Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
File:                     PQJjyVdcvQESY66Ig5p4iLdPoHY.mft (raw, json)
Hash identifier:          bbKv0fEKpieRjJpqVa0IKp7DFHNZNkkyVRrwnz6ZGEo=
Subject key identifier:   B6:D4:F7:E3:6C:FD:39:CC:1E:98:16:C6:B7:72:C1:A5:65:3E:25:8F
Authority key identifier: 3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76
Certificate issuer:       /CN=3d0263c9575cbd011263ae88839a7888b74fa076
Certificate serial:       019628CDC19EA03E28BC7F6C04D1C2115354
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
Manifest number:          1012
Signing time:             Sat 12 Apr 2025 07:01:35 +0000
Manifest this update:     Sat 12 Apr 2025 07:01:35 +0000
Manifest next update:     Sun 13 Apr 2025 07:01:35 +0000
Files and hashes:         1: PQJjyVdcvQESY66Ig5p4iLdPoHY.crl (hash: vpQWTS5LEzDPp/cqLkaJFKP9RJTE3sgrAMPaT44ki1Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 13 Apr 2025 05:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:28:cd:c1:9e:a0:3e:28:bc:7f:6c:04:d1:c2:11:53:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d0263c9575cbd011263ae88839a7888b74fa076
        Validity
            Not Before: Apr 12 07:01:35 2025 GMT
            Not After : Apr 13 07:01:35 2025 GMT
        Subject: CN=b6d4f7e36cfd39cc1e9816c6b772c1a5653e258f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:f0:21:ed:43:42:62:cb:43:04:0f:c0:31:e6:
                    b5:b0:44:01:97:5b:d2:be:71:9b:18:7f:cd:9e:7b:
                    c3:46:c3:7e:2f:22:c5:97:03:a4:ae:4b:95:0e:b2:
                    2b:c1:50:f8:ec:a2:b0:de:b4:33:35:74:0c:df:1a:
                    8d:ab:b0:65:60:e8:78:59:51:8f:07:03:e8:54:45:
                    58:b9:02:06:a0:48:81:ad:dd:ea:01:4a:99:97:63:
                    ac:2e:34:f9:56:9d:4f:94:c2:31:20:63:e3:9c:b5:
                    a1:20:fe:14:ab:b4:b7:41:77:78:cd:87:b1:32:2d:
                    79:19:0a:bc:dc:57:a2:c9:a8:77:39:bc:c2:78:bb:
                    46:61:3a:16:c5:cf:e4:a5:0f:5c:57:03:fd:56:86:
                    1f:c0:9f:fe:9c:f3:91:55:09:10:a0:1b:96:6d:29:
                    b6:71:e8:db:cc:0e:17:61:27:83:19:e0:ea:0e:5b:
                    f7:19:99:b6:b2:e6:8c:7a:52:2f:0a:e7:0a:65:63:
                    09:e4:9d:ec:26:61:10:1c:da:fc:a8:79:30:18:77:
                    dd:24:ae:52:a1:52:bc:f3:e9:81:35:2f:18:4e:86:
                    44:0e:20:12:72:77:3c:40:52:d0:e3:d0:02:c1:f0:
                    88:10:4b:8b:29:6b:7b:09:ed:b9:97:83:c7:6c:95:
                    14:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:D4:F7:E3:6C:FD:39:CC:1E:98:16:C6:B7:72:C1:A5:65:3E:25:8F
            X509v3 Authority Key Identifier:
                keyid:3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:23:49:ab:21:5f:eb:f6:18:b2:4d:b1:0f:eb:d4:1e:25:cb:
         bb:37:5d:f4:6d:04:ba:7f:49:bb:c0:f1:aa:0a:72:b0:12:76:
         b5:66:93:d2:61:14:e4:56:55:79:6a:b5:0c:3b:41:6e:3f:50:
         c9:eb:55:99:4d:eb:82:83:b4:dc:16:a1:cb:ae:91:8c:aa:98:
         91:a4:7f:81:3f:2e:2d:d3:b6:b8:b7:f7:c3:b8:bc:8d:99:82:
         3e:b3:84:86:a3:6c:6a:6e:f4:cb:93:59:08:01:70:96:f9:31:
         4e:37:ec:52:b4:c1:c2:df:79:3f:c4:7e:c1:e4:23:ce:62:b6:
         06:53:0a:93:e7:fc:90:a2:37:4d:aa:b6:2e:da:a2:ac:44:36:
         f0:fb:97:eb:88:a2:15:1c:25:bc:5b:02:5c:75:7e:b7:3f:21:
         e1:cb:06:6b:92:13:d6:34:cb:de:09:02:4a:c8:15:a8:ea:8b:
         8f:b4:e6:9d:3a:b0:4f:17:fe:40:94:46:2a:90:d4:24:d5:cd:
         d4:9a:46:8a:d9:f5:50:2a:a6:bf:b8:fe:33:bf:9b:2c:26:3d:
         9b:1a:df:da:26:d4:af:7e:c2:10:36:06:d4:f3:f1:ad:ed:3f:
         be:6d:6b:75:7f:47:d6:88:f5:b8:a7:8d:03:c0:37:7b:3e:3a:
         ee:12:fc:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYozcGeoD4ovH9sBNHCEVNUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMDI2M2M5NTc1Y2JkMDExMjYzYWU4ODgzOWE3ODg4Yjc0
ZmEwNzYwHhcNMjUwNDEyMDcwMTM1WhcNMjUwNDEzMDcwMTM1WjAzMTEwLwYDVQQD
EyhiNmQ0ZjdlMzZjZmQzOWNjMWU5ODE2YzZiNzcyYzFhNTY1M2UyNThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/Ah7UNCYstDBA/AMea1sEQBl1vS
vnGbGH/NnnvDRsN+LyLFlwOkrkuVDrIrwVD47KKw3rQzNXQM3xqNq7BlYOh4WVGP
BwPoVEVYuQIGoEiBrd3qAUqZl2OsLjT5Vp1PlMIxIGPjnLWhIP4Uq7S3QXd4zYex
Mi15GQq83Feiyah3ObzCeLtGYToWxc/kpQ9cVwP9VoYfwJ/+nPORVQkQoBuWbSm2
cejbzA4XYSeDGeDqDlv3GZm2suaMelIvCucKZWMJ5J3sJmEQHNr8qHkwGHfdJK5S
oVK88+mBNS8YToZEDiAScnc8QFLQ49ACwfCIEEuLKWt7Ce25l4PHbJUU2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLbU9+Ns/TnMHpgWxrdywaVlPiWPMB8GA1UdIwQY
MBaAFD0CY8lXXL0BEmOuiIOaeIi3T6B2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUt
MTJmNGU2MjczODc3LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUtMTJmNGU2MjczODc3
LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkyNJqyFf
6/YYsk2xD+vUHiXLuzdd9G0Eun9Ju8DxqgpysBJ2tWaT0mEU5FZVeWq1DDtBbj9Q
yetVmU3rgoO03Bahy66RjKqYkaR/gT8uLdO2uLf3w7i8jZmCPrOEhqNsam70y5NZ
CAFwlvkxTjfsUrTBwt95P8R+weQjzmK2BlMKk+f8kKI3Taq2LtqirEQ28PuX64ii
FRwlvFsCXHV+tz8h4csGa5IT1jTL3gkCSsgVqOqLj7TmnTqwTxf+QJRGKpDUJNXN
1JpGitn1UCqmv7j+M7+bLCY9mxrf2ibUr37CEDYG1PPxre0/vm1rdX9H1oj1uKeN
A8A3ez467hL82g==
-----END CERTIFICATE-----