Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
File:                     3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft (raw, json)
Hash identifier:          9zpMPkZe3CWGmO7WLzc1wRN5CYTdbZIrFjkJawAjM3Q=
Subject key identifier:   D9:97:A8:FB:28:BE:05:72:2F:5F:D3:A0:3E:7B:CB:52:F5:9D:90:5B
Authority key identifier: DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07
Certificate issuer:       /CN=de17fd66577b3ed358b3862a7dd980944a85d507
Certificate serial:       019610C4E1D48BA433C8DB41F818BBCCF8B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
Manifest number:          99
Signing time:             Mon 07 Apr 2025 15:01:00 +0000
Manifest this update:     Mon 07 Apr 2025 15:01:00 +0000
Manifest next update:     Tue 08 Apr 2025 15:01:00 +0000
Files and hashes:         1: 3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl (hash: FKkEXEPk/G33rKl5Drmrr/PeFtJ3FigIJgsuo1DHjcA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 14:28:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:10:c4:e1:d4:8b:a4:33:c8:db:41:f8:18:bb:cc:f8:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de17fd66577b3ed358b3862a7dd980944a85d507
        Validity
            Not Before: Apr  7 15:01:00 2025 GMT
            Not After : Apr  8 15:01:00 2025 GMT
        Subject: CN=d997a8fb28be05722f5fd3a03e7bcb52f59d905b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:2d:95:d0:bb:34:c5:58:07:65:37:78:26:63:
                    4c:3a:ad:9d:8b:b8:7f:b6:bd:a2:2f:d5:eb:39:ae:
                    e7:36:b5:75:02:55:32:77:5d:78:2d:4e:9e:b5:5c:
                    d0:66:0e:da:cb:57:8c:e5:cf:d1:33:83:d7:26:ac:
                    c6:53:38:92:25:20:75:09:48:3f:cf:40:c6:41:9b:
                    3e:10:cc:89:4c:8a:a4:b4:8f:b2:8e:b3:31:16:aa:
                    31:7c:ba:72:08:1d:75:92:50:09:c1:38:72:cb:55:
                    a7:0d:9e:7f:f6:fe:90:6a:57:c7:83:b9:18:c6:5c:
                    5e:a6:4b:3f:68:ec:d9:9f:fe:cf:c9:da:33:03:45:
                    e9:12:6c:15:0b:ae:37:07:91:b7:f3:84:1a:09:de:
                    e3:a4:b8:1c:8d:bd:aa:c2:df:97:87:e7:09:53:3e:
                    0f:45:ef:55:95:27:cd:0d:be:11:79:fa:e7:fc:1c:
                    de:74:40:2f:eb:93:c8:b4:16:77:ed:e6:44:6f:1c:
                    10:fd:ea:20:60:d1:fc:c4:dc:c2:bb:bf:2a:91:d4:
                    e3:f1:6c:89:47:28:67:cc:11:4b:f2:da:58:8e:af:
                    35:90:3d:bc:55:f2:9d:85:31:98:b8:1e:ec:5c:cd:
                    27:cd:c2:30:26:7d:dd:3c:d3:fe:23:f2:75:ff:0e:
                    4a:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:97:A8:FB:28:BE:05:72:2F:5F:D3:A0:3E:7B:CB:52:F5:9D:90:5B
            X509v3 Authority Key Identifier:
                keyid:DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         dc:d3:1b:f5:4d:a8:0e:d1:6f:9a:04:49:94:1d:b3:95:b5:e8:
         c1:fd:bc:05:c1:86:e8:2c:5d:7d:e2:89:72:d4:c7:8a:62:65:
         88:d7:92:70:0b:9b:72:7b:cd:e4:a3:f4:1b:a2:aa:ed:56:84:
         f8:79:4c:7c:95:d6:99:29:7e:14:73:e3:92:4b:26:ea:aa:29:
         19:6d:18:2d:b6:4b:b5:aa:62:26:23:e0:45:3b:3c:82:27:90:
         17:30:ff:e4:86:f9:7d:64:fe:be:37:96:cb:4e:6a:ae:ba:42:
         42:fd:13:a8:2d:af:cf:32:ee:ad:33:52:57:d6:fa:bd:44:96:
         da:43:58:af:d6:7e:31:a2:84:40:e4:bc:d9:17:58:bc:00:7c:
         89:be:31:c8:3e:3c:75:02:54:cb:26:f4:f6:c2:20:7a:cc:e2:
         5e:b5:d8:7d:68:fa:43:67:a3:93:36:dd:d8:ad:ef:04:37:59:
         8e:e4:66:6c:5b:4a:c9:63:d2:13:cd:b9:c7:91:a8:fb:60:3b:
         09:cb:59:ab:a6:75:71:51:12:f2:9d:6e:b7:1d:31:08:10:72:
         67:bd:ee:64:b0:d6:27:f4:e9:99:b4:65:6d:a3:80:18:55:9c:
         96:b8:1f:40:6d:35:5a:40:dd:48:59:a3:65:86:ec:6d:2b:bb:
         61:72:d5:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYQxOHUi6QzyNtB+Bi7zPi3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTdmZDY2NTc3YjNlZDM1OGIzODYyYTdkZDk4MDk0NGE4
NWQ1MDcwHhcNMjUwNDA3MTUwMTAwWhcNMjUwNDA4MTUwMTAwWjAzMTEwLwYDVQQD
EyhkOTk3YThmYjI4YmUwNTcyMmY1ZmQzYTAzZTdiY2I1MmY1OWQ5MDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnS2V0Ls0xVgHZTd4JmNMOq2di7h/
tr2iL9XrOa7nNrV1AlUyd114LU6etVzQZg7ay1eM5c/RM4PXJqzGUziSJSB1CUg/
z0DGQZs+EMyJTIqktI+yjrMxFqoxfLpyCB11klAJwThyy1WnDZ5/9v6QalfHg7kY
xlxepks/aOzZn/7PydozA0XpEmwVC643B5G384QaCd7jpLgcjb2qwt+Xh+cJUz4P
Re9VlSfNDb4Refrn/BzedEAv65PItBZ37eZEbxwQ/eogYNH8xNzCu78qkdTj8WyJ
RyhnzBFL8tpYjq81kD28VfKdhTGYuB7sXM0nzcIwJn3dPNP+I/J1/w5KZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNmXqPsovgVyL1/ToD57y1L1nZBbMB8GA1UdIwQY
MBaAFN4X/WZXez7TWLOGKn3ZgJRKhdUHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAt
MjQyYzI1YzcyMDEyLzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAtMjQyYzI1YzcyMDEy
LzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3NMb9U2o
DtFvmgRJlB2zlbXowf28BcGG6CxdfeKJctTHimJliNeScAubcnvN5KP0G6Kq7VaE
+HlMfJXWmSl+FHPjkksm6qopGW0YLbZLtapiJiPgRTs8gieQFzD/5Ib5fWT+vjeW
y05qrrpCQv0TqC2vzzLurTNSV9b6vUSW2kNYr9Z+MaKEQOS82RdYvAB8ib4xyD48
dQJUyyb09sIgesziXrXYfWj6Q2ejkzbd2K3vBDdZjuRmbFtKyWPSE825x5Go+2A7
CctZq6Z1cVES8p1utx0xCBByZ73uZLDWJ/TpmbRlbaOAGFWclrgfQG01WkDdSFmj
ZYbsbSu7YXLVXw==
-----END CERTIFICATE-----