Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft
File:                     3q91C1wrlTnZblZJdyr34Q7-D-o.mft (raw, json)
Hash identifier:          donZfShIXvJGFAoOmnIDr3e7V1Ua/m2zpazblTK5Re8=
Subject key identifier:   51:DC:1C:C5:86:EA:9D:F9:17:FA:B8:C0:78:88:D9:F0:EA:17:49:E8
Authority key identifier: DE:AF:75:0B:5C:2B:95:39:D9:6E:56:49:77:2A:F7:E1:0E:FE:0F:EA
Certificate issuer:       /CN=deaf750b5c2b9539d96e5649772af7e10efe0fea
Certificate serial:       01962B29BB8CF8C5FDD2BB041CE2AB6C4CA9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3q91C1wrlTnZblZJdyr34Q7-D-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft
Manifest number:          0B79
Signing time:             Sat 12 Apr 2025 18:01:17 +0000
Manifest this update:     Sat 12 Apr 2025 18:01:17 +0000
Manifest next update:     Sun 13 Apr 2025 18:01:17 +0000
Files and hashes:         1: 3q91C1wrlTnZblZJdyr34Q7-D-o.crl (hash: douDvZ0xGENLyApqE1yHkBFbfgpc2SaZKH+0LvjAyh8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3q91C1wrlTnZblZJdyr34Q7-D-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 13 Apr 2025 18:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:2b:29:bb:8c:f8:c5:fd:d2:bb:04:1c:e2:ab:6c:4c:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=deaf750b5c2b9539d96e5649772af7e10efe0fea
        Validity
            Not Before: Apr 12 18:01:17 2025 GMT
            Not After : Apr 13 18:01:17 2025 GMT
        Subject: CN=51dc1cc586ea9df917fab8c07888d9f0ea1749e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:34:41:cf:4f:95:d8:e8:db:e6:09:54:f6:b3:
                    50:05:a9:fd:bc:80:fa:e7:45:be:59:5a:c4:b3:82:
                    4e:3a:5d:f0:1f:72:48:98:13:9c:3f:97:8c:85:c5:
                    54:9e:37:24:66:37:62:0f:c5:4d:45:a7:45:a2:2c:
                    c1:85:92:d6:0d:fd:ea:18:2c:58:f2:bc:78:1e:a9:
                    e1:60:e6:4f:58:68:77:82:15:c1:5b:a7:0c:dc:86:
                    e2:1e:76:49:f9:bb:01:84:f6:3e:b7:0c:5f:fd:62:
                    2b:3b:31:c5:41:49:69:b5:5e:ff:1c:76:66:af:02:
                    44:92:99:ed:20:bb:91:e0:c8:2e:ff:f7:3c:f3:ee:
                    94:4f:e0:b1:f8:14:bb:0f:d5:cf:72:3c:fd:29:2c:
                    5a:dd:df:85:73:89:45:71:69:6a:6b:57:2e:ba:47:
                    27:ad:4b:46:92:dc:c4:b1:96:a7:07:a2:2d:24:17:
                    02:45:a7:6f:e0:27:e7:25:2a:a4:42:c7:bf:e5:94:
                    ee:db:56:9b:6b:40:d3:6f:70:b6:82:a5:ba:09:0e:
                    c7:0c:36:92:b1:61:a7:a3:87:47:f5:39:6f:85:d1:
                    c0:a7:19:18:d5:59:3e:2b:d4:48:83:f9:03:76:40:
                    93:25:47:46:d4:32:52:e4:eb:9d:ae:ca:f5:5a:23:
                    ad:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:DC:1C:C5:86:EA:9D:F9:17:FA:B8:C0:78:88:D9:F0:EA:17:49:E8
