Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/dc5159-45f0-426f-9ef1-96e0c1c44483/1/g_65rfwvZVEiBb1IETJMnX9qAiI.mft
File:                     g_65rfwvZVEiBb1IETJMnX9qAiI.mft (raw, json)
Hash identifier:          k2/hhrQ4iBALqtQ/ofB8MKc0Ast2fJK2s0HqVbLgRLU=
Subject key identifier:   09:D9:9D:13:CF:98:85:42:44:95:A8:39:30:69:09:DD:D7:78:BC:4B
Authority key identifier: 83:FE:B9:AD:FC:2F:65:51:22:05:BD:48:11:32:4C:9D:7F:6A:02:22
Certificate issuer:       /CN=83feb9adfc2f65512205bd4811324c9d7f6a0222
Certificate serial:       0196BD497BC6DAF2FC6F2B549B2C8B6FCEE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g_65rfwvZVEiBb1IETJMnX9qAiI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/dc5159-45f0-426f-9ef1-96e0c1c44483/1/g_65rfwvZVEiBb1IETJMnX9qAiI.mft
Manifest number:          032D
Signing time:             Sun 11 May 2025 03:00:31 +0000
Manifest this update:     Sun 11 May 2025 03:00:31 +0000
Manifest next update:     Mon 12 May 2025 03:00:31 +0000
Files and hashes:         1: g_65rfwvZVEiBb1IETJMnX9qAiI.crl (hash: XnAMw03bs5sUJUMw1bhwqCWGdmBLkzXQtZ1Vo1CPKBc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/dc5159-45f0-426f-9ef1-96e0c1c44483/1/g_65rfwvZVEiBb1IETJMnX9qAiI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/dc5159-45f0-426f-9ef1-96e0c1c44483/1/g_65rfwvZVEiBb1IETJMnX9qAiI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/g_65rfwvZVEiBb1IETJMnX9qAiI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:49:7b:c6:da:f2:fc:6f:2b:54:9b:2c:8b:6f:ce:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83feb9adfc2f65512205bd4811324c9d7f6a0222
        Validity
            Not Before: May 11 03:00:31 2025 GMT
            Not After : May 12 03:00:31 2025 GMT
        Subject: CN=09d99d13cf9885424495a839306909ddd778bc4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:34:91:49:61:7a:6b:ee:a2:45:16:2f:63:41:
                    e1:9c:b9:37:64:eb:d5:14:48:4a:c8:58:a4:72:07:
                    58:0b:e4:1c:9d:0d:58:45:1a:f5:d0:1f:1b:71:78:
                    d5:9d:1f:21:1b:12:74:bb:a5:78:54:f6:06:fc:6e:
                    25:6c:96:66:1a:e2:f5:56:8e:82:6d:b8:79:29:8a:
                    7e:d9:b4:7b:14:3f:00:3e:75:74:59:70:24:df:4e:
                    f0:09:63:3e:a6:a5:a0:ef:25:bf:db:d0:cf:3c:53:
                    67:86:64:3b:18:fd:5b:47:21:c3:7c:13:d8:e5:66:
                    d4:97:76:bb:80:33:54:61:0a:b9:44:76:dc:ae:98:
                    0e:91:ff:bc:62:da:45:ea:76:26:fe:05:7d:5e:f8:
                    cc:46:30:7c:f4:26:c4:d4:ed:21:32:41:01:0d:c6:
                    84:c5:bb:d0:e9:39:4b:90:72:0e:6b:8a:60:59:88:
                    b9:ca:65:d5:dc:43:71:61:47:26:0d:b7:6e:52:70:
                    4e:99:02:36:97:5b:62:af:4b:c1:10:71:49:8b:7f:
                    ab:e2:04:e4:51:3c:d8:6e:47:a1:b1:af:2c:24:c8:
                    73:16:8d:30:b5:75:b2:9d:5f:25:97:f2:9e:bb:10:
                    db:0c:db:e9:26:29:ee:ae:22:e0:9a:4c:7b:e9:f2:
                    18:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:D9:9D:13:CF:98:85:42:44:95:A8:39:30:69:09:DD:D7:78:BC:4B
