Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
File:                     M1lkDZyLY0Pghqr4vosw6MMdK40.mft (raw, json)
Hash identifier:          C7M327swf2rJOCx49duWUWYyfv3YtmIJt5AwAfiLXdo=
Subject key identifier:   D4:49:EA:E1:85:48:5B:CB:24:66:59:77:95:23:30:37:50:C0:05:CB
Authority key identifier: 33:59:64:0D:9C:8B:63:43:E0:86:AA:F8:BE:8B:30:E8:C3:1D:2B:8D
Certificate issuer:       /CN=3359640d9c8b6343e086aaf8be8b30e8c31d2b8d
Certificate serial:       019611A1A567CA6A22F8E9FDC0CE80D46AD7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
Manifest number:          0262
Signing time:             Mon 07 Apr 2025 19:02:08 +0000
Manifest this update:     Mon 07 Apr 2025 19:02:08 +0000
Manifest next update:     Tue 08 Apr 2025 19:02:08 +0000
Files and hashes:         1: M1lkDZyLY0Pghqr4vosw6MMdK40.crl (hash: G5Ml8lPCHsIgwYiQXwTyd1k4Xl8udMMnABK5/BCqmOE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 14:28:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:11:a1:a5:67:ca:6a:22:f8:e9:fd:c0:ce:80:d4:6a:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3359640d9c8b6343e086aaf8be8b30e8c31d2b8d
        Validity
            Not Before: Apr  7 19:02:08 2025 GMT
            Not After : Apr  8 19:02:08 2025 GMT
        Subject: CN=d449eae185485bcb246659779523303750c005cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:73:ea:df:c4:42:5a:39:6a:67:ea:18:40:6c:
                    7f:f4:2b:d0:bd:a8:6c:56:4c:15:98:ba:51:e3:3d:
                    d0:5d:1b:5e:ca:f7:b3:2a:58:df:77:9d:bb:f1:1c:
                    8f:a6:ae:c9:60:be:9c:7d:4e:c5:4e:b6:5c:ca:50:
                    a5:00:f9:8d:6b:81:14:98:18:cb:74:b6:54:0e:8c:
                    eb:83:f9:ad:34:4a:7e:13:ad:3c:08:47:11:11:1a:
                    9b:69:79:a9:83:52:7e:a1:66:20:8a:64:79:ee:3f:
                    49:3a:d6:3a:51:37:06:1b:4d:05:e2:7c:85:3a:25:
                    5c:ed:15:f3:b8:82:93:7d:ef:cb:fa:b7:1d:48:5a:
                    f1:e1:ec:49:9a:da:ff:37:50:e8:1f:cb:c4:8d:b2:
                    2c:0c:19:ea:92:fc:87:3d:8a:70:08:c9:60:3f:f5:
                    81:11:1f:bc:39:b1:f4:7d:f0:06:b4:f8:99:35:d5:
                    d3:9c:76:58:e6:c7:a6:58:f0:2c:cc:05:fa:c8:26:
                    d1:29:90:5b:cf:56:f7:97:36:95:c8:b9:cc:84:10:
                    00:8d:12:af:f1:03:4b:4f:cb:e2:ca:5d:0e:90:66:
                    9e:62:76:73:f5:8a:f3:ff:26:6d:b2:eb:56:59:25:
                    33:81:84:dc:5c:51:57:65:60:ff:e8:dc:b4:f4:63:
                    a7:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:49:EA:E1:85:48:5B:CB:24:66:59:77:95:23:30:37:50:C0:05:CB