            X509v3 Authority Key Identifier:
                keyid:DE:AF:75:0B:5C:2B:95:39:D9:6E:56:49:77:2A:F7:E1:0E:FE:0F:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3q91C1wrlTnZblZJdyr34Q7-D-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:88:10:9a:89:45:8f:91:60:92:f9:81:15:1f:30:69:ba:89:
         24:03:99:71:0f:cd:ef:54:c8:de:17:9b:75:db:c0:a0:ba:b2:
         62:a1:d8:14:46:d2:d4:dd:ac:02:95:7f:5d:7c:40:e9:73:cb:
         f4:3d:de:52:ba:19:58:5c:5a:35:36:9a:18:f2:be:a8:32:ab:
         fe:99:48:ca:a6:6c:0d:7d:c8:ba:78:dd:b5:4c:8a:14:a6:71:
         04:a1:ea:04:7f:48:27:97:71:e3:9f:90:a3:9b:09:b9:8b:fe:
         ee:13:e6:c2:14:63:93:c8:39:19:a5:41:4c:9b:b0:54:fa:9e:
         2b:da:b1:56:7b:b1:e2:79:7e:20:61:a8:9e:51:32:3d:a1:cc:
         7d:34:35:a3:d3:6b:da:ee:a0:ae:2a:b0:ec:c4:89:b8:d4:39:
         d7:22:11:02:e3:a5:e4:f0:55:c8:e1:51:3f:c9:df:1f:81:0e:
         4d:88:14:a0:21:2a:b4:ef:fe:d4:cd:1d:92:4d:27:7b:ee:bf:
         8e:1c:16:e4:d1:7a:f2:d7:a2:2b:9b:de:43:93:29:97:87:c9:
         ac:74:d2:31:77:74:96:ca:ed:24:5f:b1:d8:10:cc:6c:ac:d7:
         a2:e0:ec:c1:d8:26:a9:bb:4e:bf:b3:04:16:fc:3c:f8:b4:25:
         62:14:dc:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYrKbuM+MX90rsEHOKrbEypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYWY3NTBiNWMyYjk1MzlkOTZlNTY0OTc3MmFmN2UxMGVm
ZTBmZWEwHhcNMjUwNDEyMTgwMTE3WhcNMjUwNDEzMTgwMTE3WjAzMTEwLwYDVQQD
Eyg1MWRjMWNjNTg2ZWE5ZGY5MTdmYWI4YzA3ODg4ZDlmMGVhMTc0OWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTRBz0+V2Ojb5glU9rNQBan9vID6
50W+WVrEs4JOOl3wH3JImBOcP5eMhcVUnjckZjdiD8VNRadFoizBhZLWDf3qGCxY
8rx4HqnhYOZPWGh3ghXBW6cM3IbiHnZJ+bsBhPY+twxf/WIrOzHFQUlptV7/HHZm
rwJEkpntILuR4Mgu//c88+6UT+Cx+BS7D9XPcjz9KSxa3d+Fc4lFcWlqa1cuukcn
rUtGktzEsZanB6ItJBcCRadv4CfnJSqkQse/5ZTu21aba0DTb3C2gqW6CQ7HDDaS
sWGno4dH9TlvhdHApxkY1Vk+K9RIg/kDdkCTJUdG1DJS5Oudrsr1WiOtswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFHcHMWG6p35F/q4wHiI2fDqF0noMB8GA1UdIwQY
MBaAFN6vdQtcK5U52W5WSXcq9+EO/g/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3E5MUMxd3JsVG5aYmxaSmR5cjM0UTctRC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wMzA5ZmItNmY4NC00N2JjLWE3Yzkt
NWQzMWQxZmU0MjhmLzEvM3E5MUMxd3JsVG5aYmxaSmR5cjM0UTctRC1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wMzA5ZmItNmY4NC00N2JjLWE3YzktNWQzMWQxZmU0Mjhm
LzEvM3E5MUMxd3JsVG5aYmxaSmR5cjM0UTctRC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW4gQmolF
j5FgkvmBFR8wabqJJAOZcQ/N71TI3hebddvAoLqyYqHYFEbS1N2sApV/XXxA6XPL
9D3eUroZWFxaNTaaGPK+qDKr/plIyqZsDX3IunjdtUyKFKZxBKHqBH9IJ5dx45+Q
o5sJuYv+7hPmwhRjk8g5GaVBTJuwVPqeK9qxVnux4nl+IGGonlEyPaHMfTQ1o9Nr
2u6griqw7MSJuNQ51yIRAuOl5PBVyOFRP8nfH4EOTYgUoCEqtO/+1M0dkk0ne+6/
jhwW5NF68teiK5veQ5Mpl4fJrHTSMXd0lsrtJF+x2BDMbKzXouDswdgmqbtOv7ME
Fvw8+LQlYhTc1g==
-----END CERTIFICATE-----