Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
File:                     K328XveedAIoXs2gg3ukvyGHYdw.mft (raw, json)
Hash identifier:          WY3XEUs2R/88QF4FuZmQ6KuRLdK4/3AjjNijFG8QRe4=
Subject key identifier:   E0:1E:03:67:1B:1E:B1:7A:D1:B5:69:41:4A:59:35:FE:DE:71:AD:43
Authority key identifier: 2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC
Certificate issuer:       /CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc
Certificate serial:       0196AD68A6957C88254E2FAB55FE4D6CC742
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
Manifest number:          0D41
Signing time:             Thu 08 May 2025 01:00:38 +0000
Manifest this update:     Thu 08 May 2025 01:00:38 +0000
Manifest next update:     Fri 09 May 2025 01:00:38 +0000
Files and hashes:         1: K328XveedAIoXs2gg3ukvyGHYdw.crl (hash: 8O5KDzALg0cFfofdk/VaLLUWFCm2VTouGg8qy+UbVtw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 01:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ad:68:a6:95:7c:88:25:4e:2f:ab:55:fe:4d:6c:c7:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc
        Validity
            Not Before: May  8 01:00:38 2025 GMT
            Not After : May  9 01:00:38 2025 GMT
        Subject: CN=e01e03671b1eb17ad1b569414a5935fede71ad43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:84:97:70:bf:b4:10:ff:e3:3a:d9:d6:d6:3f:
                    a0:37:e7:22:3f:81:bc:59:cb:1e:01:34:31:aa:09:
                    b3:ce:fe:19:71:1a:f8:91:4a:6c:ee:33:db:f8:a3:
                    4c:db:bd:e0:81:d0:de:bb:31:b6:cb:e5:32:bc:5f:
                    8b:39:69:2a:83:b3:70:11:78:05:6c:f9:f0:41:db:
                    6f:5a:89:d4:99:dc:41:17:b2:67:a6:8c:eb:fa:dc:
                    dd:2f:86:fb:0b:46:3f:82:af:c3:73:94:6f:b4:9b:
                    46:82:3d:21:0c:0b:84:99:8a:32:1b:ed:39:85:6e:
                    23:c1:12:63:0b:94:91:df:20:81:25:92:83:e3:55:
                    54:d0:b9:24:f9:a0:c8:60:e7:55:03:62:1b:b5:92:
                    fe:3c:01:34:19:6a:ac:d7:60:ea:df:cf:dc:e2:9d:
                    99:ad:4c:29:45:54:59:b2:75:4d:8d:11:6e:d4:7b:
                    cb:da:07:6b:92:ee:35:e8:23:ea:6f:96:84:e5:0a:
                    9e:f8:66:55:8a:16:fc:db:a5:1e:ac:97:3f:cc:fc:
                    69:63:9a:02:44:e8:d0:91:e3:67:b3:9c:83:82:9b:
                    39:bb:e1:ac:53:80:97:32:10:9e:b4:0d:7e:16:66:
                    5e:0f:ae:24:f6:db:79:a2:66:5a:33:03:65:5f:31:
                    62:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:1E:03:67:1B:1E:B1:7A:D1:B5:69:41:4A:59:35:FE:DE:71:AD:43
            X509v3 Authority Key Identifier:
                keyid:2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:39:a5:c1:b8:d9:85:f6:88:46:bb:c0:3f:b6:98:cc:ee:9d:
         7a:63:44:56:84:59:56:91:14:e4:7a:98:3d:39:6a:bf:73:4d:
         21:41:81:53:9f:ac:da:cf:8f:3c:31:9f:b7:6c:f2:72:b8:1a:
         e1:e7:70:06:cb:06:2e:9d:52:2b:1a:1c:2e:4b:27:a4:59:2d:
         60:d2:e0:2a:21:a7:40:47:b9:39:4d:7b:56:e4:78:47:8f:f8:
         bd:c9:2c:19:a7:35:b4:f5:53:15:83:fd:37:92:83:07:2d:88:
         93:84:01:82:41:55:ae:7d:ab:55:67:6b:87:d8:86:fe:cd:0d:
         6e:f0:d9:3f:57:20:f5:6f:9f:bd:cd:20:d3:b2:4a:d2:9c:a1:
         76:3a:3f:42:20:37:a2:4b:3a:40:0c:19:45:35:dd:5b:56:4e:
         df:04:51:07:34:6e:ec:dc:d3:31:b9:cf:8e:32:39:e6:89:13:
         ab:0f:43:6a:3d:e2:bc:4b:a6:41:d0:29:bd:32:b9:39:ef:40:
         8e:35:d1:f5:63:84:67:3f:15:77:a7:6c:a2:6a:1c:31:d7:3c:
         b6:a4:76:5a:a5:23:61:9f:62:1a:c6:5d:9a:fa:e8:d0:25:ec:
         9a:35:ed:41:f9:04:e6:e6:93:2f:74:f3:f8:9b:f1:91:8b:86:
         9e:3e:25:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZataKaVfIglTi+rVf5NbMdCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiN2RiYzVlZjc5ZTc0MDIyODVlY2RhMDgzN2JhNGJmMjE4
NzYxZGMwHhcNMjUwNTA4MDEwMDM4WhcNMjUwNTA5MDEwMDM4WjAzMTEwLwYDVQQD
EyhlMDFlMDM2NzFiMWViMTdhZDFiNTY5NDE0YTU5MzVmZWRlNzFhZDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoSXcL+0EP/jOtnW1j+gN+ciP4G8
WcseATQxqgmzzv4ZcRr4kUps7jPb+KNM273ggdDeuzG2y+UyvF+LOWkqg7NwEXgF
bPnwQdtvWonUmdxBF7Jnpozr+tzdL4b7C0Y/gq/Dc5RvtJtGgj0hDAuEmYoyG+05
hW4jwRJjC5SR3yCBJZKD41VU0Lkk+aDIYOdVA2IbtZL+PAE0GWqs12Dq38/c4p2Z
rUwpRVRZsnVNjRFu1HvL2gdrku416CPqb5aE5Qqe+GZVihb826UerJc/zPxpY5oC
ROjQkeNns5yDgps5u+GsU4CXMhCetA1+FmZeD64k9tt5omZaMwNlXzFinwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOAeA2cbHrF60bVpQUpZNf7eca1DMB8GA1UdIwQY
MBaAFCt9vF73nnQCKF7NoIN7pL8hh2HcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEt
MjRkMGU2MmY3OWMwLzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEtMjRkMGU2MmY3OWMw
LzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhDmlwbjZ
hfaIRrvAP7aYzO6demNEVoRZVpEU5HqYPTlqv3NNIUGBU5+s2s+PPDGft2zycrga
4edwBssGLp1SKxocLksnpFktYNLgKiGnQEe5OU17VuR4R4/4vcksGac1tPVTFYP9
N5KDBy2Ik4QBgkFVrn2rVWdrh9iG/s0NbvDZP1cg9W+fvc0g07JK0pyhdjo/QiA3
oks6QAwZRTXdW1ZO3wRRBzRu7NzTMbnPjjI55okTqw9Daj3ivEumQdApvTK5Oe9A
jjXR9WOEZz8Vd6dsomocMdc8tqR2WqUjYZ9iGsZdmvro0CXsmjXtQfkE5uaTL3Tz
+JvxkYuGnj4lMg==
-----END CERTIFICATE-----