Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
File:                     PP7M1r9kBrDPRPaCuTzYbjNGUko.mft (raw, json)
Hash identifier:          pJ1CcSZvuHM3d4pLQrhpY3XKpzzzxJKEcRK0EH7vucY=
Subject key identifier:   76:C3:AB:DA:CF:39:B7:22:C4:9E:D5:35:F8:F2:5E:80:23:66:5C:BC
Authority key identifier: 3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A
Certificate issuer:       /CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
Certificate serial:       019611A14BF80AF5DA6397D3973BD5626CF0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
Manifest number:          1051
Signing time:             Mon 07 Apr 2025 19:01:45 +0000
Manifest this update:     Mon 07 Apr 2025 19:01:45 +0000
Manifest next update:     Tue 08 Apr 2025 19:01:45 +0000
Files and hashes:         1: PP7M1r9kBrDPRPaCuTzYbjNGUko.crl (hash: W0p5XOAvSNkRf7cF2e9qXnXqVehv/U4WDaWlAmomH2o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 14:28:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:11:a1:4b:f8:0a:f5:da:63:97:d3:97:3b:d5:62:6c:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
        Validity
            Not Before: Apr  7 19:01:45 2025 GMT
            Not After : Apr  8 19:01:45 2025 GMT
        Subject: CN=76c3abdacf39b722c49ed535f8f25e8023665cbc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:75:16:32:78:36:3b:47:86:8f:79:08:4c:3b:
                    cf:89:e6:4a:61:37:86:25:4a:aa:3f:4d:e4:63:89:
                    6d:01:ce:96:d9:39:f8:4a:52:6c:46:08:d7:a1:13:
                    13:2f:2b:46:e5:d5:d3:0d:50:ab:f9:ea:47:a1:37:
                    d5:68:aa:5b:cb:1f:36:af:40:ad:fb:d2:31:9f:9b:
                    70:15:4a:65:56:a9:20:da:b7:db:93:dc:a4:73:6c:
                    2e:fc:d6:fd:ba:4e:b5:a9:bc:2c:8d:e7:84:16:67:
                    b7:18:8b:0a:46:18:c7:8e:98:45:d2:5b:87:6b:ec:
                    f2:fb:64:35:61:5a:b0:d9:7f:c7:9b:39:77:16:e4:
                    85:40:33:6a:2c:36:7c:9e:18:ea:bc:0f:34:6c:03:
                    8a:ad:97:24:a7:bb:3c:e1:9e:0d:ea:40:68:27:35:
                    4d:1d:92:85:e9:1d:5f:75:06:a6:aa:dd:35:96:98:
                    43:39:87:c2:03:4f:b8:56:67:a4:24:ba:a2:4b:ff:
                    05:9b:00:df:1d:9f:c8:f7:a7:75:6f:0e:d7:2c:d4:
                    08:67:a2:02:e3:5f:be:9e:ea:d9:7a:a6:bf:24:44:
                    ed:44:3b:ca:4d:28:05:ba:49:b9:08:4a:06:25:bb:
                    ae:f4:4c:ed:cf:1e:47:e9:9b:4c:15:68:f8:05:8a:
                    66:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:C3:AB:DA:CF:39:B7:22:C4:9E:D5:35:F8:F2:5E:80:23:66:5C:BC
            X509v3 Authority Key Identifier:
                keyid:3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:52:b1:1d:41:7b:3e:f1:0a:56:5f:cd:a6:67:a4:79:10:70:
         9d:60:db:05:1c:3c:7f:ab:94:03:de:de:62:59:ff:bb:8b:96:
         f5:e4:b3:5c:d2:f0:5e:ac:80:df:7f:68:14:82:1a:21:4b:7e:
         3f:1d:52:1e:73:cc:69:57:a5:cb:24:05:68:61:b0:8c:8e:4f:
         0b:4b:1b:d2:eb:1f:c5:f2:c0:37:cb:9b:a1:1f:50:d4:b5:7c:
         bb:ef:67:ae:b2:a5:75:cf:37:71:34:48:b9:65:f6:00:f3:bd:
         23:72:e0:9c:3d:3a:a2:e6:bb:dd:ee:35:bf:63:c7:68:ad:d8:
         68:b3:a4:f5:d8:eb:90:d0:50:8a:59:d2:2d:a4:dc:15:4a:3d:
         2d:65:2a:d1:4a:f9:e5:4e:ec:9f:36:cc:b1:e8:ef:c1:e7:12:
         17:d3:11:0d:55:92:62:dc:d5:c8:51:6e:8c:84:a4:23:56:74:
         ee:a9:30:4a:a0:95:41:78:d3:84:9e:8c:7f:e8:e0:22:a2:c9:
         a3:3a:08:94:a1:9a:f4:66:9f:af:10:1f:b3:c6:c9:a5:69:fa:
         8a:52:72:a1:7d:a9:74:29:1b:6c:e4:b4:85:00:3f:94:7f:0f:
         37:2e:ee:cb:15:94:2f:af:f4:ef:25:ef:a3:3b:f9:60:7c:d6:
         24:6a:38:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYRoUv4CvXaY5fTlzvVYmzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZmVjY2Q2YmY2NDA2YjBjZjQ0ZjY4MmI5M2NkODZlMzM0
NjUyNGEwHhcNMjUwNDA3MTkwMTQ1WhcNMjUwNDA4MTkwMTQ1WjAzMTEwLwYDVQQD
Eyg3NmMzYWJkYWNmMzliNzIyYzQ5ZWQ1MzVmOGYyNWU4MDIzNjY1Y2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3UWMng2O0eGj3kITDvPieZKYTeG
JUqqP03kY4ltAc6W2Tn4SlJsRgjXoRMTLytG5dXTDVCr+epHoTfVaKpbyx82r0Ct
+9Ixn5twFUplVqkg2rfbk9ykc2wu/Nb9uk61qbwsjeeEFme3GIsKRhjHjphF0luH
a+zy+2Q1YVqw2X/Hmzl3FuSFQDNqLDZ8nhjqvA80bAOKrZckp7s84Z4N6kBoJzVN
HZKF6R1fdQamqt01lphDOYfCA0+4VmekJLqiS/8FmwDfHZ/I96d1bw7XLNQIZ6IC
41++nurZeqa/JETtRDvKTSgFukm5CEoGJbuu9Eztzx5H6ZtMFWj4BYpmIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHbDq9rPObcixJ7VNfjyXoAjZly8MB8GA1UdIwQY
MBaAFDz+zNa/ZAawz0T2grk82G4zRlJKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2Qt
MjNiODYxMWNjZTIzLzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2QtMjNiODYxMWNjZTIz
LzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHlKxHUF7
PvEKVl/NpmekeRBwnWDbBRw8f6uUA97eYln/u4uW9eSzXNLwXqyA339oFIIaIUt+
Px1SHnPMaVelyyQFaGGwjI5PC0sb0usfxfLAN8uboR9Q1LV8u+9nrrKldc83cTRI
uWX2APO9I3LgnD06oua73e41v2PHaK3YaLOk9djrkNBQilnSLaTcFUo9LWUq0Ur5
5U7snzbMsejvwecSF9MRDVWSYtzVyFFujISkI1Z07qkwSqCVQXjThJ6Mf+jgIqLJ
ozoIlKGa9GafrxAfs8bJpWn6ilJyoX2pdCkbbOS0hQA/lH8PNy7uyxWUL6/07yXv
ozv5YHzWJGo4fg==
-----END CERTIFICATE-----