Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6039e8-2d68-4310-a3ac-4bfefe416f26/1/egadopx7Yd3rzAUk_QjlTf80wWg.mft
File:                     egadopx7Yd3rzAUk_QjlTf80wWg.mft (raw, json)
Hash identifier:          xe8cEy68bo0op97fQHaSMCcF5Aoqdg2eDCoknpZH1y4=
Subject key identifier:   37:1A:D0:35:29:13:F5:CD:B0:BA:68:4A:85:BD:A9:19:8B:05:70:A2
Authority key identifier: 7A:06:9D:A2:9C:7B:61:DD:EB:CC:05:24:FD:08:E5:4D:FF:34:C1:68
Certificate issuer:       /CN=7a069da29c7b61ddebcc0524fd08e54dff34c168
Certificate serial:       0196C34C8248A10A81C81A5E782A9B36FB60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/egadopx7Yd3rzAUk_QjlTf80wWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/6039e8-2d68-4310-a3ac-4bfefe416f26/1/egadopx7Yd3rzAUk_QjlTf80wWg.mft
Manifest number:          1534
Signing time:             Mon 12 May 2025 07:01:33 +0000
Manifest this update:     Mon 12 May 2025 07:01:33 +0000
Manifest next update:     Tue 13 May 2025 07:01:33 +0000
Files and hashes:         1: egadopx7Yd3rzAUk_QjlTf80wWg.crl (hash: gWziKxTkf+oQqxzbQUZjnIQRwD8lBIq2TOGRtVgiBbw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/6039e8-2d68-4310-a3ac-4bfefe416f26/1/egadopx7Yd3rzAUk_QjlTf80wWg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/6039e8-2d68-4310-a3ac-4bfefe416f26/1/egadopx7Yd3rzAUk_QjlTf80wWg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/egadopx7Yd3rzAUk_QjlTf80wWg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:4c:82:48:a1:0a:81:c8:1a:5e:78:2a:9b:36:fb:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a069da29c7b61ddebcc0524fd08e54dff34c168
        Validity
            Not Before: May 12 07:01:33 2025 GMT
            Not After : May 13 07:01:33 2025 GMT
        Subject: CN=371ad0352913f5cdb0ba684a85bda9198b0570a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:66:d4:f7:d2:17:bb:13:96:dd:08:0d:79:bc:
                    20:fb:e4:7d:bf:6d:5f:0f:c5:42:74:bf:f1:26:a0:
                    b8:56:6b:bf:51:d6:ef:81:c6:0c:11:3e:ff:1a:79:
                    c2:54:0d:2d:15:0c:d8:5e:c4:ba:ba:b8:13:a6:1e:
                    71:cc:6f:67:76:0d:e0:90:6a:e3:da:50:8f:9b:eb:
                    a3:7a:17:7f:6f:e0:c2:a3:61:e9:6c:2b:e3:61:e4:
                    87:7d:9f:4e:eb:f4:e6:5e:3d:5d:42:87:63:67:4a:
                    ba:c6:a5:cc:44:c5:8f:79:07:a6:15:7b:51:8f:4f:
                    c5:83:dd:02:0b:28:07:ef:c7:99:88:9c:79:99:a4:
                    3b:1d:70:95:d1:2e:d3:ed:fa:48:23:2b:b9:89:80:
                    47:89:18:32:60:a5:51:a0:09:f4:82:8f:54:ad:f7:
                    cf:34:f4:a9:55:ec:24:60:c5:4c:7f:bd:21:41:a5:
                    07:9b:fe:8a:c3:3b:ba:d0:61:b5:5d:3d:60:fe:b5:
                    94:de:8a:97:32:fb:52:3e:b6:cb:8b:3c:8b:1c:54:
                    16:39:a0:75:20:7b:f1:1e:3b:dd:ca:34:15:3b:b0:
                    12:11:64:44:26:46:38:f8:f7:18:d4:de:f7:ae:3c:
                    a5:15:8f:a1:a6:22:aa:f3:53:9b:2d:c7:9c:79:4e:
                    b5:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:1A:D0:35:29:13:F5:CD:B0:BA:68:4A:85:BD:A9:19:8B:05:70:A2
