Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
File:                     3C8IdW9U7NcoDR6sz4eK6z8orE8.mft (raw, json)
Hash identifier:          qMJnxaK6kf447EgYDiU0Gcm2my7hmznT50LYQmaUzrI=
Subject key identifier:   28:1A:55:B3:73:A9:F1:0B:9E:62:BD:FD:10:CF:B1:37:47:E7:89:79
Authority key identifier: DC:2F:08:75:6F:54:EC:D7:28:0D:1E:AC:CF:87:8A:EB:3F:28:AC:4F
Certificate issuer:       /CN=dc2f08756f54ecd7280d1eaccf878aeb3f28ac4f
Certificate serial:       01965F4DBB5854F60481ECA9B726A095659D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
Manifest number:          1211
Signing time:             Tue 22 Apr 2025 21:00:51 +0000
Manifest this update:     Tue 22 Apr 2025 21:00:51 +0000
Manifest next update:     Wed 23 Apr 2025 21:00:51 +0000
Files and hashes:         1: 3C8IdW9U7NcoDR6sz4eK6z8orE8.crl (hash: ILd59jj6YO65ovjQbNTMABkFBX07/bY7i0CvOZ5UAok=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 21:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5f:4d:bb:58:54:f6:04:81:ec:a9:b7:26:a0:95:65:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc2f08756f54ecd7280d1eaccf878aeb3f28ac4f
        Validity
            Not Before: Apr 22 21:00:51 2025 GMT
            Not After : Apr 23 21:00:51 2025 GMT
        Subject: CN=281a55b373a9f10b9e62bdfd10cfb13747e78979
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:78:bb:58:52:5f:3b:07:d5:ea:ca:e7:b8:7f:
                    ad:9b:0e:65:23:3e:8e:1c:21:9c:a3:04:12:6f:43:
                    77:8f:1d:a7:35:8b:70:02:50:92:4c:5e:f5:14:59:
                    70:2e:ae:71:63:79:01:15:bb:35:fc:d9:2f:36:e3:
                    e0:d6:17:3a:db:36:3a:ba:8a:a0:d7:8c:7e:ac:c0:
                    34:4d:e2:a2:e4:01:bf:a0:39:40:19:03:b7:d6:56:
                    dd:b0:36:ed:54:a1:58:58:50:14:1b:d3:c8:ab:32:
                    a7:7c:df:32:9d:9c:98:66:fd:43:52:a3:b7:6c:73:
                    8d:be:5d:48:9e:73:84:9d:ae:8c:0c:b1:65:f2:ec:
                    f8:43:19:9d:35:0e:46:ac:c4:7c:48:90:8d:aa:67:
                    0a:ec:25:7c:66:f2:2b:29:38:5d:5d:e8:f7:16:38:
                    22:71:6f:52:aa:7d:a8:23:0b:3b:97:1a:a3:6f:e8:
                    76:34:42:ab:0e:f3:80:21:3c:c7:7b:bf:89:21:a8:
                    01:2e:89:c9:6c:81:1b:25:c3:72:f2:8e:ef:26:6f:
                    f8:c2:86:c2:fc:d9:b1:67:76:88:5b:dc:57:9a:ee:
                    9d:07:8a:fc:bf:bd:8f:be:03:9d:8f:25:cd:75:3c:
                    a7:8f:01:53:87:b0:73:29:96:e6:dd:37:69:6d:5f:
                    8d:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:1A:55:B3:73:A9:F1:0B:9E:62:BD:FD:10:CF:B1:37:47:E7:89:79
