Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft
File:                     dCnR70knCBDhAgzqhhmGQjORMaA.mft (raw, json)
Hash identifier:          m9oDzFBbyKBRK1TQ+IGxNlPRKVcYUyT7HHGFS17gRo4=
Subject key identifier:   63:E8:45:20:9C:44:8B:D2:58:1F:61:3A:CD:AA:AF:C7:BD:35:C7:14
Authority key identifier: 74:29:D1:EF:49:27:08:10:E1:02:0C:EA:86:19:86:42:33:91:31:A0
Certificate issuer:       /CN=7429d1ef49270810e1020cea86198642339131a0
Certificate serial:       0196D889960EAB4D50E79EE067AC85C6563A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCnR70knCBDhAgzqhhmGQjORMaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft
Manifest number:          0A0E
Signing time:             Fri 16 May 2025 10:00:17 +0000
Manifest this update:     Fri 16 May 2025 10:00:17 +0000
Manifest next update:     Sat 17 May 2025 10:00:17 +0000
Files and hashes:         1: dCnR70knCBDhAgzqhhmGQjORMaA.crl (hash: 0Qfxk7xqsCOXX17ZERj+wE1EsnXCtfwGNeLMpQcZX9Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dCnR70knCBDhAgzqhhmGQjORMaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 17 May 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d8:89:96:0e:ab:4d:50:e7:9e:e0:67:ac:85:c6:56:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7429d1ef49270810e1020cea86198642339131a0
        Validity
            Not Before: May 16 10:00:17 2025 GMT
            Not After : May 17 10:00:17 2025 GMT
        Subject: CN=63e845209c448bd2581f613acdaaafc7bd35c714
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:aa:bb:6a:f3:42:3d:29:77:04:c9:a7:99:a7:
                    bc:ea:c6:a4:a5:fe:09:a3:e3:13:ec:47:5a:b0:d7:
                    ca:bb:d0:8e:07:2a:8d:01:e2:84:d2:36:a8:de:ed:
                    14:b6:9c:14:b6:25:20:7e:f3:bf:9c:4a:15:cf:5b:
                    65:41:18:7b:f6:c4:8d:fe:14:74:5a:90:8d:4a:d8:
                    bb:f3:fe:2e:62:19:29:cc:9e:f1:78:68:1d:66:d1:
                    de:36:18:2c:e4:e5:8a:e5:d2:0a:49:42:03:dc:c5:
                    63:9e:f0:8f:c5:32:be:6c:a6:49:92:a7:08:b9:6b:
                    c9:96:43:28:a3:47:70:1e:47:e2:46:25:d7:7f:58:
                    1f:08:c7:31:7b:23:ac:38:4a:25:71:f3:5b:cf:7d:
                    4c:8f:d6:63:28:6a:45:56:fb:6c:ae:a2:b5:08:ea:
                    79:de:24:7e:b8:f7:64:92:b1:1f:7f:ed:2e:bf:f9:
                    59:9f:a2:86:1d:e4:17:7d:49:f0:e4:f4:8c:b7:90:
                    b4:33:63:d5:f9:74:1f:17:b7:6e:d2:36:73:f7:7c:
                    56:83:bc:ea:36:b9:f2:bc:de:ff:19:50:4c:10:3e:
                    66:0f:31:df:9a:69:80:95:b2:5b:f8:9d:6e:84:20:
                    92:a9:6c:20:ea:77:e0:d7:db:96:43:10:51:8b:45:
                    1a:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:E8:45:20:9C:44:8B:D2:58:1F:61:3A:CD:AA:AF:C7:BD:35:C7:14
