Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.mft
File:                     Vu9y3nfRt-K0RwW2y85jlCHam-8.mft (raw, json)
Hash identifier:          ltmYxLgOGxDHNdPo3uGQBg7Ia6vHZBMlDis2e3U2Jz0=
Subject key identifier:   3E:42:6F:24:A3:0C:53:47:0A:FB:A9:70:C9:49:A7:65:43:0C:85:08
Authority key identifier: 56:EF:72:DE:77:D1:B7:E2:B4:47:05:B6:CB:CE:63:94:21:DA:9B:EF
Certificate issuer:       /CN=56ef72de77d1b7e2b44705b6cbce639421da9bef
Certificate serial:       0196579460E4E852E85B235DB8E95882998A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vu9y3nfRt-K0RwW2y85jlCHam-8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.mft
Manifest number:          0341
Signing time:             Mon 21 Apr 2025 09:01:03 +0000
Manifest this update:     Mon 21 Apr 2025 09:01:03 +0000
Manifest next update:     Tue 22 Apr 2025 09:01:03 +0000
Files and hashes:         1: Vu9y3nfRt-K0RwW2y85jlCHam-8.crl (hash: lx7Hyp1EmjzOLCo/iAPKpTo+9iPb92cpJ306uDl4bVY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Vu9y3nfRt-K0RwW2y85jlCHam-8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 09:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:94:60:e4:e8:52:e8:5b:23:5d:b8:e9:58:82:99:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56ef72de77d1b7e2b44705b6cbce639421da9bef
        Validity
            Not Before: Apr 21 09:01:03 2025 GMT
            Not After : Apr 22 09:01:03 2025 GMT
        Subject: CN=3e426f24a30c53470afba970c949a765430c8508
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:33:6e:ca:10:f6:44:8a:34:8e:36:d1:2e:90:
                    ac:01:11:00:7d:99:cf:67:9c:88:ab:e5:44:30:ce:
                    79:46:26:63:dc:c2:9b:a5:f9:d2:1d:a8:a9:ab:df:
                    56:a0:5c:3c:81:26:ab:0a:a7:d3:71:cb:a9:e5:b0:
                    a7:a0:26:82:75:71:c2:de:c6:44:0c:5f:d3:b4:d2:
                    cc:f3:76:2b:24:8d:9e:58:5c:0d:6b:2a:41:61:29:
                    2e:a0:e3:42:25:bf:a9:7e:d3:24:26:3c:80:61:b3:
                    ee:f3:a1:43:43:b6:93:7f:2b:ea:38:d6:f0:e3:f7:
                    e0:07:9c:54:42:26:0a:59:7e:c6:df:1b:2e:40:15:
                    08:8b:3e:ea:48:d9:18:22:eb:1b:48:73:33:05:b9:
                    e7:d1:9b:c1:f3:a5:14:a4:e1:9d:9e:04:bd:39:94:
                    f7:f1:7c:46:10:d2:4a:7f:d9:9d:21:8c:14:93:c8:
                    78:4d:9f:29:c2:5f:b4:5d:20:cf:2e:30:69:a5:8f:
                    62:c7:4a:ec:c5:ae:26:63:76:3a:97:84:f2:17:6a:
                    73:fa:b3:07:04:a5:d1:f8:92:cf:59:49:cc:c4:de:
                    3a:14:d8:80:65:5d:31:ba:69:ed:0f:48:2c:9d:a9:
                    0b:e5:7b:1f:89:05:b8:ef:3b:c3:59:86:1b:13:82:
                    32:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:42:6F:24:A3:0C:53:47:0A:FB:A9:70:C9:49:A7:65:43:0C:85:08