            X509v3 Authority Key Identifier:
                keyid:DC:2F:08:75:6F:54:EC:D7:28:0D:1E:AC:CF:87:8A:EB:3F:28:AC:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:09:bd:a6:b2:60:a2:45:96:58:66:80:a6:b8:0c:a2:18:db:
         f5:13:71:3e:81:0a:e1:28:2b:d6:f5:93:14:f5:3c:11:f6:7d:
         34:76:fd:16:ee:d0:1b:97:47:5a:3e:8a:e0:d0:10:e9:84:ee:
         22:22:8f:d4:fa:da:c0:c5:ab:cc:d0:75:af:e7:d2:60:0a:41:
         3f:b0:92:2b:39:bb:d1:95:73:63:26:5f:a6:6c:27:6a:7f:a4:
         89:13:d8:61:1c:7c:f3:6b:d5:8a:68:86:13:97:77:64:2e:34:
         02:1a:23:95:de:48:41:ea:2e:dd:d5:82:3b:ca:7b:9d:6f:8d:
         38:92:70:93:ea:ae:ce:4a:b0:0f:70:c4:9b:d0:10:af:b3:86:
         86:80:c0:76:d1:46:83:61:e1:ab:dc:4a:77:6e:10:fb:15:c0:
         25:29:8e:4e:04:77:b3:ff:18:fc:04:85:76:f6:b8:4c:58:65:
         42:9f:86:23:fa:27:6d:0a:b0:bd:51:08:74:d9:a6:b2:96:c6:
         89:59:80:10:1b:66:1f:0f:8a:70:0d:19:48:ce:ab:bc:0f:77:
         80:73:58:1a:46:f1:5d:17:8b:b4:2f:b2:7f:d9:24:fd:df:6f:
         f8:61:68:c7:08:ff:98:6e:4c:4f:dc:18:67:f6:22:53:c6:3c:
         08:69:e6:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZfTbtYVPYEgeyptyaglWWdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMmYwODc1NmY1NGVjZDcyODBkMWVhY2NmODc4YWViM2Yy
OGFjNGYwHhcNMjUwNDIyMjEwMDUxWhcNMjUwNDIzMjEwMDUxWjAzMTEwLwYDVQQD
EygyODFhNTViMzczYTlmMTBiOWU2MmJkZmQxMGNmYjEzNzQ3ZTc4OTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwni7WFJfOwfV6srnuH+tmw5lIz6O
HCGcowQSb0N3jx2nNYtwAlCSTF71FFlwLq5xY3kBFbs1/NkvNuPg1hc62zY6uoqg
14x+rMA0TeKi5AG/oDlAGQO31lbdsDbtVKFYWFAUG9PIqzKnfN8ynZyYZv1DUqO3
bHONvl1InnOEna6MDLFl8uz4QxmdNQ5GrMR8SJCNqmcK7CV8ZvIrKThdXej3Fjgi
cW9Sqn2oIws7lxqjb+h2NEKrDvOAITzHe7+JIagBLonJbIEbJcNy8o7vJm/4wobC
/NmxZ3aIW9xXmu6dB4r8v72PvgOdjyXNdTynjwFTh7BzKZbm3TdpbV+NdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCgaVbNzqfELnmK9/RDPsTdH54l5MB8GA1UdIwQY
MBaAFNwvCHVvVOzXKA0erM+Hius/KKxPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zODk0NzctNTg3MC00ZTJkLWFjODct
Y2M2YmM5NDUzOGZhLzEvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zODk0NzctNTg3MC00ZTJkLWFjODctY2M2YmM5NDUzOGZh
LzEvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIgm9prJg
okWWWGaAprgMohjb9RNxPoEK4Sgr1vWTFPU8EfZ9NHb9Fu7QG5dHWj6K4NAQ6YTu
IiKP1PrawMWrzNB1r+fSYApBP7CSKzm70ZVzYyZfpmwnan+kiRPYYRx882vVimiG
E5d3ZC40Ahojld5IQeou3dWCO8p7nW+NOJJwk+quzkqwD3DEm9AQr7OGhoDAdtFG
g2Hhq9xKd24Q+xXAJSmOTgR3s/8Y/ASFdva4TFhlQp+GI/onbQqwvVEIdNmmspbG
iVmAEBtmHw+KcA0ZSM6rvA93gHNYGkbxXReLtC+yf9kk/d9v+GFoxwj/mG5MT9wY
Z/YiU8Y8CGnmsg==
-----END CERTIFICATE-----