Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
File:                     dZxU7z8HSxxmiPmXVM2KONmfbKw.mft (raw, json)
Hash identifier:          UO0GFFBXK5by4NGHEBkCeIxI6afPQWyKtqMU4XIT+nw=
Subject key identifier:   B8:57:6D:35:E1:11:D2:36:CF:13:62:13:8C:4D:0F:84:F7:58:84:CF
Authority key identifier: 75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC
Certificate issuer:       /CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
Certificate serial:       0196BA486C136AEA1015F3FC780BED612121
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
Manifest number:          08D2
Signing time:             Sat 10 May 2025 13:00:30 +0000
Manifest this update:     Sat 10 May 2025 13:00:30 +0000
Manifest next update:     Sun 11 May 2025 13:00:30 +0000
Files and hashes:         1: dZxU7z8HSxxmiPmXVM2KONmfbKw.crl (hash: /LWiQp9XVmX+tNnFZA+FkeFLgh4MwYCYyufEtMkaDsc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ba:48:6c:13:6a:ea:10:15:f3:fc:78:0b:ed:61:21:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
        Validity
            Not Before: May 10 13:00:30 2025 GMT
            Not After : May 11 13:00:30 2025 GMT
        Subject: CN=b8576d35e111d236cf1362138c4d0f84f75884cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:1a:41:94:c8:4d:b4:e6:2f:01:2e:30:d4:a7:
                    ec:f6:8f:f7:17:c1:3b:3b:4b:63:c6:7b:64:a1:bd:
                    c0:3d:7e:fe:0a:d5:0d:fa:7a:4f:82:87:bf:7a:d2:
                    c5:68:16:39:ab:d7:f1:5b:df:84:8b:af:51:2c:1a:
                    f2:4b:23:1e:9f:3c:f5:14:6d:6e:f0:37:76:43:c0:
                    8a:c8:0a:f0:b1:b7:d4:5a:b7:d7:fb:d3:e2:cc:70:
                    33:6b:96:ff:a8:1e:29:8c:0c:16:65:76:56:b4:05:
                    dd:14:f0:9b:ce:d8:73:e8:3c:d9:9e:43:5c:54:8b:
                    0b:f1:b6:bd:d9:13:cc:2b:7e:da:49:7d:ad:b7:ed:
                    91:19:fc:ae:72:c9:05:77:55:a3:9a:f0:e8:bb:4f:
                    11:e6:11:ee:30:80:4d:10:c3:97:69:de:7a:22:64:
                    bc:33:45:6d:d3:35:ab:ad:04:da:07:46:b9:64:bd:
                    7d:9d:45:02:c7:d2:8f:b6:5d:cb:99:9d:55:9c:10:
                    68:ca:75:f1:2d:67:14:d7:43:76:cc:3a:b9:63:c3:
                    fd:86:f8:cf:f2:56:f1:db:cc:7e:fb:5c:4f:90:95:
                    0c:6f:7f:8a:63:f4:0a:9a:ec:9c:76:9c:a7:42:b3:
                    d8:d2:bf:21:de:d3:07:09:ef:a9:c4:a2:4f:53:55:
                    7f:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:57:6D:35:E1:11:D2:36:CF:13:62:13:8C:4D:0F:84:F7:58:84:CF
            X509v3 Authority Key Identifier:
                keyid:75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:db:27:d5:3a:3d:26:45:a7:2d:88:35:aa:e4:b4:67:c5:6b:
         73:d8:09:ed:2a:df:77:bc:e4:cf:38:77:f8:f4:8b:78:1d:24:
         69:b5:00:92:9f:dc:cc:74:fa:45:7e:2a:1e:63:86:2d:68:0f:
         8f:86:c1:03:5b:5a:8f:c2:8a:27:e0:97:51:48:b7:ff:18:58:
         97:5e:af:3d:cc:a5:93:a3:9e:8e:dd:21:1f:dd:59:b8:84:23:
         c1:cb:4b:d2:e0:dc:01:61:dc:e0:0d:d9:20:dc:0c:c5:1e:38:
         ae:60:7e:75:0d:88:f1:a9:d0:33:86:f3:93:a6:db:af:6e:0b:
         56:7d:81:12:23:3b:78:b5:57:0e:79:66:99:6c:dc:4f:e0:96:
         1c:17:e3:e3:aa:06:69:f4:ea:87:f5:2d:95:81:71:f4:9b:ab:
         6c:66:ea:ff:64:7d:92:54:fe:1d:e9:05:92:81:c0:2b:5a:1f:
         14:7a:9f:7e:85:7a:23:39:ce:ef:bd:69:75:64:bb:94:a9:ed:
         5a:20:9d:b5:97:19:36:9b:3a:14:2c:0a:07:ae:64:7f:ab:df:
         4e:e7:d3:7b:88:4d:5c:74:14:48:41:86:c5:09:5f:e7:97:a5:
         ba:4d:52:b6:d4:99:6e:2c:e7:9a:db:94:d7:40:35:a8:6e:f1:
         26:c6:15:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa6SGwTauoQFfP8eAvtYSEhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OWM1NGVmM2YwNzRiMWM2Njg4Zjk5NzU0Y2Q4YTM4ZDk5
ZjZjYWMwHhcNMjUwNTEwMTMwMDMwWhcNMjUwNTExMTMwMDMwWjAzMTEwLwYDVQQD
EyhiODU3NmQzNWUxMTFkMjM2Y2YxMzYyMTM4YzRkMGY4NGY3NTg4NGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxpBlMhNtOYvAS4w1Kfs9o/3F8E7
O0tjxntkob3APX7+CtUN+npPgoe/etLFaBY5q9fxW9+Ei69RLBrySyMenzz1FG1u
8Dd2Q8CKyArwsbfUWrfX+9PizHAza5b/qB4pjAwWZXZWtAXdFPCbzthz6DzZnkNc
VIsL8ba92RPMK37aSX2tt+2RGfyucskFd1WjmvDou08R5hHuMIBNEMOXad56ImS8
M0Vt0zWrrQTaB0a5ZL19nUUCx9KPtl3LmZ1VnBBoynXxLWcU10N2zDq5Y8P9hvjP
8lbx28x++1xPkJUMb3+KY/QKmuycdpynQrPY0r8h3tMHCe+pxKJPU1V/twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLhXbTXhEdI2zxNiE4xND4T3WITPMB8GA1UdIwQY
MBaAFHWcVO8/B0scZoj5l1TNijjZn2ysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQt
NDRkMjk2NTdiYWI3LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQtNDRkMjk2NTdiYWI3
LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGtsn1To9
JkWnLYg1quS0Z8Vrc9gJ7Srfd7zkzzh3+PSLeB0kabUAkp/czHT6RX4qHmOGLWgP
j4bBA1taj8KKJ+CXUUi3/xhYl16vPcylk6Oejt0hH91ZuIQjwctL0uDcAWHc4A3Z
INwMxR44rmB+dQ2I8anQM4bzk6bbr24LVn2BEiM7eLVXDnlmmWzcT+CWHBfj46oG
afTqh/UtlYFx9JurbGbq/2R9klT+HekFkoHAK1ofFHqffoV6IznO771pdWS7lKnt
WiCdtZcZNps6FCwKB65kf6vfTufTe4hNXHQUSEGGxQlf55eluk1SttSZbiznmtuU
10A1qG7xJsYVTw==
-----END CERTIFICATE-----