Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
File:                     3XzvizrZIDFjCqyiJqntebpgVYY.mft (raw, json)
Hash identifier:          96AJiyTi+rYQbW4SEeYrlolA98NWhRg8yjcOzFwqHdU=
Subject key identifier:   79:F7:BB:E1:6F:19:36:49:6E:B1:03:2C:59:4F:6A:84:EB:E8:DF:A7
Authority key identifier: DD:7C:EF:8B:3A:D9:20:31:63:0A:AC:A2:26:A9:ED:79:BA:60:55:86
Certificate issuer:       /CN=dd7cef8b3ad92031630aaca226a9ed79ba605586
Certificate serial:       019610C4FC27A8763994A99C9DB8336E8A78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
Manifest number:          41
Signing time:             Mon 07 Apr 2025 15:01:07 +0000
Manifest this update:     Mon 07 Apr 2025 15:01:07 +0000
Manifest next update:     Tue 08 Apr 2025 15:01:07 +0000
Files and hashes:         1: 3XzvizrZIDFjCqyiJqntebpgVYY.crl (hash: gnxg6171kFI310JB3QV55VMpPAQRfmkvVRZ0UKfps20=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 14:28:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:10:c4:fc:27:a8:76:39:94:a9:9c:9d:b8:33:6e:8a:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd7cef8b3ad92031630aaca226a9ed79ba605586
        Validity
            Not Before: Apr  7 15:01:07 2025 GMT
            Not After : Apr  8 15:01:07 2025 GMT
        Subject: CN=79f7bbe16f1936496eb1032c594f6a84ebe8dfa7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:31:15:b2:6b:e9:e5:39:6f:9c:fc:af:f1:42:
                    1b:ff:fd:c6:5e:69:9f:30:19:c6:9b:3f:99:fc:dd:
                    27:57:b8:f4:c5:df:83:20:3b:bf:4f:89:05:ee:1e:
                    82:4b:d3:75:b9:6a:b5:67:30:fb:75:88:1a:f2:8c:
                    33:b5:1e:1f:8c:a6:07:c5:76:5e:f6:ad:c7:0d:6b:
                    9d:ca:d8:48:1f:94:f4:ae:80:b1:36:09:94:ef:4c:
                    c9:91:c1:e9:bc:27:96:ef:73:f1:3c:0e:ea:22:a8:
                    3c:73:bd:5f:cd:5b:55:8e:05:66:68:c7:27:0b:87:
                    e2:48:c9:a5:4c:44:50:cc:d8:34:e5:34:fb:9b:2a:
                    42:54:25:b9:c1:2f:9d:90:bf:62:f0:a3:10:f2:a9:
                    d4:ff:d0:3c:33:b9:d3:94:b7:f7:33:84:3a:73:7c:
                    06:c3:c9:88:5e:dc:7c:cf:90:f6:9f:78:ec:67:32:
                    ba:17:be:9e:5d:15:94:f8:81:c0:33:3d:00:60:32:
                    d3:f1:9d:c8:fb:3e:50:06:bf:54:52:32:0d:47:72:
                    fa:8c:07:5c:e2:fc:77:42:e3:a4:b0:39:f8:08:fc:
                    cd:d4:3b:df:57:54:f0:4a:1b:b3:a7:bf:68:e9:5c:
                    2c:ed:33:fb:66:54:6c:ce:36:32:0f:c8:f8:20:86:
                    c7:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:F7:BB:E1:6F:19:36:49:6E:B1:03:2C:59:4F:6A:84:EB:E8:DF:A7
