Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
File:                     t38R7tTnnIXMxWLfPR8oPjOdou0.mft (raw, json)
Hash identifier:          zWo7iV8tM4+kfQss8NAPHN9uTecDwPuIeaR1Tk0sZZ4=
Subject key identifier:   9A:1E:F6:5F:6D:88:75:E9:00:CC:A6:17:14:BC:94:78:0E:55:BF:04
Authority key identifier: B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED
Certificate issuer:       /CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
Certificate serial:       0196C15D0E8FF9FBBE291F878D442D76C126
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
Manifest number:          0BD8
Signing time:             Sun 11 May 2025 22:00:23 +0000
Manifest this update:     Sun 11 May 2025 22:00:23 +0000
Manifest next update:     Mon 12 May 2025 22:00:23 +0000
Files and hashes:         1: t38R7tTnnIXMxWLfPR8oPjOdou0.crl (hash: EW0DKAl5PHnj770NjX1qqrS+I+XHx38sZXbxuxZNGnw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 22:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:5d:0e:8f:f9:fb:be:29:1f:87:8d:44:2d:76:c1:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
        Validity
            Not Before: May 11 22:00:23 2025 GMT
            Not After : May 12 22:00:23 2025 GMT
        Subject: CN=9a1ef65f6d8875e900cca61714bc94780e55bf04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:cd:93:ef:ca:e7:10:0a:7e:98:bb:d8:06:a6:
                    e3:75:16:18:45:ad:61:67:68:b5:e8:8f:c0:7e:b3:
                    65:f5:ff:97:ef:cc:f3:6b:c1:48:8f:7e:d8:24:a1:
                    2e:f6:ae:30:51:7c:5a:5b:a6:bc:22:7a:c9:6d:f7:
                    08:f6:bf:5a:e3:78:34:31:0c:2d:5c:78:5d:31:fd:
                    81:4f:d2:dc:e5:45:71:f4:95:90:52:1a:e8:09:b5:
                    6f:06:f6:a9:42:d2:b9:6e:f8:e3:55:f1:20:57:88:
                    95:22:3c:a8:36:e2:bf:0b:69:5f:20:04:3d:78:23:
                    a0:eb:98:1b:fd:47:37:68:d6:56:56:65:e6:cc:c3:
                    30:01:fc:e3:ca:95:13:e6:b4:c0:9f:4f:1e:ab:f4:
                    0c:12:c9:d8:85:a7:a1:e3:f1:2e:a9:97:b5:24:f6:
                    3a:15:27:d9:57:7c:b4:2a:81:b9:17:e5:db:b6:f4:
                    81:6a:a9:d8:ab:c7:06:9c:b9:39:db:b0:bf:9b:40:
                    e1:d1:7c:60:d7:19:d2:3e:c3:45:0f:08:9c:17:dc:
                    f8:48:e4:29:c0:0f:af:a2:07:fa:58:82:f0:73:e5:
                    9a:5b:1f:9e:5b:9e:be:b9:26:fa:20:24:a3:0e:ce:
                    9e:d7:51:55:8f:c3:ba:66:f3:a7:3f:b7:fc:7d:96:
                    62:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:1E:F6:5F:6D:88:75:E9:00:CC:A6:17:14:BC:94:78:0E:55:BF:04
            X509v3 Authority Key Identifier:
                keyid:B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         de:3b:61:cc:6e:42:56:2d:4c:86:ff:8f:5f:59:ba:05:f9:44:
         fe:2a:e8:1f:7a:d9:f4:c2:db:8e:e4:74:d4:55:f1:8a:04:5d:
         47:e7:5c:5b:9f:71:6e:d1:cc:59:48:41:b8:9a:c3:ed:60:1a:
         49:4b:3c:74:2a:19:ae:3b:ad:91:02:07:f0:eb:52:04:0d:46:
         ea:4d:77:53:75:4d:d2:10:33:33:d9:c8:9c:1b:c0:5c:ed:54:
         92:a7:7c:f8:08:d4:2a:cc:48:27:86:d7:5e:5a:2c:80:56:06:
         12:74:2d:2f:7f:1e:54:1e:d3:b8:ca:b0:72:86:49:ee:06:77:
         51:c5:15:78:aa:ef:7e:4b:3f:8e:b9:e2:29:19:e4:e8:c1:6d:
         2b:eb:b8:3d:84:dc:d4:e0:23:3f:c9:d1:fe:78:f1:e2:55:22:
         f1:43:13:cf:2a:80:e5:0d:78:aa:42:6d:a2:bd:3c:a3:7f:b8:
         ab:39:04:2a:d9:2f:fc:6a:08:ee:08:39:b0:af:d2:1f:d6:75:
         50:04:af:e0:a5:1b:7c:ee:22:0a:d4:97:0c:8e:15:01:40:d2:
         a6:ba:ba:b2:74:97:a3:4e:ca:61:54:d2:fe:ea:3e:20:d0:a9:
         b5:36:d7:fa:fe:10:ad:1b:d3:1e:12:9b:a7:0a:b1:c1:6c:7e:
         60:e2:2c:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbBXQ6P+fu+KR+HjUQtdsEmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3N2YxMWVlZDRlNzljODVjY2M1NjJkZjNkMWYyODNlMzM5
ZGEyZWQwHhcNMjUwNTExMjIwMDIzWhcNMjUwNTEyMjIwMDIzWjAzMTEwLwYDVQQD
Eyg5YTFlZjY1ZjZkODg3NWU5MDBjY2E2MTcxNGJjOTQ3ODBlNTViZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy82T78rnEAp+mLvYBqbjdRYYRa1h
Z2i16I/AfrNl9f+X78zza8FIj37YJKEu9q4wUXxaW6a8InrJbfcI9r9a43g0MQwt
XHhdMf2BT9Lc5UVx9JWQUhroCbVvBvapQtK5bvjjVfEgV4iVIjyoNuK/C2lfIAQ9
eCOg65gb/Uc3aNZWVmXmzMMwAfzjypUT5rTAn08eq/QMEsnYhaeh4/EuqZe1JPY6
FSfZV3y0KoG5F+XbtvSBaqnYq8cGnLk527C/m0Dh0Xxg1xnSPsNFDwicF9z4SOQp
wA+vogf6WILwc+WaWx+eW56+uSb6ICSjDs6e11FVj8O6ZvOnP7f8fZZi+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJoe9l9tiHXpAMymFxS8lHgOVb8EMB8GA1UdIwQY
MBaAFLd/Ee7U55yFzMVi3z0fKD4znaLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzkt
MGM3NzU1OWQ5ZGIwLzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzktMGM3NzU1OWQ5ZGIw
LzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3jthzG5C
Vi1Mhv+PX1m6BflE/iroH3rZ9MLbjuR01FXxigRdR+dcW59xbtHMWUhBuJrD7WAa
SUs8dCoZrjutkQIH8OtSBA1G6k13U3VN0hAzM9nInBvAXO1Ukqd8+AjUKsxIJ4bX
XlosgFYGEnQtL38eVB7TuMqwcoZJ7gZ3UcUVeKrvfks/jrniKRnk6MFtK+u4PYTc
1OAjP8nR/njx4lUi8UMTzyqA5Q14qkJtor08o3+4qzkEKtkv/GoI7gg5sK/SH9Z1
UASv4KUbfO4iCtSXDI4VAUDSprq6snSXo07KYVTS/uo+INCptTbX+v4QrRvTHhKb
pwqxwWx+YOIstg==
-----END CERTIFICATE-----