Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
File:                     3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft (raw, json)
Hash identifier:          QT6o5OmRYmRjFAH0XnRIaRYem6cF11yqS43qhVwgylQ=
Subject key identifier:   A1:EB:67:DA:B0:F0:68:90:23:14:5B:63:75:95:FD:0F:AA:26:98:FB
Authority key identifier: DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6
Certificate issuer:       /CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
Certificate serial:       0196561369CCC1742AEEE33383D89A070C7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
Manifest number:          0E00
Signing time:             Mon 21 Apr 2025 02:00:34 +0000
Manifest this update:     Mon 21 Apr 2025 02:00:34 +0000
Manifest next update:     Tue 22 Apr 2025 02:00:34 +0000
Files and hashes:         1: 3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl (hash: tS4UYCO/SPCaW85Bq9vT+fxxp0qaw1xPulCZRnGiYA4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:56:13:69:cc:c1:74:2a:ee:e3:33:83:d8:9a:07:0c:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
        Validity
            Not Before: Apr 21 02:00:34 2025 GMT
            Not After : Apr 22 02:00:34 2025 GMT
        Subject: CN=a1eb67dab0f0689023145b637595fd0faa2698fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:c3:67:ff:ca:82:b5:f4:69:e1:22:02:c1:11:
                    08:c7:82:fc:51:67:74:6c:21:d0:ff:81:79:df:56:
                    a0:89:53:6d:fd:b4:3b:4d:09:00:e0:ff:99:97:d3:
                    88:78:f9:e5:0d:b7:6c:02:7a:71:31:71:ba:49:51:
                    c2:26:3a:ad:b8:6c:f0:47:a8:81:c9:7b:3b:a2:30:
                    cb:ad:45:21:6d:ed:95:e0:8c:e8:55:b9:1a:00:c0:
                    2f:7b:8f:1a:2b:c0:25:f7:51:4c:ce:b4:25:04:e6:
                    83:3d:4a:fa:38:d0:a4:d6:11:2d:2b:87:89:e6:f9:
                    a2:4a:5c:45:ad:96:13:d1:c0:63:77:19:db:04:5e:
                    37:fd:a2:f4:89:67:7e:cc:cc:0b:a1:e2:6b:c8:3c:
                    3c:21:98:d5:0e:4e:78:99:5b:4b:70:4c:7e:ca:22:
                    0f:60:6f:09:39:90:0c:e8:fe:bb:a0:f5:dc:5b:33:
                    1c:19:75:f9:0d:37:96:df:5c:29:c4:f3:02:c2:4b:
                    1d:dc:c9:67:56:24:b0:e4:fd:b8:99:30:cf:bc:ce:
                    7a:12:d2:01:64:fa:e3:5a:88:f9:ae:b2:4f:6e:d9:
                    8a:52:a3:57:1b:a1:02:7b:14:24:3b:65:2a:bd:87:
                    6e:4e:79:47:e1:98:04:3b:d7:0f:3b:be:c2:d0:45:
                    d9:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:EB:67:DA:B0:F0:68:90:23:14:5B:63:75:95:FD:0F:AA:26:98:FB
            X509v3 Authority Key Identifier:
                keyid:DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:97:04:8f:57:fa:b7:a3:e4:60:18:59:f0:97:60:86:95:5c:
         01:e0:4e:08:ea:68:62:03:b3:60:6e:73:58:76:c2:e6:ec:46:
         df:12:fc:32:c9:ee:dd:fc:91:92:65:27:57:80:04:84:6c:09:
         4b:af:03:83:95:f2:e1:d3:41:09:32:b3:a6:30:1a:9c:14:02:
         fc:12:e2:23:01:f5:61:b8:95:8d:2b:ea:20:b5:4f:e8:98:d1:
         10:f3:30:ea:a6:bd:8c:8e:2b:0a:da:44:71:1c:ce:79:22:b2:
         46:a4:0a:e9:d7:ee:60:00:c6:b5:6c:07:41:da:c4:ed:a2:15:
         bb:bd:5b:3f:10:4e:ee:58:c0:7c:d9:d3:2b:45:e0:a4:c5:bc:
         77:24:d5:fb:43:4f:80:22:88:17:95:c6:09:aa:2d:cf:dd:ff:
         fd:ce:dc:19:ac:59:41:7b:b4:52:62:73:5e:e5:f3:81:df:c7:
         91:9f:89:cf:c3:af:a7:aa:75:15:ae:c3:bd:4b:bf:3b:1f:57:
         24:ea:f0:04:f2:47:69:80:5c:c3:61:4b:a5:26:f9:0b:6b:5b:
         30:8c:cf:76:cb:b9:d8:31:7c:78:05:f8:11:0a:e7:99:94:6c:
         06:e5:0e:7f:d3:02:34:c3:66:e3:ba:a1:c6:82:12:08:ed:61:
         0e:b0:b5:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWE2nMwXQq7uMzg9iaBwx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzNiZTM4N2FmNTUyOTcwY2Y2MmY2OTUxN2UzZjNjOWMx
MmQyZjYwHhcNMjUwNDIxMDIwMDM0WhcNMjUwNDIyMDIwMDM0WjAzMTEwLwYDVQQD
EyhhMWViNjdkYWIwZjA2ODkwMjMxNDViNjM3NTk1ZmQwZmFhMjY5OGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5cNn/8qCtfRp4SICwREIx4L8UWd0
bCHQ/4F531agiVNt/bQ7TQkA4P+Zl9OIePnlDbdsAnpxMXG6SVHCJjqtuGzwR6iB
yXs7ojDLrUUhbe2V4IzoVbkaAMAve48aK8Al91FMzrQlBOaDPUr6ONCk1hEtK4eJ
5vmiSlxFrZYT0cBjdxnbBF43/aL0iWd+zMwLoeJryDw8IZjVDk54mVtLcEx+yiIP
YG8JOZAM6P67oPXcWzMcGXX5DTeW31wpxPMCwksd3MlnViSw5P24mTDPvM56EtIB
ZPrjWoj5rrJPbtmKUqNXG6ECexQkO2UqvYduTnlH4ZgEO9cPO77C0EXZvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHrZ9qw8GiQIxRbY3WV/Q+qJpj7MB8GA1UdIwQY
MBaAFNxzvjh69VKXDPYvaVF+PzycEtL2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUt
YzcxZjE3YWZjNzQ5LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUtYzcxZjE3YWZjNzQ5
LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP5cEj1f6
t6PkYBhZ8JdghpVcAeBOCOpoYgOzYG5zWHbC5uxG3xL8Msnu3fyRkmUnV4AEhGwJ
S68Dg5Xy4dNBCTKzpjAanBQC/BLiIwH1YbiVjSvqILVP6JjREPMw6qa9jI4rCtpE
cRzOeSKyRqQK6dfuYADGtWwHQdrE7aIVu71bPxBO7ljAfNnTK0XgpMW8dyTV+0NP
gCKIF5XGCaotz93//c7cGaxZQXu0UmJzXuXzgd/HkZ+Jz8Ovp6p1Fa7DvUu/Ox9X
JOrwBPJHaYBcw2FLpSb5C2tbMIzPdsu52DF8eAX4EQrnmZRsBuUOf9MCNMNm47qh
xoISCO1hDrC1PA==
-----END CERTIFICATE-----