Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/03e755-8021-49b0-82e4-71ef49799bd9/1/rWbePns_OvDgZAZ70c52RUNYL18.mft
File:                     rWbePns_OvDgZAZ70c52RUNYL18.mft (raw, json)
Hash identifier:          4KIGJFboyTLuRJZek5jOkCDDfUxwF2ueq3Bbe26WEzw=
Subject key identifier:   7A:F7:AD:AB:CC:4C:79:01:94:7A:51:5D:B7:03:05:DA:AA:F3:9D:91
Authority key identifier: AD:66:DE:3E:7B:3F:3A:F0:E0:64:06:7B:D1:CE:76:45:43:58:2F:5F
Certificate issuer:       /CN=ad66de3e7b3f3af0e064067bd1ce764543582f5f
Certificate serial:       0196AFFC717DE6FCCF0583A6ABCA5DBEDF26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rWbePns_OvDgZAZ70c52RUNYL18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/03e755-8021-49b0-82e4-71ef49799bd9/1/rWbePns_OvDgZAZ70c52RUNYL18.mft
Manifest number:          11DE
Signing time:             Thu 08 May 2025 13:01:19 +0000
Manifest this update:     Thu 08 May 2025 13:01:19 +0000
Manifest next update:     Fri 09 May 2025 13:01:19 +0000
Files and hashes:         1: rWbePns_OvDgZAZ70c52RUNYL18.crl (hash: duHXZRYD/ojALA0OvkXuhOHAUKjuu39vHpy63RLtvZg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/03e755-8021-49b0-82e4-71ef49799bd9/1/rWbePns_OvDgZAZ70c52RUNYL18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/03e755-8021-49b0-82e4-71ef49799bd9/1/rWbePns_OvDgZAZ70c52RUNYL18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rWbePns_OvDgZAZ70c52RUNYL18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:af:fc:71:7d:e6:fc:cf:05:83:a6:ab:ca:5d:be:df:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad66de3e7b3f3af0e064067bd1ce764543582f5f
        Validity
            Not Before: May  8 13:01:19 2025 GMT
            Not After : May  9 13:01:19 2025 GMT
        Subject: CN=7af7adabcc4c7901947a515db70305daaaf39d91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:8f:87:4b:ad:1e:68:47:08:73:e0:ee:c4:05:
                    39:a0:c3:1d:13:79:26:47:49:0a:cf:65:c6:d6:8e:
                    f7:b6:75:81:29:08:cf:06:90:4f:90:ac:82:cd:1b:
                    41:62:5b:fc:5e:2f:f7:c6:bc:f6:73:1b:aa:9b:9c:
                    f7:44:a3:84:85:99:bc:76:66:7f:02:c2:96:c9:88:
                    98:dc:37:10:40:83:ea:12:61:ad:9a:a4:0e:96:69:
                    8e:6c:58:ba:25:b3:ba:7e:d3:95:9b:3d:36:56:b5:
                    0e:f7:75:2d:5a:44:62:98:e4:92:ec:4b:a3:2e:91:
                    a4:4d:68:b3:fe:57:e8:6c:c4:a2:77:9f:ca:92:97:
                    cb:50:5d:e8:d0:10:dc:b6:c8:15:8d:bd:46:b2:69:
                    69:2b:b3:88:ba:bb:f5:c1:b8:74:a0:37:79:ca:3c:
                    9e:40:a0:27:74:b7:93:61:ef:3f:de:c6:48:8e:30:
                    44:20:b3:04:f4:d5:bd:c5:d8:e8:c3:3b:9c:e3:b7:
                    0f:c4:e7:d0:4a:c3:65:b5:58:c2:17:ad:47:9f:83:
                    3a:c0:a3:0e:0f:96:d4:53:34:4f:c2:f1:d5:a9:f4:
                    6c:af:51:24:60:0a:93:ed:3d:f5:0f:79:61:a6:c6:
                    e0:08:be:f5:29:c6:5d:0e:74:f5:f8:42:e8:cc:d5:
                    74:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:F7:AD:AB:CC:4C:79:01:94:7A:51:5D:B7:03:05:DA:AA:F3:9D:91
