Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft
File:                     3rwtwyLztJZucDtdjIi3FvDZsOk.mft (raw, json)
Hash identifier:          a/D6A9UezsX+qSxFnYQ9p4c05k5tUaoX/9umv3HJE+U=
Subject key identifier:   0A:37:16:95:38:3E:CA:A2:67:0B:B9:9F:2B:D4:F4:E4:3D:5B:F1:8A
Authority key identifier: DE:BC:2D:C3:22:F3:B4:96:6E:70:3B:5D:8C:88:B7:16:F0:D9:B0:E9
Certificate issuer:       /CN=debc2dc322f3b4966e703b5d8c88b716f0d9b0e9
Certificate serial:       01965726EBEA83DCDB6F1BEAD897C68D4B65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3rwtwyLztJZucDtdjIi3FvDZsOk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft
Manifest number:          12BD
Signing time:             Mon 21 Apr 2025 07:01:30 +0000
Manifest this update:     Mon 21 Apr 2025 07:01:30 +0000
Manifest next update:     Tue 22 Apr 2025 07:01:30 +0000
Files and hashes:         1: 3rwtwyLztJZucDtdjIi3FvDZsOk.crl (hash: 5OKQFrHqHeyrFBjEqjBcugISIfvIvFs5AhJJPh4fLJo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3rwtwyLztJZucDtdjIi3FvDZsOk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:26:eb:ea:83:dc:db:6f:1b:ea:d8:97:c6:8d:4b:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=debc2dc322f3b4966e703b5d8c88b716f0d9b0e9
        Validity
            Not Before: Apr 21 07:01:30 2025 GMT
            Not After : Apr 22 07:01:30 2025 GMT
        Subject: CN=0a371695383ecaa2670bb99f2bd4f4e43d5bf18a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:f8:c5:f1:b1:19:d7:8f:9f:8b:f2:28:ef:13:
                    2f:60:6d:f5:11:13:11:5f:6a:27:1f:ea:3a:44:7a:
                    b4:e1:03:69:c9:89:7e:33:5f:f6:71:17:40:17:92:
                    ca:86:52:8e:ed:bd:ae:2e:fa:41:45:c1:98:cf:f0:
                    1b:97:a6:26:84:70:bb:0b:27:84:58:90:51:e2:2b:
                    47:a4:d7:9c:01:2e:6a:89:3f:75:fb:26:42:21:d3:
                    2e:31:95:03:93:4f:2b:c4:bb:25:e6:3e:b4:19:25:
                    86:09:5d:23:50:6e:1a:ad:77:49:c4:e3:37:e6:8e:
                    67:21:50:0c:ff:96:d6:0e:aa:7c:f6:c5:a0:72:a2:
                    16:5f:af:e9:2a:be:5a:87:66:57:bb:1e:6a:48:eb:
                    70:25:c1:7a:46:02:e3:65:18:7f:d9:12:df:d6:33:
                    a6:ad:df:20:ba:b9:2c:28:36:d6:1d:a8:41:b2:aa:
                    0b:e4:dd:68:df:c4:dc:98:b2:1d:e9:7c:32:4e:16:
                    75:68:b7:04:0b:47:9c:51:1a:41:c0:0f:bd:06:8e:
                    5c:bb:29:f3:49:b5:fe:99:ca:4d:13:e6:be:ac:d6:
                    42:b7:b7:2f:e6:e0:53:79:28:6f:6f:2e:db:2a:53:
                    f6:aa:0a:0e:a4:a0:c2:36:5b:f9:7d:b5:9e:5a:dd:
                    fd:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:37:16:95:38:3E:CA:A2:67:0B:B9:9F:2B:D4:F4:E4:3D:5B:F1:8A
            X509v3 Authority Key Identifier:
