Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
File:                     3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft (raw, json)
Hash identifier:          +7nZEcbAp94qHn43tpu5NLf9yv6QpgNpiWeKPSaY6Jc=
Subject key identifier:   41:D7:31:19:06:5F:7A:8A:37:52:3F:E2:81:71:8C:12:8B:67:09:F1
Authority key identifier: DD:B7:B0:01:9E:19:F1:12:F4:D2:BC:FD:6E:A1:2D:90:81:FC:58:7E
Certificate issuer:       /CN=ddb7b0019e19f112f4d2bcfd6ea12d9081fc587e
Certificate serial:       019511347742C8FA828F227FE2C46FEF8506
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
Manifest number:          1451
Signing time:             Mon 17 Feb 2025 00:00:05 +0000
Manifest this update:     Mon 17 Feb 2025 00:00:05 +0000
Manifest next update:     Tue 18 Feb 2025 00:00:05 +0000
Files and hashes:         1: 3bewAZ4Z8RL00rz9bqEtkIH8WH4.crl (hash: cILeHlhy/RVDyiCCailQ4A7fIRcU2dLQVMAMsggF5zY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:34:77:42:c8:fa:82:8f:22:7f:e2:c4:6f:ef:85:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddb7b0019e19f112f4d2bcfd6ea12d9081fc587e
        Validity
            Not Before: Feb 17 00:00:05 2025 GMT
            Not After : Feb 18 00:00:05 2025 GMT
        Subject: CN=41d73119065f7a8a37523fe281718c128b6709f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:27:75:ba:58:ee:74:32:a3:72:e2:7b:64:98:
                    09:7b:33:45:9d:13:a7:0c:4d:dc:cc:df:d0:08:0e:
                    96:31:b1:1c:ba:86:fb:3c:d4:14:4a:a0:ae:e2:18:
                    2e:33:fc:72:02:54:64:ee:b2:5b:84:9f:e3:de:13:
                    fd:90:91:cc:3b:91:84:7e:66:48:db:dc:99:ea:d8:
                    ca:b0:8f:1f:10:5e:ab:30:14:14:e6:bc:a5:aa:16:
                    60:db:80:60:d4:e5:3e:28:9e:e2:46:d7:b2:ef:9f:
                    42:40:f9:8c:d0:4f:70:e2:24:ad:96:bf:2a:2e:ee:
                    58:93:ae:f7:98:51:bb:c2:c0:05:62:8a:24:9b:47:
                    fb:7a:fd:76:5f:31:fe:2c:8d:27:23:e0:a5:a9:bf:
                    59:49:1d:52:f1:61:83:05:f6:07:18:76:81:83:77:
                    7f:dd:6e:48:db:9d:40:d7:30:91:87:98:3b:fa:a4:
                    ba:49:ad:84:15:fa:28:6e:f5:4a:c0:a0:a6:41:b2:
                    10:08:9a:e6:0c:f2:24:b0:0e:a4:a7:30:83:aa:85:
                    76:25:17:e2:76:26:7d:b1:eb:65:56:58:d0:71:75:
                    b0:ca:00:44:c4:6e:3e:77:91:3b:b4:76:25:b4:51:
                    2d:c8:2f:bd:fd:ac:8f:e9:d7:41:4b:34:e6:28:c0:
                    24:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:D7:31:19:06:5F:7A:8A:37:52:3F:E2:81:71:8C:12:8B:67:09:F1
            X509v3 Authority Key Identifier:
                keyid:DD:B7:B0:01:9E:19:F1:12:F4:D2:BC:FD:6E:A1:2D:90:81:FC:58:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:33:38:02:88:a3:98:12:76:2b:97:4b:60:b3:e0:49:c0:5d:
         21:b9:de:4c:3c:80:12:8b:8a:82:5f:c5:40:4c:14:87:f8:58:
         cd:7f:27:b3:8c:44:6b:c3:3d:39:5a:54:c5:8e:01:40:62:c2:
         7b:08:7b:be:d7:b8:04:12:0e:2b:64:6b:29:28:83:32:38:8f:
         27:6f:28:13:55:67:e9:38:73:44:32:5a:f5:c6:7d:b4:a1:b6:
         93:65:f3:60:ca:ca:9c:b0:a7:ca:ca:3f:5e:33:17:f3:28:04:
         d0:66:17:be:01:03:4d:aa:de:4d:43:d3:43:f5:6f:de:d1:4e:
         bd:ba:b3:f5:94:68:6f:d1:36:49:30:e5:84:50:9b:43:a0:4f:
         75:33:c7:8f:72:de:14:98:16:70:ba:3e:2c:76:c3:25:f2:3c:
         c2:55:1c:79:70:9d:b2:f6:cc:03:80:fb:66:72:13:b8:2d:e6:
         0d:ed:1a:46:cd:dd:91:02:45:6c:36:2e:e5:8b:7a:b4:81:26:
         95:27:38:ca:05:78:d9:d1:98:c9:7c:05:ad:85:f2:ee:95:9d:
         26:a2:02:24:ac:23:b2:d5:b2:49:bb:d2:ba:93:f9:70:21:4a:
         98:02:3e:62:9b:ba:29:9d:80:a7:f4:d9:86:de:f3:6e:4a:32:
         81:02:4b:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNHdCyPqCjyJ/4sRv74UGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYjdiMDAxOWUxOWYxMTJmNGQyYmNmZDZlYTEyZDkwODFm
YzU4N2UwHhcNMjUwMjE3MDAwMDA1WhcNMjUwMjE4MDAwMDA1WjAzMTEwLwYDVQQD
Eyg0MWQ3MzExOTA2NWY3YThhMzc1MjNmZTI4MTcxOGMxMjhiNjcwOWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApid1uljudDKjcuJ7ZJgJezNFnROn
DE3czN/QCA6WMbEcuob7PNQUSqCu4hguM/xyAlRk7rJbhJ/j3hP9kJHMO5GEfmZI
29yZ6tjKsI8fEF6rMBQU5rylqhZg24Bg1OU+KJ7iRtey759CQPmM0E9w4iStlr8q
Lu5Yk673mFG7wsAFYookm0f7ev12XzH+LI0nI+Clqb9ZSR1S8WGDBfYHGHaBg3d/
3W5I251A1zCRh5g7+qS6Sa2EFfoobvVKwKCmQbIQCJrmDPIksA6kpzCDqoV2JRfi
diZ9setlVljQcXWwygBExG4+d5E7tHYltFEtyC+9/ayP6ddBSzTmKMAkWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEHXMRkGX3qKN1I/4oFxjBKLZwnxMB8GA1UdIwQY
MBaAFN23sAGeGfES9NK8/W6hLZCB/Fh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2Jld0FaNFo4UkwwMHJ6OWJxRXRrSUg4V0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9lZmEzZjEtNzY3MS00Y2UzLTlmZTEt
YTg2ZGY5ODNhNzRjLzEvM2Jld0FaNFo4UkwwMHJ6OWJxRXRrSUg4V0g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9lZmEzZjEtNzY3MS00Y2UzLTlmZTEtYTg2ZGY5ODNhNzRj
LzEvM2Jld0FaNFo4UkwwMHJ6OWJxRXRrSUg4V0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdjM4Aoij
mBJ2K5dLYLPgScBdIbneTDyAEouKgl/FQEwUh/hYzX8ns4xEa8M9OVpUxY4BQGLC
ewh7vte4BBIOK2RrKSiDMjiPJ28oE1Vn6ThzRDJa9cZ9tKG2k2XzYMrKnLCnyso/
XjMX8ygE0GYXvgEDTareTUPTQ/Vv3tFOvbqz9ZRob9E2STDlhFCbQ6BPdTPHj3Le
FJgWcLo+LHbDJfI8wlUceXCdsvbMA4D7ZnITuC3mDe0aRs3dkQJFbDYu5Yt6tIEm
lSc4ygV42dGYyXwFrYXy7pWdJqICJKwjstWySbvSupP5cCFKmAI+Ypu6KZ2Ap/TZ
ht7zbkoygQJLkw==
-----END CERTIFICATE-----