Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
File:                     RNvjYmp2sEoSCIlwSViGPUJjLw8.mft (raw, json)
Hash identifier:          pCiZvAIbzDRt2fjZtpOHZNz8pZ+Q4TNGxscoXnMExGM=
Subject key identifier:   67:6E:7D:A0:EE:CA:23:61:DE:5F:D2:F7:41:57:D1:42:A0:AD:59:E8
Authority key identifier: 44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
Certificate issuer:       /CN=44dbe3626a76b04a120889704958863d42632f0f
Certificate serial:       0196BFA5F56C3DAFF293153354B421EBAF44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
Manifest number:          0344
Signing time:             Sun 11 May 2025 14:00:46 +0000
Manifest this update:     Sun 11 May 2025 14:00:46 +0000
Manifest next update:     Mon 12 May 2025 14:00:46 +0000
Files and hashes:         1: RNvjYmp2sEoSCIlwSViGPUJjLw8.crl (hash: pIKumBiPv8jk8TzXjaGRIMtWcKZFayoq18uVER8BV2o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 14:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:a5:f5:6c:3d:af:f2:93:15:33:54:b4:21:eb:af:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44dbe3626a76b04a120889704958863d42632f0f
        Validity
            Not Before: May 11 14:00:46 2025 GMT
            Not After : May 12 14:00:46 2025 GMT
        Subject: CN=676e7da0eeca2361de5fd2f74157d142a0ad59e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:15:08:3a:7d:c5:a5:32:9c:51:77:5f:23:5b:
                    77:4a:e3:95:fe:0d:9c:91:8f:d2:e1:b1:af:4a:96:
                    56:64:66:9e:ec:7c:49:4e:8b:f3:75:5f:07:e2:18:
                    e6:a4:b3:f8:70:96:20:1d:dd:56:fc:ad:7b:e3:3d:
                    6f:44:e2:bf:22:48:cc:37:7d:05:3d:bc:88:71:19:
                    61:5f:b9:ab:65:d8:d8:25:77:65:4c:17:d1:d6:6c:
                    10:77:dd:f7:dc:37:f9:8c:37:90:99:c6:9d:3f:59:
                    68:74:e2:da:93:00:13:6e:5e:a5:1a:10:b5:b3:a9:
                    e0:42:bb:32:aa:34:23:7e:2d:30:bd:07:3f:75:8e:
                    ab:49:c3:29:f6:89:4b:41:97:68:b6:f5:28:44:14:
                    3d:e3:da:36:ed:c4:bf:55:d5:1b:53:ba:3e:25:0a:
                    46:0e:a9:62:6a:c7:e0:43:91:66:81:14:1a:26:2c:
                    29:55:6f:7c:46:04:14:d2:91:ab:55:d4:a3:4a:1d:
                    db:17:7b:2e:b6:27:a7:79:ac:5c:e6:f4:7c:23:b0:
                    98:f4:88:d4:7a:7f:36:25:f9:db:82:c2:0b:75:fc:
                    6a:6a:0d:c7:1e:9c:68:fb:1a:c5:d0:e1:61:9c:3d:
                    80:99:da:b0:fa:64:8e:f9:1a:83:c3:f2:4f:1d:b7:
                    bc:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:6E:7D:A0:EE:CA:23:61:DE:5F:D2:F7:41:57:D1:42:A0:AD:59:E8
            X509v3 Authority Key Identifier:
                keyid:44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:f6:0b:87:0b:43:4f:39:d8:0c:b8:aa:36:ac:43:0b:16:eb:
         8b:fc:30:95:e5:2b:6e:be:4d:e5:cf:56:91:c5:90:6f:49:1a:
         28:1c:d1:78:ce:fa:c1:c8:3d:a5:37:7a:a1:df:7d:2a:54:e2:
         2c:34:53:49:42:1a:28:37:15:cb:aa:2f:96:dc:e2:3f:19:b6:
         92:a8:6c:e6:63:f8:0e:0a:f5:54:73:6c:31:f7:06:5b:aa:9d:
         ba:b8:3a:e3:c2:f8:a8:87:de:7d:8d:53:4d:57:6b:e4:1b:5e:
         e5:b0:10:74:19:c6:03:80:10:14:63:85:2e:87:8a:7a:c9:8e:
         ed:eb:78:85:b3:c3:22:91:ce:3a:02:a5:06:06:c8:a5:cf:63:
         d6:a6:f0:b1:f5:90:29:6d:2e:1c:22:9f:6b:3a:30:da:18:92:
         d2:cf:13:64:0c:31:81:5a:95:82:09:6d:35:25:ab:de:d1:60:
         9f:74:ed:59:36:e2:b2:fc:81:0e:4e:18:49:cb:b4:40:b8:f5:
         02:b3:07:d8:6e:0b:eb:d2:f3:f1:40:ec:17:6d:1e:f5:35:48:
         eb:fd:fc:80:da:79:51:19:c5:49:fc:69:8e:8c:95:ad:6b:63:
         6f:d1:b4:97:09:8b:fc:58:49:fb:d2:5c:80:98:17:95:ed:4c:
         f4:e2:52:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/pfVsPa/ykxUzVLQh669EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGJlMzYyNmE3NmIwNGExMjA4ODk3MDQ5NTg4NjNkNDI2
MzJmMGYwHhcNMjUwNTExMTQwMDQ2WhcNMjUwNTEyMTQwMDQ2WjAzMTEwLwYDVQQD
Eyg2NzZlN2RhMGVlY2EyMzYxZGU1ZmQyZjc0MTU3ZDE0MmEwYWQ1OWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xUIOn3FpTKcUXdfI1t3SuOV/g2c
kY/S4bGvSpZWZGae7HxJTovzdV8H4hjmpLP4cJYgHd1W/K174z1vROK/IkjMN30F
PbyIcRlhX7mrZdjYJXdlTBfR1mwQd9333Df5jDeQmcadP1lodOLakwATbl6lGhC1
s6ngQrsyqjQjfi0wvQc/dY6rScMp9olLQZdotvUoRBQ949o27cS/VdUbU7o+JQpG
DqliasfgQ5FmgRQaJiwpVW98RgQU0pGrVdSjSh3bF3sutieneaxc5vR8I7CY9IjU
en82JfnbgsILdfxqag3HHpxo+xrF0OFhnD2Amdqw+mSO+RqDw/JPHbe8HQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGdufaDuyiNh3l/S90FX0UKgrVnoMB8GA1UdIwQY
MBaAFETb42JqdrBKEgiJcElYhj1CYy8PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDkt
ZGU4MWY5YWQ3NzljLzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDktZGU4MWY5YWQ3Nzlj
LzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJPYLhwtD
TznYDLiqNqxDCxbri/wwleUrbr5N5c9WkcWQb0kaKBzReM76wcg9pTd6od99KlTi
LDRTSUIaKDcVy6ovltziPxm2kqhs5mP4Dgr1VHNsMfcGW6qdurg648L4qIfefY1T
TVdr5Bte5bAQdBnGA4AQFGOFLoeKesmO7et4hbPDIpHOOgKlBgbIpc9j1qbwsfWQ
KW0uHCKfazow2hiS0s8TZAwxgVqVggltNSWr3tFgn3TtWTbisvyBDk4YScu0QLj1
ArMH2G4L69Lz8UDsF20e9TVI6/38gNp5URnFSfxpjoyVrWtjb9G0lwmL/FhJ+9Jc
gJgXle1M9OJSmg==
-----END CERTIFICATE-----