Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
File:                     3ohLjkYvPsE6QCTWaamdlK8FzbI.mft (raw, json)
Hash identifier:          J2Af8YVPqGrnsC1BNfjeyAVVYwpTSbEXKUhuOoj22Mo=
Subject key identifier:   BC:41:2C:B8:0C:A2:99:1C:91:6E:2E:A5:A6:53:01:3D:F0:F9:3D:59
Authority key identifier: DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2
Certificate issuer:       /CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
Certificate serial:       01964669BB76DE5B3E3C8399B7A55FA09D74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
Manifest number:          05A5
Signing time:             Fri 18 Apr 2025 01:00:56 +0000
Manifest this update:     Fri 18 Apr 2025 01:00:56 +0000
Manifest next update:     Sat 19 Apr 2025 01:00:56 +0000
Files and hashes:         1: 3ohLjkYvPsE6QCTWaamdlK8FzbI.crl (hash: 7id1QhSjkbns15sDfMAR25HOOtzA4b5RP4JEELIjkjQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 18:56:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:46:69:bb:76:de:5b:3e:3c:83:99:b7:a5:5f:a0:9d:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
        Validity
            Not Before: Apr 18 01:00:56 2025 GMT
            Not After : Apr 19 01:00:56 2025 GMT
        Subject: CN=bc412cb80ca2991c916e2ea5a653013df0f93d59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:57:82:dc:58:3f:4a:72:a6:40:23:29:b4:79:
                    1a:bf:93:d6:5a:2c:8c:c7:09:b0:ac:d7:9b:c2:2f:
                    62:fd:cb:6c:b5:56:67:45:fc:64:3e:59:7d:82:81:
                    5f:b2:67:7b:cc:7b:f4:d1:c9:a4:db:69:45:0b:1f:
                    93:c7:84:1f:ba:2b:b2:51:95:42:b0:8a:90:4f:65:
                    8e:1a:5b:98:1a:84:78:11:6d:b2:d6:1c:47:c9:1e:
                    7a:dc:3d:9c:d7:76:52:5f:df:0d:aa:1f:36:3f:bf:
                    56:3e:67:6e:29:26:81:fe:35:34:9d:ce:52:63:92:
                    17:0d:20:8c:f5:22:0c:aa:e2:bd:d9:32:a2:5b:b4:
                    51:32:84:ec:e6:2d:3b:14:6f:66:c9:02:f4:36:fa:
                    11:4e:77:c9:17:68:e5:ab:00:5c:db:e9:5a:c5:b4:
                    24:0e:93:06:92:be:33:39:9b:cc:e1:c9:05:90:d4:
                    eb:ca:4f:bd:37:21:ee:54:6b:95:e8:76:5e:8d:8b:
                    b6:a3:96:8b:05:cf:50:9d:3f:4c:f0:54:08:bb:96:
                    4b:61:88:cf:af:1f:e4:25:10:63:53:82:14:39:57:
                    1b:79:a8:c6:bc:7d:67:23:59:9a:2e:06:61:a5:86:
                    1c:07:2b:bf:2e:61:48:21:20:87:9e:dd:70:53:8d:
                    b4:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:41:2C:B8:0C:A2:99:1C:91:6E:2E:A5:A6:53:01:3D:F0:F9:3D:59
            X509v3 Authority Key Identifier:
                keyid:DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:fe:e1:25:bb:90:20:a4:c6:7d:33:10:43:b2:cc:2e:2b:d8:
         7c:fe:8e:53:87:fd:fd:1d:3e:ea:67:e7:37:81:4b:53:a1:27:
         a7:c2:92:7c:82:7f:0d:7e:8a:5b:d4:b6:36:ff:90:e7:4c:01:
         3f:2e:bf:f2:3e:28:0d:70:b0:e6:bb:db:18:38:c1:e5:f0:61:
         24:34:58:3c:06:5d:f4:49:9e:ed:6d:fe:bc:12:e9:b0:9e:67:
         fb:a6:d9:17:54:a2:03:ff:3f:ea:2f:05:f4:67:61:db:69:ec:
         9d:f1:bd:3a:b0:f9:f0:cf:f0:25:22:18:25:c3:17:2f:d6:a9:
         d0:c5:3e:e9:c0:7e:7d:ff:60:c7:72:4c:f9:14:98:23:25:d0:
         f4:cf:ec:4d:ae:95:2b:4e:eb:a3:48:7b:55:f5:71:45:18:2f:
         f0:8e:ff:9f:20:a7:26:29:5d:dd:d0:c4:c0:91:7c:ea:5e:a6:
         16:7d:a5:0e:76:fc:bc:42:b1:c9:f1:b8:71:d6:e3:ea:e1:e5:
         5c:c8:13:cf:34:83:fd:9b:3c:1d:ca:d9:d1:96:d4:31:97:a5:
         75:af:a1:5e:75:ae:a2:62:42:c7:8a:57:18:26:c9:ab:b6:f9:
         27:bc:35:59:35:ef:1d:c2:5c:54:80:e7:36:f4:91:66:75:48:
         e6:d2:a4:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZGabt23ls+PIOZt6VfoJ10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODg0YjhlNDYyZjNlYzEzYTQwMjRkNjY5YTk5ZDk0YWYw
NWNkYjIwHhcNMjUwNDE4MDEwMDU2WhcNMjUwNDE5MDEwMDU2WjAzMTEwLwYDVQQD
EyhiYzQxMmNiODBjYTI5OTFjOTE2ZTJlYTVhNjUzMDEzZGYwZjkzZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51eC3Fg/SnKmQCMptHkav5PWWiyM
xwmwrNebwi9i/ctstVZnRfxkPll9goFfsmd7zHv00cmk22lFCx+Tx4QfuiuyUZVC
sIqQT2WOGluYGoR4EW2y1hxHyR563D2c13ZSX98Nqh82P79WPmduKSaB/jU0nc5S
Y5IXDSCM9SIMquK92TKiW7RRMoTs5i07FG9myQL0NvoRTnfJF2jlqwBc2+laxbQk
DpMGkr4zOZvM4ckFkNTryk+9NyHuVGuV6HZejYu2o5aLBc9QnT9M8FQIu5ZLYYjP
rx/kJRBjU4IUOVcbeajGvH1nI1maLgZhpYYcByu/LmFIISCHnt1wU420xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxBLLgMopkckW4upaZTAT3w+T1ZMB8GA1UdIwQY
MBaAFN6IS45GLz7BOkAk1mmpnZSvBc2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUt
NGFmNzA0MDJiMjcwLzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUtNGFmNzA0MDJiMjcw
LzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm/7hJbuQ
IKTGfTMQQ7LMLivYfP6OU4f9/R0+6mfnN4FLU6Enp8KSfIJ/DX6KW9S2Nv+Q50wB
Py6/8j4oDXCw5rvbGDjB5fBhJDRYPAZd9Eme7W3+vBLpsJ5n+6bZF1SiA/8/6i8F
9Gdh22nsnfG9OrD58M/wJSIYJcMXL9ap0MU+6cB+ff9gx3JM+RSYIyXQ9M/sTa6V
K07ro0h7VfVxRRgv8I7/nyCnJild3dDEwJF86l6mFn2lDnb8vEKxyfG4cdbj6uHl
XMgTzzSD/Zs8HcrZ0ZbUMZelda+hXnWuomJCx4pXGCbJq7b5J7w1WTXvHcJcVIDn
NvSRZnVI5tKkfw==
-----END CERTIFICATE-----