            X509v3 Authority Key Identifier:
                keyid:7A:06:9D:A2:9C:7B:61:DD:EB:CC:05:24:FD:08:E5:4D:FF:34:C1:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egadopx7Yd3rzAUk_QjlTf80wWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6039e8-2d68-4310-a3ac-4bfefe416f26/1/egadopx7Yd3rzAUk_QjlTf80wWg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6039e8-2d68-4310-a3ac-4bfefe416f26/1/egadopx7Yd3rzAUk_QjlTf80wWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:03:e9:2c:88:1f:f0:b0:03:f3:71:78:3d:12:65:61:79:64:
         6d:65:15:fd:b1:40:83:6d:77:85:a5:e4:0b:6f:a5:24:58:6e:
         0e:55:cc:a1:94:61:79:15:08:ae:3b:ea:5f:d2:a0:64:63:2f:
         63:37:aa:a4:3f:f0:72:76:29:a4:90:b7:63:d1:cb:49:40:04:
         17:c6:4d:19:d7:45:cb:30:c1:f8:99:36:64:d7:40:8c:19:f0:
         d4:93:3d:22:df:b4:bf:a4:ef:a6:c2:76:68:b0:2f:c5:b5:08:
         61:9d:0f:83:05:9c:01:12:95:1a:30:ce:fe:3d:0e:c5:a0:38:
         91:e9:ea:f5:93:f3:6f:30:ca:b8:c3:77:20:fa:78:e4:91:0b:
         fb:3c:c5:a5:42:03:7e:86:b3:66:63:3c:0c:60:24:f6:68:86:
         56:13:f1:3d:7d:6a:44:5b:1d:b7:f7:fb:26:01:7c:27:79:23:
         36:37:8a:9e:1a:b0:e4:96:da:bd:0f:96:71:38:c2:8c:3a:a5:
         e6:3b:d9:e9:87:fe:a9:82:99:9b:8f:3f:cb:3e:9a:51:52:e1:
         92:f1:2e:43:01:88:1b:b0:e4:41:ff:c5:22:d2:a0:04:21:bb:
         05:e5:f6:88:14:92:ff:0b:3a:8b:31:48:6e:6b:bf:28:d6:e9:
         3b:89:c1:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDTIJIoQqByBpeeCqbNvtgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMDY5ZGEyOWM3YjYxZGRlYmNjMDUyNGZkMDhlNTRkZmYz
NGMxNjgwHhcNMjUwNTEyMDcwMTMzWhcNMjUwNTEzMDcwMTMzWjAzMTEwLwYDVQQD
EygzNzFhZDAzNTI5MTNmNWNkYjBiYTY4NGE4NWJkYTkxOThiMDU3MGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGbU99IXuxOW3QgNebwg++R9v21f
D8VCdL/xJqC4Vmu/UdbvgcYMET7/GnnCVA0tFQzYXsS6urgTph5xzG9ndg3gkGrj
2lCPm+ujehd/b+DCo2HpbCvjYeSHfZ9O6/TmXj1dQodjZ0q6xqXMRMWPeQemFXtR
j0/Fg90CCygH78eZiJx5maQ7HXCV0S7T7fpIIyu5iYBHiRgyYKVRoAn0go9UrffP
NPSpVewkYMVMf70hQaUHm/6Kwzu60GG1XT1g/rWU3oqXMvtSPrbLizyLHFQWOaB1
IHvxHjvdyjQVO7ASEWREJkY4+PcY1N73rjylFY+hpiKq81ObLceceU61owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDca0DUpE/XNsLpoSoW9qRmLBXCiMB8GA1UdIwQY
MBaAFHoGnaKce2Hd68wFJP0I5U3/NMFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWdhZG9weDdZZDNyekFVa19RamxUZjgwd1dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82MDM5ZTgtMmQ2OC00MzEwLWEzYWMt
NGJmZWZlNDE2ZjI2LzEvZWdhZG9weDdZZDNyekFVa19RamxUZjgwd1dnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82MDM5ZTgtMmQ2OC00MzEwLWEzYWMtNGJmZWZlNDE2ZjI2
LzEvZWdhZG9weDdZZDNyekFVa19RamxUZjgwd1dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWAPpLIgf
8LAD83F4PRJlYXlkbWUV/bFAg213haXkC2+lJFhuDlXMoZRheRUIrjvqX9KgZGMv
YzeqpD/wcnYppJC3Y9HLSUAEF8ZNGddFyzDB+Jk2ZNdAjBnw1JM9It+0v6TvpsJ2
aLAvxbUIYZ0PgwWcARKVGjDO/j0OxaA4kenq9ZPzbzDKuMN3IPp45JEL+zzFpUID
foazZmM8DGAk9miGVhPxPX1qRFsdt/f7JgF8J3kjNjeKnhqw5JbavQ+WcTjCjDql
5jvZ6Yf+qYKZm48/yz6aUVLhkvEuQwGIG7DkQf/FItKgBCG7BeX2iBSS/ws6izFI
bmu/KNbpO4nBOw==
-----END CERTIFICATE-----