Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft
File:                     e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft (raw, json)
Hash identifier:          IPuQwtJy6RaNtKDNd4KQMcoj3azTwpiOYBPC0OMFZiE=
Subject key identifier:   0A:A2:91:28:93:96:35:31:BD:97:7E:30:D4:8E:C4:2A:73:CF:C7:8D
Authority key identifier: 7B:78:73:F8:9C:2A:98:53:27:EA:79:96:26:74:23:A7:75:1C:61:69
Certificate issuer:       /CN=7b7873f89c2a985327ea7996267423a7751c6169
Certificate serial:       019643D72E120FE9E32E08F4526022210A11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e3hz-JwqmFMn6nmWJnQjp3UcYWk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft
Manifest number:          14F1
Signing time:             Thu 17 Apr 2025 13:01:37 +0000
Manifest this update:     Thu 17 Apr 2025 13:01:37 +0000
Manifest next update:     Fri 18 Apr 2025 13:01:37 +0000
Files and hashes:         1: e3hz-JwqmFMn6nmWJnQjp3UcYWk.crl (hash: vHanPra6D4WRMncjcCBSl2YIX5v11UV6VNlF2nsRczs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/e3hz-JwqmFMn6nmWJnQjp3UcYWk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 13:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:43:d7:2e:12:0f:e9:e3:2e:08:f4:52:60:22:21:0a:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b7873f89c2a985327ea7996267423a7751c6169
        Validity
            Not Before: Apr 17 13:01:37 2025 GMT
            Not After : Apr 18 13:01:37 2025 GMT
        Subject: CN=0aa2912893963531bd977e30d48ec42a73cfc78d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:20:30:40:81:64:cf:d3:67:82:3b:af:a5:5b:
                    9e:a6:46:0f:0d:ca:da:de:1f:6b:9f:61:fc:bd:c8:
                    29:21:e2:4a:cd:c1:0d:0d:f4:b4:28:e8:61:b4:bb:
                    b4:b3:1f:48:7d:f1:f2:c3:f4:b4:39:9d:d3:9c:eb:
                    76:86:63:d7:e2:2f:5f:ae:33:f4:3f:ad:68:ad:18:
                    53:b7:55:d5:76:03:47:1f:78:1b:fb:1d:5d:ad:04:
                    20:23:65:c3:25:a6:90:b7:37:d2:b5:75:93:30:04:
                    f8:e7:74:9e:53:b6:46:4d:46:2a:07:24:43:71:40:
                    ce:f6:be:d9:15:bc:89:04:cb:ec:69:be:20:22:ca:
                    cf:23:70:ca:db:5c:82:2a:44:f8:c1:41:29:6a:2e:
                    98:7f:e2:69:9f:a7:63:48:4d:3c:a8:59:ba:77:ed:
                    81:0f:b7:c8:66:0a:78:a7:11:76:20:d3:0e:a2:e3:
                    5d:ff:2c:8a:a3:a8:9f:43:2c:8c:40:8a:ae:11:f1:
                    00:2b:a8:36:4a:aa:91:5b:94:41:3d:0f:cd:11:8f:
                    c7:d5:ee:1b:e9:d9:69:60:e2:94:85:f0:d6:ef:d1:
                    63:45:b8:33:f2:0e:4f:67:8c:20:d3:1d:e4:e8:2b:
                    9d:cd:a4:31:26:1c:cb:0c:97:77:8d:b7:7d:7e:2f:
                    0e:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:A2:91:28:93:96:35:31:BD:97:7E:30:D4:8E:C4:2A:73:CF:C7:8D
