Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft
File:                     3Feh-cEhycK2-U04p1-_3MVN8Fs.mft (raw, json)
Hash identifier:          uShBoUGYNy9Ab609tUS23z+/BoLvEmKShrtim1cD8EA=
Subject key identifier:   0D:89:53:EF:E8:21:3B:D0:29:3E:54:88:E8:D1:7F:4C:38:01:60:68
Authority key identifier: DC:57:A1:F9:C1:21:C9:C2:B6:F9:4D:38:A7:5F:BF:DC:C5:4D:F0:5B
Certificate issuer:       /CN=dc57a1f9c121c9c2b6f94d38a75fbfdcc54df05b
Certificate serial:       01964FDA093A54D02613898929AE387B0A60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Feh-cEhycK2-U04p1-_3MVN8Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft
Manifest number:          0971
Signing time:             Sat 19 Apr 2025 21:00:11 +0000
Manifest this update:     Sat 19 Apr 2025 21:00:11 +0000
Manifest next update:     Sun 20 Apr 2025 21:00:11 +0000
Files and hashes:         1: 3Feh-cEhycK2-U04p1-_3MVN8Fs.crl (hash: N1iBpLuY9IMy/6zCTKyQlY8ZSS2pY9wfKt5wUARSFAg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Feh-cEhycK2-U04p1-_3MVN8Fs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 16:41:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:da:09:3a:54:d0:26:13:89:89:29:ae:38:7b:0a:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc57a1f9c121c9c2b6f94d38a75fbfdcc54df05b
        Validity
            Not Before: Apr 19 21:00:11 2025 GMT
            Not After : Apr 20 21:00:11 2025 GMT
        Subject: CN=0d8953efe8213bd0293e5488e8d17f4c38016068
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:70:80:e8:3a:58:4d:50:67:db:74:e7:1b:bc:
                    c9:70:ea:7a:28:7e:a4:fa:19:72:11:07:9d:53:bc:
                    19:57:b9:c2:e5:54:a0:41:78:53:d6:ba:da:8f:f2:
                    43:35:d3:53:c8:18:d1:76:ce:ee:3d:a3:6b:30:e6:
                    fd:f7:e2:52:fc:fc:e0:7e:a0:ae:55:9b:54:d9:21:
                    20:3f:16:0c:17:2f:1e:d0:b0:1e:96:98:52:9e:34:
                    de:b0:aa:a7:fe:2a:cc:50:97:a9:d9:36:08:1c:e7:
                    82:e0:db:04:3f:8e:7c:5b:32:50:94:ba:7e:7d:b8:
                    06:25:19:c3:2e:e4:45:1f:a3:b4:fe:c2:6f:d8:c7:
                    87:48:eb:a7:07:51:4d:2a:42:cb:54:e7:f7:da:2d:
                    50:fa:51:b7:26:08:76:1a:c8:4a:bd:67:05:c0:2f:
                    48:87:34:21:ad:a9:26:52:e8:85:63:9a:dc:0d:c9:
                    f5:96:4b:d2:a8:19:43:b5:18:be:34:16:7a:f9:1a:
                    93:8c:ba:0c:b1:9b:fa:5e:12:37:fa:35:07:2b:3f:
                    2e:48:56:78:61:82:3a:43:0e:c0:da:5c:de:93:36:
                    d1:22:b7:29:09:f8:be:05:8f:69:e1:2c:a0:7b:27:
                    05:74:47:61:4d:a9:ea:91:87:16:6f:8e:c5:ee:b9:
                    e2:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:89:53:EF:E8:21:3B:D0:29:3E:54:88:E8:D1:7F:4C:38:01:60:68
