Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/863b0c-b1ac-4d7c-abc2-fb6f037a287e/1/24tcHuy6hgz_8XR5ZtdjyagvbZo.mft
File:                     24tcHuy6hgz_8XR5ZtdjyagvbZo.mft (raw, json)
Hash identifier:          iuf+9UhVjwGWbVdPxjLONYPGHo7U4RX55Ub2blqltxM=
Subject key identifier:   36:CF:1D:3D:0B:8B:84:18:F2:74:BA:99:E1:D2:A3:A8:55:E4:6D:5C
Authority key identifier: DB:8B:5C:1E:EC:BA:86:0C:FF:F1:74:79:66:D7:63:C9:A8:2F:6D:9A
Certificate issuer:       /CN=db8b5c1eecba860cfff1747966d763c9a82f6d9a
Certificate serial:       0196C1CB040778A05297C8ADE2663485D51F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/24tcHuy6hgz_8XR5ZtdjyagvbZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/863b0c-b1ac-4d7c-abc2-fb6f037a287e/1/24tcHuy6hgz_8XR5ZtdjyagvbZo.mft
Manifest number:          1532
Signing time:             Mon 12 May 2025 00:00:29 +0000
Manifest this update:     Mon 12 May 2025 00:00:29 +0000
Manifest next update:     Tue 13 May 2025 00:00:29 +0000
Files and hashes:         1: 24tcHuy6hgz_8XR5ZtdjyagvbZo.crl (hash: 5vcraCg3su8U75G6vYf4jXuhB/e2gUTcT8eS6siScpE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/863b0c-b1ac-4d7c-abc2-fb6f037a287e/1/24tcHuy6hgz_8XR5ZtdjyagvbZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/863b0c-b1ac-4d7c-abc2-fb6f037a287e/1/24tcHuy6hgz_8XR5ZtdjyagvbZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/24tcHuy6hgz_8XR5ZtdjyagvbZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:cb:04:07:78:a0:52:97:c8:ad:e2:66:34:85:d5:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db8b5c1eecba860cfff1747966d763c9a82f6d9a
        Validity
            Not Before: May 12 00:00:29 2025 GMT
            Not After : May 13 00:00:29 2025 GMT
        Subject: CN=36cf1d3d0b8b8418f274ba99e1d2a3a855e46d5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:65:b2:e5:de:30:6c:48:31:48:74:85:87:ed:
                    05:25:51:8a:93:e8:88:41:ba:9a:e3:7c:fa:56:fb:
                    5e:77:ff:03:13:d6:86:e3:64:79:a7:77:ae:6a:b8:
                    0c:29:d8:03:b1:26:61:fa:d1:bc:b9:eb:bc:ad:b0:
                    9f:90:93:43:2d:d4:42:e7:96:91:fa:40:c3:fc:25:
                    a2:98:8f:b3:c0:17:1f:ce:18:b9:91:f6:77:b6:2e:
                    c3:2a:4e:b4:ac:e6:bd:83:ac:9b:3a:a0:b3:39:be:
                    d1:29:1d:57:23:ed:63:e5:8d:d9:6d:bd:45:7c:36:
                    eb:a1:20:51:19:d9:46:06:38:64:bd:50:fb:34:da:
                    0d:82:be:20:df:33:de:2f:47:f6:5e:b4:e0:88:bb:
                    c4:a3:28:dc:c1:48:ac:11:66:c0:10:5f:4c:a1:fd:
                    40:60:a9:f6:83:98:0a:76:82:22:ca:8a:ac:fe:5a:
                    c8:b7:87:20:79:bb:8f:93:ad:e6:55:23:aa:4e:d3:
                    78:48:5d:6f:8e:a2:a7:11:3d:00:2c:45:1c:d0:f8:
                    a1:09:30:22:39:93:d9:cc:16:10:df:8e:28:ce:8d:
                    8e:bf:90:25:72:cf:6a:93:75:cf:7e:72:a1:75:aa:
                    67:72:5c:b1:f9:af:29:59:c9:6a:1e:2a:e4:20:1f:
                    41:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:CF:1D:3D:0B:8B:84:18:F2:74:BA:99:E1:D2:A3:A8:55:E4:6D:5C
