Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
File:                     d_bMQsdY59p8S_q8ISEtHSghYDE.mft (raw, json)
Hash identifier:          /K44qzzk0oYEUmRScU4/NOkGoijaIaQrnoNYJRUsT88=
Subject key identifier:   B1:58:51:DF:FC:86:E2:2C:1A:91:BA:A1:04:9D:03:53:23:E9:40:B3
Authority key identifier: 77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31
Certificate issuer:       /CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
Certificate serial:       0197C681C22AE72D0BDF3F098B3412E8479B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
Manifest number:          0586
Signing time:             Tue 01 Jul 2025 15:01:21 +0000
Manifest this update:     Tue 01 Jul 2025 15:01:21 +0000
Manifest next update:     Wed 02 Jul 2025 15:01:21 +0000
Files and hashes:         1: d_bMQsdY59p8S_q8ISEtHSghYDE.crl (hash: A2i47Sd8J6arUq4bwePeNZp9xNyhnBEIKIaSacrN3wo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 15:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c6:81:c2:2a:e7:2d:0b:df:3f:09:8b:34:12:e8:47:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
        Validity
            Not Before: Jul  1 15:01:21 2025 GMT
            Not After : Jul  2 15:01:21 2025 GMT
        Subject: CN=b15851dffc86e22c1a91baa1049d035323e940b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:bb:08:21:a5:91:1f:42:43:87:0a:8d:33:91:
                    f4:a4:47:d4:2b:14:50:fc:34:b1:50:79:3a:f6:a2:
                    4c:b0:80:0b:de:40:96:06:81:59:d5:5d:db:1d:eb:
                    7e:8a:65:14:4d:73:9b:ba:3c:25:23:73:1b:58:44:
                    4e:a4:0d:2b:72:c9:64:f1:60:c3:aa:1b:2b:82:65:
                    53:a6:0b:aa:ec:11:49:cf:bf:3c:6b:a7:3c:8e:7b:
                    0d:8d:6a:34:86:5b:10:44:0c:dd:4b:e1:12:81:d8:
                    01:38:85:a5:af:94:79:6d:20:e0:1e:5e:3a:39:ef:
                    83:31:bc:7a:cd:1f:18:92:17:e3:0f:87:47:47:f3:
                    e0:79:92:f8:6d:8c:8b:58:ba:de:1a:14:33:d4:53:
                    10:cb:b5:92:2e:9a:f6:6a:77:70:ff:4a:54:3b:50:
                    45:2b:19:fe:17:30:66:cf:6d:31:3a:da:8d:f8:98:
                    22:86:32:2f:09:0b:b5:41:15:e1:ac:98:a8:c5:0c:
                    52:85:f2:cc:14:d6:de:4b:1b:d6:08:27:ba:dd:e8:
                    90:3c:65:63:41:8d:68:31:ad:6b:05:04:53:45:48:
                    96:4f:60:ca:77:a3:30:71:6e:c9:18:02:2d:bd:41:
                    fa:c7:95:8f:8d:97:55:bd:7e:d0:47:fd:ea:71:7f:
                    90:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:58:51:DF:FC:86:E2:2C:1A:91:BA:A1:04:9D:03:53:23:E9:40:B3
            X509v3 Authority Key Identifier:
                keyid:77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cb:ad:d4:91:c8:07:c1:84:b6:88:cb:42:77:72:2d:27:fe:f1:
         26:ee:d2:10:d5:f2:8c:79:ad:74:ae:6d:d4:26:aa:79:c4:55:
         27:70:32:76:3e:20:a6:6d:90:42:93:6d:18:e1:8c:dd:f6:ac:
         19:04:96:f2:15:51:ee:9d:34:85:ad:76:90:80:35:d5:4a:6f:
         52:f7:8d:b7:6b:8f:01:c1:d0:89:e7:d1:11:1e:30:17:f1:24:
         f1:80:d3:fd:26:90:f6:8c:e6:16:86:e8:49:ea:15:4b:e1:7c:
         91:4e:35:a4:97:92:1b:46:7c:8f:72:4e:51:69:f4:30:64:03:
         2a:37:24:58:d1:39:a9:5d:81:35:c5:eb:b7:3f:3b:7a:d1:65:
         38:bd:45:4e:10:d7:89:b2:54:dc:d8:8d:68:bb:38:8a:b9:2a:
         56:a5:82:a2:89:9c:36:0d:91:59:c1:6a:a1:39:49:dc:65:7e:
         03:43:af:0d:e0:99:cf:a0:d8:08:b3:7f:83:0b:f7:4d:f1:64:
         35:e9:24:d6:f8:65:e5:e9:f0:1d:11:8b:bb:7b:f0:4e:95:5a:
         88:7b:eb:8e:d2:74:d9:ee:59:c7:0d:94:bf:16:12:f6:5e:08:
         ac:54:64:36:e1:93:33:e8:1a:ea:2d:7a:14:f7:40:fc:58:20:
         49:92:31:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfGgcIq5y0L3z8JizQS6EebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjZjYzQyYzc1OGU3ZGE3YzRiZmFiYzIxMjEyZDFkMjgy
MTYwMzEwHhcNMjUwNzAxMTUwMTIxWhcNMjUwNzAyMTUwMTIxWjAzMTEwLwYDVQQD
EyhiMTU4NTFkZmZjODZlMjJjMWE5MWJhYTEwNDlkMDM1MzIzZTk0MGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrsIIaWRH0JDhwqNM5H0pEfUKxRQ
/DSxUHk69qJMsIAL3kCWBoFZ1V3bHet+imUUTXObujwlI3MbWEROpA0rcslk8WDD
qhsrgmVTpguq7BFJz788a6c8jnsNjWo0hlsQRAzdS+ESgdgBOIWlr5R5bSDgHl46
Oe+DMbx6zR8YkhfjD4dHR/PgeZL4bYyLWLreGhQz1FMQy7WSLpr2andw/0pUO1BF
Kxn+FzBmz20xOtqN+JgihjIvCQu1QRXhrJioxQxShfLMFNbeSxvWCCe63eiQPGVj
QY1oMa1rBQRTRUiWT2DKd6MwcW7JGAItvUH6x5WPjZdVvX7QR/3qcX+QqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLFYUd/8huIsGpG6oQSdA1Mj6UCzMB8GA1UdIwQY
MBaAFHf2zELHWOfafEv6vCEhLR0oIWAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQt
NGJlY2IzMzY5ZGVjLzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQtNGJlY2IzMzY5ZGVj
LzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAy63UkcgH
wYS2iMtCd3ItJ/7xJu7SENXyjHmtdK5t1CaqecRVJ3Aydj4gpm2QQpNtGOGM3fas
GQSW8hVR7p00ha12kIA11UpvUveNt2uPAcHQiefRER4wF/Ek8YDT/SaQ9ozmFobo
SeoVS+F8kU41pJeSG0Z8j3JOUWn0MGQDKjckWNE5qV2BNcXrtz87etFlOL1FThDX
ibJU3NiNaLs4irkqVqWCoomcNg2RWcFqoTlJ3GV+A0OvDeCZz6DYCLN/gwv3TfFk
Nekk1vhl5enwHRGLu3vwTpVaiHvrjtJ02e5Zxw2UvxYS9l4IrFRkNuGTM+ga6i16
FPdA/FggSZIx0g==
-----END CERTIFICATE-----