Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
File:                     dzW3DconD8uOS5CStyADZBOPXfE.mft (raw, json)
Hash identifier:          ar2VAlgI3GtLlvcn6uCEGRsWLQG1gXB8/94G97w4kmo=
Subject key identifier:   F3:72:CF:FE:A1:F0:2B:05:01:1C:90:8D:48:D6:0B:52:1A:EC:06:DF
Authority key identifier: 77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1
Certificate issuer:       /CN=7735b70dca270fcb8e4b9092b7200364138f5df1
Certificate serial:       019510C6D8E5AACA1C68DCD1AFD36FB65277
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
Manifest number:          1453
Signing time:             Sun 16 Feb 2025 22:00:21 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:21 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:21 +0000
Files and hashes:         1: dzW3DconD8uOS5CStyADZBOPXfE.crl (hash: wiMkiQ5quedPX54dckJnSKGZ44FfePsuUJptqcjWsWc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:d8:e5:aa:ca:1c:68:dc:d1:af:d3:6f:b6:52:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7735b70dca270fcb8e4b9092b7200364138f5df1
        Validity
            Not Before: Feb 16 22:00:21 2025 GMT
            Not After : Feb 17 22:00:21 2025 GMT
        Subject: CN=f372cffea1f02b05011c908d48d60b521aec06df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e8:15:cf:55:a3:5e:96:40:47:a1:32:c4:32:
                    4a:96:84:8e:3e:ec:ae:24:d6:c6:52:6c:ea:4c:6d:
                    8d:81:22:d8:ed:7e:7a:6a:f3:30:21:8e:2c:b6:ca:
                    f9:cf:b1:d3:b5:35:94:b7:24:fe:96:4f:fa:f6:e7:
                    bc:f6:dd:fa:a7:30:2d:99:05:2b:27:fa:d5:4b:86:
                    81:1e:ba:bd:e3:51:29:c0:99:d3:9c:3e:d8:87:c4:
                    48:14:07:04:48:e0:8e:14:16:cb:5a:bc:1e:74:25:
                    f0:7c:99:15:8c:dd:bd:9f:1c:c6:25:99:72:33:e8:
                    57:4e:39:da:f1:dd:0c:0b:fa:15:78:95:c0:25:5b:
                    3c:9a:1c:ec:33:87:c4:d7:fa:e7:a1:fd:ff:db:c4:
                    96:cd:33:3c:b8:dc:67:b5:df:c0:e0:8c:94:ec:cf:
                    11:8b:b9:96:b3:2a:7b:85:45:bd:49:3a:9b:80:f0:
                    0f:87:17:ae:53:3d:f9:70:77:a1:b8:fe:44:c0:c0:
                    3c:cb:8a:80:00:28:8d:4e:1d:02:1d:04:79:d6:4f:
                    8c:cf:d5:fa:cf:45:e6:42:29:45:0b:d7:60:cc:e8:
                    25:4f:93:6f:95:a2:d2:78:0f:7e:2f:c7:77:9f:40:
                    bc:43:5f:0d:34:83:aa:78:9f:b0:bd:ab:e2:36:56:
                    1f:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:72:CF:FE:A1:F0:2B:05:01:1C:90:8D:48:D6:0B:52:1A:EC:06:DF
            X509v3 Authority Key Identifier:
                keyid:77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:e6:ad:15:56:3f:a1:b3:c6:c0:74:ca:72:b9:b7:8b:f9:c1:
         c8:2c:46:3e:17:10:eb:49:b7:60:64:07:20:71:78:f0:1d:d4:
         24:85:5f:d2:31:87:c0:94:20:25:87:55:58:4a:e9:ad:36:c7:
         62:6e:16:40:d7:9f:8e:95:c6:f1:27:73:a4:99:10:67:f0:8d:
         8d:e8:95:de:a3:8d:ec:f1:24:8e:28:32:fb:9c:e4:39:57:a6:
         f8:a8:08:84:ff:b5:a5:1e:87:ab:c4:1d:b1:4b:19:fe:e0:7e:
         df:1b:69:03:66:f9:4c:78:5b:1c:69:3b:ca:f6:84:a7:50:9e:
         25:63:3f:e0:42:39:b2:4b:64:f4:e5:30:74:2c:8c:94:45:51:
         b2:6e:e1:ae:3d:c8:d5:fd:66:5f:80:a6:08:9f:a8:ef:c1:e7:
         ea:34:89:ee:f4:c5:21:c1:9d:4e:47:3f:bf:3e:35:e2:98:11:
         6d:3e:ae:ea:a7:6d:3f:98:1f:51:a6:08:49:d5:49:19:f2:a6:
         7d:e8:c5:a3:1f:e3:f7:24:82:23:26:80:ce:2b:44:92:ae:a8:
         66:8b:13:0c:e9:61:9a:6e:38:fd:5b:9f:75:25:eb:8a:a4:05:
         35:d5:aa:6c:af:4d:1e:11:42:56:f9:e0:f8:6e:e4:75:08:43:
         82:1b:c6:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxtjlqsocaNzRr9NvtlJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzViNzBkY2EyNzBmY2I4ZTRiOTA5MmI3MjAwMzY0MTM4
ZjVkZjEwHhcNMjUwMjE2MjIwMDIxWhcNMjUwMjE3MjIwMDIxWjAzMTEwLwYDVQQD
EyhmMzcyY2ZmZWExZjAyYjA1MDExYzkwOGQ0OGQ2MGI1MjFhZWMwNmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+gVz1WjXpZAR6EyxDJKloSOPuyu
JNbGUmzqTG2NgSLY7X56avMwIY4stsr5z7HTtTWUtyT+lk/69ue89t36pzAtmQUr
J/rVS4aBHrq941EpwJnTnD7Yh8RIFAcESOCOFBbLWrwedCXwfJkVjN29nxzGJZly
M+hXTjna8d0MC/oVeJXAJVs8mhzsM4fE1/rnof3/28SWzTM8uNxntd/A4IyU7M8R
i7mWsyp7hUW9STqbgPAPhxeuUz35cHehuP5EwMA8y4qAACiNTh0CHQR51k+Mz9X6
z0XmQilFC9dgzOglT5NvlaLSeA9+L8d3n0C8Q18NNIOqeJ+wvaviNlYf8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPNyz/6h8CsFARyQjUjWC1Ia7AbfMB8GA1UdIwQY
MBaAFHc1tw3KJw/LjkuQkrcgA2QTj13xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3Zjkt
YzZkZGViNDk0NzM1LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3ZjktYzZkZGViNDk0NzM1
LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVuatFVY/
obPGwHTKcrm3i/nByCxGPhcQ60m3YGQHIHF48B3UJIVf0jGHwJQgJYdVWErprTbH
Ym4WQNefjpXG8SdzpJkQZ/CNjeiV3qON7PEkjigy+5zkOVem+KgIhP+1pR6Hq8Qd
sUsZ/uB+3xtpA2b5THhbHGk7yvaEp1CeJWM/4EI5sktk9OUwdCyMlEVRsm7hrj3I
1f1mX4CmCJ+o78Hn6jSJ7vTFIcGdTkc/vz414pgRbT6u6qdtP5gfUaYISdVJGfKm
fejFox/j9ySCIyaAzitEkq6oZosTDOlhmm44/VufdSXriqQFNdWqbK9NHhFCVvng
+G7kdQhDghvGUg==
-----END CERTIFICATE-----