Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft
File:                     4T3UuB8fx53U2mQo-cKgJzRX_wY.mft (raw, json)
Hash identifier:          Ue+J15h4UjWfIvVzwfT0aaJWwGS652iRI37asve+sZM=
Subject key identifier:   35:04:3A:72:03:C5:C0:5D:DB:A6:B7:E2:B0:E9:41:1F:9F:05:4E:4B
Authority key identifier: E1:3D:D4:B8:1F:1F:C7:9D:D4:DA:64:28:F9:C2:A0:27:34:57:FF:06
Certificate issuer:       /CN=e13dd4b81f1fc79dd4da6428f9c2a0273457ff06
Certificate serial:       0196549289303FF17AB872063970CF19F300
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4T3UuB8fx53U2mQo-cKgJzRX_wY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft
Manifest number:          0377
Signing time:             Sun 20 Apr 2025 19:00:11 +0000
Manifest this update:     Sun 20 Apr 2025 19:00:11 +0000
Manifest next update:     Mon 21 Apr 2025 19:00:11 +0000
Files and hashes:         1: 4T3UuB8fx53U2mQo-cKgJzRX_wY.crl (hash: 1a0LSOBAArHkSvJjHTdWV0YFeyZMK5HydgvfTAzUtSM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4T3UuB8fx53U2mQo-cKgJzRX_wY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:92:89:30:3f:f1:7a:b8:72:06:39:70:cf:19:f3:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e13dd4b81f1fc79dd4da6428f9c2a0273457ff06
        Validity
            Not Before: Apr 20 19:00:11 2025 GMT
            Not After : Apr 21 19:00:11 2025 GMT
        Subject: CN=35043a7203c5c05ddba6b7e2b0e9411f9f054e4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:02:c9:1f:14:45:88:73:5e:b6:ee:05:08:ea:
                    30:68:d9:a0:3f:10:04:2e:f6:cd:d5:2d:28:d9:87:
                    2a:44:10:36:86:0d:c7:89:94:3a:88:9e:8d:20:2f:
                    e0:4a:c4:19:7f:16:da:99:ec:77:78:b6:6e:ae:aa:
                    3f:13:7f:3d:9e:f4:d6:62:e5:97:d3:5e:b3:b7:5b:
                    c9:e5:7c:93:61:98:98:6d:35:f4:42:3f:30:73:f7:
                    cd:18:fe:e5:3a:5d:96:3b:ae:d4:6d:ed:44:a2:7f:
                    6e:cf:57:ff:07:0c:df:46:9c:04:ee:2c:14:8b:e8:
                    cf:5c:4c:5b:e3:56:c4:61:53:07:e2:04:1e:33:94:
                    c5:e1:39:6e:63:f3:eb:47:e3:f1:05:ed:1e:47:ef:
                    b9:16:7a:d7:78:05:46:35:7d:a7:c6:27:ed:c5:ed:
                    30:08:e6:83:9a:1c:70:a9:d4:35:16:29:f7:34:8b:
                    bf:1b:f7:8b:e9:9b:a8:6e:7c:7c:a5:b3:06:64:24:
                    11:af:71:ca:d5:ed:cd:3c:4d:a1:95:fd:15:5a:2c:
                    b3:54:34:27:71:c2:46:22:4f:13:f1:ac:63:4b:c4:
                    1c:23:9a:92:54:85:b0:2c:56:14:1c:a4:59:1a:f0:
                    e8:4e:0d:34:f2:a3:fb:ec:e2:2f:77:c9:a6:fe:63:
                    8b:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:04:3A:72:03:C5:C0:5D:DB:A6:B7:E2:B0:E9:41:1F:9F:05:4E:4B
            X509v3 Authority Key Identifier:
