Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
File:                     29B3gCIiIDwWzo6v1Z8LCsHb58M.mft (raw, json)
Hash identifier:          g/a5hSoxmkqfwOpE/PUGdUrmkIwcRZFk/O+8gfeqPQo=
Subject key identifier:   46:20:07:53:D6:C7:AF:98:E3:7C:08:29:18:D0:22:92:4E:00:2A:C4
Authority key identifier: DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3
Certificate issuer:       /CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3
Certificate serial:       01963651EBAC4BD14AAAF1D25C141E4618A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
Manifest number:          0DA3
Signing time:             Mon 14 Apr 2025 22:01:00 +0000
Manifest this update:     Mon 14 Apr 2025 22:01:00 +0000
Manifest next update:     Tue 15 Apr 2025 22:01:00 +0000
Files and hashes:         1: 29B3gCIiIDwWzo6v1Z8LCsHb58M.crl (hash: mvJIkkBiD8DmRJZXbGk4iM8CgS/Ol78C+LKFlNrEEjs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 15 Apr 2025 22:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:36:51:eb:ac:4b:d1:4a:aa:f1:d2:5c:14:1e:46:18:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3
        Validity
            Not Before: Apr 14 22:01:00 2025 GMT
            Not After : Apr 15 22:01:00 2025 GMT
        Subject: CN=46200753d6c7af98e37c082918d022924e002ac4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:fa:f0:44:4d:96:b0:d3:3b:d1:7a:fc:4d:cf:
                    6c:8d:a7:f1:4a:71:8d:43:be:f9:69:25:48:af:59:
                    ac:5a:57:e4:0d:0e:bd:e0:d9:5e:14:8d:0e:48:c7:
                    09:fd:67:b0:d7:71:ba:92:25:cb:67:d0:dd:80:41:
                    d3:7f:3b:bd:fc:fc:8a:52:e3:1f:8d:28:53:51:96:
                    0d:6b:79:18:0e:d4:f3:a6:4c:c7:32:65:03:9c:89:
                    ef:4e:a5:ae:56:81:9f:ab:3e:71:5d:1d:a3:bc:5e:
                    b8:1d:a4:2a:ca:d0:d8:a1:dc:60:27:b7:cd:ea:07:
                    72:61:16:b8:15:36:36:f6:7e:2d:0c:2a:d8:df:5a:
                    9d:80:15:a0:ce:0a:e0:cc:99:9d:00:23:bd:05:c6:
                    fa:fc:71:47:90:d0:af:53:37:e9:e2:c3:bd:6f:c2:
                    0a:23:6c:75:b2:09:10:e4:d8:fe:f7:f0:65:05:f3:
                    e5:cb:6d:84:6c:06:2f:6d:ab:24:3f:c6:ea:1d:9f:
                    00:7c:c5:1e:8a:42:d6:6d:cb:6e:75:6a:1c:39:21:
                    6f:31:ae:72:59:a6:61:74:59:1d:a7:67:68:73:ce:
                    3b:b5:ff:6c:bb:59:4f:07:9f:19:99:84:3e:b4:78:
                    fe:e5:56:b5:00:33:8f:b3:84:d4:0a:3d:5c:f1:7f:
                    63:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:20:07:53:D6:C7:AF:98:E3:7C:08:29:18:D0:22:92:4E:00:2A:C4
            X509v3 Authority Key Identifier:
                keyid:DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:d0:80:a0:75:95:b3:88:cd:b1:91:e0:e5:b0:6b:2a:9e:b4:
         29:95:f5:45:72:4a:5a:39:b4:87:90:fa:8a:9f:34:37:8a:7a:
         b0:fb:56:07:2c:d9:fa:ce:78:d5:1f:07:28:1a:ce:92:d0:d4:
         bc:5a:68:f2:14:9b:21:be:37:85:ef:fe:1a:25:3d:4e:a2:b8:
         14:8c:f7:ab:7d:d0:78:b3:9e:f1:80:89:c3:1c:2a:8c:4f:2b:
         d9:e6:47:64:72:8e:ca:59:3a:34:95:3b:a4:42:d3:3e:44:93:
         e7:12:5a:fe:76:e0:a4:d2:84:e0:4d:88:43:5e:34:81:47:d5:
         ab:80:93:8b:d2:d3:ee:9b:25:c1:8e:6a:3f:59:04:b9:4e:7e:
         68:93:51:12:e6:d9:bb:88:03:10:53:a7:94:d4:11:41:21:72:
         95:a9:66:6f:d3:4b:88:4b:2c:be:69:74:ca:92:c0:4e:66:ed:
         13:99:28:2e:04:58:f6:80:2b:d6:b0:57:b5:8a:04:1f:ab:60:
         65:8b:9a:59:d0:cc:b7:37:c1:7d:1c:00:f7:d1:ca:28:70:f2:
         1e:56:ef:be:d8:b4:a7:7b:a7:cd:0f:de:0c:59:f4:2c:80:4d:
         dc:90:a8:19:9e:22:80:ea:a5:21:ad:55:47:cb:76:06:71:a2:
         bf:69:47:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY2UeusS9FKqvHSXBQeRhigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDA3NzgwMjIyMjIwM2MxNmNlOGVhZmQ1OWYwYjBhYzFk
YmU3YzMwHhcNMjUwNDE0MjIwMTAwWhcNMjUwNDE1MjIwMTAwWjAzMTEwLwYDVQQD
Eyg0NjIwMDc1M2Q2YzdhZjk4ZTM3YzA4MjkxOGQwMjI5MjRlMDAyYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/rwRE2WsNM70Xr8Tc9sjafxSnGN
Q775aSVIr1msWlfkDQ694NleFI0OSMcJ/Wew13G6kiXLZ9DdgEHTfzu9/PyKUuMf
jShTUZYNa3kYDtTzpkzHMmUDnInvTqWuVoGfqz5xXR2jvF64HaQqytDYodxgJ7fN
6gdyYRa4FTY29n4tDCrY31qdgBWgzgrgzJmdACO9Bcb6/HFHkNCvUzfp4sO9b8IK
I2x1sgkQ5Nj+9/BlBfPly22EbAYvbaskP8bqHZ8AfMUeikLWbctudWocOSFvMa5y
WaZhdFkdp2doc847tf9su1lPB58ZmYQ+tHj+5Va1ADOPs4TUCj1c8X9jVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEYgB1PWx6+Y43wIKRjQIpJOACrEMB8GA1UdIwQY
MBaAFNvQd4AiIiA8Fs6Or9WfCwrB2+fDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAt
NWRkOTQ1MjllZWVhLzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAtNWRkOTQ1MjllZWVh
LzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyNCAoHWV
s4jNsZHg5bBrKp60KZX1RXJKWjm0h5D6ip80N4p6sPtWByzZ+s541R8HKBrOktDU
vFpo8hSbIb43he/+GiU9TqK4FIz3q33QeLOe8YCJwxwqjE8r2eZHZHKOylk6NJU7
pELTPkST5xJa/nbgpNKE4E2IQ140gUfVq4CTi9LT7pslwY5qP1kEuU5+aJNREubZ
u4gDEFOnlNQRQSFylalmb9NLiEssvml0ypLATmbtE5koLgRY9oAr1rBXtYoEH6tg
ZYuaWdDMtzfBfRwA99HKKHDyHlbvvti0p3unzQ/eDFn0LIBN3JCoGZ4igOqlIa1V
R8t2BnGiv2lH2w==
-----END CERTIFICATE-----