            X509v3 Authority Key Identifier:
                keyid:DC:57:A1:F9:C1:21:C9:C2:B6:F9:4D:38:A7:5F:BF:DC:C5:4D:F0:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Feh-cEhycK2-U04p1-_3MVN8Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:9c:1e:83:a7:f0:da:cf:f0:4a:4b:ed:27:08:a7:15:58:d6:
         7d:df:7d:3d:6e:72:12:67:69:06:15:cc:46:32:0b:2d:7a:42:
         e6:0a:c2:da:11:55:8f:1d:90:ed:8b:c0:90:69:d6:42:57:82:
         10:cb:7c:23:a9:e0:e3:63:29:0a:61:d6:8c:1c:ff:6d:c5:2c:
         39:bb:81:e7:40:98:fd:be:38:88:dc:34:63:cd:cc:a1:55:69:
         15:3f:79:7e:c8:59:b1:da:56:f8:b3:11:77:b4:cc:9d:5c:26:
         0d:be:e0:c4:2e:fd:ac:21:e6:50:a8:06:f4:ff:a9:eb:33:08:
         d0:58:11:8d:60:77:90:e2:61:ed:41:5b:cb:e4:63:76:5a:17:
         eb:82:c8:33:0f:a7:18:d0:98:54:e1:2f:21:97:ae:3e:cf:b0:
         e9:63:ab:23:63:ef:32:e6:a3:f6:b0:31:8c:3d:31:03:9e:6a:
         ae:26:bb:78:f7:4c:59:6e:a5:48:43:20:27:97:fd:df:38:51:
         70:14:0d:28:9f:67:e7:5f:30:ee:f7:9c:bb:dd:38:8a:9c:5e:
         4a:81:e4:fe:3f:03:20:6b:de:67:ea:2a:92:63:f5:92:ec:b2:
         19:6e:2b:3f:34:56:12:0e:b6:1d:d2:c4:d1:80:08:9e:15:e9:
         ce:31:f7:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZP2gk6VNAmE4mJKa44ewpgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNTdhMWY5YzEyMWM5YzJiNmY5NGQzOGE3NWZiZmRjYzU0
ZGYwNWIwHhcNMjUwNDE5MjEwMDExWhcNMjUwNDIwMjEwMDExWjAzMTEwLwYDVQQD
EygwZDg5NTNlZmU4MjEzYmQwMjkzZTU0ODhlOGQxN2Y0YzM4MDE2MDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXCA6DpYTVBn23TnG7zJcOp6KH6k
+hlyEQedU7wZV7nC5VSgQXhT1rraj/JDNdNTyBjRds7uPaNrMOb99+JS/PzgfqCu
VZtU2SEgPxYMFy8e0LAelphSnjTesKqn/irMUJep2TYIHOeC4NsEP458WzJQlLp+
fbgGJRnDLuRFH6O0/sJv2MeHSOunB1FNKkLLVOf32i1Q+lG3Jgh2GshKvWcFwC9I
hzQhrakmUuiFY5rcDcn1lkvSqBlDtRi+NBZ6+RqTjLoMsZv6XhI3+jUHKz8uSFZ4
YYI6Qw7A2lzekzbRIrcpCfi+BY9p4SygeycFdEdhTanqkYcWb47F7rni5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2JU+/oITvQKT5UiOjRf0w4AWBoMB8GA1UdIwQY
MBaAFNxXofnBIcnCtvlNOKdfv9zFTfBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0ZlaC1jRWh5Y0syLVUwNHAxLV8zTVZOOEZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wZTY3NjUtODZlMi00MDEwLThmOGUt
ZGQxMTNjNjk4ZDEyLzEvM0ZlaC1jRWh5Y0syLVUwNHAxLV8zTVZOOEZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wZTY3NjUtODZlMi00MDEwLThmOGUtZGQxMTNjNjk4ZDEy
LzEvM0ZlaC1jRWh5Y0syLVUwNHAxLV8zTVZOOEZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACZweg6fw
2s/wSkvtJwinFVjWfd99PW5yEmdpBhXMRjILLXpC5grC2hFVjx2Q7YvAkGnWQleC
EMt8I6ng42MpCmHWjBz/bcUsObuB50CY/b44iNw0Y83MoVVpFT95fshZsdpW+LMR
d7TMnVwmDb7gxC79rCHmUKgG9P+p6zMI0FgRjWB3kOJh7UFby+RjdloX64LIMw+n
GNCYVOEvIZeuPs+w6WOrI2PvMuaj9rAxjD0xA55qria7ePdMWW6lSEMgJ5f93zhR
cBQNKJ9n518w7vecu904ipxeSoHk/j8DIGveZ+oqkmP1kuyyGW4rPzRWEg62HdLE
0YAInhXpzjH34w==
-----END CERTIFICATE-----