            X509v3 Authority Key Identifier:
                keyid:AD:66:DE:3E:7B:3F:3A:F0:E0:64:06:7B:D1:CE:76:45:43:58:2F:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rWbePns_OvDgZAZ70c52RUNYL18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/03e755-8021-49b0-82e4-71ef49799bd9/1/rWbePns_OvDgZAZ70c52RUNYL18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/03e755-8021-49b0-82e4-71ef49799bd9/1/rWbePns_OvDgZAZ70c52RUNYL18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:72:a1:60:77:96:29:85:96:73:7d:b3:47:c4:0d:a1:57:5d:
         a8:f4:e9:91:01:81:aa:38:cc:02:45:2e:f4:a4:15:a5:54:af:
         26:bb:cc:22:af:a1:97:d3:e6:25:25:f8:c3:ee:9b:91:fd:1d:
         ef:86:b4:a0:37:99:e4:1c:27:21:64:59:26:bb:9c:e9:0b:bb:
         79:24:b6:07:79:06:6e:d3:fb:37:4a:4c:c8:61:d1:96:91:80:
         2b:a3:ca:be:08:d3:45:1a:87:c5:ca:c6:a7:de:41:ab:82:fd:
         c8:bb:5a:0d:6e:bd:43:b5:7a:52:e8:54:8e:39:6f:e0:a4:d1:
         17:99:90:c0:31:a7:cd:b0:92:c5:33:27:c7:79:a6:91:0b:6f:
         15:5a:e4:80:3a:58:5f:16:f9:17:57:2b:6d:05:de:37:41:2b:
         06:8e:26:5f:81:a1:12:c5:2e:13:82:fa:ba:1d:a2:4a:0d:ff:
         0a:47:6e:b5:73:5f:6b:66:79:4d:e6:57:23:f0:29:b7:7c:70:
         4b:0e:2f:0f:7f:84:f4:58:2c:88:20:ec:c8:c0:04:71:6f:75:
         a7:09:87:a8:3c:91:ff:1c:9a:0a:b4:b7:36:25:f2:1f:07:cf:
         89:85:52:e7:7e:f8:58:1c:da:fc:ea:79:ca:f7:c3:18:b1:64:
         ef:30:d3:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZav/HF95vzPBYOmq8pdvt8mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNjZkZTNlN2IzZjNhZjBlMDY0MDY3YmQxY2U3NjQ1NDM1
ODJmNWYwHhcNMjUwNTA4MTMwMTE5WhcNMjUwNTA5MTMwMTE5WjAzMTEwLwYDVQQD
Eyg3YWY3YWRhYmNjNGM3OTAxOTQ3YTUxNWRiNzAzMDVkYWFhZjM5ZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Y+HS60eaEcIc+DuxAU5oMMdE3km
R0kKz2XG1o73tnWBKQjPBpBPkKyCzRtBYlv8Xi/3xrz2cxuqm5z3RKOEhZm8dmZ/
AsKWyYiY3DcQQIPqEmGtmqQOlmmObFi6JbO6ftOVmz02VrUO93UtWkRimOSS7Euj
LpGkTWiz/lfobMSid5/KkpfLUF3o0BDctsgVjb1GsmlpK7OIurv1wbh0oDd5yjye
QKAndLeTYe8/3sZIjjBEILME9NW9xdjowzuc47cPxOfQSsNltVjCF61Hn4M6wKMO
D5bUUzRPwvHVqfRsr1EkYAqT7T31D3lhpsbgCL71KcZdDnT1+ELozNV0wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHr3ravMTHkBlHpRXbcDBdqq852RMB8GA1UdIwQY
MBaAFK1m3j57Pzrw4GQGe9HOdkVDWC9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcldiZVBuc19PdkRnWkFaNzBjNTJSVU5ZTDE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wM2U3NTUtODAyMS00OWIwLTgyZTQt
NzFlZjQ5Nzk5YmQ5LzEvcldiZVBuc19PdkRnWkFaNzBjNTJSVU5ZTDE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wM2U3NTUtODAyMS00OWIwLTgyZTQtNzFlZjQ5Nzk5YmQ5
LzEvcldiZVBuc19PdkRnWkFaNzBjNTJSVU5ZTDE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVHKhYHeW
KYWWc32zR8QNoVddqPTpkQGBqjjMAkUu9KQVpVSvJrvMIq+hl9PmJSX4w+6bkf0d
74a0oDeZ5BwnIWRZJruc6Qu7eSS2B3kGbtP7N0pMyGHRlpGAK6PKvgjTRRqHxcrG
p95Bq4L9yLtaDW69Q7V6UuhUjjlv4KTRF5mQwDGnzbCSxTMnx3mmkQtvFVrkgDpY
Xxb5F1crbQXeN0ErBo4mX4GhEsUuE4L6uh2iSg3/CkdutXNfa2Z5TeZXI/Apt3xw
Sw4vD3+E9FgsiCDsyMAEcW91pwmHqDyR/xyaCrS3NiXyHwfPiYVS5374WBza/Op5
yvfDGLFk7zDTQg==
-----END CERTIFICATE-----