Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
File:                     D2HrqF8lrXvk2foP9UUoqUorNjc.mft (raw, json)
Hash identifier:          hS1P04S6ZkI5xFKUzoCwEuImUpBfjJV+4OIOMfYpHWc=
Subject key identifier:   CC:FC:56:9E:6A:46:1C:C5:4E:3D:57:26:5D:25:05:15:FA:9C:64:A4
Authority key identifier: 0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37
Certificate issuer:       /CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637
Certificate serial:       0196BA1217BD1197DD2E6806BF53B4BD865D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
Manifest number:          A1
Signing time:             Sat 10 May 2025 12:01:09 +0000
Manifest this update:     Sat 10 May 2025 12:01:09 +0000
Manifest next update:     Sun 11 May 2025 12:01:09 +0000
Files and hashes:         1: D2HrqF8lrXvk2foP9UUoqUorNjc.crl (hash: Qjxuz++lS9eNYsXdyYKaiQTtIYOp1y2BqbIk4YtpkZI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 12:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ba:12:17:bd:11:97:dd:2e:68:06:bf:53:b4:bd:86:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637
        Validity
            Not Before: May 10 12:01:09 2025 GMT
            Not After : May 11 12:01:09 2025 GMT
        Subject: CN=ccfc569e6a461cc54e3d57265d250515fa9c64a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:f9:65:6c:b4:a2:49:6c:01:26:bb:11:8a:73:
                    e8:35:50:68:77:b0:c5:e8:fa:df:56:79:a2:f7:d4:
                    49:ec:d7:91:ff:a5:79:ae:9d:83:a9:f9:ce:9c:b5:
                    45:b2:e7:dd:7b:65:37:4c:87:7a:c9:f7:9f:ea:a1:
                    eb:a5:e5:df:a8:63:b3:64:1b:47:a4:68:dc:ae:56:
                    ec:9b:a5:3f:42:c1:e9:e8:fa:9f:a5:90:c1:aa:49:
                    00:53:2d:00:1c:c4:48:b3:da:c1:54:84:67:f4:1c:
                    a1:d2:e0:41:a4:ff:44:de:e5:a3:2f:76:b9:5a:a9:
                    fd:11:7f:cb:bb:f8:7f:1d:b8:42:39:46:56:bd:c8:
                    3c:86:7a:f0:bd:02:77:e0:95:96:08:c8:8d:0d:7c:
                    71:74:ea:a0:77:6e:a9:97:30:62:8a:56:20:08:f4:
                    aa:6d:f3:8c:7d:37:1c:2b:d4:40:2d:a4:ca:e9:91:
                    30:f0:e4:4f:03:14:95:d6:4e:2b:8e:1c:cb:02:07:
                    f8:9c:34:04:39:e8:24:64:5b:0b:22:c1:27:e8:1a:
                    f2:64:ec:81:07:18:57:83:8a:1e:8f:84:b5:0c:32:
                    dd:bc:98:2b:0e:79:b3:d8:7f:89:8d:01:06:0c:34:
                    5b:06:d8:5b:78:d5:96:56:d7:46:65:f4:69:81:79:
                    34:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:FC:56:9E:6A:46:1C:C5:4E:3D:57:26:5D:25:05:15:FA:9C:64:A4
            X509v3 Authority Key Identifier:
                keyid:0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c7:ad:cc:e9:25:a1:09:4f:88:1b:51:4a:ca:ed:b4:24:65:bd:
         17:40:03:7c:4e:ce:3f:fd:3c:06:7a:71:df:ee:cb:fd:07:44:
         a8:07:8c:31:2d:e5:a0:21:c8:c9:ea:6b:9f:5f:82:17:8e:f9:
         57:70:0b:89:d4:a4:64:56:70:76:db:65:1c:f1:95:45:da:9a:
         3c:d3:44:e2:28:19:2b:ad:19:31:7a:48:8a:cd:75:69:79:a2:
         72:d6:a8:0d:90:6f:0f:f3:d9:26:0c:da:e2:5f:4c:a1:9d:99:
         ce:3a:57:5a:0e:fd:db:85:00:1d:bd:c2:58:b3:45:b2:0b:55:
         dd:23:b3:ff:63:e1:1e:f1:56:35:36:d0:6a:77:6a:64:7c:37:
         9c:77:9e:79:05:b1:92:81:72:34:f3:35:24:84:8b:e8:2e:d6:
         70:71:fe:47:ca:4b:2c:13:ef:36:ce:6b:36:54:d2:6c:58:e5:
         3a:21:4f:5f:08:c0:a6:0d:b7:10:1f:91:7e:2f:5b:5c:d6:60:
         73:40:64:22:6f:14:b0:d0:71:bf:0b:02:99:0b:de:28:dc:24:
         c5:4f:57:60:b3:6a:83:8f:1d:19:c3:f5:86:24:10:37:84:06:
         26:77:ca:74:29:d8:9e:c7:a3:42:d1:5e:62:96:1e:43:cb:80:
         92:27:9d:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa6Ehe9EZfdLmgGv1O0vYZdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjFlYmE4NWYyNWFkN2JlNGQ5ZmEwZmY1NDUyOGE5NGEy
YjM2MzcwHhcNMjUwNTEwMTIwMTA5WhcNMjUwNTExMTIwMTA5WjAzMTEwLwYDVQQD
EyhjY2ZjNTY5ZTZhNDYxY2M1NGUzZDU3MjY1ZDI1MDUxNWZhOWM2NGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fllbLSiSWwBJrsRinPoNVBod7DF
6PrfVnmi99RJ7NeR/6V5rp2DqfnOnLVFsufde2U3TId6yfef6qHrpeXfqGOzZBtH
pGjcrlbsm6U/QsHp6PqfpZDBqkkAUy0AHMRIs9rBVIRn9Byh0uBBpP9E3uWjL3a5
Wqn9EX/Lu/h/HbhCOUZWvcg8hnrwvQJ34JWWCMiNDXxxdOqgd26plzBiilYgCPSq
bfOMfTccK9RALaTK6ZEw8ORPAxSV1k4rjhzLAgf4nDQEOegkZFsLIsEn6BryZOyB
BxhXg4oej4S1DDLdvJgrDnmz2H+JjQEGDDRbBthbeNWWVtdGZfRpgXk0MQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMz8Vp5qRhzFTj1XJl0lBRX6nGSkMB8GA1UdIwQY
MBaAFA9h66hfJa175Nn6D/VFKKlKKzY3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3Yjct
ZjA5NDA2OTY3NWUzLzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3YjctZjA5NDA2OTY3NWUz
LzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAx63M6SWh
CU+IG1FKyu20JGW9F0ADfE7OP/08Bnpx3+7L/QdEqAeMMS3loCHIyeprn1+CF475
V3ALidSkZFZwdttlHPGVRdqaPNNE4igZK60ZMXpIis11aXmictaoDZBvD/PZJgza
4l9MoZ2ZzjpXWg7924UAHb3CWLNFsgtV3SOz/2PhHvFWNTbQandqZHw3nHeeeQWx
koFyNPM1JISL6C7WcHH+R8pLLBPvNs5rNlTSbFjlOiFPXwjApg23EB+Rfi9bXNZg
c0BkIm8UsNBxvwsCmQveKNwkxU9XYLNqg48dGcP1hiQQN4QGJnfKdCnYnsejQtFe
YpYeQ8uAkiedFg==
-----END CERTIFICATE-----