Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
File:                     a3tNxJzDUDQveq4ssyBbn3dfZh0.mft (raw, json)
Hash identifier:          9gYJ66Nbh6nyQpTNbkd4kyf59b5ftU1ZdpsKJPhH73c=
Subject key identifier:   58:42:77:6C:55:B6:12:F3:2B:40:3F:5A:40:B0:54:8B:1B:35:FB:A6
Authority key identifier: 6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D
Certificate issuer:       /CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
Certificate serial:       01958C607D6CD1472D27B313A3D8B6B4CD50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
Manifest number:          1491
Signing time:             Wed 12 Mar 2025 22:01:28 +0000
Manifest this update:     Wed 12 Mar 2025 22:01:28 +0000
Manifest next update:     Thu 13 Mar 2025 22:01:28 +0000
Files and hashes:         1: a3tNxJzDUDQveq4ssyBbn3dfZh0.crl (hash: 8N1vr9GNImbJ96UdAgNF5XjwAQ/qL7xZm2TqnyAbNhk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:60:7d:6c:d1:47:2d:27:b3:13:a3:d8:b6:b4:cd:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
        Validity
            Not Before: Mar 12 22:01:28 2025 GMT
            Not After : Mar 13 22:01:28 2025 GMT
        Subject: CN=5842776c55b612f32b403f5a40b0548b1b35fba6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:34:87:3f:2e:fe:42:a0:06:c7:06:f1:dd:ff:
                    26:4b:42:06:e3:d6:3b:eb:8b:5d:61:47:d4:e2:09:
                    b9:98:a2:be:10:90:0c:7c:9e:42:e8:41:dd:7a:c8:
                    6a:78:97:b7:35:c1:5c:65:64:aa:d5:9c:28:9b:2e:
                    71:7e:5c:31:ef:2d:60:3f:95:e8:60:7f:76:cc:42:
                    1c:24:1d:92:88:83:a1:a3:e6:40:f5:38:73:47:9d:
                    60:bd:41:b7:53:89:c2:d0:99:24:bd:8f:8b:6b:91:
                    74:72:ce:05:d9:c2:03:1a:68:a3:63:b9:19:08:ec:
                    f6:89:fa:28:1f:bd:aa:1e:61:2c:bf:8a:10:b9:38:
                    23:74:0b:f7:d4:34:50:25:2c:85:2e:7b:ef:10:20:
                    80:22:14:d4:f4:91:47:95:d5:8f:9b:77:fc:0e:fd:
                    23:ee:c2:92:45:b6:5a:71:72:15:7a:25:bf:50:56:
                    e3:88:42:e7:6a:3a:66:07:34:fa:05:1a:47:73:b0:
                    32:40:73:3a:e2:d6:cc:fa:d6:b7:f8:9c:c1:d4:bc:
                    76:2e:7c:79:ed:fd:93:dc:33:08:a3:e4:c5:61:8e:
                    ca:53:88:04:61:2c:11:32:06:8f:fb:26:84:19:32:
                    b2:32:e5:23:ba:09:77:cb:91:a1:cc:c9:96:63:e0:
                    fa:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:42:77:6C:55:B6:12:F3:2B:40:3F:5A:40:B0:54:8B:1B:35:FB:A6
            X509v3 Authority Key Identifier:
                keyid:6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:de:ed:e9:98:5d:da:a8:c1:bc:83:e3:38:07:73:eb:ba:ea:
         16:04:ef:43:30:49:6b:27:7e:84:d3:eb:c6:6b:92:ee:8b:40:
         f1:3d:db:9d:a7:05:32:df:2c:c3:04:d3:75:9f:26:a7:b6:38:
         d1:4e:cd:95:9c:b4:c8:6b:2e:dc:80:70:ab:5d:d5:4b:3c:52:
         3f:83:cb:5f:f3:3a:5a:ef:3b:ee:37:8a:96:6f:70:17:f6:84:
         ca:22:e2:f7:34:48:37:97:1e:8b:0f:8c:e6:b3:10:18:8a:56:
         97:67:a1:b1:e0:a4:84:c5:f8:c7:83:03:b8:d5:fe:4c:05:a4:
         6f:17:b2:72:d2:e9:2b:23:07:29:b1:8b:c9:50:64:34:9e:7a:
         b3:83:c4:4f:2d:9e:fa:bd:96:22:1e:24:04:dd:b7:e3:4c:ff:
         81:51:e8:99:34:0a:fb:ca:d6:fb:52:bf:d2:9c:5f:8d:fe:75:
         84:73:ef:5f:3f:84:b1:e1:c8:01:8a:56:d6:db:27:32:54:18:
         dd:32:37:db:74:b1:29:d2:24:e2:ae:f6:15:b6:d3:74:2d:3c:
         58:a7:63:e6:b0:2d:05:8d:8a:db:ba:14:da:b5:22:42:24:b5:
         62:36:1b:05:6b:56:ce:51:8e:26:91:3f:aa:5b:95:b5:2b:b5:
         ba:96:f4:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMYH1s0UctJ7MTo9i2tM1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2I0ZGM0OWNjMzUwMzQyZjdhYWUyY2IzMjA1YjlmNzc1
ZjY2MWQwHhcNMjUwMzEyMjIwMTI4WhcNMjUwMzEzMjIwMTI4WjAzMTEwLwYDVQQD
Eyg1ODQyNzc2YzU1YjYxMmYzMmI0MDNmNWE0MGIwNTQ4YjFiMzVmYmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6jSHPy7+QqAGxwbx3f8mS0IG49Y7
64tdYUfU4gm5mKK+EJAMfJ5C6EHdeshqeJe3NcFcZWSq1Zwomy5xflwx7y1gP5Xo
YH92zEIcJB2SiIOho+ZA9ThzR51gvUG3U4nC0JkkvY+La5F0cs4F2cIDGmijY7kZ
COz2ifooH72qHmEsv4oQuTgjdAv31DRQJSyFLnvvECCAIhTU9JFHldWPm3f8Dv0j
7sKSRbZacXIVeiW/UFbjiELnajpmBzT6BRpHc7AyQHM64tbM+ta3+JzB1Lx2Lnx5
7f2T3DMIo+TFYY7KU4gEYSwRMgaP+yaEGTKyMuUjugl3y5GhzMmWY+D6HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFhCd2xVthLzK0A/WkCwVIsbNfumMB8GA1UdIwQY
MBaAFGt7TcScw1A0L3quLLMgW593X2YdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGIt
YzZkNGMxYTU0YTRiLzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGItYzZkNGMxYTU0YTRi
LzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhd7t6Zhd
2qjBvIPjOAdz67rqFgTvQzBJayd+hNPrxmuS7otA8T3bnacFMt8swwTTdZ8mp7Y4
0U7NlZy0yGsu3IBwq13VSzxSP4PLX/M6Wu877jeKlm9wF/aEyiLi9zRIN5ceiw+M
5rMQGIpWl2ehseCkhMX4x4MDuNX+TAWkbxeyctLpKyMHKbGLyVBkNJ56s4PETy2e
+r2WIh4kBN2340z/gVHomTQK+8rW+1K/0pxfjf51hHPvXz+EseHIAYpW1tsnMlQY
3TI323SxKdIk4q72FbbTdC08WKdj5rAtBY2K27oU2rUiQiS1YjYbBWtWzlGOJpE/
qluVtSu1upb0YA==
-----END CERTIFICATE-----