Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
File:                     3ySnzbcPLOjN3aURtEWeA0_375s.mft (raw, json)
Hash identifier:          zuAVmSoiixyK0ukzDxvOPUpKzlCei2HGcZna6blqVWw=
Subject key identifier:   DC:9F:06:F6:4B:60:2C:22:B5:8C:39:1E:14:52:C0:21:2B:32:BB:10
Authority key identifier: DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B
Certificate issuer:       /CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
Certificate serial:       0196406768F8C77AE5571740DF7C411AFF88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
Manifest number:          0C9E
Signing time:             Wed 16 Apr 2025 21:00:40 +0000
Manifest this update:     Wed 16 Apr 2025 21:00:40 +0000
Manifest next update:     Thu 17 Apr 2025 21:00:40 +0000
Files and hashes:         1: 3ySnzbcPLOjN3aURtEWeA0_375s.crl (hash: IsE7YjlqL8vzYh8woVONNqpi6WWWLCmtig4tjt5BXvo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 13:16:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:40:67:68:f8:c7:7a:e5:57:17:40:df:7c:41:1a:ff:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
        Validity
            Not Before: Apr 16 21:00:40 2025 GMT
            Not After : Apr 17 21:00:40 2025 GMT
        Subject: CN=dc9f06f64b602c22b58c391e1452c0212b32bb10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:f6:95:c1:2d:00:5c:41:70:47:86:65:11:83:
                    46:f7:6b:1b:d7:4a:b5:ee:ad:29:ea:3a:41:ed:54:
                    2c:d1:ee:7a:cc:62:bd:c5:37:97:3b:42:ba:be:90:
                    7f:7e:89:5e:26:93:b0:5c:d1:7b:96:51:a3:5f:30:
                    3c:77:97:6d:14:9c:3c:fb:85:93:be:ca:78:05:02:
                    5d:f7:ac:6c:79:97:26:b1:6f:52:b2:97:7c:68:c2:
                    4f:79:fb:77:b4:30:70:b4:ec:e9:f2:dd:2f:0e:38:
                    c4:a6:e8:e6:57:de:39:6d:f4:cb:fe:db:9e:a9:2f:
                    b6:e1:a1:d4:08:d9:6e:6c:87:1b:8b:8f:3e:0a:29:
                    50:a1:66:71:83:4f:82:08:f7:92:a5:e7:9c:46:80:
                    11:ce:54:72:a3:11:e6:48:82:d6:6c:83:2f:bf:c8:
                    03:34:10:fb:2d:a0:9e:35:54:58:19:56:43:73:8c:
                    b3:0c:11:fa:34:75:28:15:b9:72:a4:31:c0:04:42:
                    73:45:27:13:74:ea:43:0d:b7:35:e9:af:8f:a8:d4:
                    40:d5:e5:e3:a2:89:3f:fc:06:4f:b1:7e:b9:34:9e:
                    ca:53:63:6b:b2:2f:ca:0c:54:ea:00:81:db:be:11:
                    e0:4f:a0:7b:4e:6b:42:9a:ae:7e:14:a1:5c:09:ad:
                    f5:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:9F:06:F6:4B:60:2C:22:B5:8C:39:1E:14:52:C0:21:2B:32:BB:10
            X509v3 Authority Key Identifier:
                keyid:DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:0d:c1:c7:54:97:86:79:b3:b6:31:34:b6:33:47:4d:74:80:
         78:4a:86:80:4f:fd:a0:48:bb:13:51:1a:03:b5:29:32:0b:b8:
         31:42:ca:3a:cf:f2:ac:c1:10:b7:de:31:56:05:4a:99:6a:a3:
         08:11:66:2e:ee:f3:47:42:4d:01:fd:10:cb:2b:d4:ed:e5:bf:
         6c:ff:d5:91:ec:c8:5c:66:12:43:f9:35:24:2f:35:92:a1:e3:
         aa:0e:15:6c:0b:b4:99:bf:d8:fc:48:03:7f:1b:f1:7f:d1:c7:
         7b:5c:8e:fa:c9:b5:57:d2:df:39:36:0d:a0:e9:40:1c:e8:5c:
         58:10:60:e5:69:43:e8:4f:96:8e:30:38:74:67:ee:81:13:06:
         87:a1:dc:2e:b0:45:62:ab:6e:92:4c:fb:71:80:c4:93:16:76:
         65:13:2b:e8:46:0a:58:06:f3:61:4d:ec:cb:8c:e1:ec:21:ac:
         3f:c6:08:99:42:9c:6b:7f:04:ed:94:ae:03:83:9f:06:6d:ab:
         d8:9c:3b:33:8f:db:70:d8:29:a9:67:39:3d:63:a2:de:f4:48:
         d2:80:98:8e:ea:5b:b0:64:1e:f1:a4:4c:5f:3d:e6:5d:b6:d5:
         3b:1d:24:b0:b6:dd:bb:c6:b3:6f:a4:c2:94:91:0e:5f:83:3e:
         db:07:5f:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZAZ2j4x3rlVxdA33xBGv+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjRhN2NkYjcwZjJjZThjZGRkYTUxMWI0NDU5ZTAzNGZm
N2VmOWIwHhcNMjUwNDE2MjEwMDQwWhcNMjUwNDE3MjEwMDQwWjAzMTEwLwYDVQQD
EyhkYzlmMDZmNjRiNjAyYzIyYjU4YzM5MWUxNDUyYzAyMTJiMzJiYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovaVwS0AXEFwR4ZlEYNG92sb10q1
7q0p6jpB7VQs0e56zGK9xTeXO0K6vpB/foleJpOwXNF7llGjXzA8d5dtFJw8+4WT
vsp4BQJd96xseZcmsW9Sspd8aMJPeft3tDBwtOzp8t0vDjjEpujmV945bfTL/tue
qS+24aHUCNlubIcbi48+CilQoWZxg0+CCPeSpeecRoARzlRyoxHmSILWbIMvv8gD
NBD7LaCeNVRYGVZDc4yzDBH6NHUoFblypDHABEJzRScTdOpDDbc16a+PqNRA1eXj
ook//AZPsX65NJ7KU2Nrsi/KDFTqAIHbvhHgT6B7TmtCmq5+FKFcCa31DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNyfBvZLYCwitYw5HhRSwCErMrsQMB8GA1UdIwQY
MBaAFN8kp823Dyzozd2lEbRFngNP9++bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjIt
ZjY5ZDczOTc0NThlLzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjItZjY5ZDczOTc0NThl
LzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACQ3Bx1SX
hnmztjE0tjNHTXSAeEqGgE/9oEi7E1EaA7UpMgu4MULKOs/yrMEQt94xVgVKmWqj
CBFmLu7zR0JNAf0QyyvU7eW/bP/VkezIXGYSQ/k1JC81kqHjqg4VbAu0mb/Y/EgD
fxvxf9HHe1yO+sm1V9LfOTYNoOlAHOhcWBBg5WlD6E+WjjA4dGfugRMGh6HcLrBF
Yqtukkz7cYDEkxZ2ZRMr6EYKWAbzYU3sy4zh7CGsP8YImUKca38E7ZSuA4OfBm2r
2Jw7M4/bcNgpqWc5PWOi3vRI0oCYjupbsGQe8aRMXz3mXbbVOx0ksLbdu8azb6TC
lJEOX4M+2wdfKQ==
-----END CERTIFICATE-----