            X509v3 Authority Key Identifier:
                keyid:DD:7C:EF:8B:3A:D9:20:31:63:0A:AC:A2:26:A9:ED:79:BA:60:55:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:a1:8a:c6:fc:ce:57:65:4d:d2:3b:72:4a:d3:5e:02:22:07:
         f7:4b:d1:8c:e7:1c:5c:b4:fc:be:d3:88:da:ce:51:fc:b9:81:
         3b:6f:69:ad:b3:8c:72:e2:23:52:43:85:4c:31:0f:60:7b:3d:
         2c:33:5a:52:ac:42:56:97:8b:33:a7:df:5f:e3:36:67:c4:33:
         33:40:cd:20:aa:d9:ed:70:c4:51:c6:50:f7:e9:5b:93:0c:c9:
         5b:e1:72:d3:38:86:89:2b:5f:d7:2b:4b:78:80:c7:7e:ab:2b:
         96:c0:b1:f5:e8:4c:29:82:32:cb:76:e9:0b:eb:34:b9:2e:a5:
         8a:c9:f9:17:80:10:85:f4:ff:15:ae:17:db:1d:68:f3:06:09:
         70:c3:32:ad:0b:6a:67:f0:83:d5:8f:7a:79:c8:57:3a:4f:5c:
         30:1e:cb:58:c1:c1:f9:cf:2f:77:c5:77:56:e6:36:ab:6d:eb:
         a1:0f:be:4b:dc:67:07:5d:5f:0c:ca:da:cd:52:39:ae:d6:91:
         23:8a:54:be:46:53:2b:ef:98:b9:8f:db:cf:22:94:2d:e6:25:
         a7:e7:ff:4b:45:58:da:0c:dd:48:0b:17:ef:bb:fd:7c:3e:d3:
         e6:8b:31:55:e7:e7:9f:8e:ce:26:97:b2:37:0b:c9:e2:f3:18:
         0b:59:7d:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYQxPwnqHY5lKmcnbgzbop4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkN2NlZjhiM2FkOTIwMzE2MzBhYWNhMjI2YTllZDc5YmE2
MDU1ODYwHhcNMjUwNDA3MTUwMTA3WhcNMjUwNDA4MTUwMTA3WjAzMTEwLwYDVQQD
Eyg3OWY3YmJlMTZmMTkzNjQ5NmViMTAzMmM1OTRmNmE4NGViZThkZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTEVsmvp5TlvnPyv8UIb//3GXmmf
MBnGmz+Z/N0nV7j0xd+DIDu/T4kF7h6CS9N1uWq1ZzD7dYga8owztR4fjKYHxXZe
9q3HDWudythIH5T0roCxNgmU70zJkcHpvCeW73PxPA7qIqg8c71fzVtVjgVmaMcn
C4fiSMmlTERQzNg05TT7mypCVCW5wS+dkL9i8KMQ8qnU/9A8M7nTlLf3M4Q6c3wG
w8mIXtx8z5D2n3jsZzK6F76eXRWU+IHAMz0AYDLT8Z3I+z5QBr9UUjINR3L6jAdc
4vx3QuOksDn4CPzN1DvfV1TwShuzp79o6Vws7TP7ZlRszjYyD8j4IIbHyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHn3u+FvGTZJbrEDLFlPaoTr6N+nMB8GA1UdIwQY
MBaAFN1874s62SAxYwqsoiap7Xm6YFWGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xZDk4YjAtNGE0ZC00MTkwLWJkODUt
MzcyZjY1ZDk5YTlmLzEvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xZDk4YjAtNGE0ZC00MTkwLWJkODUtMzcyZjY1ZDk5YTlm
LzEvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPaGKxvzO
V2VN0jtyStNeAiIH90vRjOccXLT8vtOI2s5R/LmBO29prbOMcuIjUkOFTDEPYHs9
LDNaUqxCVpeLM6ffX+M2Z8QzM0DNIKrZ7XDEUcZQ9+lbkwzJW+Fy0ziGiStf1ytL
eIDHfqsrlsCx9ehMKYIyy3bpC+s0uS6lisn5F4AQhfT/Fa4X2x1o8wYJcMMyrQtq
Z/CD1Y96echXOk9cMB7LWMHB+c8vd8V3VuY2q23roQ++S9xnB11fDMrazVI5rtaR
I4pUvkZTK++YuY/bzyKULeYlp+f/S0VY2gzdSAsX77v9fD7T5osxVefnn47OJpey
NwvJ4vMYC1l9Yg==
-----END CERTIFICATE-----