBpnak0jMilxJ3fP64jKA
aqk3zegcY++eJ7Qt3uncsB4DzYIarh7w8fujvUgXuHyu0fb63gSaHIG2hoDpVdC0
AAgplDCvLMV2cmcsWqnljyZ/mIyALMQfX9itXTJkQjqIBPzh6HkAInCeex+6L9AM
OXpkGHodufV0J6CJPD/KhD07HnygAWN5L8NCp9M6zkme1pS5jiCga2pmtTs5BkQl
6v/4QMlmhQDEb8ntewdbabnOruzH+6YFEwcA3Fmc0QyEFmHgy2GQ9k/bGcuYSW/h
HfQuYVij3Dzia35dcTiP9j+HggGJxSvt18sEX6S6ok1b4tUY5vzjd7xPlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJsFngbBaEk1wk5c2k9K4Ddd0759MB8GA1UdIwQY
MBaAFNyIlFyIZ6cmK6N5s6aYQAkaTxkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2Et
OWNmZjFhZWUyYjBjLzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2EtOWNmZjFhZWUyYjBj
LzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOM3nAGdY
aYjs5/IMHC8mgYgL8t2/F32w1n/CTo+mCv+GIXly8PZ5dEF8HxWV9sEmp1RNfuTH
+k3YjJu26XYeK2xrzP0BMe6GqmuPqSUKwJ02TiCP8gpQYuPYWyIWPCKvXbLNDEJR
PX4+4nzY4+5Hm5hvsKvc3OfezE3ZDbnMBGXnVpFmsGUnXpXZM7K5BBg6l33I2dQn
lvVEoR9mkxTkXzqMDU9bBd4T+jbwTa8WwB3KG9ZP2QXcVVI+i1KiQQBcS5gVg2Lo
I2ydMLVsRdAWSn1geeZaHk73neCveO55Q2jBO5S+PXJsffw3yyiCEjhFbHjLVFRU
GDge/X5NkVjTjg==
-----END CERTIFICATE-----