Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft
File:                     dbzZGxsvmvS3QhSm1njOBxlo4c8.mft (raw, json)
Hash identifier:          Q9kNJDCHI3zdQm4xTS1f9nhqCfdX5GYqM1tr1il1zAQ=
Subject key identifier:   D2:C4:9F:38:62:3F:18:07:B7:CD:14:87:CD:EE:9C:AE:E8:B1:6F:69
Authority key identifier: 75:BC:D9:1B:1B:2F:9A:F4:B7:42:14:A6:D6:78:CE:07:19:68:E1:CF
Certificate issuer:       /CN=75bcd91b1b2f9af4b74214a6d678ce071968e1cf
Certificate serial:       0196C917436224618975311A16C414B8D32F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dbzZGxsvmvS3QhSm1njOBxlo4c8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft
Manifest number:          0763
Signing time:             Tue 13 May 2025 10:01:06 +0000
Manifest this update:     Tue 13 May 2025 10:01:06 +0000
Manifest next update:     Wed 14 May 2025 10:01:06 +0000
Files and hashes:         1: dbzZGxsvmvS3QhSm1njOBxlo4c8.crl (hash: HxPLc6jzVhm8oJd4A2D9XhHRLRkNwTkrK/eniIh/V6o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dbzZGxsvmvS3QhSm1njOBxlo4c8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 10:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c9:17:43:62:24:61:89:75:31:1a:16:c4:14:b8:d3:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75bcd91b1b2f9af4b74214a6d678ce071968e1cf
        Validity
            Not Before: May 13 10:01:06 2025 GMT
            Not After : May 14 10:01:06 2025 GMT
        Subject: CN=d2c49f38623f1807b7cd1487cdee9caee8b16f69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:5b:69:95:e7:32:b4:1d:3e:7c:e5:8c:c8:66:
                    ad:30:16:f1:dc:ed:8d:ea:aa:14:0b:99:11:31:72:
                    64:99:fb:4b:1e:b6:94:59:7f:b2:9e:a0:39:22:a1:
                    5c:96:85:8d:66:c1:fc:70:10:cb:63:15:89:bb:b0:
                    68:3b:d6:21:4d:a3:21:ee:41:4a:ee:e3:a9:3c:db:
                    88:9b:8e:19:74:60:55:68:ff:c0:f1:d3:f9:51:e4:
                    92:10:3a:5b:7c:ba:9c:2a:1b:73:7b:11:b2:d3:80:
                    44:5b:7c:8b:ee:5b:3e:52:3e:28:c0:31:a5:8a:24:
                    ed:a9:2b:28:7e:ea:5b:0f:2a:4e:0c:3c:0a:8f:0c:
                    9a:ab:1b:10:86:49:22:61:32:c4:8a:6b:22:cf:e9:
                    d1:64:8d:5b:8b:3c:f7:d3:a4:69:4d:6e:3f:e8:18:
                    9a:48:86:f4:75:34:41:d7:ce:b5:9e:79:09:44:a0:
                    96:a5:e4:31:f4:2e:ae:4e:51:20:26:44:96:f1:e4:
                    e3:63:1f:3a:de:cf:dc:13:26:c1:2e:92:eb:7f:6e:
                    38:e0:3e:cc:97:bd:d7:cb:90:dd:bf:bc:11:9f:df:
                    bf:a3:d4:c5:50:58:83:f3:a7:d6:05:a8:d4:30:8d:
                    b2:86:99:48:7f:76:21:2f:d0:04:10:28:56:86:cb:
                    0d:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:C4:9F:38:62:3F:18:07:B7:CD:14:87:CD:EE:9C:AE:E8:B1:6F:69
