Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft
File:                     ccWe2rmO-wzTdnYPQGnkxouL2iA.mft (raw, json)
Hash identifier:          u/Z06qmootS0nzKfsJomW+I67o1L/9DYcWDaRcbx4vs=
Subject key identifier:   76:8D:E4:CE:98:47:38:88:DC:48:49:17:F6:28:78:0D:25:02:92:8B
Authority key identifier: 71:C5:9E:DA:B9:8E:FB:0C:D3:76:76:0F:40:69:E4:C6:8B:8B:DA:20
Certificate issuer:       /CN=71c59edab98efb0cd376760f4069e4c68b8bda20
Certificate serial:       0196BB92D4134AB1FEA85ED072C6003591E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ccWe2rmO-wzTdnYPQGnkxouL2iA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft
Manifest number:          0683
Signing time:             Sat 10 May 2025 19:01:23 +0000
Manifest this update:     Sat 10 May 2025 19:01:23 +0000
Manifest next update:     Sun 11 May 2025 19:01:23 +0000
Files and hashes:         1: ccWe2rmO-wzTdnYPQGnkxouL2iA.crl (hash: cHjHDnTUUznQbZGHf3Lrp7BClzh4o3Rh+CrEqmXDiAI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ccWe2rmO-wzTdnYPQGnkxouL2iA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:92:d4:13:4a:b1:fe:a8:5e:d0:72:c6:00:35:91:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71c59edab98efb0cd376760f4069e4c68b8bda20
        Validity
            Not Before: May 10 19:01:23 2025 GMT
            Not After : May 11 19:01:23 2025 GMT
        Subject: CN=768de4ce98473888dc484917f628780d2502928b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:db:0d:97:06:c5:9b:62:3f:0b:9f:ed:9d:0a:
                    87:38:ff:74:21:52:8c:25:c8:8c:8b:c9:c4:84:50:
                    64:ba:fe:65:a5:ed:4e:92:e7:1d:33:07:64:ae:81:
                    00:16:6e:fd:b0:83:0c:31:f8:21:03:a0:65:28:b9:
                    f3:0a:ee:d2:f6:1a:da:c9:c7:ef:fe:97:fb:5d:55:
                    46:a4:8f:1d:d6:8d:18:e4:ad:a4:f9:30:08:3e:d6:
                    9d:34:43:ae:09:15:77:9b:88:d2:27:a7:f9:20:f0:
                    e5:b9:80:73:27:12:d0:f0:0b:c4:df:14:ce:bf:82:
                    45:b3:4a:c0:4f:7d:2e:27:7c:68:53:44:02:de:9e:
                    45:e9:2e:61:a1:d7:38:a1:3e:a6:18:de:89:88:8c:
                    88:e8:49:b1:c8:82:c2:45:ad:8b:18:ca:6f:dd:d8:
                    03:98:9c:6c:91:72:df:fb:e2:30:b8:d6:aa:82:40:
                    95:f7:48:6b:38:ab:5d:ea:a0:82:67:4f:81:90:3f:
                    b4:53:f5:c2:61:49:46:16:c8:4c:04:4f:0e:e4:28:
                    72:0c:cd:51:72:61:1d:7a:27:2e:78:26:e1:62:64:
                    2d:cd:7c:8c:30:ee:51:e9:b4:5b:97:25:30:a2:c9:
                    81:3c:8c:92:60:77:cd:f5:ac:63:f7:47:1b:85:49:
                    43:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:8D:E4:CE:98:47:38:88:DC:48:49:17:F6:28:78:0D:25:02:92:8B
            X509v3 Authority Key Identifier:
                keyid:71:C5:9E:DA:B9:8E:FB:0C:D3:76:76:0F:40:69:E4:C6:8B:8B:DA:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ccWe2rmO-wzTdnYPQGnkxouL2iA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:c7:7d:8c:76:92:7d:19:56:50:98:06:85:96:39:10:75:46:
         4d:2c:4b:f8:0f:98:fe:ba:04:19:8a:75:97:5b:24:88:a3:3b:
         ba:da:c1:7d:2e:f2:bd:3c:8e:f8:21:08:3c:0d:55:80:3b:93:
         3d:57:02:94:6e:e2:96:b9:53:05:44:d4:c5:39:f4:b2:d9:0e:
         fd:d3:47:00:8b:af:ba:e8:22:e4:c5:73:07:d0:fd:49:c9:f7:
         e3:d7:eb:85:fd:43:e3:90:12:ad:7e:19:72:72:6d:28:c6:63:
         e7:7d:66:32:4e:b8:b5:b3:46:dc:e0:c2:ab:b5:58:09:35:d0:
         90:94:10:77:69:67:6b:ea:60:d9:08:50:e1:99:42:06:25:12:
         a2:b2:2c:1a:28:b9:e2:6b:68:b2:cf:e9:ef:6c:bc:10:e2:4a:
         51:23:0f:e2:4e:47:23:11:1a:b7:52:2c:2f:9c:f6:86:e6:42:
         b9:f2:7c:71:c0:8d:42:83:13:35:9d:b3:9a:85:14:be:80:54:
         bb:58:14:f5:58:93:5d:59:67:06:2e:d0:bc:74:29:2a:ff:52:
         8e:dd:73:93:76:f0:10:4c:21:db:1f:51:7e:1e:ce:5d:d8:92:
         0d:d8:58:7a:28:1e:cd:31:3f:9f:6f:0c:01:ad:69:c0:9e:f1:
         cd:48:26:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7ktQTSrH+qF7QcsYANZHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYzU5ZWRhYjk4ZWZiMGNkMzc2NzYwZjQwNjllNGM2OGI4
YmRhMjAwHhcNMjUwNTEwMTkwMTIzWhcNMjUwNTExMTkwMTIzWjAzMTEwLwYDVQQD
Eyg3NjhkZTRjZTk4NDczODg4ZGM0ODQ5MTdmNjI4NzgwZDI1MDI5MjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dsNlwbFm2I/C5/tnQqHOP90IVKM
JciMi8nEhFBkuv5lpe1OkucdMwdkroEAFm79sIMMMfghA6BlKLnzCu7S9hraycfv
/pf7XVVGpI8d1o0Y5K2k+TAIPtadNEOuCRV3m4jSJ6f5IPDluYBzJxLQ8AvE3xTO
v4JFs0rAT30uJ3xoU0QC3p5F6S5hodc4oT6mGN6JiIyI6EmxyILCRa2LGMpv3dgD
mJxskXLf++IwuNaqgkCV90hrOKtd6qCCZ0+BkD+0U/XCYUlGFshMBE8O5ChyDM1R
cmEdeicueCbhYmQtzXyMMO5R6bRblyUwosmBPIySYHfN9axj90cbhUlD9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHaN5M6YRziI3EhJF/YoeA0lApKLMB8GA1UdIwQY
MBaAFHHFntq5jvsM03Z2D0Bp5MaLi9ogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2NXZTJybU8td3pUZG5ZUFFHbmt4b3VMMmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mZjU4ZGMtNDk3MS00MTMyLWJhMTct
NzdlY2JiYjRmN2Q4LzEvY2NXZTJybU8td3pUZG5ZUFFHbmt4b3VMMmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mZjU4ZGMtNDk3MS00MTMyLWJhMTctNzdlY2JiYjRmN2Q4
LzEvY2NXZTJybU8td3pUZG5ZUFFHbmt4b3VMMmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb8d9jHaS
fRlWUJgGhZY5EHVGTSxL+A+Y/roEGYp1l1skiKM7utrBfS7yvTyO+CEIPA1VgDuT
PVcClG7ilrlTBUTUxTn0stkO/dNHAIuvuugi5MVzB9D9Scn349frhf1D45ASrX4Z
cnJtKMZj531mMk64tbNG3ODCq7VYCTXQkJQQd2lna+pg2QhQ4ZlCBiUSorIsGii5
4mtoss/p72y8EOJKUSMP4k5HIxEat1IsL5z2huZCufJ8ccCNQoMTNZ2zmoUUvoBU
u1gU9ViTXVlnBi7QvHQpKv9Sjt1zk3bwEEwh2x9Rfh7OXdiSDdhYeigezTE/n28M
Aa1pwJ7xzUgmAQ==
-----END CERTIFICATE-----