Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          3C7t79nZe6Ltp5GgRAnW5Prk352DvNC1bKYe3KzUvrI=
Subject key identifier:   8A:85:0E:3A:2F:0D:7E:DF:BB:A5:33:63:07:F4:17:1C:3C:5C:CB:73
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       019510C78A6890B70178AB9C27D0E78015EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          0EC5
Signing time:             Sun 16 Feb 2025 22:01:07 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:07 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:07 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: RUsvuKGtVIehhf5mnlggGkqo4aAEqUZuTZa2+KhMHWg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:8a:68:90:b7:01:78:ab:9c:27:d0:e7:80:15:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: Feb 16 22:01:07 2025 GMT
            Not After : Feb 17 22:01:07 2025 GMT
        Subject: CN=8a850e3a2f0d7edfbba5336307f4171c3c5ccb73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:b8:ea:04:4c:45:c5:87:ea:2e:f4:db:4a:06:
                    96:7a:5e:10:31:ff:05:23:9a:bb:f9:9a:15:02:5c:
                    e3:7a:fb:5f:57:8e:48:c8:aa:71:17:39:c2:0c:8d:
                    11:83:8d:f9:00:53:73:72:61:ae:9e:9e:86:2a:60:
                    8a:12:9f:03:8a:77:e3:1e:a8:77:fa:b8:4c:90:a4:
                    17:84:8b:ac:94:02:a9:20:25:7a:c2:7c:e6:3f:3f:
                    d1:df:3f:76:e8:69:66:e4:ce:71:54:1c:ee:3b:73:
                    19:ba:9c:02:34:2b:85:3a:03:6b:98:61:4d:7d:b2:
                    db:f5:08:36:86:e4:2a:7d:b5:e3:b2:96:6c:7a:6d:
                    ba:b2:25:40:c4:cd:f8:1b:13:b8:f9:53:72:ed:fb:
                    68:72:fa:1f:b4:cb:4f:b4:ad:25:cb:37:4d:89:7f:
                    04:f2:7b:84:f0:13:51:00:1e:e4:c1:f8:03:c3:cb:
                    e3:34:9d:34:ef:52:37:cd:04:b6:46:9a:fb:28:2f:
                    cd:24:26:5e:48:b6:58:c4:3a:9d:6c:7b:ad:90:d5:
                    ec:34:d9:34:20:60:69:31:b2:6d:59:37:30:08:81:
                    7b:e2:05:06:9d:6f:05:f0:34:d3:09:dd:5d:62:63:
                    49:bb:e2:20:f0:f7:55:b9:61:39:53:c3:4a:39:a7:
                    5b:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:85:0E:3A:2F:0D:7E:DF:BB:A5:33:63:07:F4:17:1C:3C:5C:CB:73
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:ed:66:4c:92:64:66:ff:14:5f:5e:a7:13:4c:43:bf:6f:78:
         ec:32:dd:41:83:18:84:d3:ba:71:97:1d:a9:26:a4:a9:a8:f7:
         73:da:66:f9:46:19:c1:f9:1d:fd:66:6f:74:32:67:e4:bd:e2:
         8c:33:77:b4:e9:73:6e:21:5c:cd:48:13:c4:b2:f0:aa:ea:61:
         95:a5:94:bc:e3:81:35:e7:5f:59:0d:27:77:05:5e:bd:d3:6f:
         33:48:37:43:c8:8b:3b:6c:2e:e8:52:10:f7:20:f6:37:a2:2b:
         c5:9b:0d:94:11:03:f0:8d:7c:f0:2d:e7:ac:ac:a4:aa:05:2b:
         ca:cb:4c:68:cb:7d:7e:3e:f2:ea:12:41:e2:bc:e8:b5:1c:0d:
         53:cf:ca:95:f4:52:c2:7a:b7:5a:a8:d3:e5:f9:4b:38:a2:a1:
         ac:e7:2e:86:06:86:6d:bf:04:bf:f5:67:92:de:93:ff:2b:ec:
         f2:59:92:4e:bf:86:3b:7d:b1:6b:84:94:b2:bb:e9:44:cc:37:
         95:da:7d:2a:9a:a8:b7:ae:6b:08:09:6f:ce:f5:b4:7f:b1:9b:
         ae:51:6e:d3:7b:6a:46:e1:98:a0:c7:80:ce:28:36:1f:51:ff:
         58:12:aa:74:27:47:63:0f:be:46:cb:fe:a6:e4:19:f3:0c:a8:
         4f:6f:2f:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx4pokLcBeKucJ9DngBXqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjUwMjE2MjIwMTA3WhcNMjUwMjE3MjIwMTA3WjAzMTEwLwYDVQQD
Eyg4YTg1MGUzYTJmMGQ3ZWRmYmJhNTMzNjMwN2Y0MTcxYzNjNWNjYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27jqBExFxYfqLvTbSgaWel4QMf8F
I5q7+ZoVAlzjevtfV45IyKpxFznCDI0Rg435AFNzcmGunp6GKmCKEp8DinfjHqh3
+rhMkKQXhIuslAKpICV6wnzmPz/R3z926Glm5M5xVBzuO3MZupwCNCuFOgNrmGFN
fbLb9Qg2huQqfbXjspZsem26siVAxM34GxO4+VNy7ftocvoftMtPtK0lyzdNiX8E
8nuE8BNRAB7kwfgDw8vjNJ0071I3zQS2Rpr7KC/NJCZeSLZYxDqdbHutkNXsNNk0
IGBpMbJtWTcwCIF74gUGnW8F8DTTCd1dYmNJu+Ig8PdVuWE5U8NKOadbhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqFDjovDX7fu6UzYwf0Fxw8XMtzMB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsO1mTJJk
Zv8UX16nE0xDv2947DLdQYMYhNO6cZcdqSakqaj3c9pm+UYZwfkd/WZvdDJn5L3i
jDN3tOlzbiFczUgTxLLwquphlaWUvOOBNedfWQ0ndwVevdNvM0g3Q8iLO2wu6FIQ
9yD2N6IrxZsNlBED8I188C3nrKykqgUrystMaMt9fj7y6hJB4rzotRwNU8/KlfRS
wnq3WqjT5flLOKKhrOcuhgaGbb8Ev/Vnkt6T/yvs8lmSTr+GO32xa4SUsrvpRMw3
ldp9Kpqot65rCAlvzvW0f7GbrlFu03tqRuGYoMeAzig2H1H/WBKqdCdHYw++Rsv+
puQZ8wyoT28vvg==
-----END CERTIFICATE-----