            X509v3 Authority Key Identifier:
                keyid:83:FE:B9:AD:FC:2F:65:51:22:05:BD:48:11:32:4C:9D:7F:6A:02:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g_65rfwvZVEiBb1IETJMnX9qAiI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/dc5159-45f0-426f-9ef1-96e0c1c44483/1/g_65rfwvZVEiBb1IETJMnX9qAiI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/dc5159-45f0-426f-9ef1-96e0c1c44483/1/g_65rfwvZVEiBb1IETJMnX9qAiI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:ab:fc:08:49:82:1f:ec:a0:13:66:7d:3f:29:78:ba:ff:39:
         5a:e6:35:51:af:55:aa:44:2a:ed:b1:bb:2c:f1:8f:b1:ac:c0:
         2b:45:17:95:d4:14:98:d8:86:76:34:5b:c4:8e:ce:99:00:23:
         49:50:24:1d:9d:e9:93:10:99:09:be:26:da:67:d6:ab:c2:34:
         1d:7b:62:39:1d:c9:d3:96:ee:e9:cd:cc:c0:90:fa:16:ec:10:
         b0:7f:0b:4f:59:b8:11:8c:fd:03:e5:bb:87:ef:9d:1f:49:27:
         5e:81:69:ea:32:ea:03:a4:15:67:71:58:a9:24:3b:d4:47:7a:
         c1:f8:29:dd:3b:6b:ba:d4:df:6b:a1:13:02:98:84:54:07:5c:
         38:83:f1:e2:58:83:7a:51:68:5c:b8:f9:8e:39:0f:28:76:1e:
         8c:50:43:94:81:7c:ea:7d:70:aa:d9:d9:cc:77:ee:0a:83:84:
         cf:2f:8b:50:84:35:8d:7c:fa:30:fc:61:bd:ac:27:0f:5f:53:
         bc:53:db:7b:9a:20:e8:7e:99:b9:08:de:bf:5c:74:3b:d0:d6:
         56:08:7d:79:e4:a1:c8:85:6a:f7:8f:c7:49:91:30:23:85:21:
         c3:63:67:0f:44:93:06:bc:e6:d9:da:c0:ca:d3:20:59:16:78:
         b3:63:fc:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa9SXvG2vL8bytUmyyLb87lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZmViOWFkZmMyZjY1NTEyMjA1YmQ0ODExMzI0YzlkN2Y2
YTAyMjIwHhcNMjUwNTExMDMwMDMxWhcNMjUwNTEyMDMwMDMxWjAzMTEwLwYDVQQD
EygwOWQ5OWQxM2NmOTg4NTQyNDQ5NWE4MzkzMDY5MDlkZGQ3NzhiYzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzSRSWF6a+6iRRYvY0HhnLk3ZOvV
FEhKyFikcgdYC+QcnQ1YRRr10B8bcXjVnR8hGxJ0u6V4VPYG/G4lbJZmGuL1Vo6C
bbh5KYp+2bR7FD8APnV0WXAk307wCWM+pqWg7yW/29DPPFNnhmQ7GP1bRyHDfBPY
5WbUl3a7gDNUYQq5RHbcrpgOkf+8YtpF6nYm/gV9XvjMRjB89CbE1O0hMkEBDcaE
xbvQ6TlLkHIOa4pgWYi5ymXV3ENxYUcmDbduUnBOmQI2l1tir0vBEHFJi3+r4gTk
UTzYbkehsa8sJMhzFo0wtXWynV8ll/KeuxDbDNvpJinuriLgmkx76fIYIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAnZnRPPmIVCRJWoOTBpCd3XeLxLMB8GA1UdIwQY
MBaAFIP+ua38L2VRIgW9SBEyTJ1/agIiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ182NXJmd3ZaVkVpQmIxSUVUSk1uWDlxQWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9kYzUxNTktNDVmMC00MjZmLTllZjEt
OTZlMGMxYzQ0NDgzLzEvZ182NXJmd3ZaVkVpQmIxSUVUSk1uWDlxQWlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9kYzUxNTktNDVmMC00MjZmLTllZjEtOTZlMGMxYzQ0NDgz
LzEvZ182NXJmd3ZaVkVpQmIxSUVUSk1uWDlxQWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJav8CEmC
H+ygE2Z9Pyl4uv85WuY1Ua9VqkQq7bG7LPGPsazAK0UXldQUmNiGdjRbxI7OmQAj
SVAkHZ3pkxCZCb4m2mfWq8I0HXtiOR3J05bu6c3MwJD6FuwQsH8LT1m4EYz9A+W7
h++dH0knXoFp6jLqA6QVZ3FYqSQ71Ed6wfgp3TtrutTfa6ETApiEVAdcOIPx4liD
elFoXLj5jjkPKHYejFBDlIF86n1wqtnZzHfuCoOEzy+LUIQ1jXz6MPxhvawnD19T
vFPbe5og6H6ZuQjev1x0O9DWVgh9eeShyIVq94/HSZEwI4Uhw2NnD0STBrzm2drA
ytMgWRZ4s2P8jg==
-----END CERTIFICATE-----