            X509v3 Authority Key Identifier:
                keyid:DB:8B:5C:1E:EC:BA:86:0C:FF:F1:74:79:66:D7:63:C9:A8:2F:6D:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/24tcHuy6hgz_8XR5ZtdjyagvbZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/863b0c-b1ac-4d7c-abc2-fb6f037a287e/1/24tcHuy6hgz_8XR5ZtdjyagvbZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/863b0c-b1ac-4d7c-abc2-fb6f037a287e/1/24tcHuy6hgz_8XR5ZtdjyagvbZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:f3:a7:b3:02:39:32:e9:ea:43:7d:e4:57:a0:00:6f:d2:b8:
         da:c7:e6:8a:31:e5:ce:8a:67:0b:37:e7:37:68:24:81:e9:36:
         af:77:28:3e:33:4d:d0:53:e4:18:50:66:45:88:c3:9f:e4:ec:
         4b:25:05:87:e5:81:2f:fd:89:dc:83:94:44:fd:ce:ee:62:2e:
         3d:46:84:af:5d:e9:2a:e3:36:f2:bb:4d:ab:c7:6e:c9:ba:59:
         6c:58:98:02:27:54:d8:dc:cd:73:68:16:26:50:5d:23:61:fd:
         0d:38:e4:2b:a1:4c:43:4b:0c:62:45:59:f7:d1:d5:8d:3a:87:
         8a:b3:83:92:0a:15:24:1d:d2:37:07:89:42:49:36:ba:48:b8:
         9e:4b:72:e3:fc:c4:27:0d:6a:19:d1:37:9d:c9:19:33:eb:a2:
         87:a3:9b:1d:04:3c:e9:d2:3e:cf:ab:c1:bb:e5:a2:75:b6:6b:
         ce:22:3a:b4:ed:55:03:ba:ac:aa:24:c4:68:eb:38:b0:5f:6d:
         e0:1f:c4:5c:a9:e0:8a:ec:de:b4:29:c4:5e:2d:27:c9:2c:02:
         a6:c7:b1:48:30:e0:d9:16:57:e0:e2:aa:78:10:33:a2:e9:3e:
         c7:31:52:84:07:59:fa:be:cb:4c:cd:c3:38:de:b3:18:89:3c:
         4f:7c:e7:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbBywQHeKBSl8it4mY0hdUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOGI1YzFlZWNiYTg2MGNmZmYxNzQ3OTY2ZDc2M2M5YTgy
ZjZkOWEwHhcNMjUwNTEyMDAwMDI5WhcNMjUwNTEzMDAwMDI5WjAzMTEwLwYDVQQD
EygzNmNmMWQzZDBiOGI4NDE4ZjI3NGJhOTllMWQyYTNhODU1ZTQ2ZDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WWy5d4wbEgxSHSFh+0FJVGKk+iI
Qbqa43z6Vvted/8DE9aG42R5p3euargMKdgDsSZh+tG8ueu8rbCfkJNDLdRC55aR
+kDD/CWimI+zwBcfzhi5kfZ3ti7DKk60rOa9g6ybOqCzOb7RKR1XI+1j5Y3Zbb1F
fDbroSBRGdlGBjhkvVD7NNoNgr4g3zPeL0f2XrTgiLvEoyjcwUisEWbAEF9Mof1A
YKn2g5gKdoIiyoqs/lrIt4cgebuPk63mVSOqTtN4SF1vjqKnET0ALEUc0PihCTAi
OZPZzBYQ344ozo2Ov5Alcs9qk3XPfnKhdapnclyx+a8pWclqHirkIB9BoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbPHT0Li4QY8nS6meHSo6hV5G1cMB8GA1UdIwQY
MBaAFNuLXB7suoYM//F0eWbXY8moL22aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjR0Y0h1eTZoZ3pfOFhSNVp0ZGp5YWd2YlpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84NjNiMGMtYjFhYy00ZDdjLWFiYzIt
ZmI2ZjAzN2EyODdlLzEvMjR0Y0h1eTZoZ3pfOFhSNVp0ZGp5YWd2YlpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84NjNiMGMtYjFhYy00ZDdjLWFiYzItZmI2ZjAzN2EyODdl
LzEvMjR0Y0h1eTZoZ3pfOFhSNVp0ZGp5YWd2YlpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIPOnswI5
MunqQ33kV6AAb9K42sfmijHlzopnCzfnN2gkgek2r3coPjNN0FPkGFBmRYjDn+Ts
SyUFh+WBL/2J3IOURP3O7mIuPUaEr13pKuM28rtNq8duybpZbFiYAidU2NzNc2gW
JlBdI2H9DTjkK6FMQ0sMYkVZ99HVjTqHirODkgoVJB3SNweJQkk2uki4nkty4/zE
Jw1qGdE3nckZM+uih6ObHQQ86dI+z6vBu+WidbZrziI6tO1VA7qsqiTEaOs4sF9t
4B/EXKngiuzetCnEXi0nySwCpsexSDDg2RZX4OKqeBAzouk+xzFShAdZ+r7LTM3D
ON6zGIk8T3znpQ==
-----END CERTIFICATE-----