Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft
File:                     dGMPFkhbT5M4X5So7HEArUjF_FA.mft (raw, json)
Hash identifier:          gkvEHIW7faAhaFqQYL6cV2DWH/d66pok5frWQaATx1E=
Subject key identifier:   BD:95:E3:D0:60:F4:0C:24:0E:2C:ED:CE:EE:08:52:E7:92:39:40:FF
Authority key identifier: 74:63:0F:16:48:5B:4F:93:38:5F:94:A8:EC:71:00:AD:48:C5:FC:50
Certificate issuer:       /CN=74630f16485b4f93385f94a8ec7100ad48c5fc50
Certificate serial:       0197B6A081CE567FB279611944877A3B45C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dGMPFkhbT5M4X5So7HEArUjF_FA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft
Manifest number:          0CED
Signing time:             Sat 28 Jun 2025 13:01:01 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:01 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:01 +0000
Files and hashes:         1: dGMPFkhbT5M4X5So7HEArUjF_FA.crl (hash: f5QFfC6ae4YlHAq21Pl6PJ0t24lmehA9WTaM0I1hvsk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dGMPFkhbT5M4X5So7HEArUjF_FA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:81:ce:56:7f:b2:79:61:19:44:87:7a:3b:45:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74630f16485b4f93385f94a8ec7100ad48c5fc50
        Validity
            Not Before: Jun 28 13:01:01 2025 GMT
            Not After : Jun 29 13:01:01 2025 GMT
        Subject: CN=bd95e3d060f40c240e2cedceee0852e7923940ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:b2:2f:df:63:0c:cb:29:eb:13:c6:38:e8:2c:
                    af:8b:ae:0f:90:64:7b:45:60:54:5c:32:b3:d9:78:
                    d2:71:b3:8e:53:fc:9a:06:82:08:a5:91:a7:c9:e4:
                    bf:1a:6d:55:3d:8f:3f:d2:3a:10:1b:57:20:c3:01:
                    f7:15:5a:3e:da:7f:6c:dd:9d:c2:1d:0e:3c:51:fc:
                    76:45:e6:62:4e:ba:14:1e:4a:0c:67:96:9d:69:e2:
                    40:59:15:a6:6f:f0:04:e5:ce:0a:1b:70:40:d6:f8:
                    ce:bb:3b:1d:be:3c:76:31:a5:71:58:69:f2:0d:73:
                    aa:45:12:60:36:89:3f:23:b9:14:ea:99:bd:d8:f2:
                    66:c4:39:01:0c:15:13:26:eb:e4:fe:5c:ac:65:9b:
                    09:ec:95:06:68:e1:ae:32:af:6d:59:f0:4e:1a:fb:
                    7e:2e:73:65:2e:4e:c8:26:94:2a:b4:92:66:f1:84:
                    9e:5a:db:d1:a2:77:14:2d:3c:eb:da:66:eb:f7:ea:
                    ec:70:2d:63:ef:66:04:13:e4:e5:b4:45:f8:d1:e2:
                    5c:db:eb:35:0e:05:09:f1:c3:df:91:b9:5f:c5:e5:
                    9b:64:7b:79:b5:19:e3:e5:2a:9a:0f:c2:89:55:84:
                    48:28:fc:9d:2c:66:ab:6e:0c:d9:e6:66:06:b3:e6:
                    9e:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:95:E3:D0:60:F4:0C:24:0E:2C:ED:CE:EE:08:52:E7:92:39:40:FF
            X509v3 Authority Key Identifier:
