Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
File:                     sNcTFlrGKE-0HV38gmV3_B2gtzA.mft (raw, json)
Hash identifier:          E6iRTfgmqTMiDaTn1mjNvEo8hFnJYxnLmVYqsRX5MRo=
Subject key identifier:   CD:91:C8:B7:98:29:D0:A5:49:26:82:73:9E:B4:99:2C:15:E0:62:E3
Authority key identifier: B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30
Certificate issuer:       /CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
Certificate serial:       019653495590D2F59CEE8B066AC8443CA7BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
Manifest number:          1213
Signing time:             Sun 20 Apr 2025 13:00:36 +0000
Manifest this update:     Sun 20 Apr 2025 13:00:36 +0000
Manifest next update:     Mon 21 Apr 2025 13:00:36 +0000
Files and hashes:         1: sNcTFlrGKE-0HV38gmV3_B2gtzA.crl (hash: FNdnUdw3NCYAutiGZcSZz2wyYdlFf4FFmMI8UY1SXiE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 13:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:49:55:90:d2:f5:9c:ee:8b:06:6a:c8:44:3c:a7:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
        Validity
            Not Before: Apr 20 13:00:36 2025 GMT
            Not After : Apr 21 13:00:36 2025 GMT
        Subject: CN=cd91c8b79829d0a5492682739eb4992c15e062e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:38:aa:9e:15:5c:85:ff:3f:77:6e:48:b6:44:
                    6c:2f:14:28:d6:d4:a2:7a:b2:07:69:f0:23:f2:04:
                    c0:5c:86:b1:06:7e:d7:e0:51:af:f7:ba:e5:a7:2b:
                    de:38:ef:f7:86:e3:8d:96:a5:c4:f2:8f:dc:90:2d:
                    cc:08:86:e8:97:d5:2f:9f:8f:ac:47:2b:73:89:3b:
                    6c:aa:51:5d:5f:4a:27:8b:05:12:41:8c:f7:ea:74:
                    c3:0f:32:89:27:50:99:34:a7:37:d4:02:a5:f3:5a:
                    54:30:0f:89:0a:a8:5b:ee:eb:9c:1f:94:76:31:e2:
                    09:ba:18:75:1a:48:9a:0b:5a:a9:6e:4d:a6:23:26:
                    a5:29:a6:3e:3a:d7:e8:3a:3b:44:56:0b:7c:f1:e3:
                    b2:e6:8d:f0:09:00:56:99:9e:8c:64:04:63:95:94:
                    b2:76:b9:fd:6b:f0:5b:40:0d:f3:ed:57:4d:e3:13:
                    26:d0:5e:50:fe:b4:3c:c6:28:dc:b9:19:dc:b6:e3:
                    79:3c:d0:b5:4a:97:57:3b:01:18:47:d8:f7:06:00:
                    18:2e:2f:87:00:5c:bb:18:ce:c8:09:ea:4a:d6:7c:
                    ae:fd:a1:b5:1e:5e:26:65:e2:e3:5e:eb:83:14:4d:
                    be:84:e1:30:05:e9:f5:87:55:de:2a:b4:4b:6e:d6:
                    37:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:91:C8:B7:98:29:D0:A5:49:26:82:73:9E:B4:99:2C:15:E0:62:E3
            X509v3 Authority Key Identifier:
                keyid:B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:3e:0f:ed:54:d0:3d:2b:91:8d:13:0b:99:8c:21:2e:c0:bc:
         71:83:09:d2:b0:25:48:fc:34:27:31:b5:33:34:1c:d3:43:e5:
         a9:6f:38:3d:41:8b:66:00:87:49:9c:2a:1b:60:e9:36:41:bf:
         99:87:17:90:f3:8e:2f:d3:1d:d8:19:a3:6e:9c:4e:2a:ed:18:
         14:01:cd:2f:a6:0e:90:c8:64:65:4c:c6:99:d4:0b:67:9a:11:
         64:d6:88:2b:0e:48:9d:61:58:e4:75:dd:0c:15:2c:86:ac:d0:
         33:3d:60:d3:d9:58:1a:1d:c8:b2:dc:51:0c:1a:c5:7b:f6:d9:
         6c:97:29:d4:85:b7:71:6e:24:ee:bd:f8:66:8c:0e:56:a5:fb:
         3f:63:25:2e:95:83:b5:75:63:d5:04:39:d0:ed:df:d1:fb:52:
         ca:50:59:3d:e4:aa:06:6e:ee:61:29:3f:71:af:60:c7:57:11:
         eb:f0:4b:6a:f8:e8:03:4c:3e:b0:16:7d:34:0b:d1:d1:8d:b9:
         97:d9:e0:25:a8:83:26:39:c7:24:08:82:d7:87:6d:86:a7:45:
         75:5a:8b:03:5c:8f:80:3e:98:6e:3e:aa:a5:44:8b:95:21:47:
         b4:84:0c:ab:57:d9:3a:16:f8:ae:1e:b7:d8:74:47:32:64:31:
         e3:b8:80:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTSVWQ0vWc7osGashEPKe9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZDcxMzE2NWFjNjI4NGZiNDFkNWRmYzgyNjU3N2ZjMWRh
MGI3MzAwHhcNMjUwNDIwMTMwMDM2WhcNMjUwNDIxMTMwMDM2WjAzMTEwLwYDVQQD
EyhjZDkxYzhiNzk4MjlkMGE1NDkyNjgyNzM5ZWI0OTkyYzE1ZTA2MmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArziqnhVchf8/d25ItkRsLxQo1tSi
erIHafAj8gTAXIaxBn7X4FGv97rlpyveOO/3huONlqXE8o/ckC3MCIbol9Uvn4+s
RytziTtsqlFdX0oniwUSQYz36nTDDzKJJ1CZNKc31AKl81pUMA+JCqhb7uucH5R2
MeIJuhh1GkiaC1qpbk2mIyalKaY+OtfoOjtEVgt88eOy5o3wCQBWmZ6MZARjlZSy
drn9a/BbQA3z7VdN4xMm0F5Q/rQ8xijcuRnctuN5PNC1SpdXOwEYR9j3BgAYLi+H
AFy7GM7ICepK1nyu/aG1Hl4mZeLjXuuDFE2+hOEwBen1h1XeKrRLbtY3qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM2RyLeYKdClSSaCc560mSwV4GLjMB8GA1UdIwQY
MBaAFLDXExZaxihPtB1d/IJld/wdoLcwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjIt
NTM5ZTFhYzgyMWQ3LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjItNTM5ZTFhYzgyMWQ3
LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATj4P7VTQ
PSuRjRMLmYwhLsC8cYMJ0rAlSPw0JzG1MzQc00PlqW84PUGLZgCHSZwqG2DpNkG/
mYcXkPOOL9Md2BmjbpxOKu0YFAHNL6YOkMhkZUzGmdQLZ5oRZNaIKw5InWFY5HXd
DBUshqzQMz1g09lYGh3IstxRDBrFe/bZbJcp1IW3cW4k7r34ZowOVqX7P2MlLpWD
tXVj1QQ50O3f0ftSylBZPeSqBm7uYSk/ca9gx1cR6/BLavjoA0w+sBZ9NAvR0Y25
l9ngJaiDJjnHJAiC14dthqdFdVqLA1yPgD6Ybj6qpUSLlSFHtIQMq1fZOhb4rh63
2HRHMmQx47iAuw==
-----END CERTIFICATE-----