Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
File:                     3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft (raw, json)
Hash identifier:          cwLQXZdRp/95ybivdWRxVa1bjHqEgecCH4kNQJmFMl4=
Subject key identifier:   61:DE:9A:C2:BE:7A:50:6F:51:9C:1C:8E:92:9B:0E:FB:3F:CF:E3:D5
Authority key identifier: DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4
Certificate issuer:       /CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
Certificate serial:       01962CAB12AF755F56DABF3D8557C43CC93A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
Manifest number:          0BDB
Signing time:             Sun 13 Apr 2025 01:02:10 +0000
Manifest this update:     Sun 13 Apr 2025 01:02:10 +0000
Manifest next update:     Mon 14 Apr 2025 01:02:10 +0000
Files and hashes:         1: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl (hash: z1KHBu5YCtP7vUnou0oDC19g1fYtogSlHm95Ytd+Tkw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 13 Apr 2025 23:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:2c:ab:12:af:75:5f:56:da:bf:3d:85:57:c4:3c:c9:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
        Validity
            Not Before: Apr 13 01:02:10 2025 GMT
            Not After : Apr 14 01:02:10 2025 GMT
        Subject: CN=61de9ac2be7a506f519c1c8e929b0efb3fcfe3d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:9d:8a:99:1e:ad:14:b2:90:99:ed:b3:be:2b:
                    c5:cc:2a:35:67:5b:f2:4d:74:82:a0:af:82:cc:3c:
                    fd:0f:27:b0:7c:71:53:82:4d:2d:58:de:d5:c4:32:
                    89:9e:7e:50:ed:c5:31:57:6b:8c:1f:a8:cf:77:5a:
                    09:96:68:61:ea:39:46:9c:1d:e2:bf:3d:dd:7a:7e:
                    16:81:0f:76:60:85:37:28:ee:e9:56:da:42:44:ed:
                    74:fe:34:4d:cc:88:2f:de:54:da:b8:8e:27:ab:44:
                    26:c6:18:c3:9c:fe:60:bf:43:7c:84:e7:f4:41:a6:
                    5e:ed:91:f6:d7:10:3a:e8:23:b5:21:e7:4b:7d:14:
                    9e:d5:f7:e1:c8:8c:39:2c:30:e8:64:50:58:20:f5:
                    18:ea:c5:80:75:20:33:17:97:fc:9a:69:d9:5c:88:
                    1f:c1:b8:99:08:0d:f0:82:f9:7e:04:55:6a:46:f1:
                    b4:5b:ca:9c:89:d2:15:ea:8d:30:4e:0e:df:d3:2a:
                    80:87:27:bf:03:54:50:c7:5f:e0:2e:09:86:5c:50:
                    ea:25:67:23:02:41:00:a8:d2:f0:77:ff:ab:de:7f:
                    f8:b1:ab:64:57:23:3f:f8:8f:05:52:b8:24:02:bb:
                    0b:8a:ef:c4:70:ec:af:7f:9e:24:4e:18:63:2b:9b:
                    5b:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:DE:9A:C2:BE:7A:50:6F:51:9C:1C:8E:92:9B:0E:FB:3F:CF:E3:D5
            X509v3 Authority Key Identifier:
                keyid:DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:48:54:b4:bd:6d:1b:c8:78:64:00:b2:c5:d3:84:a9:24:25:
         74:25:6a:35:0a:ef:9c:ac:e6:a4:e0:b4:3e:bd:b5:66:b4:bd:
         16:77:37:63:c8:aa:b9:c8:fb:f0:a4:56:11:2b:58:c8:63:b1:
         46:ca:04:3b:ea:0d:0c:23:64:f9:a0:ec:34:4b:19:c6:e9:63:
         4b:09:c2:f7:1f:12:05:24:9e:18:86:3e:ae:e2:3d:ce:95:95:
         51:ad:c2:39:3c:70:ee:bb:e3:fa:e3:02:bf:2c:ca:ee:4f:40:
         26:00:29:0d:a4:d8:43:28:48:a1:e4:f0:14:7e:55:37:9f:a9:
         e4:e6:37:b5:ee:ea:7a:a9:da:12:4b:c7:8f:2f:4b:cd:67:e7:
         c1:c3:f6:bf:b1:86:d1:b0:67:82:7a:91:2d:f8:20:a7:3b:70:
         49:9f:35:ea:6e:ae:82:c9:9b:b9:69:e3:20:0a:13:60:0f:b7:
         0c:96:4f:58:34:ff:93:40:68:61:79:85:60:ee:7c:82:21:4b:
         6b:5e:8c:4e:5c:23:1f:47:3a:ad:a7:b2:d1:1d:fd:77:39:79:
         58:6a:f4:60:ad:de:4c:bb:d1:84:f7:41:cf:58:e2:4b:4c:06:
         38:14:af:b5:f5:52:2e:b2:c6:c9:8a:be:c8:7d:bb:16:0a:6d:
         1d:52:62:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYsqxKvdV9W2r89hVfEPMk6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzU4NTJlYjNkNWY0YmZhN2U0NGU4MGVlYTk4ODE5ODY0
MDNjZDQwHhcNMjUwNDEzMDEwMjEwWhcNMjUwNDE0MDEwMjEwWjAzMTEwLwYDVQQD
Eyg2MWRlOWFjMmJlN2E1MDZmNTE5YzFjOGU5MjliMGVmYjNmY2ZlM2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4J2KmR6tFLKQme2zvivFzCo1Z1vy
TXSCoK+CzDz9DyewfHFTgk0tWN7VxDKJnn5Q7cUxV2uMH6jPd1oJlmhh6jlGnB3i
vz3den4WgQ92YIU3KO7pVtpCRO10/jRNzIgv3lTauI4nq0QmxhjDnP5gv0N8hOf0
QaZe7ZH21xA66CO1IedLfRSe1ffhyIw5LDDoZFBYIPUY6sWAdSAzF5f8mmnZXIgf
wbiZCA3wgvl+BFVqRvG0W8qcidIV6o0wTg7f0yqAhye/A1RQx1/gLgmGXFDqJWcj
AkEAqNLwd/+r3n/4satkVyM/+I8FUrgkArsLiu/EcOyvf54kThhjK5tb1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGHemsK+elBvUZwcjpKbDvs/z+PVMB8GA1UdIwQY
MBaAFNx1hS6z1fS/p+ROgO6piBmGQDzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQt
OWNmYWU4YTc1OTdlLzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQtOWNmYWU4YTc1OTdl
LzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALkhUtL1t
G8h4ZACyxdOEqSQldCVqNQrvnKzmpOC0Pr21ZrS9Fnc3Y8iqucj78KRWEStYyGOx
RsoEO+oNDCNk+aDsNEsZxuljSwnC9x8SBSSeGIY+ruI9zpWVUa3COTxw7rvj+uMC
vyzK7k9AJgApDaTYQyhIoeTwFH5VN5+p5OY3te7qeqnaEkvHjy9LzWfnwcP2v7GG
0bBngnqRLfggpztwSZ816m6ugsmbuWnjIAoTYA+3DJZPWDT/k0BoYXmFYO58giFL
a16MTlwjH0c6raey0R39dzl5WGr0YK3eTLvRhPdBz1jiS0wGOBSvtfVSLrLGyYq+
yH27FgptHVJiaA==
-----END CERTIFICATE-----