Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
File:                     Pn1HTATkiliTr3HDWnfN1oJv0zk.mft (raw, json)
Hash identifier:          Y+nGMf0yZy0/U8k19Azm3OT8Dzt/ijuT0W19T94QP9g=
Subject key identifier:   2A:CE:F6:57:D0:A2:BB:E4:11:9E:61:A3:2B:2A:BA:14:F9:33:5B:25
Authority key identifier: 3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39
Certificate issuer:       /CN=3e7d474c04e48a5893af71c35a77cdd6826fd339
Certificate serial:       01961132ECA41AE857EF84F141901106CC0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
Manifest number:          0386
Signing time:             Mon 07 Apr 2025 17:01:11 +0000
Manifest this update:     Mon 07 Apr 2025 17:01:11 +0000
Manifest next update:     Tue 08 Apr 2025 17:01:11 +0000
Files and hashes:         1: Pn1HTATkiliTr3HDWnfN1oJv0zk.crl (hash: rUjmmCtKwUJdqcmcHD1yfiHuokpr8MLspAPrYCY9P7w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 14:28:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:11:32:ec:a4:1a:e8:57:ef:84:f1:41:90:11:06:cc:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e7d474c04e48a5893af71c35a77cdd6826fd339
        Validity
            Not Before: Apr  7 17:01:11 2025 GMT
            Not After : Apr  8 17:01:11 2025 GMT
        Subject: CN=2acef657d0a2bbe4119e61a32b2aba14f9335b25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:d0:39:22:86:b2:23:9c:4d:54:69:41:a1:d4:
                    7a:fa:6e:a0:f2:96:40:cf:08:9c:2e:52:8b:ac:fa:
                    c6:45:3a:03:52:84:da:c9:9a:d7:63:6f:9c:f2:44:
                    1f:68:a7:94:9c:e7:bf:a5:52:61:e2:42:85:89:d9:
                    a3:fc:12:a5:d5:f6:3f:54:66:19:89:a7:99:e3:e1:
                    77:fd:26:e3:35:82:6d:90:48:15:89:15:94:65:b6:
                    b7:86:6b:b7:91:2e:fb:1a:a1:32:07:e9:2d:84:95:
                    36:37:96:e1:81:7b:14:26:24:03:1e:9f:9f:b3:a3:
                    bb:6b:73:33:6c:e0:b8:fb:3e:f9:e5:6f:cd:23:d5:
                    9a:9a:ad:75:af:ed:d4:8c:e4:73:7e:6c:b7:6b:06:
                    19:a2:ad:5d:d2:8e:a6:ec:55:f3:ae:5b:f6:6a:f0:
                    8b:91:48:4f:dc:05:da:81:e5:7d:4c:06:5d:08:dc:
                    57:6b:f5:01:5f:7c:a9:93:91:22:ca:69:15:d7:86:
                    0a:a9:80:33:17:d0:5d:89:03:ed:aa:0c:09:4e:b6:
                    48:a5:60:15:ee:98:8f:54:0f:44:d4:af:bb:2b:c9:
                    e5:5e:cc:a4:7b:8d:c3:a1:a8:4e:89:5a:bc:7d:02:
                    45:e8:22:b8:69:49:ce:c8:9f:6f:e4:ea:0e:c7:e2:
                    f5:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:CE:F6:57:D0:A2:BB:E4:11:9E:61:A3:2B:2A:BA:14:F9:33:5B:25
            X509v3 Authority Key Identifier:
                keyid:3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:14:0d:00:f7:fd:22:f5:b9:ff:27:3b:02:39:ae:00:42:72:
         ec:b0:09:e9:8b:9a:97:c8:8e:2d:4b:be:2b:2c:b9:10:30:e6:
         94:e7:2d:5f:71:de:48:7b:32:22:6a:06:b4:fd:ba:f8:27:c4:
         14:d5:28:3a:21:2d:a5:61:cd:cd:ec:2f:0d:7a:ad:3b:b0:97:
         39:13:c0:c1:27:3b:3f:66:f3:3f:07:9b:b1:e3:a1:77:21:d1:
         c5:f6:74:85:e7:c1:7b:83:9d:85:26:23:ef:d7:be:03:6e:3c:
         53:38:c3:a7:b1:a0:44:cf:eb:1f:3e:87:ae:a7:42:79:db:9e:
         76:f7:fb:28:e8:a8:02:f3:b7:9a:95:d6:f2:d0:aa:a6:ae:ca:
         f6:a1:86:4d:18:03:96:36:ee:a2:96:a8:dd:c9:22:a0:0e:7a:
         6e:0b:69:53:f0:3c:c4:f3:df:96:09:28:ef:0d:dd:02:d2:15:
         bc:15:29:65:16:6e:3c:ea:38:be:6b:53:be:7a:88:e4:2b:e1:
         6f:58:76:09:2f:d7:61:10:93:b9:c1:74:2e:b3:32:5f:89:15:
         b1:11:35:71:3a:cd:08:61:bd:c0:29:98:3a:60:fc:14:83:71:
         bd:a1:d7:d5:4c:07:91:59:2b:1d:d8:cb:32:5b:aa:b5:53:8f:
         e2:53:e6:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYRMuykGuhX74TxQZARBswLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlN2Q0NzRjMDRlNDhhNTg5M2FmNzFjMzVhNzdjZGQ2ODI2
ZmQzMzkwHhcNMjUwNDA3MTcwMTExWhcNMjUwNDA4MTcwMTExWjAzMTEwLwYDVQQD
EygyYWNlZjY1N2QwYTJiYmU0MTE5ZTYxYTMyYjJhYmExNGY5MzM1YjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9A5IoayI5xNVGlBodR6+m6g8pZA
zwicLlKLrPrGRToDUoTayZrXY2+c8kQfaKeUnOe/pVJh4kKFidmj/BKl1fY/VGYZ
iaeZ4+F3/SbjNYJtkEgViRWUZba3hmu3kS77GqEyB+kthJU2N5bhgXsUJiQDHp+f
s6O7a3MzbOC4+z755W/NI9Wamq11r+3UjORzfmy3awYZoq1d0o6m7FXzrlv2avCL
kUhP3AXageV9TAZdCNxXa/UBX3ypk5EiymkV14YKqYAzF9BdiQPtqgwJTrZIpWAV
7piPVA9E1K+7K8nlXsyke43DoahOiVq8fQJF6CK4aUnOyJ9v5OoOx+L14wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCrO9lfQorvkEZ5hoysquhT5M1slMB8GA1UdIwQY
MBaAFD59R0wE5IpYk69xw1p3zdaCb9M5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGIt
OTAzZTRmNWUxMjI1LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGItOTAzZTRmNWUxMjI1
LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcRQNAPf9
IvW5/yc7AjmuAEJy7LAJ6Yual8iOLUu+Kyy5EDDmlOctX3HeSHsyImoGtP26+CfE
FNUoOiEtpWHNzewvDXqtO7CXORPAwSc7P2bzPwebseOhdyHRxfZ0hefBe4OdhSYj
79e+A248UzjDp7GgRM/rHz6HrqdCeduedvf7KOioAvO3mpXW8tCqpq7K9qGGTRgD
ljbuopao3ckioA56bgtpU/A8xPPflgko7w3dAtIVvBUpZRZuPOo4vmtTvnqI5Cvh
b1h2CS/XYRCTucF0LrMyX4kVsRE1cTrNCGG9wCmYOmD8FINxvaHX1UwHkVkrHdjL
MluqtVOP4lPm+g==
-----END CERTIFICATE-----