Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
File:                     z3P3vZzZk2geMP7FxZtHVlIroxw.mft (raw, json)
Hash identifier:          o1LsYpbtcY3ySb6VRUpN18eAGYKZVpFYFxddwRUCbTk=
Subject key identifier:   12:FD:43:19:AF:18:F4:9E:6F:F0:10:30:54:F9:7F:83:2C:93:59:79
Authority key identifier: CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C
Certificate issuer:       /CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
Certificate serial:       01965793D03E11BB85B866B25FD1ED441C95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
Manifest number:          14FB
Signing time:             Mon 21 Apr 2025 09:00:26 +0000
Manifest this update:     Mon 21 Apr 2025 09:00:26 +0000
Manifest next update:     Tue 22 Apr 2025 09:00:26 +0000
Files and hashes:         1: z3P3vZzZk2geMP7FxZtHVlIroxw.crl (hash: yWdJrffO5/cm7cvqW+lr8203QOSbprGc+su8VGAqaI8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:93:d0:3e:11:bb:85:b8:66:b2:5f:d1:ed:44:1c:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
        Validity
            Not Before: Apr 21 09:00:26 2025 GMT
            Not After : Apr 22 09:00:26 2025 GMT
        Subject: CN=12fd4319af18f49e6ff0103054f97f832c935979
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:74:87:4f:8a:c6:a5:67:d5:9e:67:ee:da:d3:
                    17:a1:74:e8:be:8f:1d:70:d4:51:4a:84:73:c9:2a:
                    41:c5:d1:37:36:99:76:db:39:7b:03:ee:ee:af:89:
                    63:73:f0:27:96:f4:32:a9:e1:ec:51:33:c7:f6:9f:
                    50:d7:dd:aa:a4:47:14:fe:d4:db:fb:d3:f0:18:24:
                    e8:28:85:3f:b3:0c:cb:cd:34:01:91:25:23:a5:f8:
                    ce:13:7a:50:75:a6:9d:d6:a0:df:92:6c:ae:62:22:
                    60:e3:9e:e1:9d:ab:f8:00:07:13:43:a6:37:e2:0d:
                    10:44:3d:42:8c:51:7c:8b:a3:58:e2:85:66:4b:ee:
                    1a:be:24:45:d0:a2:fb:e7:bc:10:1e:bd:96:88:fb:
                    e7:f7:ba:9f:51:99:d3:07:4f:f8:d6:bd:e3:a1:39:
                    54:00:34:c7:bd:1c:0b:9c:fd:7a:b8:82:36:22:cc:
                    7e:1a:13:d8:e1:ad:9c:17:7b:22:65:db:43:ce:06:
                    5a:97:0f:75:8c:8d:fb:52:5b:51:d2:de:bc:2c:24:
                    29:e7:46:3c:10:61:3f:f6:25:f0:81:47:83:9b:31:
                    78:13:9c:7a:dc:77:11:45:48:4b:11:a2:7b:14:03:
                    90:98:9f:f0:49:d6:76:19:80:0f:5d:e8:44:9d:39:
                    e2:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:FD:43:19:AF:18:F4:9E:6F:F0:10:30:54:F9:7F:83:2C:93:59:79
            X509v3 Authority Key Identifier:
                keyid:CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:29:d5:f5:76:c9:d0:a5:cd:fd:08:92:a9:d8:f7:63:7c:93:
         eb:5a:82:8e:bf:c0:90:a7:1d:9a:d0:cc:64:26:f2:4f:d4:48:
         a4:5f:e3:1d:03:ab:3d:7c:b1:14:56:36:50:e7:8a:e2:09:5c:
         e9:6c:09:87:3a:6a:f1:1c:c0:5a:bd:e1:62:c7:cc:40:c2:98:
         99:e2:24:f0:9b:6e:e4:fe:c6:f5:05:42:59:4b:9c:4c:9d:00:
         01:5d:df:1e:38:2c:0e:10:10:5d:c3:7b:72:52:5f:d6:39:ce:
         f3:a7:f7:43:dd:fe:d8:c2:90:0f:e1:7d:ab:6f:d8:a9:49:8c:
         79:9d:c7:0a:4b:e5:56:26:28:4a:72:bf:76:a3:66:76:1d:0f:
         4d:45:d0:93:00:4c:4b:f8:0d:67:e1:d8:14:df:4d:89:89:eb:
         92:12:94:ac:50:9e:6e:a9:c5:4f:68:e5:3c:07:be:32:55:06:
         b0:b8:dc:a2:e6:c5:81:28:30:8c:51:66:d1:7e:57:d9:da:cc:
         08:09:b6:5a:b7:dc:57:f2:90:57:71:aa:05:81:dc:db:18:18:
         1b:9c:f0:c8:dd:e8:ff:23:b2:d6:8c:53:14:6d:48:61:3c:d3:
         a0:e3:e2:ca:db:58:e0:b4:8e:6c:04:7b:f0:d4:fb:de:5e:cc:
         ab:51:51:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXk9A+EbuFuGayX9HtRByVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNzNmN2JkOWNkOTkzNjgxZTMwZmVjNWM1OWI0NzU2NTIy
YmEzMWMwHhcNMjUwNDIxMDkwMDI2WhcNMjUwNDIyMDkwMDI2WjAzMTEwLwYDVQQD
EygxMmZkNDMxOWFmMThmNDllNmZmMDEwMzA1NGY5N2Y4MzJjOTM1OTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3SHT4rGpWfVnmfu2tMXoXTovo8d
cNRRSoRzySpBxdE3Npl22zl7A+7ur4ljc/AnlvQyqeHsUTPH9p9Q192qpEcU/tTb
+9PwGCToKIU/swzLzTQBkSUjpfjOE3pQdaad1qDfkmyuYiJg457hnav4AAcTQ6Y3
4g0QRD1CjFF8i6NY4oVmS+4aviRF0KL757wQHr2WiPvn97qfUZnTB0/41r3joTlU
ADTHvRwLnP16uII2Isx+GhPY4a2cF3siZdtDzgZalw91jI37UltR0t68LCQp50Y8
EGE/9iXwgUeDmzF4E5x63HcRRUhLEaJ7FAOQmJ/wSdZ2GYAPXehEnTni7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBL9QxmvGPSeb/AQMFT5f4Msk1l5MB8GA1UdIwQY
MBaAFM9z972c2ZNoHjD+xcWbR1ZSK6McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEt
N2E3OTM5OTJmYmEwLzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEtN2E3OTM5OTJmYmEw
LzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAinV9XbJ
0KXN/QiSqdj3Y3yT61qCjr/AkKcdmtDMZCbyT9RIpF/jHQOrPXyxFFY2UOeK4glc
6WwJhzpq8RzAWr3hYsfMQMKYmeIk8Jtu5P7G9QVCWUucTJ0AAV3fHjgsDhAQXcN7
clJf1jnO86f3Q93+2MKQD+F9q2/YqUmMeZ3HCkvlViYoSnK/dqNmdh0PTUXQkwBM
S/gNZ+HYFN9NiYnrkhKUrFCebqnFT2jlPAe+MlUGsLjcoubFgSgwjFFm0X5X2drM
CAm2WrfcV/KQV3GqBYHc2xgYG5zwyN3o/yOy1oxTFG1IYTzToOPiyttY4LSObAR7
8NT73l7Mq1FRMg==
-----END CERTIFICATE-----