Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft
File:                     3q91C1wrlTnZblZJdyr34Q7-D-o.mft (raw, json)
Hash identifier:          rcJaKw1wbA8uphTyqlLCIDUiYnRhoJr9PWAL3Nf1duw=
Subject key identifier:   CA:4A:E6:27:BB:C8:D6:F1:54:FE:0A:7E:D8:F1:79:A3:5E:FB:99:0C
Authority key identifier: DE:AF:75:0B:5C:2B:95:39:D9:6E:56:49:77:2A:F7:E1:0E:FE:0F:EA
Certificate issuer:       /CN=deaf750b5c2b9539d96e5649772af7e10efe0fea
Certificate serial:       01958CCEC8A928837E27B83BCFE532274947
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3q91C1wrlTnZblZJdyr34Q7-D-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft
Manifest number:          0B27
Signing time:             Thu 13 Mar 2025 00:01:56 +0000
Manifest this update:     Thu 13 Mar 2025 00:01:56 +0000
Manifest next update:     Fri 14 Mar 2025 00:01:56 +0000
Files and hashes:         1: 3q91C1wrlTnZblZJdyr34Q7-D-o.crl (hash: dqXdmIZ9ocdktU6QYDMTqcnVgfbphZ1gs4u9laeuppA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3q91C1wrlTnZblZJdyr34Q7-D-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:ce:c8:a9:28:83:7e:27:b8:3b:cf:e5:32:27:49:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=deaf750b5c2b9539d96e5649772af7e10efe0fea
        Validity
            Not Before: Mar 13 00:01:56 2025 GMT
            Not After : Mar 14 00:01:56 2025 GMT
        Subject: CN=ca4ae627bbc8d6f154fe0a7ed8f179a35efb990c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:d7:78:29:7a:ce:b7:f9:14:14:67:2a:e2:32:
                    9b:30:8d:d5:79:6d:be:bd:c3:9b:c9:03:ed:32:2e:
                    d0:92:d9:e8:54:26:5f:96:48:16:7d:44:29:64:ef:
                    c5:7e:03:18:95:f7:cc:94:0f:96:fd:d2:51:3b:b6:
                    39:9d:bf:71:3f:3e:14:9f:6c:74:19:8e:e0:55:5d:
                    65:9a:65:1d:ae:82:a0:d8:03:16:0d:b3:7a:bd:2e:
                    12:3b:af:4f:43:96:38:97:8a:04:c8:ff:d8:02:95:
                    67:a8:f6:06:1a:8f:06:ac:39:d9:3a:d0:54:0a:b6:
                    0e:b1:f6:b5:ba:ac:9f:52:28:e4:0e:55:8c:1e:ad:
                    1d:52:85:a2:af:de:6e:ca:12:da:95:ad:26:1b:54:
                    20:e9:c0:c8:cc:c8:31:a8:ca:f3:19:48:c0:ee:38:
                    a8:ca:c5:c9:06:ba:95:a0:70:7a:7c:68:a2:fc:06:
                    69:49:fa:7c:17:4d:59:97:11:9c:6e:93:f0:e4:11:
                    4c:77:f5:59:47:19:cc:e9:3a:8a:f2:0d:84:02:15:
                    77:bc:45:cf:41:db:bf:da:6d:01:71:c6:f2:bc:77:
                    fb:ae:13:49:e5:7d:0a:62:10:2a:03:1a:a2:db:d2:
                    18:4c:c8:ee:0e:52:5c:b8:5c:b5:59:2f:7f:a2:e7:
                    da:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:4A:E6:27:BB:C8:D6:F1:54:FE:0A:7E:D8:F1:79:A3:5E:FB:99:0C
            X509v3 Authority Key Identifier:
                keyid:DE:AF:75:0B:5C:2B:95:39:D9:6E:56:49:77:2A:F7:E1:0E:FE:0F:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3q91C1wrlTnZblZJdyr34Q7-D-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:d6:b6:7d:16:a2:d2:57:f2:86:bc:5c:0b:6b:9d:0e:88:4f:
         6a:51:85:88:0a:9c:3b:d3:e1:19:0a:9c:d8:3d:f7:b5:f3:b9:
         84:df:e3:72:98:5d:63:cb:c5:bd:52:5a:4a:53:ae:e7:9c:fe:
         20:d2:51:2a:59:5e:a0:e8:7a:c8:d3:43:9e:27:1b:94:73:78:
         84:95:64:ef:55:cd:24:4a:8a:24:1e:fe:da:f6:20:62:4e:c3:
         d5:b3:df:6f:d9:c9:84:65:8f:05:a6:56:a3:85:59:1b:97:54:
         fd:70:48:ed:7f:ce:4a:ce:cd:64:fc:70:f8:7d:73:69:ea:f6:
         f9:ba:4f:da:c8:f5:b7:0f:5f:53:65:8a:63:f2:72:0b:c9:1b:
         33:82:c0:fb:ca:b8:58:7f:e3:f8:ad:50:c5:0d:41:28:21:9e:
         d7:22:eb:c0:a1:a0:9c:a9:2a:3e:08:5b:0e:94:ea:8b:66:e6:
         22:b6:25:c5:a1:13:90:c5:cd:f9:d3:38:8d:33:f4:53:ee:da:
         3b:ed:ad:0f:68:c0:d1:1b:cc:07:db:66:a1:9f:3a:26:eb:9c:
         a0:63:cb:0f:fe:ad:aa:d6:75:96:ae:2d:b8:db:50:55:5e:82:
         56:fa:7f:5a:00:c4:2d:76:04:8b:67:24:81:ee:73:58:4b:16:
         91:a3:f6:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMzsipKIN+J7g7z+UyJ0lHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYWY3NTBiNWMyYjk1MzlkOTZlNTY0OTc3MmFmN2UxMGVm
ZTBmZWEwHhcNMjUwMzEzMDAwMTU2WhcNMjUwMzE0MDAwMTU2WjAzMTEwLwYDVQQD
EyhjYTRhZTYyN2JiYzhkNmYxNTRmZTBhN2VkOGYxNzlhMzVlZmI5OTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNd4KXrOt/kUFGcq4jKbMI3VeW2+
vcObyQPtMi7QktnoVCZflkgWfUQpZO/FfgMYlffMlA+W/dJRO7Y5nb9xPz4Un2x0
GY7gVV1lmmUdroKg2AMWDbN6vS4SO69PQ5Y4l4oEyP/YApVnqPYGGo8GrDnZOtBU
CrYOsfa1uqyfUijkDlWMHq0dUoWir95uyhLala0mG1Qg6cDIzMgxqMrzGUjA7jio
ysXJBrqVoHB6fGii/AZpSfp8F01ZlxGcbpPw5BFMd/VZRxnM6TqK8g2EAhV3vEXP
Qdu/2m0BccbyvHf7rhNJ5X0KYhAqAxqi29IYTMjuDlJcuFy1WS9/oufahwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMpK5ie7yNbxVP4KftjxeaNe+5kMMB8GA1UdIwQY
MBaAFN6vdQtcK5U52W5WSXcq9+EO/g/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3E5MUMxd3JsVG5aYmxaSmR5cjM0UTctRC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wMzA5ZmItNmY4NC00N2JjLWE3Yzkt
NWQzMWQxZmU0MjhmLzEvM3E5MUMxd3JsVG5aYmxaSmR5cjM0UTctRC1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wMzA5ZmItNmY4NC00N2JjLWE3YzktNWQzMWQxZmU0Mjhm
LzEvM3E5MUMxd3JsVG5aYmxaSmR5cjM0UTctRC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlNa2fRai
0lfyhrxcC2udDohPalGFiAqcO9PhGQqc2D33tfO5hN/jcphdY8vFvVJaSlOu55z+
INJRKlleoOh6yNNDnicblHN4hJVk71XNJEqKJB7+2vYgYk7D1bPfb9nJhGWPBaZW
o4VZG5dU/XBI7X/OSs7NZPxw+H1zaer2+bpP2sj1tw9fU2WKY/JyC8kbM4LA+8q4
WH/j+K1QxQ1BKCGe1yLrwKGgnKkqPghbDpTqi2bmIrYlxaETkMXN+dM4jTP0U+7a
O+2tD2jA0RvMB9tmoZ86JuucoGPLD/6tqtZ1lq4tuNtQVV6CVvp/WgDELXYEi2ck
ge5zWEsWkaP2mQ==
-----END CERTIFICATE-----