            X509v3 Authority Key Identifier:
                keyid:33:59:64:0D:9C:8B:63:43:E0:86:AA:F8:BE:8B:30:E8:C3:1D:2B:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:45:db:95:53:0c:31:8a:7d:91:95:64:e2:26:df:0c:b5:ab:
         c7:72:df:51:6c:34:75:28:5d:01:1b:24:c2:42:67:10:d5:f5:
         af:d8:83:19:1b:63:a8:8a:ea:09:33:3b:ae:31:de:fb:1c:5a:
         45:aa:30:85:ea:65:9b:4d:3c:83:99:f9:6a:ad:e1:69:85:c0:
         61:c2:86:3e:f1:55:92:9e:e9:04:3d:00:c3:37:d5:5c:b2:fa:
         ea:65:35:a8:68:f1:75:33:56:f0:ff:bb:19:eb:ab:49:43:52:
         31:04:2d:45:c2:44:aa:32:e4:c2:94:53:37:d1:47:ee:a7:bf:
         93:df:40:f8:74:d4:8a:58:b1:39:64:3e:d9:df:58:38:31:5f:
         54:b7:28:d1:f2:04:fe:68:3b:d3:66:0b:d8:0d:99:a3:11:e8:
         fe:75:ea:a2:72:3b:2d:3a:ae:d7:d0:2a:c0:6a:a1:80:ab:d7:
         be:a4:3f:b0:93:73:8f:55:5a:dc:de:0e:26:43:45:b4:ab:74:
         4d:1d:00:b9:be:0b:0e:de:07:a6:6f:6a:21:f8:a3:f5:76:83:
         f7:6a:d8:a4:a7:bc:96:57:0c:86:ae:ce:5b:c7:1d:09:87:56:
         fd:c6:71:81:67:f2:d3:05:6e:db:18:84:f2:30:cf:63:f9:30:
         84:c9:90:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYRoaVnymoi+On9wM6A1GrXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNTk2NDBkOWM4YjYzNDNlMDg2YWFmOGJlOGIzMGU4YzMx
ZDJiOGQwHhcNMjUwNDA3MTkwMjA4WhcNMjUwNDA4MTkwMjA4WjAzMTEwLwYDVQQD
EyhkNDQ5ZWFlMTg1NDg1YmNiMjQ2NjU5Nzc5NTIzMzAzNzUwYzAwNWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3Pq38RCWjlqZ+oYQGx/9CvQvahs
VkwVmLpR4z3QXRteyvezKljfd5278RyPpq7JYL6cfU7FTrZcylClAPmNa4EUmBjL
dLZUDozrg/mtNEp+E608CEcRERqbaXmpg1J+oWYgimR57j9JOtY6UTcGG00F4nyF
OiVc7RXzuIKTfe/L+rcdSFrx4exJmtr/N1DoH8vEjbIsDBnqkvyHPYpwCMlgP/WB
ER+8ObH0ffAGtPiZNdXTnHZY5semWPAszAX6yCbRKZBbz1b3lzaVyLnMhBAAjRKv
8QNLT8viyl0OkGaeYnZz9Yrz/yZtsutWWSUzgYTcXFFXZWD/6Ny09GOnrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNRJ6uGFSFvLJGZZd5UjMDdQwAXLMB8GA1UdIwQY
MBaAFDNZZA2ci2ND4Iaq+L6LMOjDHSuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9kMzMwYzktM2EwMC00ZTg1LThhNzQt
YmRkYzMxNDNiMzEzLzEvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9kMzMwYzktM2EwMC00ZTg1LThhNzQtYmRkYzMxNDNiMzEz
LzEvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfEXblVMM
MYp9kZVk4ibfDLWrx3LfUWw0dShdARskwkJnENX1r9iDGRtjqIrqCTM7rjHe+xxa
Raowheplm008g5n5aq3haYXAYcKGPvFVkp7pBD0AwzfVXLL66mU1qGjxdTNW8P+7
GeurSUNSMQQtRcJEqjLkwpRTN9FH7qe/k99A+HTUilixOWQ+2d9YODFfVLco0fIE
/mg702YL2A2ZoxHo/nXqonI7LTqu19AqwGqhgKvXvqQ/sJNzj1Va3N4OJkNFtKt0
TR0Aub4LDt4Hpm9qIfij9XaD92rYpKe8llcMhq7OW8cdCYdW/cZxgWfy0wVu2xiE
8jDPY/kwhMmQIA==
-----END CERTIFICATE-----