            X509v3 Authority Key Identifier:
                keyid:74:29:D1:EF:49:27:08:10:E1:02:0C:EA:86:19:86:42:33:91:31:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCnR70knCBDhAgzqhhmGQjORMaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:5d:f1:5b:43:8b:ee:0a:50:d4:0f:b2:ed:98:6b:32:c9:a4:
         16:14:6d:11:5d:a7:b5:b1:de:59:3e:3e:61:5f:1b:d3:da:fd:
         c0:59:89:db:13:83:45:21:d7:c8:3c:c2:ec:0b:a9:cb:27:0b:
         93:a3:78:04:c5:e1:69:a7:17:a6:8f:cb:fd:2f:4a:02:2c:6a:
         48:f7:c5:ba:2c:60:1d:99:b3:60:eb:a6:39:82:36:a6:ca:9b:
         c6:0c:ee:be:c7:cd:e2:99:4e:9b:c7:29:80:43:5f:88:cf:2f:
         91:b7:bc:d1:09:58:e6:28:f5:12:df:ea:84:e9:1d:b6:7e:7f:
         cd:eb:59:58:83:24:45:3b:f3:cc:5b:28:02:7a:01:f2:95:71:
         ae:8d:0a:d3:61:b7:4b:23:a8:c7:18:c8:9b:8b:4d:09:35:77:
         94:47:de:8e:34:16:88:95:fb:1b:0a:63:4a:ce:70:6c:3c:af:
         23:c0:db:01:14:7c:3d:70:df:bd:c6:3f:87:14:92:45:b1:48:
         22:7f:22:ff:55:71:9a:d1:ad:83:42:5e:6a:1f:b0:2a:15:37:
         98:63:28:0c:61:75:33:98:ab:93:87:e6:71:55:54:c2:90:c8:
         20:d5:a8:51:6d:db:e4:2b:53:ed:a0:4b:0b:29:d5:5f:c6:d8:
         2b:1e:84:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbYiZYOq01Q557gZ6yFxlY6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjlkMWVmNDkyNzA4MTBlMTAyMGNlYTg2MTk4NjQyMzM5
MTMxYTAwHhcNMjUwNTE2MTAwMDE3WhcNMjUwNTE3MTAwMDE3WjAzMTEwLwYDVQQD
Eyg2M2U4NDUyMDljNDQ4YmQyNTgxZjYxM2FjZGFhYWZjN2JkMzVjNzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaq7avNCPSl3BMmnmae86sakpf4J
o+MT7EdasNfKu9COByqNAeKE0jao3u0UtpwUtiUgfvO/nEoVz1tlQRh79sSN/hR0
WpCNSti78/4uYhkpzJ7xeGgdZtHeNhgs5OWK5dIKSUID3MVjnvCPxTK+bKZJkqcI
uWvJlkMoo0dwHkfiRiXXf1gfCMcxeyOsOEolcfNbz31Mj9ZjKGpFVvtsrqK1COp5
3iR+uPdkkrEff+0uv/lZn6KGHeQXfUnw5PSMt5C0M2PV+XQfF7du0jZz93xWg7zq
NrnyvN7/GVBMED5mDzHfmmmAlbJb+J1uhCCSqWwg6nfg19uWQxBRi0UavQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGPoRSCcRIvSWB9hOs2qr8e9NccUMB8GA1UdIwQY
MBaAFHQp0e9JJwgQ4QIM6oYZhkIzkTGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENuUjcwa25DQkRoQWd6cWhobUdRak9STWFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9mYzBkMjEtN2YxNC00NGFiLTk5NWMt
ZTBiYWU4YmFlNjc0LzEvZENuUjcwa25DQkRoQWd6cWhobUdRak9STWFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9mYzBkMjEtN2YxNC00NGFiLTk5NWMtZTBiYWU4YmFlNjc0
LzEvZENuUjcwa25DQkRoQWd6cWhobUdRak9STWFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJF3xW0OL
7gpQ1A+y7ZhrMsmkFhRtEV2ntbHeWT4+YV8b09r9wFmJ2xODRSHXyDzC7AupyycL
k6N4BMXhaacXpo/L/S9KAixqSPfFuixgHZmzYOumOYI2psqbxgzuvsfN4plOm8cp
gENfiM8vkbe80QlY5ij1Et/qhOkdtn5/zetZWIMkRTvzzFsoAnoB8pVxro0K02G3
SyOoxxjIm4tNCTV3lEfejjQWiJX7GwpjSs5wbDyvI8DbARR8PXDfvcY/hxSSRbFI
In8i/1VxmtGtg0Jeah+wKhU3mGMoDGF1M5irk4fmcVVUwpDIINWoUW3b5CtT7aBL
CynVX8bYKx6ESw==
-----END CERTIFICATE-----