Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.mft
File:                     PwbJ3z-o-T2e8O0EscoENduLxlA.mft (raw, json)
Hash identifier:          SRO16yYBP0KkG2SobAi9COLDZltpW4rUbSJIUoPwqYc=
Subject key identifier:   1B:70:35:63:45:1F:73:DA:E1:7F:4B:35:05:48:66:11:E5:D6:33:ED
Authority key identifier: 3F:06:C9:DF:3F:A8:F9:3D:9E:F0:ED:04:B1:CA:04:35:DB:8B:C6:50
Certificate issuer:       /CN=3f06c9df3fa8f93d9ef0ed04b1ca0435db8bc650
Certificate serial:       019650488E5A970CE3FCF3B727096F26E77D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PwbJ3z-o-T2e8O0EscoENduLxlA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.mft
Manifest number:          14F8
Signing time:             Sat 19 Apr 2025 23:00:54 +0000
Manifest this update:     Sat 19 Apr 2025 23:00:54 +0000
Manifest next update:     Sun 20 Apr 2025 23:00:54 +0000
Files and hashes:         1: PwbJ3z-o-T2e8O0EscoENduLxlA.crl (hash: ZcJfbrJKRVP1BJNktv6ABdPj+skK/lePWNSBXzOCLdc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PwbJ3z-o-T2e8O0EscoENduLxlA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:48:8e:5a:97:0c:e3:fc:f3:b7:27:09:6f:26:e7:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f06c9df3fa8f93d9ef0ed04b1ca0435db8bc650
        Validity
            Not Before: Apr 19 23:00:54 2025 GMT
            Not After : Apr 20 23:00:54 2025 GMT
        Subject: CN=1b703563451f73dae17f4b3505486611e5d633ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:8a:06:b9:89:7f:b8:50:dc:54:95:59:63:9b:
                    04:58:56:a3:08:15:f2:b0:7e:35:59:28:dd:0d:6c:
                    a6:a6:43:18:fb:f5:8f:6e:dc:ce:ba:55:21:13:53:
                    d7:03:b6:09:18:bd:70:6d:5e:1d:5a:c6:75:27:9e:
                    9c:3e:b9:e6:a6:17:30:a8:02:c7:92:f2:a5:47:7b:
                    97:07:aa:87:45:72:8b:ab:62:c5:8f:d4:e2:33:ba:
                    41:77:ec:7e:93:b1:56:8d:5a:aa:2c:aa:80:f1:b2:
                    05:ea:1d:f6:29:56:27:59:62:aa:b2:6b:1f:80:38:
                    31:12:28:54:87:ef:d2:6f:30:54:56:73:bf:71:76:
                    6a:f8:28:f8:a8:d0:f7:d0:ed:65:6d:83:20:20:37:
                    3a:54:bd:e1:66:74:d7:00:2a:b4:52:e5:45:5e:eb:
                    fa:2c:63:92:ba:69:29:1d:05:01:b6:9b:02:5f:e4:
                    ed:c0:6e:de:28:75:0e:69:3b:fc:3f:e3:4e:7a:5d:
                    25:62:ac:a3:1c:84:e4:25:de:69:76:17:d7:d2:13:
                    43:2a:03:80:0c:a6:23:e8:70:bd:68:e2:f9:65:1a:
                    c5:e7:46:a9:f9:a2:e6:47:b8:38:a3:85:bc:52:f3:
                    81:34:51:06:91:72:82:22:a2:68:4d:5e:cf:39:35:
                    4d:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:70:35:63:45:1F:73:DA:E1:7F:4B:35:05:48:66:11:E5:D6:33:ED
            X509v3 Authority Key Identifier:
                keyid:3F:06:C9:DF:3F:A8:F9:3D:9E:F0:ED:04:B1:CA:04:35:DB:8B:C6:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PwbJ3z-o-T2e8O0EscoENduLxlA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d00e3d-54c7-436f-a8ce-338aa0cf98e2/1/PwbJ3z-o-T2e8O0EscoENduLxlA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:e0:ba:2d:b4:62:88:78:04:01:c8:a3:0d:3e:86:6a:ff:4e:
         fd:f3:ea:45:b4:27:53:c9:2c:b2:c6:17:63:17:0b:a1:fc:40:
         94:5a:17:9f:65:86:4e:0b:04:1e:33:6c:da:72:b4:9d:ad:f7:
         9b:a9:0d:1d:50:d8:30:ec:3d:47:da:f2:d8:5e:6e:bd:97:4e:
         eb:55:bf:7c:6d:5e:35:56:29:e1:1e:62:a9:58:92:d2:a3:6c:
         ee:17:cc:72:57:f7:14:82:21:3a:df:68:2a:55:aa:c7:a7:b0:
         6d:9f:0c:15:46:51:63:bf:c4:e2:c1:64:79:ab:fd:b8:93:9b:
         80:f6:59:ca:50:ce:bb:f6:67:a0:b5:ba:5a:d1:b6:2a:e9:99:
         68:e1:8e:42:72:48:94:d5:5a:fe:c0:bf:a8:ce:a1:4d:69:94:
         59:38:34:e8:7d:be:88:99:82:a9:68:9d:c0:7e:6b:d3:50:3e:
         36:60:e6:b0:2a:04:27:ee:bb:c1:c8:10:45:4a:e1:53:cb:6d:
         01:6e:52:40:7e:d5:25:47:25:b8:2a:fb:8b:a2:b0:77:7a:3d:
         8b:68:05:1c:b3:8a:55:40:ef:a0:b3:86:4c:35:91:ae:0f:0b:
         42:a4:4a:fd:b9:f7:50:83:86:2b:1a:b6:1a:06:ff:51:c2:3e:
         dd:0c:06:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQSI5alwzj/PO3JwlvJud9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMDZjOWRmM2ZhOGY5M2Q5ZWYwZWQwNGIxY2EwNDM1ZGI4
YmM2NTAwHhcNMjUwNDE5MjMwMDU0WhcNMjUwNDIwMjMwMDU0WjAzMTEwLwYDVQQD
EygxYjcwMzU2MzQ1MWY3M2RhZTE3ZjRiMzUwNTQ4NjYxMWU1ZDYzM2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIoGuYl/uFDcVJVZY5sEWFajCBXy
sH41WSjdDWympkMY+/WPbtzOulUhE1PXA7YJGL1wbV4dWsZ1J56cPrnmphcwqALH
kvKlR3uXB6qHRXKLq2LFj9TiM7pBd+x+k7FWjVqqLKqA8bIF6h32KVYnWWKqsmsf
gDgxEihUh+/SbzBUVnO/cXZq+Cj4qND30O1lbYMgIDc6VL3hZnTXACq0UuVFXuv6
LGOSumkpHQUBtpsCX+TtwG7eKHUOaTv8P+NOel0lYqyjHITkJd5pdhfX0hNDKgOA
DKYj6HC9aOL5ZRrF50ap+aLmR7g4o4W8UvOBNFEGkXKCIqJoTV7POTVNnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBtwNWNFH3Pa4X9LNQVIZhHl1jPtMB8GA1UdIwQY
MBaAFD8Gyd8/qPk9nvDtBLHKBDXbi8ZQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHdiSjN6LW8tVDJlOE8wRXNjb0VOZHVMeGxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9kMDBlM2QtNTRjNy00MzZmLWE4Y2Ut
MzM4YWEwY2Y5OGUyLzEvUHdiSjN6LW8tVDJlOE8wRXNjb0VOZHVMeGxBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9kMDBlM2QtNTRjNy00MzZmLWE4Y2UtMzM4YWEwY2Y5OGUy
LzEvUHdiSjN6LW8tVDJlOE8wRXNjb0VOZHVMeGxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj+C6LbRi
iHgEAcijDT6Gav9O/fPqRbQnU8ksssYXYxcLofxAlFoXn2WGTgsEHjNs2nK0na33
m6kNHVDYMOw9R9ry2F5uvZdO61W/fG1eNVYp4R5iqViS0qNs7hfMclf3FIIhOt9o
KlWqx6ewbZ8MFUZRY7/E4sFkeav9uJObgPZZylDOu/ZnoLW6WtG2KumZaOGOQnJI
lNVa/sC/qM6hTWmUWTg06H2+iJmCqWidwH5r01A+NmDmsCoEJ+67wcgQRUrhU8tt
AW5SQH7VJUcluCr7i6Kwd3o9i2gFHLOKVUDvoLOGTDWRrg8LQqRK/bn3UIOGKxq2
Ggb/UcI+3QwGNw==
-----END CERTIFICATE-----