Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
File:                     db3TijiDJA5GxLGsi7-DF96P-IU.mft (raw, json)
Hash identifier:          4RXsDY/hntNuUG9878Lq/Oj6nRx8MIr1iL99OzAu024=
Subject key identifier:   40:00:58:5D:96:76:2C:2B:86:0B:47:11:C2:4B:F4:4F:B1:A3:38:8D
Authority key identifier: 75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85
Certificate issuer:       /CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885
Certificate serial:       019610FC1A6491A12CD440BB7D634CED5EF0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
Manifest number:          11E7
Signing time:             Mon 07 Apr 2025 16:01:19 +0000
Manifest this update:     Mon 07 Apr 2025 16:01:19 +0000
Manifest next update:     Tue 08 Apr 2025 16:01:19 +0000
Files and hashes:         1: db3TijiDJA5GxLGsi7-DF96P-IU.crl (hash: zB+kVZEAil+jqOtyr7fIO6cldbtbFW6WhUVUXfYOqEI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 14:28:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:10:fc:1a:64:91:a1:2c:d4:40:bb:7d:63:4c:ed:5e:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885
        Validity
            Not Before: Apr  7 16:01:19 2025 GMT
            Not After : Apr  8 16:01:19 2025 GMT
        Subject: CN=4000585d96762c2b860b4711c24bf44fb1a3388d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:fc:f7:a9:85:a7:33:5a:fc:61:02:96:0e:e1:
                    a8:54:a4:e0:56:6d:d5:4e:ea:c2:1d:8d:f7:e5:23:
                    44:49:db:b0:8e:bf:07:23:95:4d:75:f3:c1:fd:26:
                    72:59:01:d1:81:dd:c4:41:b6:b3:26:df:95:33:3b:
                    29:d5:8a:db:dd:a1:65:80:8c:1f:c4:7c:5a:3a:c6:
                    23:54:b2:1e:04:d1:7d:e2:0c:5a:bb:9e:c5:6c:45:
                    05:88:52:f9:d8:fc:29:ae:81:ae:95:08:af:55:f7:
                    7c:36:46:8e:7c:af:3e:ac:cc:85:f7:62:ca:0d:48:
                    11:da:1c:d7:e2:b1:6a:d3:0b:93:6a:b6:e7:c9:1f:
                    56:5f:b0:d1:ff:fc:98:04:2c:a1:2d:ac:b5:7c:9d:
                    b2:fb:a3:c8:8d:ba:1e:0f:63:8b:91:08:b8:3c:27:
                    a0:8a:3e:03:74:8b:56:69:0c:d0:52:81:44:cb:e7:
                    56:a2:94:58:52:16:2b:f2:1c:e1:6d:cd:2f:21:5e:
                    ab:16:31:5c:a8:05:0b:21:08:02:88:2d:c9:fa:24:
                    1b:51:78:a3:84:4b:09:29:f2:59:d9:78:64:ce:a6:
                    24:3f:91:7f:3b:26:ae:d3:f8:e9:87:0f:90:b8:a6:
                    e8:5c:80:93:4a:c9:4b:5c:e8:29:0d:dc:e2:75:ed:
                    24:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:00:58:5D:96:76:2C:2B:86:0B:47:11:C2:4B:F4:4F:B1:A3:38:8D
            X509v3 Authority Key Identifier:
                keyid:75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:cd:1a:7f:8f:22:0b:c6:55:1e:56:67:f4:51:95:03:45:64:
         cb:f5:e5:64:c4:72:d1:61:ff:60:6e:73:9e:c8:93:e5:d1:ad:
         88:76:f4:8d:c0:af:5d:a0:0c:d7:26:0f:5f:f4:bd:a7:b9:29:
         ab:44:c2:f0:b3:2e:35:c3:f3:d3:ae:1b:19:bd:17:23:f1:bd:
         de:c9:89:be:4f:08:f7:7a:d2:d1:73:cd:a3:df:98:bb:a3:d9:
         c5:83:86:24:2c:30:1d:8f:a2:40:c4:03:82:af:78:e3:3d:b3:
         7e:36:0b:e2:94:8e:0f:f1:9e:f5:ce:6d:3c:d6:43:15:63:11:
         92:96:f4:98:d1:94:d5:97:62:43:b4:58:e9:2c:b7:cb:02:81:
         78:ff:4a:1b:86:16:3a:a5:be:a3:4e:33:d8:51:5e:cf:9d:76:
         a4:62:d0:d5:6b:5e:31:19:6c:b5:53:13:f2:99:1f:66:bd:b3:
         ae:75:ee:1a:f3:58:9a:c2:fe:b5:91:e2:ba:e0:a5:13:b4:1b:
         59:99:7a:c4:f4:70:4e:f4:bd:23:9e:b2:cd:7b:07:7e:6e:85:
         10:b4:d4:b9:1e:8a:94:6d:b0:95:c0:0b:01:63:5c:a6:42:ee:
         4a:6b:2e:d2:f2:ae:b0:cd:9a:c2:0a:19:a8:97:2a:00:5d:6a:
         80:2b:67:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYQ/BpkkaEs1EC7fWNM7V7wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YmRkMzhhMzg4MzI0MGU0NmM0YjFhYzhiYmY4MzE3ZGU4
ZmY4ODUwHhcNMjUwNDA3MTYwMTE5WhcNMjUwNDA4MTYwMTE5WjAzMTEwLwYDVQQD
Eyg0MDAwNTg1ZDk2NzYyYzJiODYwYjQ3MTFjMjRiZjQ0ZmIxYTMzODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvz3qYWnM1r8YQKWDuGoVKTgVm3V
TurCHY335SNESduwjr8HI5VNdfPB/SZyWQHRgd3EQbazJt+VMzsp1Yrb3aFlgIwf
xHxaOsYjVLIeBNF94gxau57FbEUFiFL52PwproGulQivVfd8NkaOfK8+rMyF92LK
DUgR2hzX4rFq0wuTarbnyR9WX7DR//yYBCyhLay1fJ2y+6PIjboeD2OLkQi4PCeg
ij4DdItWaQzQUoFEy+dWopRYUhYr8hzhbc0vIV6rFjFcqAULIQgCiC3J+iQbUXij
hEsJKfJZ2XhkzqYkP5F/Oyau0/jphw+QuKboXICTSslLXOgpDdzide0kCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEAAWF2WdiwrhgtHEcJL9E+xoziNMB8GA1UdIwQY
MBaAFHW904o4gyQORsSxrIu/gxfej/iFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGIt
OGRhNjA1MzVlNmEwLzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGItOGRhNjA1MzVlNmEw
LzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWM0af48i
C8ZVHlZn9FGVA0Vky/XlZMRy0WH/YG5znsiT5dGtiHb0jcCvXaAM1yYPX/S9p7kp
q0TC8LMuNcPz064bGb0XI/G93smJvk8I93rS0XPNo9+Yu6PZxYOGJCwwHY+iQMQD
gq944z2zfjYL4pSOD/Ge9c5tPNZDFWMRkpb0mNGU1ZdiQ7RY6Sy3ywKBeP9KG4YW
OqW+o04z2FFez512pGLQ1WteMRlstVMT8pkfZr2zrnXuGvNYmsL+tZHiuuClE7Qb
WZl6xPRwTvS9I56yzXsHfm6FELTUuR6KlG2wlcALAWNcpkLuSmsu0vKusM2awgoZ
qJcqAF1qgCtngA==
-----END CERTIFICATE-----