Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
File:                     tj8U3_NUhamVlBKGMDe4XfqfE9g.mft (raw, json)
Hash identifier:          gPj/FI3Zt8DUAwxoSNR4CjstNlCw2YJqKLIeh8hfN6I=
Subject key identifier:   8E:B3:B5:E3:28:D4:99:A3:F6:A4:92:CB:88:9E:76:D1:03:72:D7:42
Authority key identifier: B6:3F:14:DF:F3:54:85:A9:95:94:12:86:30:37:B8:5D:FA:9F:13:D8
Certificate issuer:       /CN=b63f14dff35485a9959412863037b85dfa9f13d8
Certificate serial:       01958BBBCB447FC8FF7B08C87D4887ABE302
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
Manifest number:          03CB
Signing time:             Wed 12 Mar 2025 19:01:35 +0000
Manifest this update:     Wed 12 Mar 2025 19:01:35 +0000
Manifest next update:     Thu 13 Mar 2025 19:01:35 +0000
Files and hashes:         1: tj8U3_NUhamVlBKGMDe4XfqfE9g.crl (hash: ZVcSRanHW5inATy2/4TVh3n5F69WAe2p6dX2w9RfLzA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:bb:cb:44:7f:c8:ff:7b:08:c8:7d:48:87:ab:e3:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b63f14dff35485a9959412863037b85dfa9f13d8
        Validity
            Not Before: Mar 12 19:01:35 2025 GMT
            Not After : Mar 13 19:01:35 2025 GMT
        Subject: CN=8eb3b5e328d499a3f6a492cb889e76d10372d742
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:d7:1c:10:4e:85:62:e6:f5:26:5c:34:c0:30:
                    5d:7b:f9:3d:70:21:e8:65:a9:fc:9e:17:bc:02:7a:
                    a5:50:cb:5e:ed:b3:ee:bf:72:2d:6e:1f:1e:2b:e3:
                    7d:e8:92:fc:c1:a5:fd:5c:6a:f3:3d:8f:f3:7b:a1:
                    de:27:fc:7b:32:a5:fc:4a:20:03:c4:04:2a:ee:e6:
                    3d:b7:38:67:ad:8f:83:c0:7d:86:64:43:f5:0a:7e:
                    d7:01:86:34:88:b4:42:1b:3a:2f:f0:8d:3c:81:24:
                    d0:62:99:f6:56:85:46:07:ea:59:2c:8d:af:e5:6f:
                    26:19:df:92:ae:b5:fe:3f:cb:b3:86:a7:a3:be:01:
                    cc:08:8d:f7:5f:c4:dc:79:e5:d3:a9:cd:7b:8b:c9:
                    4c:03:88:8a:eb:bf:ad:d6:13:1d:f6:ea:f5:2e:ef:
                    8f:21:25:2a:66:ae:71:ee:23:01:ad:93:bd:6c:c4:
                    1b:41:96:d1:ab:93:84:e7:df:8b:20:8c:a7:51:ba:
                    0f:ab:6b:97:ad:19:9c:e6:2e:0f:74:e2:b4:7f:cb:
                    a5:17:35:a5:ca:5c:fc:a2:04:a4:9a:3d:14:81:1a:
                    a1:68:fc:ac:e9:c2:2c:24:fe:b2:d9:8c:ca:14:2a:
                    1f:76:91:5e:2d:2e:af:f6:91:28:45:31:79:69:ce:
                    37:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:B3:B5:E3:28:D4:99:A3:F6:A4:92:CB:88:9E:76:D1:03:72:D7:42
