Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/3086b8-71f3-4a8d-9451-29edfab39f49/1/vDImMeLrfqv7XttPywq4yZaCPEg.mft
File:                     vDImMeLrfqv7XttPywq4yZaCPEg.mft (raw, json)
Hash identifier:          FfB3CY8L+4mzXklGgkgBCU8UegbqEFtgA7wtK1fBt6Y=
Subject key identifier:   C8:D5:4F:15:81:B0:48:F4:DA:47:A2:27:1B:01:9D:FD:56:AF:39:F6
Authority key identifier: BC:32:26:31:E2:EB:7E:AB:FB:5E:DB:4F:CB:0A:B8:C9:96:82:3C:48
Certificate issuer:       /CN=bc322631e2eb7eabfb5edb4fcb0ab8c996823c48
Certificate serial:       0196A088C1D4F2917A2DAF8DF4527EB186E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vDImMeLrfqv7XttPywq4yZaCPEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/3086b8-71f3-4a8d-9451-29edfab39f49/1/vDImMeLrfqv7XttPywq4yZaCPEg.mft
Manifest number:          0588
Signing time:             Mon 05 May 2025 13:00:39 +0000
Manifest this update:     Mon 05 May 2025 13:00:39 +0000
Manifest next update:     Tue 06 May 2025 13:00:39 +0000
Files and hashes:         1: vDImMeLrfqv7XttPywq4yZaCPEg.crl (hash: C4tGbLPJjmhEkVbOFLrFL+9DsP/e5n/+Wh02xC2JBsM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/3086b8-71f3-4a8d-9451-29edfab39f49/1/vDImMeLrfqv7XttPywq4yZaCPEg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/3086b8-71f3-4a8d-9451-29edfab39f49/1/vDImMeLrfqv7XttPywq4yZaCPEg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vDImMeLrfqv7XttPywq4yZaCPEg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a0:88:c1:d4:f2:91:7a:2d:af:8d:f4:52:7e:b1:86:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc322631e2eb7eabfb5edb4fcb0ab8c996823c48
        Validity
            Not Before: May  5 13:00:39 2025 GMT
            Not After : May  6 13:00:39 2025 GMT
        Subject: CN=c8d54f1581b048f4da47a2271b019dfd56af39f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:bc:3d:cd:e5:b8:0c:d0:b1:ab:57:6c:0c:75:
                    31:c5:e7:e1:5c:51:53:44:dc:33:36:ff:4c:8e:b4:
                    ae:1c:c5:67:a3:bf:ea:bb:d0:16:de:47:5c:cb:88:
                    c3:a2:a3:74:c4:6e:a5:ac:df:fd:37:70:20:95:35:
                    ff:c4:b5:a5:81:dc:74:35:35:94:ae:4b:a4:71:b3:
                    94:8b:2b:0c:b8:97:2a:53:35:6b:6f:8d:65:93:7f:
                    47:75:2d:e2:d3:42:fd:2c:87:98:e7:70:d2:77:d8:
                    0f:91:2e:d6:4d:50:45:e4:a9:d6:89:a0:63:1d:7d:
                    51:53:97:1c:a3:98:e0:60:50:b2:6c:50:1b:d9:9c:
                    8e:0b:ec:ae:05:c1:27:5b:15:08:dc:b6:2f:d4:68:
                    0f:32:ce:01:65:29:85:40:bb:fa:f9:88:94:ba:09:
                    77:ac:2c:fd:56:51:3b:c0:51:79:36:e3:84:c8:7e:
                    45:7f:ba:fc:dc:42:9f:8a:04:ad:00:af:c1:aa:ff:
                    d5:01:30:31:1f:58:87:6f:20:75:5f:cf:bb:36:e4:
                    df:e1:dd:83:9f:f8:ab:7d:15:ce:59:c0:a0:b8:36:
                    47:90:db:3e:41:8b:f6:de:1c:67:09:c6:3d:95:0a:
                    3b:cd:4f:68:56:20:c3:68:da:ba:ed:92:39:e2:12:
                    1f:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:D5:4F:15:81:B0:48:F4:DA:47:A2:27:1B:01:9D:FD:56:AF:39:F6
