Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
File:                     syznolxromOxucmrdrjS3DoNaAY.mft (raw, json)
Hash identifier:          attRxm3L14GbfcxbGsfXvZnAD6IE89N0CzDeIy/GCKY=
Subject key identifier:   3A:B7:79:04:DA:D2:88:66:2A:45:95:76:C4:4B:3D:68:86:C6:4A:8A
Authority key identifier: B3:2C:E7:A2:5C:6B:A2:63:B1:B9:C9:AB:76:B8:D2:DC:3A:0D:68:06
Certificate issuer:       /CN=b32ce7a25c6ba263b1b9c9ab76b8d2dc3a0d6806
Certificate serial:       0197488CA26454F50141BF4BD9FAC20A5538
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
Manifest number:          042D
Signing time:             Sat 07 Jun 2025 04:01:05 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:05 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:05 +0000
Files and hashes:         1: syznolxromOxucmrdrjS3DoNaAY.crl (hash: GTx4MFjsue6lY9OF5ES90ldvN3V/J9O8wZtfKA6yJgM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:a2:64:54:f5:01:41:bf:4b:d9:fa:c2:0a:55:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b32ce7a25c6ba263b1b9c9ab76b8d2dc3a0d6806
        Validity
            Not Before: Jun  7 04:01:05 2025 GMT
            Not After : Jun  8 04:01:05 2025 GMT
        Subject: CN=3ab77904dad288662a459576c44b3d6886c64a8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:24:d1:2b:3e:c9:a8:83:f9:c5:bd:97:7e:19:
                    d5:73:ed:53:e7:9c:ad:a4:79:99:3c:36:65:2d:03:
                    55:b3:48:ee:41:1a:ab:6b:02:13:2c:50:9c:2c:92:
                    58:78:8f:8c:21:a5:ac:9b:83:cc:80:3c:a8:f9:a3:
                    09:8d:e7:fb:ae:6d:94:64:7f:39:45:f4:b3:35:d5:
                    b5:f8:fa:90:a1:79:dc:9c:2e:6a:b8:c9:09:da:f0:
                    b2:51:55:66:d3:8d:dd:3a:07:87:44:90:05:37:b0:
                    02:7e:f9:6e:ab:7f:41:89:5b:8c:03:cb:46:a8:64:
                    65:ed:2a:ba:c3:8b:1d:2e:ba:8c:f3:f8:33:a1:ec:
                    a2:d2:3f:66:b4:51:60:57:fe:ad:6a:9a:a1:63:3e:
                    f0:fd:be:1d:93:a4:55:be:40:26:72:ed:91:29:ae:
                    9e:7b:d9:e6:c6:03:6b:ea:c8:60:7c:92:8c:6f:e2:
                    8f:7f:51:6e:77:c8:74:f2:fb:c9:18:c5:8f:4b:2c:
                    27:6b:c8:20:98:f5:6e:e3:39:3c:36:f6:dd:a2:73:
                    4e:0b:03:00:8c:73:4a:14:6e:8b:46:eb:f8:13:fd:
                    a8:47:d7:e2:94:7d:8a:d4:8a:ff:01:9d:59:57:e1:
                    b7:2f:ba:af:6a:6d:46:d0:6a:a0:ca:5b:02:ed:d7:
                    75:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:B7:79:04:DA:D2:88:66:2A:45:95:76:C4:4B:3D:68:86:C6:4A:8A
            X509v3 Authority Key Identifier:
