Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
File:                     d_bMQsdY59p8S_q8ISEtHSghYDE.mft (raw, json)
Hash identifier:          frbyWXxzF6mzBwVy4h09AomrBaR2aPyvcf6j4hiKih0=
Subject key identifier:   31:EA:19:23:24:36:AE:75:BC:E4:4D:47:1D:B9:C7:71:F0:7D:D9:3E
Authority key identifier: 77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31
Certificate issuer:       /CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
Certificate serial:       0196C1CAEE90DB5E56B810C67C3419B9D2FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
Manifest number:          04FF
Signing time:             Mon 12 May 2025 00:00:24 +0000
Manifest this update:     Mon 12 May 2025 00:00:24 +0000
Manifest next update:     Tue 13 May 2025 00:00:24 +0000
Files and hashes:         1: d_bMQsdY59p8S_q8ISEtHSghYDE.crl (hash: y+cflOgf6H+DAFuMV0guXogQpUyX4CsxyU3MyHEHUbc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 00:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:ca:ee:90:db:5e:56:b8:10:c6:7c:34:19:b9:d2:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
        Validity
            Not Before: May 12 00:00:24 2025 GMT
            Not After : May 13 00:00:24 2025 GMT
        Subject: CN=31ea19232436ae75bce44d471db9c771f07dd93e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:97:03:39:84:e0:7f:9f:94:8f:c5:9d:ac:46:
                    87:f5:f4:29:10:31:c5:07:19:53:bf:d6:ce:38:2c:
                    2c:e0:3e:e6:2f:e8:16:c2:0c:72:95:81:8f:ec:b4:
                    1e:76:88:6e:6b:40:d5:4a:4a:1a:b7:d3:95:71:d1:
                    38:6c:e4:4c:5c:b3:b7:83:b5:75:a5:02:7c:a2:b8:
                    7f:a9:54:15:9a:b9:13:4e:6d:e4:7a:eb:57:62:38:
                    11:cf:c2:54:fb:21:c3:ec:2d:25:27:92:18:a5:42:
                    0c:8c:0a:b3:0c:f8:2c:54:1f:b2:90:6a:ad:8e:57:
                    95:7d:8c:28:f9:19:eb:b1:e8:30:54:24:d2:1d:04:
                    11:d3:9d:18:b9:5d:30:fa:00:d0:95:0e:dc:37:4f:
                    66:30:90:0c:de:72:aa:61:4c:40:3e:21:74:95:5a:
                    ce:25:10:2c:fe:21:87:ff:f0:c9:24:1a:cf:d0:46:
                    2d:19:12:57:24:a9:73:90:bb:f5:0e:ea:2a:30:39:
                    a7:66:85:de:9b:d2:48:d0:78:c1:a1:45:f7:4e:cf:
                    df:5e:58:24:8f:5d:53:cf:c1:40:e0:0c:ba:b7:4d:
                    ef:c7:a3:25:c7:cb:ff:78:cd:16:18:4a:0d:68:b5:
                    62:7d:57:06:e7:98:d7:4c:29:0b:a8:0e:39:ae:c2:
                    e5:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:EA:19:23:24:36:AE:75:BC:E4:4D:47:1D:B9:C7:71:F0:7D:D9:3E
            X509v3 Authority Key Identifier:
                keyid:77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c5:b2:bd:39:d0:41:db:b6:35:ac:58:bb:0c:f9:ef:8d:fd:72:
         34:e5:ed:0d:9c:af:a5:c1:c2:27:54:8b:dc:c5:20:cb:82:62:
         2a:1b:9b:e8:60:66:d9:d2:83:2b:67:26:2e:28:b7:15:cc:56:
         29:e0:55:e3:17:64:88:a4:ea:79:b4:3f:5c:51:9e:57:d7:b2:
         a8:69:95:4d:47:1c:7b:92:d7:a0:c9:cc:ee:6e:75:e7:7e:98:
         11:06:df:ea:9c:96:4d:80:4f:8d:d8:5d:40:02:72:50:a2:d0:
         47:37:6a:ed:36:f0:d1:14:c1:51:e6:44:13:07:3e:c6:3b:df:
         cf:a4:50:88:07:d1:c9:51:98:4d:6d:8c:c9:2e:3e:9d:c7:9d:
         60:5f:1e:36:ea:0f:52:a8:47:5a:43:a9:69:46:10:63:e3:d0:
         94:0a:6e:16:29:cb:8f:84:fc:db:c2:49:52:fb:4c:a4:dc:b9:
         f0:aa:da:8e:9c:52:eb:c5:ca:25:99:56:77:21:6d:d7:33:09:
         55:56:b3:ac:03:af:e2:f0:6d:73:7c:05:31:d0:90:21:94:96:
         18:94:d7:ea:ca:88:8f:df:6c:08:57:21:c8:2c:8f:26:36:35:
         56:71:47:fd:97:0c:34:22:1d:37:4a:03:3c:66:74:2f:7b:6a:
         7a:c7:e9:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbByu6Q215WuBDGfDQZudL/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjZjYzQyYzc1OGU3ZGE3YzRiZmFiYzIxMjEyZDFkMjgy
MTYwMzEwHhcNMjUwNTEyMDAwMDI0WhcNMjUwNTEzMDAwMDI0WjAzMTEwLwYDVQQD
EygzMWVhMTkyMzI0MzZhZTc1YmNlNDRkNDcxZGI5Yzc3MWYwN2RkOTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5cDOYTgf5+Uj8WdrEaH9fQpEDHF
BxlTv9bOOCws4D7mL+gWwgxylYGP7LQedohua0DVSkoat9OVcdE4bORMXLO3g7V1
pQJ8orh/qVQVmrkTTm3keutXYjgRz8JU+yHD7C0lJ5IYpUIMjAqzDPgsVB+ykGqt
jleVfYwo+RnrsegwVCTSHQQR050YuV0w+gDQlQ7cN09mMJAM3nKqYUxAPiF0lVrO
JRAs/iGH//DJJBrP0EYtGRJXJKlzkLv1DuoqMDmnZoXem9JI0HjBoUX3Ts/fXlgk
j11Tz8FA4Ay6t03vx6Mlx8v/eM0WGEoNaLVifVcG55jXTCkLqA45rsLlGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDHqGSMkNq51vORNRx25x3Hwfdk+MB8GA1UdIwQY
MBaAFHf2zELHWOfafEv6vCEhLR0oIWAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQt
NGJlY2IzMzY5ZGVjLzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQtNGJlY2IzMzY5ZGVj
LzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxbK9OdBB
27Y1rFi7DPnvjf1yNOXtDZyvpcHCJ1SL3MUgy4JiKhub6GBm2dKDK2cmLii3FcxW
KeBV4xdkiKTqebQ/XFGeV9eyqGmVTUcce5LXoMnM7m51536YEQbf6pyWTYBPjdhd
QAJyUKLQRzdq7Tbw0RTBUeZEEwc+xjvfz6RQiAfRyVGYTW2MyS4+ncedYF8eNuoP
UqhHWkOpaUYQY+PQlApuFinLj4T828JJUvtMpNy58KrajpxS68XKJZlWdyFt1zMJ
VVazrAOv4vBtc3wFMdCQIZSWGJTX6sqIj99sCFchyCyPJjY1VnFH/ZcMNCIdN0oD
PGZ0L3tqesfpOw==
-----END CERTIFICATE-----