Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
File:                     dtAtj564761YOO-TGIVJb8-vHGE.mft (raw, json)
Hash identifier:          eh3wj/19g5uSaC132LV8xWJbstkogoX/N9yaDvF3qgw=
Subject key identifier:   BA:B8:01:D1:02:4B:E8:A1:E0:26:2C:FD:7F:FC:96:BB:20:21:AE:5E
Authority key identifier: 76:D0:2D:8F:9E:B8:EF:AD:58:38:EF:93:18:85:49:6F:CF:AF:1C:61
Certificate issuer:       /CN=76d02d8f9eb8efad5838ef931885496fcfaf1c61
Certificate serial:       0196BB92C2C658C3CBCB9D7C848DA65E3BCA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
Manifest number:          1531
Signing time:             Sat 10 May 2025 19:01:19 +0000
Manifest this update:     Sat 10 May 2025 19:01:19 +0000
Manifest next update:     Sun 11 May 2025 19:01:19 +0000
Files and hashes:         1: dtAtj564761YOO-TGIVJb8-vHGE.crl (hash: pmNveZRAPbHXJ8cBhJAv+ZoiiH5HjeT8OdUPUENSbVc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 19:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:92:c2:c6:58:c3:cb:cb:9d:7c:84:8d:a6:5e:3b:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76d02d8f9eb8efad5838ef931885496fcfaf1c61
        Validity
            Not Before: May 10 19:01:19 2025 GMT
            Not After : May 11 19:01:19 2025 GMT
        Subject: CN=bab801d1024be8a1e0262cfd7ffc96bb2021ae5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:b3:e1:7b:33:45:1d:5d:f9:8e:4b:b8:71:54:
                    dc:2b:60:c3:1b:04:37:98:24:56:d0:56:68:5a:8d:
                    a6:fc:2b:11:c5:a6:a6:0a:5f:c4:85:89:12:22:ca:
                    bb:62:81:8f:23:bf:31:de:90:38:a7:84:0b:42:05:
                    49:4d:f1:e5:d3:93:f6:5a:34:0f:39:24:39:ac:a4:
                    66:38:db:68:28:41:b2:36:d0:b4:01:8b:a7:29:10:
                    ad:49:4f:ab:6e:c3:4c:f3:1d:d1:af:83:f0:40:12:
                    db:e2:5e:93:a8:6e:b1:42:c0:d8:af:d9:d0:58:ad:
                    86:22:83:9b:48:38:52:8e:92:b7:0c:0e:ed:5c:da:
                    95:94:6b:de:cc:65:73:e8:0f:10:19:6a:74:9d:17:
                    8e:93:bd:b3:dd:8f:d6:d2:98:17:62:9e:4f:ff:2b:
                    80:03:99:c5:34:0c:70:ef:e5:3d:88:ec:66:c8:72:
                    ac:a0:ea:80:37:0e:33:b0:be:b0:08:b1:b2:5b:88:
                    33:94:0d:94:e3:82:b3:48:08:e7:42:f9:2e:67:fd:
                    2f:a0:39:7a:72:17:9b:fb:fd:6b:13:d7:76:3f:6b:
                    ad:1a:70:24:54:a8:5b:3c:72:fe:b7:2a:15:38:df:
                    d4:33:c7:01:1b:02:98:c2:0a:66:de:20:eb:be:f8:
                    fa:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:B8:01:D1:02:4B:E8:A1:E0:26:2C:FD:7F:FC:96:BB:20:21:AE:5E