            X509v3 Authority Key Identifier:
                keyid:7B:78:73:F8:9C:2A:98:53:27:EA:79:96:26:74:23:A7:75:1C:61:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3hz-JwqmFMn6nmWJnQjp3UcYWk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:09:c6:c5:b6:ed:ce:ae:b1:6e:d6:76:38:25:9e:c8:53:e7:
         02:7c:4a:50:bd:df:60:03:75:d1:d8:32:3f:9c:65:23:32:06:
         b7:ec:72:4a:c5:b0:1a:e4:b0:0c:f1:66:4b:9d:10:86:1e:b5:
         b0:7d:f5:20:fd:88:43:81:92:7e:0f:68:d5:65:31:63:17:f7:
         40:75:d6:86:19:08:7d:df:35:7d:a5:b5:70:c8:b0:fc:2f:24:
         b0:c8:e4:47:a4:6e:dc:4f:c8:35:78:fe:f3:c3:bd:20:8f:87:
         7d:9f:32:08:70:22:82:bf:b7:1f:bb:9b:bf:75:5d:cb:39:91:
         6a:26:18:7d:ed:31:00:5b:46:0e:11:22:b4:2f:33:0a:51:18:
         59:27:09:15:18:42:5c:91:46:76:28:38:6c:0f:42:7a:c5:bb:
         1b:ec:63:5d:8a:0e:de:8d:0f:86:db:07:d2:4e:f7:0d:73:08:
         d9:a0:57:3b:7e:19:60:d7:76:c4:16:7e:eb:24:be:69:87:64:
         dc:dd:f5:7a:c9:0e:a5:b3:98:37:36:d1:4d:07:19:a7:0d:bd:
         1b:d1:cf:13:ff:22:11:49:c3:b5:62:d4:32:58:4c:5a:7a:9d:
         a2:9e:5d:dc:39:bf:a9:a6:6b:45:9c:4b:52:b2:92:9f:10:2e:
         9d:88:ee:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZD1y4SD+njLgj0UmAiIQoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNzg3M2Y4OWMyYTk4NTMyN2VhNzk5NjI2NzQyM2E3NzUx
YzYxNjkwHhcNMjUwNDE3MTMwMTM3WhcNMjUwNDE4MTMwMTM3WjAzMTEwLwYDVQQD
EygwYWEyOTEyODkzOTYzNTMxYmQ5NzdlMzBkNDhlYzQyYTczY2ZjNzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiAwQIFkz9NngjuvpVuepkYPDcra
3h9rn2H8vcgpIeJKzcENDfS0KOhhtLu0sx9IffHyw/S0OZ3TnOt2hmPX4i9frjP0
P61orRhTt1XVdgNHH3gb+x1drQQgI2XDJaaQtzfStXWTMAT453SeU7ZGTUYqByRD
cUDO9r7ZFbyJBMvsab4gIsrPI3DK21yCKkT4wUEpai6Yf+Jpn6djSE08qFm6d+2B
D7fIZgp4pxF2INMOouNd/yyKo6ifQyyMQIquEfEAK6g2SqqRW5RBPQ/NEY/H1e4b
6dlpYOKUhfDW79FjRbgz8g5PZ4wg0x3k6CudzaQxJhzLDJd3jbd9fi8OTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAqikSiTljUxvZd+MNSOxCpzz8eNMB8GA1UdIwQY
MBaAFHt4c/icKphTJ+p5liZ0I6d1HGFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTNoei1Kd3FtRk1uNm5tV0puUWpwM1VjWVdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi82MzM0YWUtODY2MS00YjFjLTg0MzAt
OWI5ZGY0NDNjODYzLzEvZTNoei1Kd3FtRk1uNm5tV0puUWpwM1VjWVdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi82MzM0YWUtODY2MS00YjFjLTg0MzAtOWI5ZGY0NDNjODYz
LzEvZTNoei1Kd3FtRk1uNm5tV0puUWpwM1VjWVdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAognGxbbt
zq6xbtZ2OCWeyFPnAnxKUL3fYAN10dgyP5xlIzIGt+xySsWwGuSwDPFmS50Qhh61
sH31IP2IQ4GSfg9o1WUxYxf3QHXWhhkIfd81faW1cMiw/C8ksMjkR6Ru3E/INXj+
88O9II+HfZ8yCHAigr+3H7ubv3VdyzmRaiYYfe0xAFtGDhEitC8zClEYWScJFRhC
XJFGdig4bA9CesW7G+xjXYoO3o0PhtsH0k73DXMI2aBXO34ZYNd2xBZ+6yS+aYdk
3N31eskOpbOYNzbRTQcZpw29G9HPE/8iEUnDtWLUMlhMWnqdop5d3Dm/qaZrRZxL
UrKSnxAunYjuXA==
-----END CERTIFICATE-----