            X509v3 Authority Key Identifier:
                keyid:56:EF:72:DE:77:D1:B7:E2:B4:47:05:B6:CB:CE:63:94:21:DA:9B:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vu9y3nfRt-K0RwW2y85jlCHam-8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:36:bd:6f:8c:cb:9e:70:5b:79:a8:6b:25:d7:c7:53:be:55:
         1d:80:d4:15:47:80:1e:ab:18:5e:fa:41:04:62:a7:b7:59:7c:
         88:ac:d2:cb:64:07:ca:a6:a3:aa:3f:7e:6d:5a:77:f1:a8:dd:
         a8:40:9e:1f:81:6e:5a:30:58:89:9d:53:21:45:88:5c:49:15:
         b0:b9:14:33:da:9a:11:3f:6a:c6:31:0d:db:1f:24:e6:a5:16:
         4f:f0:be:ed:62:d0:15:0a:6c:54:b5:c2:b0:86:36:97:b7:b8:
         e5:6d:cf:7c:c5:81:01:bb:ca:c7:02:ea:85:67:6f:76:8a:e7:
         4c:16:44:a8:10:8d:8e:41:27:1b:87:74:55:53:c7:8f:8a:15:
         2c:24:bc:48:84:ee:aa:3d:07:0b:d5:e8:41:bc:f1:bf:13:ad:
         2a:3c:e1:bd:d7:ed:da:ba:f5:7d:b9:2f:14:8a:9c:c4:b1:74:
         a7:a3:75:4a:e4:41:fd:68:f4:6f:2b:c9:d8:b0:00:b7:0f:0a:
         08:0b:bf:fb:bc:1e:70:67:29:c6:31:83:d5:49:d3:e8:64:ad:
         f8:41:1a:fc:76:76:ff:f6:13:43:10:f9:4c:88:32:a5:5f:f6:
         44:13:cd:ff:be:2d:e9:de:be:09:60:4c:8a:03:0d:f0:73:f9:
         ed:08:eb:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXlGDk6FLoWyNduOlYgpmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZWY3MmRlNzdkMWI3ZTJiNDQ3MDViNmNiY2U2Mzk0MjFk
YTliZWYwHhcNMjUwNDIxMDkwMTAzWhcNMjUwNDIyMDkwMTAzWjAzMTEwLwYDVQQD
EygzZTQyNmYyNGEzMGM1MzQ3MGFmYmE5NzBjOTQ5YTc2NTQzMGM4NTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDNuyhD2RIo0jjbRLpCsAREAfZnP
Z5yIq+VEMM55RiZj3MKbpfnSHaipq99WoFw8gSarCqfTccup5bCnoCaCdXHC3sZE
DF/TtNLM83YrJI2eWFwNaypBYSkuoONCJb+pftMkJjyAYbPu86FDQ7aTfyvqONbw
4/fgB5xUQiYKWX7G3xsuQBUIiz7qSNkYIusbSHMzBbnn0ZvB86UUpOGdngS9OZT3
8XxGENJKf9mdIYwUk8h4TZ8pwl+0XSDPLjBppY9ix0rsxa4mY3Y6l4TyF2pz+rMH
BKXR+JLPWUnMxN46FNiAZV0xumntD0gsnakL5XsfiQW47zvDWYYbE4Iy+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD5CbySjDFNHCvupcMlJp2VDDIUIMB8GA1UdIwQY
MBaAFFbvct530bfitEcFtsvOY5Qh2pvvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnU5eTNuZlJ0LUswUndXMnk4NWpsQ0hhbS04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My83MWZkZDUtYzI5ZC00ZDM4LThlZjkt
NGY2NTZmMjlhNTFiLzEvVnU5eTNuZlJ0LUswUndXMnk4NWpsQ0hhbS04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My83MWZkZDUtYzI5ZC00ZDM4LThlZjktNGY2NTZmMjlhNTFi
LzEvVnU5eTNuZlJ0LUswUndXMnk4NWpsQ0hhbS04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAija9b4zL
nnBbeahrJdfHU75VHYDUFUeAHqsYXvpBBGKnt1l8iKzSy2QHyqajqj9+bVp38ajd
qECeH4FuWjBYiZ1TIUWIXEkVsLkUM9qaET9qxjEN2x8k5qUWT/C+7WLQFQpsVLXC
sIY2l7e45W3PfMWBAbvKxwLqhWdvdornTBZEqBCNjkEnG4d0VVPHj4oVLCS8SITu
qj0HC9XoQbzxvxOtKjzhvdft2rr1fbkvFIqcxLF0p6N1SuRB/Wj0byvJ2LAAtw8K
CAu/+7wecGcpxjGD1UnT6GSt+EEa/HZ2//YTQxD5TIgypV/2RBPN/74t6d6+CWBM
igMN8HP57Qjr3Q==
-----END CERTIFICATE-----