Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.mft
File:                     3Mx29__HFoYLOtY56_kdxN1hMAA.mft (raw, json)
Hash identifier:          RHz3e0vzCm0GrOC/4I88KAEj8l1jLjqYlx6uMP/4aok=
Subject key identifier:   83:20:8E:F7:41:3A:B1:72:F9:7A:58:0F:7F:1A:78:8E:C7:A8:3D:73
Authority key identifier: DC:CC:76:F7:FF:C7:16:86:0B:3A:D6:39:EB:F9:1D:C4:DD:61:30:00
Certificate issuer:       /CN=dccc76f7ffc716860b3ad639ebf91dc4dd613000
Certificate serial:       0196572719482E29ED34E5EA6035F26EA18C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Mx29__HFoYLOtY56_kdxN1hMAA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.mft
Manifest number:          08C2
Signing time:             Mon 21 Apr 2025 07:01:42 +0000
Manifest this update:     Mon 21 Apr 2025 07:01:42 +0000
Manifest next update:     Tue 22 Apr 2025 07:01:42 +0000
Files and hashes:         1: 3Mx29__HFoYLOtY56_kdxN1hMAA.crl (hash: ujOdWSQvwoAIOflmB/moKA1jCb1o628OxddLF5SX+fY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Mx29__HFoYLOtY56_kdxN1hMAA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 07:01:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:27:19:48:2e:29:ed:34:e5:ea:60:35:f2:6e:a1:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dccc76f7ffc716860b3ad639ebf91dc4dd613000
        Validity
            Not Before: Apr 21 07:01:42 2025 GMT
            Not After : Apr 22 07:01:42 2025 GMT
        Subject: CN=83208ef7413ab172f97a580f7f1a788ec7a83d73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:b8:9e:89:28:dd:23:67:91:eb:7c:3c:08:8a:
                    f1:18:3b:40:e4:f5:b3:01:03:d4:4a:98:2b:8a:fc:
                    23:df:a4:bd:14:ea:7d:20:69:4c:4a:4d:f1:41:ac:
                    7a:43:31:16:5f:66:b2:5e:fd:d1:14:53:f0:1b:d2:
                    18:59:77:88:c0:6c:11:9b:a9:dc:f8:15:8a:ed:c2:
                    af:6a:c4:6f:ca:21:4b:19:58:0d:22:85:21:d7:09:
                    c0:40:d8:c8:cb:a3:64:3f:30:31:bf:25:38:3d:c3:
                    ad:f7:06:fb:ba:00:e9:ef:6f:60:fe:35:9a:7d:c6:
                    0d:6b:f3:59:ae:89:3a:17:60:a3:8b:e9:59:04:83:
                    ce:b7:8f:a8:b3:40:f8:d1:5f:43:fe:e2:a7:cd:5a:
                    cc:d5:6a:4b:5f:73:c9:37:4c:60:d4:c7:86:09:f9:
                    c0:6e:06:b5:fd:41:9a:7d:4d:a5:11:81:70:91:ab:
                    e8:c6:c1:c7:fb:b6:c5:4f:54:2c:b3:81:af:3a:db:
                    98:f0:d9:04:04:7f:e1:7f:1d:1a:21:e9:27:f4:c8:
                    a1:6d:b9:34:bd:ca:e8:73:fc:3c:0e:30:75:83:fa:
                    99:ca:ce:19:a8:63:0b:ba:4a:81:d2:cf:8e:e0:92:
                    85:ff:80:10:b0:79:fa:14:6a:6c:2f:60:41:d0:22:
                    97:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:20:8E:F7:41:3A:B1:72:F9:7A:58:0F:7F:1A:78:8E:C7:A8:3D:73