            X509v3 Authority Key Identifier:
                keyid:76:D0:2D:8F:9E:B8:EF:AD:58:38:EF:93:18:85:49:6F:CF:AF:1C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:fb:c1:f6:a9:d7:4a:cd:2e:a1:0d:67:96:90:26:8a:06:a2:
         26:7d:a9:16:e9:35:12:11:d6:1f:56:aa:11:d7:cd:88:26:2a:
         6a:23:ed:c0:76:c0:75:54:2c:cd:02:9b:d8:69:5b:5b:48:79:
         73:50:0e:d7:9e:93:f5:9c:08:e9:00:ac:63:38:f9:80:97:02:
         1b:57:68:0b:79:ed:60:17:dd:d2:27:1a:25:28:87:4f:38:a3:
         44:fc:26:a2:d8:73:86:b3:22:60:3b:f4:7e:9c:f7:13:f6:1f:
         dd:51:71:22:f6:6c:30:d4:24:d9:f5:81:bb:38:59:9e:74:58:
         62:ba:c3:c3:b4:59:f6:be:73:8e:c9:58:87:78:02:af:d0:28:
         d4:66:d2:fa:1a:c1:22:94:86:1b:7f:8d:2f:d9:9a:e8:e8:da:
         6d:72:bc:9a:59:bb:cf:9b:eb:5e:af:a2:76:3a:81:ba:bf:ce:
         92:1b:91:40:38:a8:96:23:e3:5e:ff:f1:79:f4:cb:3b:47:91:
         2c:e9:21:73:10:1e:74:7e:f8:6a:01:75:b0:f6:7e:8c:b6:01:
         87:20:c1:8e:c1:0d:f6:c7:57:b7:b0:77:dc:ac:02:60:4f:68:
         c1:98:52:c0:a4:c1:15:d6:9d:70:fc:62:05:5e:e8:44:4c:5f:
         0d:85:8f:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7ksLGWMPLy518hI2mXjvKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZDAyZDhmOWViOGVmYWQ1ODM4ZWY5MzE4ODU0OTZmY2Zh
ZjFjNjEwHhcNMjUwNTEwMTkwMTE5WhcNMjUwNTExMTkwMTE5WjAzMTEwLwYDVQQD
EyhiYWI4MDFkMTAyNGJlOGExZTAyNjJjZmQ3ZmZjOTZiYjIwMjFhZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rPhezNFHV35jku4cVTcK2DDGwQ3
mCRW0FZoWo2m/CsRxaamCl/EhYkSIsq7YoGPI78x3pA4p4QLQgVJTfHl05P2WjQP
OSQ5rKRmONtoKEGyNtC0AYunKRCtSU+rbsNM8x3Rr4PwQBLb4l6TqG6xQsDYr9nQ
WK2GIoObSDhSjpK3DA7tXNqVlGvezGVz6A8QGWp0nReOk72z3Y/W0pgXYp5P/yuA
A5nFNAxw7+U9iOxmyHKsoOqANw4zsL6wCLGyW4gzlA2U44KzSAjnQvkuZ/0voDl6
cheb+/1rE9d2P2utGnAkVKhbPHL+tyoVON/UM8cBGwKYwgpm3iDrvvj6HQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLq4AdECS+ih4CYs/X/8lrsgIa5eMB8GA1UdIwQY
MBaAFHbQLY+euO+tWDjvkxiFSW/PrxxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8yMzI3NjMtMjZmOC00NDFiLTk2Yjgt
MDUxNjFmZjcxZDgwLzEvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8yMzI3NjMtMjZmOC00NDFiLTk2YjgtMDUxNjFmZjcxZDgw
LzEvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd/vB9qnX
Ss0uoQ1nlpAmigaiJn2pFuk1EhHWH1aqEdfNiCYqaiPtwHbAdVQszQKb2GlbW0h5
c1AO156T9ZwI6QCsYzj5gJcCG1doC3ntYBfd0icaJSiHTzijRPwmothzhrMiYDv0
fpz3E/Yf3VFxIvZsMNQk2fWBuzhZnnRYYrrDw7RZ9r5zjslYh3gCr9Ao1GbS+hrB
IpSGG3+NL9ma6OjabXK8mlm7z5vrXq+idjqBur/OkhuRQDioliPjXv/xefTLO0eR
LOkhcxAedH74agF1sPZ+jLYBhyDBjsEN9sdXt7B33KwCYE9owZhSwKTBFdadcPxi
BV7oRExfDYWPsQ==
-----END CERTIFICATE-----