                keyid:E1:3D:D4:B8:1F:1F:C7:9D:D4:DA:64:28:F9:C2:A0:27:34:57:FF:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4T3UuB8fx53U2mQo-cKgJzRX_wY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:8d:ea:bf:65:a2:a0:d5:91:59:f4:63:91:64:ec:43:4f:47:
         47:47:56:91:cb:ab:0a:0c:fa:62:9e:0d:65:8a:c0:bf:f7:e2:
         c5:1c:92:4a:71:60:14:dd:33:88:f1:bd:ce:d6:17:2b:70:b8:
         cd:2b:50:e4:89:16:e1:77:e3:a7:f3:a9:c7:a7:68:20:1b:c8:
         85:05:de:01:0f:ba:36:30:b1:d2:78:d6:d2:b3:5a:f1:ae:97:
         ed:c6:ae:85:43:7b:1b:db:09:b1:95:eb:36:2e:50:cb:47:d5:
         22:99:d3:14:f7:57:86:a3:b7:c7:48:7f:be:2e:dc:b4:ac:f8:
         0f:c0:c9:b8:ec:9a:12:ba:af:0b:49:c3:db:5a:7c:f2:17:16:
         ba:2b:83:a9:5a:9d:4f:d1:cb:1d:f8:5b:7b:a5:aa:85:5d:34:
         7a:8e:4e:9b:0f:c0:fa:79:d0:42:41:9a:ae:41:78:49:ec:9d:
         f3:b7:d2:d8:43:1f:f6:ed:05:ed:21:1f:7c:91:f4:77:85:dd:
         10:47:ae:06:c4:0e:21:cb:41:13:ae:82:4d:f3:da:95:08:07:
         a8:1d:b3:5e:08:05:01:49:ae:84:47:e8:ea:7f:ba:91:ab:f0:
         da:3a:41:b0:e1:96:05:04:f0:5f:0c:ee:cd:ff:93:a6:26:88:
         97:cd:f6:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUkokwP/F6uHIGOXDPGfMAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxM2RkNGI4MWYxZmM3OWRkNGRhNjQyOGY5YzJhMDI3MzQ1
N2ZmMDYwHhcNMjUwNDIwMTkwMDExWhcNMjUwNDIxMTkwMDExWjAzMTEwLwYDVQQD
EygzNTA0M2E3MjAzYzVjMDVkZGJhNmI3ZTJiMGU5NDExZjlmMDU0ZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gLJHxRFiHNetu4FCOowaNmgPxAE
LvbN1S0o2YcqRBA2hg3HiZQ6iJ6NIC/gSsQZfxbamex3eLZurqo/E389nvTWYuWX
016zt1vJ5XyTYZiYbTX0Qj8wc/fNGP7lOl2WO67Ube1Eon9uz1f/BwzfRpwE7iwU
i+jPXExb41bEYVMH4gQeM5TF4TluY/PrR+PxBe0eR++5FnrXeAVGNX2nxiftxe0w
COaDmhxwqdQ1Fin3NIu/G/eL6Zuobnx8pbMGZCQRr3HK1e3NPE2hlf0VWiyzVDQn
ccJGIk8T8axjS8QcI5qSVIWwLFYUHKRZGvDoTg008qP77OIvd8mm/mOL5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDUEOnIDxcBd26a34rDpQR+fBU5LMB8GA1UdIwQY
MBaAFOE91LgfH8ed1NpkKPnCoCc0V/8GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFQzVXVCOGZ4NTNVMm1Rby1jS2dKelJYX3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8wYjViZDctNjAzYi00YTVjLThhOTgt
ZDU2Mzk1OWQyNzdkLzEvNFQzVXVCOGZ4NTNVMm1Rby1jS2dKelJYX3dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8wYjViZDctNjAzYi00YTVjLThhOTgtZDU2Mzk1OWQyNzdk
LzEvNFQzVXVCOGZ4NTNVMm1Rby1jS2dKelJYX3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUI3qv2Wi
oNWRWfRjkWTsQ09HR0dWkcurCgz6Yp4NZYrAv/fixRySSnFgFN0ziPG9ztYXK3C4
zStQ5IkW4Xfjp/Opx6doIBvIhQXeAQ+6NjCx0njW0rNa8a6X7cauhUN7G9sJsZXr
Ni5Qy0fVIpnTFPdXhqO3x0h/vi7ctKz4D8DJuOyaErqvC0nD21p88hcWuiuDqVqd
T9HLHfhbe6WqhV00eo5Omw/A+nnQQkGarkF4Seyd87fS2EMf9u0F7SEffJH0d4Xd
EEeuBsQOIctBE66CTfPalQgHqB2zXggFAUmuhEfo6n+6kavw2jpBsOGWBQTwXwzu
zf+TpiaIl832iQ==
-----END CERTIFICATE-----