Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft
File:                     dGMPFkhbT5M4X5So7HEArUjF_FA.mft (raw, json)
Hash identifier:          NoSPe9ix34CjHBJdixwObWx45dlwJoZYHvhREJhdbuU=
Subject key identifier:   80:72:16:FC:7B:02:AC:35:9A:3C:14:99:4D:B4:1A:B4:B4:59:B7:0F
Authority key identifier: 74:63:0F:16:48:5B:4F:93:38:5F:94:A8:EC:71:00:AD:48:C5:FC:50
Certificate issuer:       /CN=74630f16485b4f93385f94a8ec7100ad48c5fc50
Certificate serial:       0198D65F7C424CD52432312B131A38D28CF2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dGMPFkhbT5M4X5So7HEArUjF_FA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft
Manifest number:          0D82
Signing time:             Sat 23 Aug 2025 10:00:38 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:38 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:38 +0000
Files and hashes:         1: dGMPFkhbT5M4X5So7HEArUjF_FA.crl (hash: /P+VHEMD83i6kfzkdBiAG/JDWYq7H8AOTvkUiQJTBcM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dGMPFkhbT5M4X5So7HEArUjF_FA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:7c:42:4c:d5:24:32:31:2b:13:1a:38:d2:8c:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74630f16485b4f93385f94a8ec7100ad48c5fc50
        Validity
            Not Before: Aug 23 10:00:38 2025 GMT
            Not After : Aug 24 10:00:38 2025 GMT
        Subject: CN=807216fc7b02ac359a3c14994db41ab4b459b70f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:ae:b2:d9:4f:a8:51:3f:e7:89:b0:2d:b2:1d:
                    11:b5:2a:78:50:97:d0:61:1f:74:d4:db:68:56:c5:
                    08:ec:75:b2:8c:5a:27:14:76:42:dc:32:0b:23:bb:
                    26:6e:fb:ba:a7:74:1f:36:e9:0a:56:1e:dd:4d:a6:
                    72:2c:df:e7:9e:85:c2:49:a5:63:07:60:79:df:1e:
                    ad:c9:b0:db:8e:b5:0b:3a:34:0e:ff:5e:92:3b:f2:
                    3f:b0:11:be:2f:07:8a:e3:c2:d6:0c:eb:6a:58:5f:
                    6d:ba:1b:23:f8:a1:92:90:7e:ea:a7:e2:5d:d8:4f:
                    4b:64:37:28:20:ac:4e:05:84:ba:ea:14:69:9d:2e:
                    3f:1b:2d:54:67:fd:71:d8:49:56:f5:32:46:f9:a9:
                    fc:a2:fc:ed:31:e4:63:b1:ee:6c:1d:b0:9c:e3:8d:
                    bc:45:40:ee:1e:7c:f8:76:57:1a:83:61:24:5e:3b:
                    2c:fa:66:8d:8e:06:c4:e7:95:44:3b:0d:2a:92:67:
                    c2:b3:f5:2a:14:46:60:80:46:f7:75:1d:b8:ae:ee:
                    d2:bf:86:e7:94:9e:e5:24:cd:95:14:c4:44:99:48:
                    02:bd:08:04:cf:12:b3:92:92:49:a3:12:80:c5:30:
                    1b:91:e8:9b:7f:3c:7e:1c:2d:d7:0c:a8:e5:62:9d:
                    61:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:72:16:FC:7B:02:AC:35:9A:3C:14:99:4D:B4:1A:B4:B4:59:B7:0F
            X509v3 Authority Key Identifier:
                keyid:74:63:0F:16:48:5B:4F:93:38:5F:94:A8:EC:71:00:AD:48:C5:FC:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGMPFkhbT5M4X5So7HEArUjF_FA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cc:e6:dd:40:70:34:0a:75:d5:da:7e:d4:8f:fb:a2:e7:e5:e9:
         9d:81:3c:02:ae:e9:24:e3:b3:37:72:93:65:c2:26:f0:3c:d1:
         d4:ce:4a:16:dc:f9:84:6e:0c:97:1a:e8:01:32:63:d8:51:9e:
         0b:71:8b:32:27:36:d0:c2:99:61:6b:aa:bc:c6:e8:94:6c:ee:
         ec:e4:36:d3:64:80:f9:44:ad:01:fa:e4:1d:49:88:bc:c2:b3:
         4f:45:7c:b2:9a:b4:63:b3:3f:56:8e:7c:07:5e:bf:d0:3c:1d:
         44:1a:9b:5c:0a:8c:ac:67:9b:10:e3:92:e2:a3:46:98:9f:3d:
         51:ed:cc:c2:9e:9e:af:38:e3:7b:1b:11:e2:f5:20:32:0c:f0:
         5e:b7:6b:77:85:7f:22:4d:d0:fa:22:8b:1a:c8:91:d2:7c:83:
         d1:95:94:fa:b3:bf:9f:28:ac:c8:ea:73:d3:d2:5e:86:26:b0:
         20:1e:0c:79:e7:cf:12:84:e4:7f:5c:8c:2e:46:ca:14:65:1e:
         4b:5d:99:a0:40:24:83:f2:8a:2a:50:08:b8:9a:d9:b8:89:c0:
         f3:50:0a:0c:9f:e9:d8:7e:1e:3c:72:6b:a4:c9:15:78:78:c0:
         f9:2a:d0:30:8f:84:ab:23:bb:3a:00:2d:64:fe:f2:11:a6:6e:
         02:66:57:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX3xCTNUkMjErExo40ozyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjMwZjE2NDg1YjRmOTMzODVmOTRhOGVjNzEwMGFkNDhj
NWZjNTAwHhcNMjUwODIzMTAwMDM4WhcNMjUwODI0MTAwMDM4WjAzMTEwLwYDVQQD
Eyg4MDcyMTZmYzdiMDJhYzM1OWEzYzE0OTk0ZGI0MWFiNGI0NTliNzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnq6y2U+oUT/nibAtsh0RtSp4UJfQ
YR901NtoVsUI7HWyjFonFHZC3DILI7smbvu6p3QfNukKVh7dTaZyLN/nnoXCSaVj
B2B53x6tybDbjrULOjQO/16SO/I/sBG+LweK48LWDOtqWF9tuhsj+KGSkH7qp+Jd
2E9LZDcoIKxOBYS66hRpnS4/Gy1UZ/1x2ElW9TJG+an8ovztMeRjse5sHbCc4428
RUDuHnz4dlcag2EkXjss+maNjgbE55VEOw0qkmfCs/UqFEZggEb3dR24ru7Sv4bn
lJ7lJM2VFMREmUgCvQgEzxKzkpJJoxKAxTAbkeibfzx+HC3XDKjlYp1hDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIByFvx7Aqw1mjwUmU20GrS0WbcPMB8GA1UdIwQY
MBaAFHRjDxZIW0+TOF+UqOxxAK1IxfxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdNUEZraGJUNU00WDVTbzdIRUFyVWpGX0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9iNDQ4NTYtMjE0YS00NTk2LTkyN2It
M2RhNDE1YWMwZGMwLzEvZEdNUEZraGJUNU00WDVTbzdIRUFyVWpGX0ZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9iNDQ4NTYtMjE0YS00NTk2LTkyN2ItM2RhNDE1YWMwZGMw
LzEvZEdNUEZraGJUNU00WDVTbzdIRUFyVWpGX0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzObdQHA0
CnXV2n7Uj/ui5+XpnYE8Aq7pJOOzN3KTZcIm8DzR1M5KFtz5hG4MlxroATJj2FGe
C3GLMic20MKZYWuqvMbolGzu7OQ202SA+UStAfrkHUmIvMKzT0V8spq0Y7M/Vo58
B16/0DwdRBqbXAqMrGebEOOS4qNGmJ89Ue3Mwp6erzjjexsR4vUgMgzwXrdrd4V/
Ik3Q+iKLGsiR0nyD0ZWU+rO/nyisyOpz09JehiawIB4MeefPEoTkf1yMLkbKFGUe
S12ZoEAkg/KKKlAIuJrZuInA81AKDJ/p2H4ePHJrpMkVeHjA+SrQMI+EqyO7OgAt
ZP7yEaZuAmZXiA==
-----END CERTIFICATE-----