Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
File:                     s3fTy2Ur05jE2752zbAILp3u1tQ.mft (raw, json)
Hash identifier:          7tsgLbWLW+/c+c9cGNLzGfZrXI3HoF1oruzH+Ni8hCc=
Subject key identifier:   0B:98:3B:D4:13:39:69:2D:AE:EC:6A:C5:90:DB:04:51:53:16:2B:FB
Authority key identifier: B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4
Certificate issuer:       /CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
Certificate serial:       0196594B7EAEA6A1B918ED759DA04BA1BC9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
Manifest number:          0394
Signing time:             Mon 21 Apr 2025 17:00:41 +0000
Manifest this update:     Mon 21 Apr 2025 17:00:41 +0000
Manifest next update:     Tue 22 Apr 2025 17:00:41 +0000
Files and hashes:         1: s3fTy2Ur05jE2752zbAILp3u1tQ.crl (hash: WvDnSULPgvOdACadhBD6ocBc+PfUE2VwFPkVN5kjCI4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 17:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:4b:7e:ae:a6:a1:b9:18:ed:75:9d:a0:4b:a1:bc:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
        Validity
            Not Before: Apr 21 17:00:41 2025 GMT
            Not After : Apr 22 17:00:41 2025 GMT
        Subject: CN=0b983bd41339692daeec6ac590db045153162bfb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:5a:5f:4d:21:ce:fd:5a:29:33:79:b5:b8:1b:
                    b6:82:62:2f:a7:34:73:aa:ce:f9:9b:ac:1c:48:68:
                    96:0b:c6:d7:99:a6:2f:07:90:0b:12:d3:e2:46:b1:
                    8d:d8:68:0d:0e:b0:8e:82:05:50:14:b8:20:13:d5:
                    0e:88:08:fd:2d:4a:f3:9c:42:b1:40:a8:00:8b:11:
                    e3:d3:2d:50:b8:23:ab:1e:a3:78:44:6c:03:7a:66:
                    15:47:cb:a6:52:ad:ef:d3:e9:cd:7a:07:9c:7b:2a:
                    4b:8b:bf:d1:6b:5b:29:22:4b:ba:ea:65:86:2f:49:
                    ec:84:1f:e8:6c:2a:dc:ef:c6:3d:a6:87:27:00:82:
                    fc:20:3b:7d:01:b6:ee:73:e0:84:cd:63:85:26:88:
                    f1:4d:17:ad:8f:24:87:1d:3e:e2:0d:b5:ce:09:6d:
                    85:15:9b:f7:d5:c9:35:00:e7:55:0f:07:11:79:67:
                    cc:3b:2a:b3:4e:dd:6d:50:2c:61:f8:b2:11:21:73:
                    04:bc:2a:3c:df:07:e0:99:22:85:ee:16:99:7e:ae:
                    b9:84:a3:25:3c:cf:21:b0:d2:65:f1:58:33:1d:c6:
                    77:86:48:05:de:14:22:54:30:4f:a9:86:12:e5:9a:
                    21:08:68:b4:55:0c:37:82:cb:f0:39:32:b6:01:10:
                    2f:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:98:3B:D4:13:39:69:2D:AE:EC:6A:C5:90:DB:04:51:53:16:2B:FB
            X509v3 Authority Key Identifier:
                keyid:B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:c2:09:ab:92:a0:37:8f:b2:da:a6:3c:c6:31:28:a5:ae:d0:
         dc:b2:91:d1:6c:bf:03:71:90:96:78:6c:e1:56:5e:a8:2c:c0:
         58:a9:c0:39:4a:4c:b1:05:cc:63:ed:66:ec:0a:0f:be:df:4b:
         59:0c:1e:74:88:09:d2:30:2f:ff:bb:1a:51:01:40:f0:41:c2:
         08:bb:3d:a6:62:38:fe:79:05:54:fa:8f:b9:86:f3:b0:17:83:
         74:a3:65:61:73:33:5b:02:91:72:32:15:f3:67:89:84:b8:a8:
         64:c0:93:77:f7:84:89:7f:05:bd:fc:da:66:53:04:36:8e:ca:
         ea:11:ce:51:f9:02:0e:54:c1:1f:c2:65:a0:02:61:ee:69:ba:
         ed:86:f4:4d:7d:8e:a0:9a:30:ec:d0:23:04:a9:11:35:b6:13:
         b0:bd:dd:c2:43:c8:39:73:f7:36:e6:c6:28:c1:26:a9:85:40:
         af:6d:0c:25:72:a8:62:94:d2:e2:6c:d4:fe:ed:23:16:4d:43:
         31:a9:75:80:09:cf:74:d0:77:48:76:78:c4:bc:59:79:b4:01:
         4b:bf:59:7f:94:66:8f:3d:d2:3b:7c:7f:9d:24:65:7b:63:7a:
         a4:8f:34:e1:61:d1:e3:4e:a4:86:78:25:0e:5f:42:cd:b8:39:
         e0:ba:b0:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZS36upqG5GO11naBLobyaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNzdkM2NiNjUyYmQzOThjNGRiYmU3NmNkYjAwODJlOWRl
ZWQ2ZDQwHhcNMjUwNDIxMTcwMDQxWhcNMjUwNDIyMTcwMDQxWjAzMTEwLwYDVQQD
EygwYjk4M2JkNDEzMzk2OTJkYWVlYzZhYzU5MGRiMDQ1MTUzMTYyYmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFpfTSHO/VopM3m1uBu2gmIvpzRz
qs75m6wcSGiWC8bXmaYvB5ALEtPiRrGN2GgNDrCOggVQFLggE9UOiAj9LUrznEKx
QKgAixHj0y1QuCOrHqN4RGwDemYVR8umUq3v0+nNegeceypLi7/Ra1spIku66mWG
L0nshB/obCrc78Y9pocnAIL8IDt9Abbuc+CEzWOFJojxTRetjySHHT7iDbXOCW2F
FZv31ck1AOdVDwcReWfMOyqzTt1tUCxh+LIRIXMEvCo83wfgmSKF7haZfq65hKMl
PM8hsNJl8VgzHcZ3hkgF3hQiVDBPqYYS5ZohCGi0VQw3gsvwOTK2ARAv6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAuYO9QTOWktruxqxZDbBFFTFiv7MB8GA1UdIwQY
MBaAFLN308tlK9OYxNu+ds2wCC6d7tbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAt
ZDczYTQ1NzNjMWI0LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAtZDczYTQ1NzNjMWI0
LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD8IJq5Kg
N4+y2qY8xjEopa7Q3LKR0Wy/A3GQlnhs4VZeqCzAWKnAOUpMsQXMY+1m7AoPvt9L
WQwedIgJ0jAv/7saUQFA8EHCCLs9pmI4/nkFVPqPuYbzsBeDdKNlYXMzWwKRcjIV
82eJhLioZMCTd/eEiX8FvfzaZlMENo7K6hHOUfkCDlTBH8JloAJh7mm67Yb0TX2O
oJow7NAjBKkRNbYTsL3dwkPIOXP3NubGKMEmqYVAr20MJXKoYpTS4mzU/u0jFk1D
Mal1gAnPdNB3SHZ4xLxZebQBS79Zf5Rmjz3SO3x/nSRle2N6pI804WHR406khngl
Dl9Czbg54LqwFQ==
-----END CERTIFICATE-----