                keyid:DE:BC:2D:C3:22:F3:B4:96:6E:70:3B:5D:8C:88:B7:16:F0:D9:B0:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3rwtwyLztJZucDtdjIi3FvDZsOk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:cd:c4:77:b4:ad:48:61:8a:af:85:32:4d:eb:6a:c3:15:f7:
         7a:27:06:41:97:c7:fe:42:90:e3:04:0f:0f:02:ca:60:05:ba:
         04:51:b5:a9:bc:b6:2d:f2:4d:bb:60:fd:34:e4:ef:d3:9c:59:
         c3:c8:7d:f5:d7:11:22:85:33:1d:17:b9:c4:a5:be:5e:ed:65:
         00:60:b0:57:0c:00:6e:90:ef:53:c6:48:e2:a3:e7:7b:77:47:
         9f:a2:21:66:d8:58:b4:ff:86:56:88:98:4b:20:ee:39:b3:a9:
         44:43:84:1c:93:a8:4a:45:8c:81:c4:6c:48:6d:35:bc:14:a9:
         8e:6c:73:06:11:7f:2e:cd:cd:ba:95:c3:1a:b1:9a:ad:b0:e4:
         93:a2:73:8d:30:81:13:99:60:d8:54:7c:84:fd:a8:a5:4a:12:
         41:11:25:5a:e1:e1:68:30:58:b6:a6:e4:29:ce:48:20:e1:3b:
         0d:19:04:c5:65:02:71:6c:e4:ad:30:39:18:7c:f9:cd:4a:bc:
         6f:97:d2:0e:f1:fd:bf:f6:8e:d6:bb:63:ba:a1:2b:39:fb:3a:
         b8:8b:77:bf:75:73:49:bb:af:66:40:81:27:aa:32:b4:ec:6e:
         67:5e:76:06:15:2a:38:31:64:9d:6f:71:37:0c:c9:df:10:5e:
         4f:54:91:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJuvqg9zbbxvq2JfGjUtlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYmMyZGMzMjJmM2I0OTY2ZTcwM2I1ZDhjODhiNzE2ZjBk
OWIwZTkwHhcNMjUwNDIxMDcwMTMwWhcNMjUwNDIyMDcwMTMwWjAzMTEwLwYDVQQD
EygwYTM3MTY5NTM4M2VjYWEyNjcwYmI5OWYyYmQ0ZjRlNDNkNWJmMThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfjF8bEZ14+fi/Io7xMvYG31ERMR
X2onH+o6RHq04QNpyYl+M1/2cRdAF5LKhlKO7b2uLvpBRcGYz/Abl6YmhHC7CyeE
WJBR4itHpNecAS5qiT91+yZCIdMuMZUDk08rxLsl5j60GSWGCV0jUG4arXdJxOM3
5o5nIVAM/5bWDqp89sWgcqIWX6/pKr5ah2ZXux5qSOtwJcF6RgLjZRh/2RLf1jOm
rd8gurksKDbWHahBsqoL5N1o38TcmLId6XwyThZ1aLcEC0ecURpBwA+9Bo5cuynz
SbX+mcpNE+a+rNZCt7cv5uBTeShvby7bKlP2qgoOpKDCNlv5fbWeWt39JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAo3FpU4PsqiZwu5nyvU9OQ9W/GKMB8GA1UdIwQY
MBaAFN68LcMi87SWbnA7XYyItxbw2bDpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3J3dHd5THp0Slp1Y0R0ZGpJaTNGdkRac09rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny84MDBkZWMtYjY2Yy00ZTFhLWE2Y2Mt
ZTg4ZTFhNjY4YmU0LzEvM3J3dHd5THp0Slp1Y0R0ZGpJaTNGdkRac09rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny84MDBkZWMtYjY2Yy00ZTFhLWE2Y2MtZTg4ZTFhNjY4YmU0
LzEvM3J3dHd5THp0Slp1Y0R0ZGpJaTNGdkRac09rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWc3Ed7St
SGGKr4UyTetqwxX3eicGQZfH/kKQ4wQPDwLKYAW6BFG1qby2LfJNu2D9NOTv05xZ
w8h99dcRIoUzHRe5xKW+Xu1lAGCwVwwAbpDvU8ZI4qPne3dHn6IhZthYtP+GVoiY
SyDuObOpREOEHJOoSkWMgcRsSG01vBSpjmxzBhF/Ls3NupXDGrGarbDkk6JzjTCB
E5lg2FR8hP2opUoSQRElWuHhaDBYtqbkKc5IIOE7DRkExWUCcWzkrTA5GHz5zUq8
b5fSDvH9v/aO1rtjuqErOfs6uIt3v3VzSbuvZkCBJ6oytOxuZ152BhUqODFknW9x
NwzJ3xBeT1SRJg==
-----END CERTIFICATE-----