Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft
File:                     3q91C1wrlTnZblZJdyr34Q7-D-o.mft (raw, json)
Hash identifier:          rav4zMkCtWzxtOYMFXHg8hrbHHiLwlZeVFdHSzAuMdM=
Subject key identifier:   E3:3C:AD:19:74:5B:79:15:E3:A2:4A:1D:0D:61:BA:E9:51:37:7B:D8
Authority key identifier: DE:AF:75:0B:5C:2B:95:39:D9:6E:56:49:77:2A:F7:E1:0E:FE:0F:EA
Certificate issuer:       /CN=deaf750b5c2b9539d96e5649772af7e10efe0fea
Certificate serial:       01951134D1442371BB47C1AE643AA51D3FA3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3q91C1wrlTnZblZJdyr34Q7-D-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft
Manifest number:          0AE7
Signing time:             Mon 17 Feb 2025 00:00:28 +0000
Manifest this update:     Mon 17 Feb 2025 00:00:28 +0000
Manifest next update:     Tue 18 Feb 2025 00:00:28 +0000
Files and hashes:         1: 3q91C1wrlTnZblZJdyr34Q7-D-o.crl (hash: ZlucSbxLvmh9stC8EHUUo1XkgikvWQvmX5V4qdsHkrs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3q91C1wrlTnZblZJdyr34Q7-D-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:34:d1:44:23:71:bb:47:c1:ae:64:3a:a5:1d:3f:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=deaf750b5c2b9539d96e5649772af7e10efe0fea
        Validity
            Not Before: Feb 17 00:00:28 2025 GMT
            Not After : Feb 18 00:00:28 2025 GMT
        Subject: CN=e33cad19745b7915e3a24a1d0d61bae951377bd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:61:8d:7b:a3:0f:69:72:a6:a2:ff:e8:eb:39:
                    14:af:c4:27:19:36:d8:90:70:1a:49:86:33:ce:18:
                    31:8e:2f:cd:3b:5c:5a:9e:60:18:00:a7:73:e0:e1:
                    ae:1a:79:9c:96:00:0a:13:1e:b9:3e:48:fe:43:80:
                    b7:13:84:82:fb:49:e3:ab:8b:ea:8f:2a:67:67:a0:
                    d8:f6:d3:28:bb:78:4a:d7:46:12:99:95:d9:c2:10:
                    15:ee:85:5e:38:18:1c:62:de:15:f6:6a:b9:d7:49:
                    49:55:c3:dc:c0:0e:24:e2:50:36:d0:ce:16:5f:54:
                    62:aa:49:47:d6:3d:58:78:4f:9a:31:47:2a:ec:c4:
                    78:dc:84:49:62:04:bb:23:95:9b:59:6f:7c:d1:28:
                    63:38:4d:99:63:a2:fe:f8:e5:41:3b:a7:a7:66:e5:
                    d6:36:0a:f8:77:48:05:a4:56:7e:c6:13:c0:e8:7e:
                    0e:b6:4c:64:eb:4e:c2:20:5b:2d:41:8d:15:41:1b:
                    5c:ea:ab:0f:50:70:fb:36:6d:05:4a:1b:b4:ce:ee:
                    6d:77:22:9f:62:53:cb:b5:85:a3:d9:7f:61:69:c5:
                    eb:ca:1b:6a:06:84:65:79:b5:07:37:39:6c:48:c3:
                    ad:25:85:e9:4d:f6:50:57:5d:9d:5a:d6:8b:e2:1c:
                    5e:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:3C:AD:19:74:5B:79:15:E3:A2:4A:1D:0D:61:BA:E9:51:37:7B:D8
            X509v3 Authority Key Identifier:
                keyid:DE:AF:75:0B:5C:2B:95:39:D9:6E:56:49:77:2A:F7:E1:0E:FE:0F:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3q91C1wrlTnZblZJdyr34Q7-D-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:93:f1:bf:4c:e1:28:80:aa:a5:5e:6e:53:07:6f:21:89:3e:
         7a:ee:d5:89:c9:36:7e:c5:ca:7d:08:b8:67:6e:15:3a:95:d4:
         f6:df:c7:d0:37:9b:eb:ad:f1:57:16:c6:04:25:f2:a7:74:30:
         39:e7:ea:6b:ac:07:4e:c4:e7:56:c2:2d:64:9b:1d:62:09:cc:
         6f:27:d5:62:c6:6e:ad:c8:a9:f3:8d:8f:7b:15:1a:1e:58:d4:
         33:2b:fe:94:c0:27:9c:a0:b2:c8:8f:1a:e3:38:97:fe:fb:e3:
         21:8d:14:e3:8a:b5:9f:70:8b:4a:77:04:a5:fc:16:0a:7d:06:
         e0:e4:fe:d9:52:d6:d1:44:f7:f5:88:16:a9:fc:0e:bd:29:65:
         63:55:2d:2a:8d:2b:cf:e9:98:e9:3c:91:d5:ca:09:76:b8:17:
         24:ee:95:38:41:64:91:d5:b4:6d:55:d2:0e:47:6d:2c:a8:83:
         9a:18:db:89:cf:19:fa:d6:75:a1:12:58:79:46:6b:e1:b8:a6:
         a4:51:07:3c:87:f2:17:44:92:2f:61:23:39:9f:58:11:ba:5e:
         ec:89:8d:99:82:2a:c5:2f:f6:27:d6:f7:a3:36:b7:47:2a:05:
         9d:a6:df:47:2a:f9:bb:64:77:36:6d:01:a9:a9:8d:8d:00:fc:
         b7:50:08:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNNFEI3G7R8GuZDqlHT+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYWY3NTBiNWMyYjk1MzlkOTZlNTY0OTc3MmFmN2UxMGVm
ZTBmZWEwHhcNMjUwMjE3MDAwMDI4WhcNMjUwMjE4MDAwMDI4WjAzMTEwLwYDVQQD
EyhlMzNjYWQxOTc0NWI3OTE1ZTNhMjRhMWQwZDYxYmFlOTUxMzc3YmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2GNe6MPaXKmov/o6zkUr8QnGTbY
kHAaSYYzzhgxji/NO1xanmAYAKdz4OGuGnmclgAKEx65Pkj+Q4C3E4SC+0njq4vq
jypnZ6DY9tMou3hK10YSmZXZwhAV7oVeOBgcYt4V9mq510lJVcPcwA4k4lA20M4W
X1RiqklH1j1YeE+aMUcq7MR43IRJYgS7I5WbWW980ShjOE2ZY6L++OVBO6enZuXW
Ngr4d0gFpFZ+xhPA6H4Otkxk607CIFstQY0VQRtc6qsPUHD7Nm0FShu0zu5tdyKf
YlPLtYWj2X9hacXryhtqBoRlebUHNzlsSMOtJYXpTfZQV12dWtaL4hxeOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOM8rRl0W3kV46JKHQ1huulRN3vYMB8GA1UdIwQY
MBaAFN6vdQtcK5U52W5WSXcq9+EO/g/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3E5MUMxd3JsVG5aYmxaSmR5cjM0UTctRC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wMzA5ZmItNmY4NC00N2JjLWE3Yzkt
NWQzMWQxZmU0MjhmLzEvM3E5MUMxd3JsVG5aYmxaSmR5cjM0UTctRC1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wMzA5ZmItNmY4NC00N2JjLWE3YzktNWQzMWQxZmU0Mjhm
LzEvM3E5MUMxd3JsVG5aYmxaSmR5cjM0UTctRC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACZPxv0zh
KICqpV5uUwdvIYk+eu7Vick2fsXKfQi4Z24VOpXU9t/H0Deb663xVxbGBCXyp3Qw
Oefqa6wHTsTnVsItZJsdYgnMbyfVYsZurcip842PexUaHljUMyv+lMAnnKCyyI8a
4ziX/vvjIY0U44q1n3CLSncEpfwWCn0G4OT+2VLW0UT39YgWqfwOvSllY1UtKo0r
z+mY6TyR1coJdrgXJO6VOEFkkdW0bVXSDkdtLKiDmhjbic8Z+tZ1oRJYeUZr4bim
pFEHPIfyF0SSL2EjOZ9YEbpe7ImNmYIqxS/2J9b3oza3RyoFnabfRyr5u2R3Nm0B
qamNjQD8t1AI6Q==
-----END CERTIFICATE-----