            X509v3 Authority Key Identifier:
                keyid:75:BC:D9:1B:1B:2F:9A:F4:B7:42:14:A6:D6:78:CE:07:19:68:E1:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dbzZGxsvmvS3QhSm1njOBxlo4c8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cf:e9:9d:06:8f:b0:08:34:31:22:7d:c0:f1:30:6c:d1:ef:f0:
         7b:d2:70:9e:52:1e:a1:b8:da:0a:00:d4:35:92:7b:21:bb:97:
         7f:e7:6b:b3:9b:41:48:36:8b:67:ad:1a:0b:5f:83:97:ac:17:
         c9:58:aa:9e:44:e2:fa:da:c3:f1:e2:dc:6d:3f:78:8e:46:81:
         01:c2:d6:5a:ec:48:5c:48:a0:fc:fc:89:bd:89:b5:7a:12:be:
         b5:29:b5:07:5b:59:f9:a3:68:f5:45:d4:f5:d2:f4:65:f9:19:
         4f:89:68:8c:c6:f6:2c:f4:40:3d:06:be:d9:fa:8d:b6:46:73:
         2b:62:df:9a:d5:4a:b3:f2:b9:8b:11:f5:28:2e:a2:2c:39:fc:
         bd:9c:bc:7a:93:2a:e4:f7:39:76:f7:70:e4:d6:ae:f0:61:2d:
         55:66:51:cd:9a:24:85:b3:ec:1d:37:38:b1:b9:29:b8:79:14:
         32:85:d5:3e:70:91:3c:a7:b9:8b:66:ef:dc:dc:d1:5e:3d:33:
         a5:bf:c8:63:d1:d6:25:62:5f:fc:5d:4c:6c:55:5b:ee:a0:d3:
         ff:19:d9:df:bf:12:3e:cf:8f:7f:f9:79:b0:45:b6:b2:4b:57:
         0f:52:c5:cf:23:08:da:e4:c2:83:81:a4:19:27:2d:af:44:22:
         91:00:98:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbJF0NiJGGJdTEaFsQUuNMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YmNkOTFiMWIyZjlhZjRiNzQyMTRhNmQ2NzhjZTA3MTk2
OGUxY2YwHhcNMjUwNTEzMTAwMTA2WhcNMjUwNTE0MTAwMTA2WjAzMTEwLwYDVQQD
EyhkMmM0OWYzODYyM2YxODA3YjdjZDE0ODdjZGVlOWNhZWU4YjE2ZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ltplecytB0+fOWMyGatMBbx3O2N
6qoUC5kRMXJkmftLHraUWX+ynqA5IqFcloWNZsH8cBDLYxWJu7BoO9YhTaMh7kFK
7uOpPNuIm44ZdGBVaP/A8dP5UeSSEDpbfLqcKhtzexGy04BEW3yL7ls+Uj4owDGl
iiTtqSsofupbDypODDwKjwyaqxsQhkkiYTLEimsiz+nRZI1bizz306RpTW4/6Bia
SIb0dTRB1861nnkJRKCWpeQx9C6uTlEgJkSW8eTjYx863s/cEybBLpLrf2444D7M
l73Xy5Ddv7wRn9+/o9TFUFiD86fWBajUMI2yhplIf3YhL9AEEChWhssN2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNLEnzhiPxgHt80Uh83unK7osW9pMB8GA1UdIwQY
MBaAFHW82RsbL5r0t0IUptZ4zgcZaOHPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGJ6Wkd4c3ZtdlMzUWhTbTFuak9CeGxvNGM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9jOWMwMzAtNTUzZS00MzBhLTk4N2Qt
MWMwNTc1NTI2OTFlLzEvZGJ6Wkd4c3ZtdlMzUWhTbTFuak9CeGxvNGM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9jOWMwMzAtNTUzZS00MzBhLTk4N2QtMWMwNTc1NTI2OTFl
LzEvZGJ6Wkd4c3ZtdlMzUWhTbTFuak9CeGxvNGM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAz+mdBo+w
CDQxIn3A8TBs0e/we9JwnlIeobjaCgDUNZJ7IbuXf+drs5tBSDaLZ60aC1+Dl6wX
yViqnkTi+trD8eLcbT94jkaBAcLWWuxIXEig/PyJvYm1ehK+tSm1B1tZ+aNo9UXU
9dL0ZfkZT4lojMb2LPRAPQa+2fqNtkZzK2LfmtVKs/K5ixH1KC6iLDn8vZy8epMq
5Pc5dvdw5Nau8GEtVWZRzZokhbPsHTc4sbkpuHkUMoXVPnCRPKe5i2bv3NzRXj0z
pb/IY9HWJWJf/F1MbFVb7qDT/xnZ378SPs+Pf/l5sEW2sktXD1LFzyMI2uTCg4Gk
GSctr0QikQCY7Q==
-----END CERTIFICATE-----