            X509v3 Authority Key Identifier:
                keyid:B6:3F:14:DF:F3:54:85:A9:95:94:12:86:30:37:B8:5D:FA:9F:13:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:5a:f1:e2:ae:57:99:cc:eb:2c:62:11:ca:4a:5c:70:a8:cf:
         87:21:eb:4a:e8:24:88:97:19:d5:8f:d4:95:1f:b8:7b:26:0b:
         61:09:ac:e8:bd:58:a2:ea:c2:2d:e5:32:97:1a:65:95:83:a5:
         6f:e1:32:f3:b9:7d:83:2a:0c:5c:31:e0:f4:ad:1d:72:85:cd:
         17:b7:a8:a1:8e:a2:13:d3:24:48:4e:2f:ee:05:2f:fb:91:63:
         69:27:f6:89:72:63:aa:bf:5b:57:45:a7:90:9c:3f:3c:a8:de:
         12:68:1b:ae:5a:ff:bc:3c:d6:dc:b8:e9:ef:77:6b:52:ad:ca:
         b4:0d:61:8f:e3:e6:08:e9:1d:10:a0:bc:ef:3b:c7:f4:72:19:
         c6:2d:49:7e:07:ce:44:4f:91:fc:cc:0e:e9:9a:48:67:17:4c:
         36:81:76:96:1d:32:41:45:78:27:00:b0:a9:bf:45:48:81:82:
         14:3c:f9:9b:ca:69:eb:ee:b3:52:9e:44:f5:0c:25:d4:62:2f:
         68:12:72:e2:f6:25:90:10:66:95:b5:24:a9:72:fe:35:7f:1a:
         4c:4b:05:89:7b:3d:5f:b4:61:50:91:32:d6:09:cb:61:c6:bc:
         67:fb:cd:37:4c:c7:68:5d:a8:d7:8b:85:2d:d4:66:8e:4f:7a:
         37:50:ca:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLu8tEf8j/ewjIfUiHq+MCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2M2YxNGRmZjM1NDg1YTk5NTk0MTI4NjMwMzdiODVkZmE5
ZjEzZDgwHhcNMjUwMzEyMTkwMTM1WhcNMjUwMzEzMTkwMTM1WjAzMTEwLwYDVQQD
Eyg4ZWIzYjVlMzI4ZDQ5OWEzZjZhNDkyY2I4ODllNzZkMTAzNzJkNzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09ccEE6FYub1Jlw0wDBde/k9cCHo
Zan8nhe8AnqlUMte7bPuv3Itbh8eK+N96JL8waX9XGrzPY/ze6HeJ/x7MqX8SiAD
xAQq7uY9tzhnrY+DwH2GZEP1Cn7XAYY0iLRCGzov8I08gSTQYpn2VoVGB+pZLI2v
5W8mGd+SrrX+P8uzhqejvgHMCI33X8TceeXTqc17i8lMA4iK67+t1hMd9ur1Lu+P
ISUqZq5x7iMBrZO9bMQbQZbRq5OE59+LIIynUboPq2uXrRmc5i4PdOK0f8ulFzWl
ylz8ogSkmj0UgRqhaPys6cIsJP6y2YzKFCofdpFeLS6v9pEoRTF5ac43MQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI6zteMo1Jmj9qSSy4iedtEDctdCMB8GA1UdIwQY
MBaAFLY/FN/zVIWplZQShjA3uF36nxPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zYmM4NjUtMzg2Yi00YmVhLWFiYTAt
NjZjOThjMDFkZmQ3LzEvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zYmM4NjUtMzg2Yi00YmVhLWFiYTAtNjZjOThjMDFkZmQ3
LzEvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATFrx4q5X
mczrLGIRykpccKjPhyHrSugkiJcZ1Y/UlR+4eyYLYQms6L1YourCLeUylxpllYOl
b+Ey87l9gyoMXDHg9K0dcoXNF7eooY6iE9MkSE4v7gUv+5FjaSf2iXJjqr9bV0Wn
kJw/PKjeEmgbrlr/vDzW3Ljp73drUq3KtA1hj+PmCOkdEKC87zvH9HIZxi1JfgfO
RE+R/MwO6ZpIZxdMNoF2lh0yQUV4JwCwqb9FSIGCFDz5m8pp6+6zUp5E9Qwl1GIv
aBJy4vYlkBBmlbUkqXL+NX8aTEsFiXs9X7RhUJEy1gnLYca8Z/vNN0zHaF2o14uF
LdRmjk96N1DKlw==
-----END CERTIFICATE-----