                keyid:B3:2C:E7:A2:5C:6B:A2:63:B1:B9:C9:AB:76:B8:D2:DC:3A:0D:68:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:5e:e5:a3:62:17:49:d2:c7:58:8b:5c:8e:a8:07:ef:72:7a:
         02:56:41:59:9c:ae:dd:fd:75:4a:7f:ce:c6:a0:76:dd:16:29:
         a1:e9:05:f4:6a:26:c0:c2:e9:b8:2c:53:bf:bd:a1:f0:94:7b:
         b5:46:88:fe:14:b7:2c:18:d1:50:d1:0a:52:3e:ab:67:05:c1:
         38:4c:fa:20:1d:65:41:b6:b1:db:6f:f7:46:f1:61:f5:e4:35:
         79:70:37:a2:94:f3:40:79:32:96:3a:e7:51:48:be:9b:b9:cb:
         2b:ab:fb:9a:4c:8d:03:45:31:32:0f:57:8b:5a:ec:c2:47:aa:
         02:1a:fd:68:a9:39:f1:44:b1:8b:d0:f3:da:30:b9:fd:40:05:
         9f:d1:6c:b5:76:dc:d2:ac:18:7a:a3:77:ac:44:f6:f2:ca:33:
         4a:22:fd:1d:84:08:f0:f0:c9:63:65:42:56:14:ea:20:bd:30:
         bb:bd:44:54:d3:03:b6:e8:ed:72:04:53:93:1a:aa:ad:3f:a2:
         c0:6c:d6:16:09:c0:08:bf:95:fa:ad:03:c6:1a:ce:73:97:fd:
         ca:b3:3e:8e:7c:b6:e5:87:3c:26:94:91:36:81:e4:40:1f:3f:
         25:62:63:bc:7d:4f:34:d8:04:89:1f:64:a5:a9:5c:4b:64:e7:
         b2:e6:94:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjKJkVPUBQb9L2frCClU4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmNlN2EyNWM2YmEyNjNiMWI5YzlhYjc2YjhkMmRjM2Ew
ZDY4MDYwHhcNMjUwNjA3MDQwMTA1WhcNMjUwNjA4MDQwMTA1WjAzMTEwLwYDVQQD
EygzYWI3NzkwNGRhZDI4ODY2MmE0NTk1NzZjNDRiM2Q2ODg2YzY0YThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCTRKz7JqIP5xb2XfhnVc+1T55yt
pHmZPDZlLQNVs0juQRqrawITLFCcLJJYeI+MIaWsm4PMgDyo+aMJjef7rm2UZH85
RfSzNdW1+PqQoXncnC5quMkJ2vCyUVVm043dOgeHRJAFN7ACfvluq39BiVuMA8tG
qGRl7Sq6w4sdLrqM8/gzoeyi0j9mtFFgV/6tapqhYz7w/b4dk6RVvkAmcu2RKa6e
e9nmxgNr6shgfJKMb+KPf1Fud8h08vvJGMWPSywna8ggmPVu4zk8NvbdonNOCwMA
jHNKFG6LRuv4E/2oR9filH2K1Ir/AZ1ZV+G3L7qvam1G0GqgylsC7dd1BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDq3eQTa0ohmKkWVdsRLPWiGxkqKMB8GA1UdIwQY
MBaAFLMs56Jca6JjsbnJq3a40tw6DWgGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l6bm9seHJvbU94dWNtcmRyalMzRG9OYUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hM2E2NTMtYWVmYS00OGNkLWFhYzct
MzQwM2E4NDI5N2IxLzEvc3l6bm9seHJvbU94dWNtcmRyalMzRG9OYUFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hM2E2NTMtYWVmYS00OGNkLWFhYzctMzQwM2E4NDI5N2Ix
LzEvc3l6bm9seHJvbU94dWNtcmRyalMzRG9OYUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxF7lo2IX
SdLHWItcjqgH73J6AlZBWZyu3f11Sn/OxqB23RYpoekF9GomwMLpuCxTv72h8JR7
tUaI/hS3LBjRUNEKUj6rZwXBOEz6IB1lQbax22/3RvFh9eQ1eXA3opTzQHkyljrn
UUi+m7nLK6v7mkyNA0UxMg9Xi1rswkeqAhr9aKk58USxi9Dz2jC5/UAFn9FstXbc
0qwYeqN3rET28sozSiL9HYQI8PDJY2VCVhTqIL0wu71EVNMDtujtcgRTkxqqrT+i
wGzWFgnACL+V+q0DxhrOc5f9yrM+jny25Yc8JpSRNoHkQB8/JWJjvH1PNNgEiR9k
palcS2TnsuaUag==
-----END CERTIFICATE-----