Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
File:                     PuzIGOGpxqhRe81paldEKNbRekQ.mft (raw, json)
Hash identifier:          RU3Hl3gIXkJLefzE0N0yIHjgY3vU6WO3xX+vRBvNnXM=
Subject key identifier:   AF:C6:35:77:BB:E2:90:07:39:5B:85:41:1A:4D:4F:55:AC:E9:7C:F7
Authority key identifier: 3E:EC:C8:18:E1:A9:C6:A8:51:7B:CD:69:6A:57:44:28:D6:D1:7A:44
Certificate issuer:       /CN=3eecc818e1a9c6a8517bcd696a574428d6d17a44
Certificate serial:       019645FB4327551025D8DBA2662A27B7CE03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
Manifest number:          03A5
Signing time:             Thu 17 Apr 2025 23:00:16 +0000
Manifest this update:     Thu 17 Apr 2025 23:00:16 +0000
Manifest next update:     Fri 18 Apr 2025 23:00:16 +0000
Files and hashes:         1: PuzIGOGpxqhRe81paldEKNbRekQ.crl (hash: bNFu7MHTjJT+L2Uh+/Ycb5b7TT8GApQQhAdJ8gYJ5nY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 23:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:45:fb:43:27:55:10:25:d8:db:a2:66:2a:27:b7:ce:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3eecc818e1a9c6a8517bcd696a574428d6d17a44
        Validity
            Not Before: Apr 17 23:00:16 2025 GMT
            Not After : Apr 18 23:00:16 2025 GMT
        Subject: CN=afc63577bbe29007395b85411a4d4f55ace97cf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:3e:ce:06:10:42:8d:2f:51:ee:15:5b:fd:a9:
                    22:1c:76:55:ac:f3:6a:0d:3f:ad:ca:0f:de:f1:2c:
                    b1:10:7b:b2:a3:88:a0:8a:7b:ed:00:17:86:9f:2e:
                    0d:9e:fc:1d:31:df:82:28:57:12:cd:2d:5e:73:f8:
                    6b:17:d1:45:2c:d8:e2:a0:30:d3:04:23:9a:95:d9:
                    2c:e0:6c:19:05:66:83:e3:c4:70:90:87:cd:c7:36:
                    f3:e8:d1:c7:a4:b4:fb:b2:20:40:a9:e4:a1:f6:7b:
                    70:a3:64:1e:ed:4c:2a:01:20:ca:d2:0f:04:6e:f9:
                    1b:ae:f5:a7:bf:88:20:b5:5d:bb:b2:92:7a:87:60:
                    e2:8f:d5:16:7d:d5:04:c7:aa:59:29:5b:f3:32:06:
                    b4:9d:92:f7:53:2d:e9:3a:cf:73:cc:83:c7:ee:fc:
                    cf:9e:47:cd:73:45:0f:bd:cc:ee:60:56:64:cc:71:
                    29:6d:3e:b5:7f:c4:57:00:33:58:02:ea:35:31:12:
                    ab:96:4a:eb:9e:79:d9:65:42:86:81:44:67:ff:5f:
                    8d:de:ac:83:72:de:8e:74:83:9d:ad:79:f1:57:74:
                    4d:d1:42:58:39:1a:a4:51:35:a4:a0:93:6e:31:65:
                    55:76:10:37:7d:74:d1:a8:ae:39:77:d5:ff:89:5e:
                    b6:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:C6:35:77:BB:E2:90:07:39:5B:85:41:1A:4D:4F:55:AC:E9:7C:F7