            X509v3 Authority Key Identifier:
                keyid:DC:CC:76:F7:FF:C7:16:86:0B:3A:D6:39:EB:F9:1D:C4:DD:61:30:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Mx29__HFoYLOtY56_kdxN1hMAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:22:a9:b6:1d:39:7c:7f:9d:68:d3:7b:c8:d8:04:9c:b5:87:
         9f:cf:0b:a3:9d:38:d1:c5:ae:3d:e8:83:f5:01:8a:8f:b0:6a:
         49:1d:64:6c:ad:fa:6d:07:55:41:95:35:41:89:eb:b5:88:6b:
         0c:32:d8:fb:a5:88:11:cf:05:f9:ca:e8:28:df:ec:27:a2:3f:
         e6:32:32:e8:ac:86:09:2a:53:ea:2e:6b:89:3e:fd:94:97:58:
         11:2c:94:99:b1:cd:fc:a8:f3:95:f6:b7:ea:06:75:c2:a5:8f:
         07:31:8d:20:32:f8:e2:53:42:8d:bf:8e:20:cc:72:60:03:6a:
         f5:8a:17:6d:43:48:16:cb:c7:f4:d5:4d:ba:0f:84:05:f8:6a:
         ae:8b:4d:52:08:ab:3b:41:a5:a4:3e:8c:7c:15:bd:88:a4:cf:
         3a:b2:f7:fe:18:bd:77:d0:f8:f7:ee:cb:9c:e9:f1:48:35:c1:
         30:d7:cb:f0:96:60:f7:bc:33:bb:ac:c0:71:f4:45:cd:dd:99:
         26:e5:f0:d2:e3:62:89:ec:b6:42:33:8a:0c:66:7e:99:64:e6:
         bb:da:07:79:d3:53:13:cc:86:f3:6f:aa:ac:88:f0:b6:bd:2a:
         34:ea:0f:b4:5f:f1:56:5a:11:3d:57:9a:3e:7c:79:9a:63:1b:
         d7:72:9b:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJxlILintNOXqYDXybqGMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjY2M3NmY3ZmZjNzE2ODYwYjNhZDYzOWViZjkxZGM0ZGQ2
MTMwMDAwHhcNMjUwNDIxMDcwMTQyWhcNMjUwNDIyMDcwMTQyWjAzMTEwLwYDVQQD
Eyg4MzIwOGVmNzQxM2FiMTcyZjk3YTU4MGY3ZjFhNzg4ZWM3YTgzZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bieiSjdI2eR63w8CIrxGDtA5PWz
AQPUSpgrivwj36S9FOp9IGlMSk3xQax6QzEWX2ayXv3RFFPwG9IYWXeIwGwRm6nc
+BWK7cKvasRvyiFLGVgNIoUh1wnAQNjIy6NkPzAxvyU4PcOt9wb7ugDp729g/jWa
fcYNa/NZrok6F2Cji+lZBIPOt4+os0D40V9D/uKnzVrM1WpLX3PJN0xg1MeGCfnA
bga1/UGafU2lEYFwkavoxsHH+7bFT1Qss4GvOtuY8NkEBH/hfx0aIekn9Mihbbk0
vcroc/w8DjB1g/qZys4ZqGMLukqB0s+O4JKF/4AQsHn6FGpsL2BB0CKXEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIMgjvdBOrFy+XpYD38aeI7HqD1zMB8GA1UdIwQY
MBaAFNzMdvf/xxaGCzrWOev5HcTdYTAAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM014MjlfX0hGb1lMT3RZNTZfa2R4TjFoTUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8xOGE2N2UtN2NiZC00YzQ1LTg4OWMt
YWU3Yjg5MTc0NzEwLzEvM014MjlfX0hGb1lMT3RZNTZfa2R4TjFoTUFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8xOGE2N2UtN2NiZC00YzQ1LTg4OWMtYWU3Yjg5MTc0NzEw
LzEvM014MjlfX0hGb1lMT3RZNTZfa2R4TjFoTUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtCKpth05
fH+daNN7yNgEnLWHn88Lo5040cWuPeiD9QGKj7BqSR1kbK36bQdVQZU1QYnrtYhr
DDLY+6WIEc8F+croKN/sJ6I/5jIy6KyGCSpT6i5riT79lJdYESyUmbHN/Kjzlfa3
6gZ1wqWPBzGNIDL44lNCjb+OIMxyYANq9YoXbUNIFsvH9NVNug+EBfhqrotNUgir
O0GlpD6MfBW9iKTPOrL3/hi9d9D49+7LnOnxSDXBMNfL8JZg97wzu6zAcfRFzd2Z
JuXw0uNiiey2QjOKDGZ+mWTmu9oHedNTE8yG82+qrIjwtr0qNOoPtF/xVloRPVea
Pnx5mmMb13KbfA==
-----END CERTIFICATE-----