Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
File:                     3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft (raw, json)
Hash identifier:          XzoOXSOQyJDQn+1nBkfu7AoarQzGPIJwpROkquKgO34=
Subject key identifier:   28:32:38:AD:D7:8E:D7:BC:77:D5:59:A9:4C:AA:F2:E1:2D:88:9F:FE
Authority key identifier: DD:B7:B0:01:9E:19:F1:12:F4:D2:BC:FD:6E:A1:2D:90:81:FC:58:7E
Certificate issuer:       /CN=ddb7b0019e19f112f4d2bcfd6ea12d9081fc587e
Certificate serial:       01958CCF0D4C291B1C4A9559031B5890E663
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
Manifest number:          1491
Signing time:             Thu 13 Mar 2025 00:02:14 +0000
Manifest this update:     Thu 13 Mar 2025 00:02:14 +0000
Manifest next update:     Fri 14 Mar 2025 00:02:14 +0000
Files and hashes:         1: 3bewAZ4Z8RL00rz9bqEtkIH8WH4.crl (hash: ooBVGLKy3+IfNMex9/1s3BCwF4FEUK0Xb5DqAMAd63Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:cf:0d:4c:29:1b:1c:4a:95:59:03:1b:58:90:e6:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddb7b0019e19f112f4d2bcfd6ea12d9081fc587e
        Validity
            Not Before: Mar 13 00:02:14 2025 GMT
            Not After : Mar 14 00:02:14 2025 GMT
        Subject: CN=283238add78ed7bc77d559a94caaf2e12d889ffe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:41:3f:c2:21:d3:bc:57:f1:ee:68:c7:73:40:
                    34:4a:c9:37:42:8f:13:50:dd:48:89:22:28:31:af:
                    25:90:6b:8d:d2:30:70:a8:be:02:d1:b6:b4:58:30:
                    04:d8:a4:86:39:60:99:aa:61:c7:c9:4c:6e:01:4e:
                    58:56:fe:d2:0e:e7:89:b4:a6:64:bc:b1:18:5f:b8:
                    52:26:24:de:a2:41:26:7f:cc:07:bd:7c:e2:91:11:
                    17:36:d7:ea:f9:b8:e6:39:fe:d9:13:07:04:38:7b:
                    dd:19:6f:2f:4e:af:f5:19:10:56:75:84:c1:b7:15:
                    b8:f9:73:25:1d:98:39:e4:bc:a4:eb:31:bc:b8:c9:
                    e0:25:96:3e:43:88:86:cc:51:de:b5:0f:21:79:18:
                    39:a9:4e:40:5b:6b:b7:09:e1:f9:78:31:61:15:11:
                    32:ff:bd:7e:b9:49:b4:ad:5c:9d:07:76:2a:53:fb:
                    3d:58:fe:c6:e7:ce:f6:50:d1:c3:d7:ce:f7:bd:fb:
                    f8:50:6e:f3:e6:d0:32:7b:72:85:91:0a:6d:f5:ae:
                    10:48:94:50:3c:15:e5:17:2d:41:93:43:bd:fc:56:
                    ff:69:14:56:de:ba:b2:34:40:1a:30:39:59:5d:a5:
                    a5:af:d9:c8:c9:8f:d8:a9:96:cf:f2:60:99:f1:b6:
                    3c:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:32:38:AD:D7:8E:D7:BC:77:D5:59:A9:4C:AA:F2:E1:2D:88:9F:FE
            X509v3 Authority Key Identifier:
                keyid:DD:B7:B0:01:9E:19:F1:12:F4:D2:BC:FD:6E:A1:2D:90:81:FC:58:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:2b:2b:d3:34:df:21:1e:78:a7:cc:03:a5:01:c6:a7:b9:26:
         93:3a:5b:c5:9c:58:b6:66:62:b2:13:da:be:9b:84:29:22:a0:
         1c:d9:69:e4:41:12:a6:8a:8a:87:ab:a2:24:be:07:7d:1c:ff:
         02:78:68:27:aa:91:30:0e:de:2e:c2:84:bb:fe:e6:54:8c:23:
         8c:45:6b:a4:aa:d7:56:a4:39:4f:e4:63:7c:f9:17:8d:4b:51:
         d8:c2:7e:14:57:2e:49:a3:e2:6d:88:46:69:7c:29:f1:45:48:
         06:ff:35:e5:0c:b6:f8:89:8f:a3:e2:27:2c:c9:4c:23:e5:53:
         48:11:09:e7:72:1f:07:28:89:1b:b4:14:4d:68:dc:41:81:40:
         fb:7c:5f:9e:4a:b0:6b:0c:38:b1:e5:40:7e:21:45:5a:01:7b:
         c2:53:bf:77:d6:59:31:78:0f:82:9c:47:a7:23:63:35:d3:04:
         64:56:fc:23:1c:9c:1d:c1:9d:81:9e:72:1f:a4:17:f9:59:c7:
         5d:49:55:45:7b:79:61:3b:8b:77:27:1d:38:55:d4:b9:eb:f0:
         81:64:73:e9:99:e8:ec:bc:73:3d:32:22:8c:10:89:3e:4b:b4:
         e2:c8:cb:b9:71:c6:67:1d:e2:9e:fa:e8:a7:6c:05:a4:ed:40:
         ac:81:52:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMzw1MKRscSpVZAxtYkOZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYjdiMDAxOWUxOWYxMTJmNGQyYmNmZDZlYTEyZDkwODFm
YzU4N2UwHhcNMjUwMzEzMDAwMjE0WhcNMjUwMzE0MDAwMjE0WjAzMTEwLwYDVQQD
EygyODMyMzhhZGQ3OGVkN2JjNzdkNTU5YTk0Y2FhZjJlMTJkODg5ZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0E/wiHTvFfx7mjHc0A0Ssk3Qo8T
UN1IiSIoMa8lkGuN0jBwqL4C0ba0WDAE2KSGOWCZqmHHyUxuAU5YVv7SDueJtKZk
vLEYX7hSJiTeokEmf8wHvXzikREXNtfq+bjmOf7ZEwcEOHvdGW8vTq/1GRBWdYTB
txW4+XMlHZg55Lyk6zG8uMngJZY+Q4iGzFHetQ8heRg5qU5AW2u3CeH5eDFhFREy
/71+uUm0rVydB3YqU/s9WP7G5872UNHD1873vfv4UG7z5tAye3KFkQpt9a4QSJRQ
PBXlFy1Bk0O9/Fb/aRRW3rqyNEAaMDlZXaWlr9nIyY/YqZbP8mCZ8bY8XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCgyOK3Xjte8d9VZqUyq8uEtiJ/+MB8GA1UdIwQY
MBaAFN23sAGeGfES9NK8/W6hLZCB/Fh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2Jld0FaNFo4UkwwMHJ6OWJxRXRrSUg4V0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9lZmEzZjEtNzY3MS00Y2UzLTlmZTEt
YTg2ZGY5ODNhNzRjLzEvM2Jld0FaNFo4UkwwMHJ6OWJxRXRrSUg4V0g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9lZmEzZjEtNzY3MS00Y2UzLTlmZTEtYTg2ZGY5ODNhNzRj
LzEvM2Jld0FaNFo4UkwwMHJ6OWJxRXRrSUg4V0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPisr0zTf
IR54p8wDpQHGp7kmkzpbxZxYtmZishPavpuEKSKgHNlp5EESpoqKh6uiJL4HfRz/
AnhoJ6qRMA7eLsKEu/7mVIwjjEVrpKrXVqQ5T+RjfPkXjUtR2MJ+FFcuSaPibYhG
aXwp8UVIBv815Qy2+ImPo+InLMlMI+VTSBEJ53IfByiJG7QUTWjcQYFA+3xfnkqw
aww4seVAfiFFWgF7wlO/d9ZZMXgPgpxHpyNjNdMEZFb8IxycHcGdgZ5yH6QX+VnH
XUlVRXt5YTuLdycdOFXUuevwgWRz6Zno7LxzPTIijBCJPku04sjLuXHGZx3invro
p2wFpO1ArIFSwA==
-----END CERTIFICATE-----