            X509v3 Authority Key Identifier:
                keyid:BC:32:26:31:E2:EB:7E:AB:FB:5E:DB:4F:CB:0A:B8:C9:96:82:3C:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vDImMeLrfqv7XttPywq4yZaCPEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3086b8-71f3-4a8d-9451-29edfab39f49/1/vDImMeLrfqv7XttPywq4yZaCPEg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3086b8-71f3-4a8d-9451-29edfab39f49/1/vDImMeLrfqv7XttPywq4yZaCPEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:de:ba:ad:51:3b:ef:c2:64:78:87:9e:5a:2c:8a:60:b2:7c:
         1a:4b:51:85:56:cf:0d:54:ce:67:8e:b7:4b:b8:5b:14:7b:dd:
         96:23:10:df:19:26:96:92:b0:cf:e3:43:17:02:88:b4:33:fb:
         cd:63:0b:d7:2f:89:30:57:71:53:ad:e1:1d:8d:bb:71:28:d8:
         9a:43:bd:0e:14:e7:36:a7:16:29:3a:13:97:f4:2f:ee:16:76:
         46:d3:cb:95:aa:98:fa:0f:bd:70:da:24:d8:f3:ce:14:81:ba:
         d4:27:2a:07:59:d8:1c:94:9f:b3:c5:9d:0c:44:11:ce:71:0d:
         b4:8c:d8:3c:d2:e9:b1:a1:6c:e4:11:e8:df:07:df:38:87:16:
         e9:fe:14:26:69:77:d9:ad:d9:7d:f5:1d:d7:52:db:1f:6e:1e:
         d6:9a:91:18:86:12:11:24:af:81:d0:35:27:04:bc:77:6c:6e:
         9b:dd:c1:6d:56:ac:3d:a5:5e:ba:3e:09:75:a6:e6:8f:cc:57:
         80:ed:8c:01:ac:46:36:79:84:5f:f2:e2:4a:1e:04:14:7e:18:
         ab:54:a9:25:cb:00:8e:97:4a:4f:b3:5c:56:b9:9c:1b:d6:05:
         a0:67:29:fa:96:21:3c:cd:72:f7:e3:3c:86:b0:4e:b6:48:ba:
         9b:8d:b4:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZagiMHU8pF6La+N9FJ+sYbgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMzIyNjMxZTJlYjdlYWJmYjVlZGI0ZmNiMGFiOGM5OTY4
MjNjNDgwHhcNMjUwNTA1MTMwMDM5WhcNMjUwNTA2MTMwMDM5WjAzMTEwLwYDVQQD
EyhjOGQ1NGYxNTgxYjA0OGY0ZGE0N2EyMjcxYjAxOWRmZDU2YWYzOWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrw9zeW4DNCxq1dsDHUxxefhXFFT
RNwzNv9MjrSuHMVno7/qu9AW3kdcy4jDoqN0xG6lrN/9N3AglTX/xLWlgdx0NTWU
rkukcbOUiysMuJcqUzVrb41lk39HdS3i00L9LIeY53DSd9gPkS7WTVBF5KnWiaBj
HX1RU5cco5jgYFCybFAb2ZyOC+yuBcEnWxUI3LYv1GgPMs4BZSmFQLv6+YiUugl3
rCz9VlE7wFF5NuOEyH5Ff7r83EKfigStAK/Bqv/VATAxH1iHbyB1X8+7NuTf4d2D
n/irfRXOWcCguDZHkNs+QYv23hxnCcY9lQo7zU9oViDDaNq67ZI54hIfAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMjVTxWBsEj02keiJxsBnf1Wrzn2MB8GA1UdIwQY
MBaAFLwyJjHi636r+17bT8sKuMmWgjxIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkRJbU1lTHJmcXY3WHR0UHl3cTR5WmFDUEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8zMDg2YjgtNzFmMy00YThkLTk0NTEt
MjllZGZhYjM5ZjQ5LzEvdkRJbU1lTHJmcXY3WHR0UHl3cTR5WmFDUEVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8zMDg2YjgtNzFmMy00YThkLTk0NTEtMjllZGZhYjM5ZjQ5
LzEvdkRJbU1lTHJmcXY3WHR0UHl3cTR5WmFDUEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMd66rVE7
78JkeIeeWiyKYLJ8GktRhVbPDVTOZ463S7hbFHvdliMQ3xkmlpKwz+NDFwKItDP7
zWML1y+JMFdxU63hHY27cSjYmkO9DhTnNqcWKToTl/Qv7hZ2RtPLlaqY+g+9cNok
2PPOFIG61CcqB1nYHJSfs8WdDEQRznENtIzYPNLpsaFs5BHo3wffOIcW6f4UJml3
2a3ZffUd11LbH24e1pqRGIYSESSvgdA1JwS8d2xum93BbVasPaVeuj4Jdabmj8xX
gO2MAaxGNnmEX/LiSh4EFH4Yq1SpJcsAjpdKT7NcVrmcG9YFoGcp+pYhPM1y9+M8
hrBOtki6m420mw==
-----END CERTIFICATE-----