                keyid:74:63:0F:16:48:5B:4F:93:38:5F:94:A8:EC:71:00:AD:48:C5:FC:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGMPFkhbT5M4X5So7HEArUjF_FA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e1:ff:fa:7b:c4:e2:24:b6:3a:0a:2e:43:b6:48:ea:9e:81:53:
         8b:25:f4:cd:33:bb:bc:46:3a:a4:cc:f9:20:6f:10:25:4f:72:
         59:1c:6e:22:89:f2:03:e9:0c:30:73:3c:65:8e:2b:ae:f5:6e:
         f4:65:7c:86:7c:78:8c:f3:bd:09:89:dd:50:b7:64:73:97:60:
         11:60:85:9c:fb:b5:67:ec:8b:de:43:03:13:b6:63:55:c0:5a:
         bd:84:13:7a:ab:bd:eb:51:f1:c1:5a:70:ee:f1:47:96:5a:81:
         b8:17:c2:bb:41:34:fe:f1:86:32:c1:2a:90:37:df:44:e6:78:
         cb:99:5f:2c:3f:7a:aa:12:04:61:aa:5e:db:d5:db:bc:fd:2c:
         cd:90:ce:05:3b:3a:ef:7c:d6:21:09:9c:ea:4c:dd:e1:94:87:
         12:c5:ee:d1:db:b1:e3:af:e8:3f:e6:e7:df:e4:03:3f:a7:58:
         84:a7:26:f8:fe:54:40:70:0a:8d:8e:56:d9:e4:9f:4d:6b:9d:
         54:0f:5c:4e:a3:5b:a5:98:79:ac:10:da:d8:33:f4:9b:2c:1c:
         88:0a:4b:89:a5:ce:15:c4:be:da:59:d9:d6:59:24:b6:c6:23:
         a3:78:6f:d4:cf:7c:29:37:1f:31:63:3e:66:eb:51:c1:f1:e4:
         7a:6b:cb:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oIHOVn+yeWEZRId6O0XGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjMwZjE2NDg1YjRmOTMzODVmOTRhOGVjNzEwMGFkNDhj
NWZjNTAwHhcNMjUwNjI4MTMwMTAxWhcNMjUwNjI5MTMwMTAxWjAzMTEwLwYDVQQD
EyhiZDk1ZTNkMDYwZjQwYzI0MGUyY2VkY2VlZTA4NTJlNzkyMzk0MGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbIv32MMyynrE8Y46Cyvi64PkGR7
RWBUXDKz2XjScbOOU/yaBoIIpZGnyeS/Gm1VPY8/0joQG1cgwwH3FVo+2n9s3Z3C
HQ48Ufx2ReZiTroUHkoMZ5adaeJAWRWmb/AE5c4KG3BA1vjOuzsdvjx2MaVxWGny
DXOqRRJgNok/I7kU6pm92PJmxDkBDBUTJuvk/lysZZsJ7JUGaOGuMq9tWfBOGvt+
LnNlLk7IJpQqtJJm8YSeWtvRoncULTzr2mbr9+rscC1j72YEE+TltEX40eJc2+s1
DgUJ8cPfkblfxeWbZHt5tRnj5SqaD8KJVYRIKPydLGarbgzZ5mYGs+aeTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL2V49Bg9AwkDiztzu4IUueSOUD/MB8GA1UdIwQY
MBaAFHRjDxZIW0+TOF+UqOxxAK1IxfxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdNUEZraGJUNU00WDVTbzdIRUFyVWpGX0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9iNDQ4NTYtMjE0YS00NTk2LTkyN2It
M2RhNDE1YWMwZGMwLzEvZEdNUEZraGJUNU00WDVTbzdIRUFyVWpGX0ZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9iNDQ4NTYtMjE0YS00NTk2LTkyN2ItM2RhNDE1YWMwZGMw
LzEvZEdNUEZraGJUNU00WDVTbzdIRUFyVWpGX0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4f/6e8Ti
JLY6Ci5DtkjqnoFTiyX0zTO7vEY6pMz5IG8QJU9yWRxuIonyA+kMMHM8ZY4rrvVu
9GV8hnx4jPO9CYndULdkc5dgEWCFnPu1Z+yL3kMDE7ZjVcBavYQTequ961HxwVpw
7vFHllqBuBfCu0E0/vGGMsEqkDffROZ4y5lfLD96qhIEYape29XbvP0szZDOBTs6
73zWIQmc6kzd4ZSHEsXu0dux46/oP+bn3+QDP6dYhKcm+P5UQHAKjY5W2eSfTWud
VA9cTqNbpZh5rBDa2DP0mywciApLiaXOFcS+2lnZ1lkktsYjo3hv1M98KTcfMWM+
ZutRwfHkemvLMQ==
-----END CERTIFICATE-----