            X509v3 Authority Key Identifier:
                keyid:3E:EC:C8:18:E1:A9:C6:A8:51:7B:CD:69:6A:57:44:28:D6:D1:7A:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:1a:c8:85:99:15:8e:b9:5e:c8:2f:24:fd:cb:1a:7d:7f:e8:
         40:e1:e7:fe:cc:24:8e:72:4f:4d:3c:2d:47:7a:cc:a4:59:b8:
         3e:32:83:7d:6d:62:b7:fc:f7:3d:1a:98:35:35:6d:a6:87:96:
         2b:f7:3f:03:58:14:d0:dc:17:e0:3d:6d:78:3e:11:43:1e:2f:
         b7:1f:98:7f:c5:a3:34:5c:c9:ec:c3:c9:7e:d1:d5:5c:64:81:
         4c:9b:16:47:36:ac:11:42:e8:3c:90:e7:04:53:0b:fa:a0:70:
         70:d5:43:d6:f0:eb:59:64:da:c8:c3:e7:47:4d:4d:82:99:5d:
         10:d2:7f:e2:53:18:2e:d4:5f:1b:a7:d7:e0:6f:f9:80:fe:3c:
         5d:cc:b3:13:d5:2c:15:7c:d6:2a:81:d0:7c:74:a6:29:8f:df:
         0d:a9:81:30:62:79:6e:57:6b:8a:d6:0e:1a:91:2d:4e:c5:4b:
         60:2a:24:d8:f6:89:85:42:b2:15:74:b0:31:ac:4e:19:ab:4c:
         06:43:9a:af:2f:de:93:9d:6b:26:65:13:f5:e6:3c:a7:80:38:
         b1:23:54:e0:45:c1:0e:78:c9:cd:0a:2c:f2:20:c2:b9:b3:ab:
         17:fd:3e:31:56:e9:d8:16:04:f1:f8:5a:6d:6b:c0:5b:09:d7:
         c3:93:23:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZF+0MnVRAl2NuiZiont84DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZWNjODE4ZTFhOWM2YTg1MTdiY2Q2OTZhNTc0NDI4ZDZk
MTdhNDQwHhcNMjUwNDE3MjMwMDE2WhcNMjUwNDE4MjMwMDE2WjAzMTEwLwYDVQQD
EyhhZmM2MzU3N2JiZTI5MDA3Mzk1Yjg1NDExYTRkNGY1NWFjZTk3Y2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqT7OBhBCjS9R7hVb/akiHHZVrPNq
DT+tyg/e8SyxEHuyo4iginvtABeGny4NnvwdMd+CKFcSzS1ec/hrF9FFLNjioDDT
BCOaldks4GwZBWaD48RwkIfNxzbz6NHHpLT7siBAqeSh9ntwo2Qe7UwqASDK0g8E
bvkbrvWnv4ggtV27spJ6h2Dij9UWfdUEx6pZKVvzMga0nZL3Uy3pOs9zzIPH7vzP
nkfNc0UPvczuYFZkzHEpbT61f8RXADNYAuo1MRKrlkrrnnnZZUKGgURn/1+N3qyD
ct6OdIOdrXnxV3RN0UJYORqkUTWkoJNuMWVVdhA3fXTRqK45d9X/iV62bwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/GNXe74pAHOVuFQRpNT1Ws6Xz3MB8GA1UdIwQY
MBaAFD7syBjhqcaoUXvNaWpXRCjW0XpEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8yODg2MGQtM2M5MC00NDlmLWE0M2Ut
OGQzZDUwNDgwZDlkLzEvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8yODg2MGQtM2M5MC00NDlmLWE0M2UtOGQzZDUwNDgwZDlk
LzEvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMxrIhZkV
jrleyC8k/csafX/oQOHn/swkjnJPTTwtR3rMpFm4PjKDfW1it/z3PRqYNTVtpoeW
K/c/A1gU0NwX4D1teD4RQx4vtx+Yf8WjNFzJ7MPJftHVXGSBTJsWRzasEULoPJDn
BFML+qBwcNVD1vDrWWTayMPnR01NgpldENJ/4lMYLtRfG6fX4G/5gP48XcyzE9Us
FXzWKoHQfHSmKY/fDamBMGJ5bldritYOGpEtTsVLYCok2PaJhUKyFXSwMaxOGatM
BkOary/ek51rJmUT9eY8p4A4sSNU4EXBDnjJzQos8iDCubOrF/0+MVbp2BYE8fha
bWvAWwnXw5MjYg==
-----END CERTIFICATE-----