Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
File:                     r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft (raw, json)
Hash identifier:          w7FLQZfrELjT1DlQpwllfti3y7tJwwz3GqT4ltfXA9M=
Subject key identifier:   EF:56:EE:63:FE:80:52:8E:0A:35:EE:03:F3:9A:74:B8:54:AB:05:7D
Authority key identifier: AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30
Certificate issuer:       /CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
Certificate serial:       0196C34B4FCE320C1792230F7230D547FEFC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
Manifest number:          0DCC
Signing time:             Mon 12 May 2025 07:00:14 +0000
Manifest this update:     Mon 12 May 2025 07:00:14 +0000
Manifest next update:     Tue 13 May 2025 07:00:14 +0000
Files and hashes:         1: r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl (hash: RokEu7vwcmSqcB81bJY4HvMHm/bXYz9+s1dKxvgmkDs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:4b:4f:ce:32:0c:17:92:23:0f:72:30:d5:47:fe:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
        Validity
            Not Before: May 12 07:00:14 2025 GMT
            Not After : May 13 07:00:14 2025 GMT
        Subject: CN=ef56ee63fe80528e0a35ee03f39a74b854ab057d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:59:77:1a:ee:1b:d8:c8:ab:e3:7b:6f:97:2c:
                    da:68:2d:39:70:e6:de:7c:9d:04:51:ec:91:76:7f:
                    8e:c9:08:a4:9e:78:3d:e0:f7:bf:e1:27:f8:53:4d:
                    23:a9:74:c4:3f:50:00:5f:7c:d1:fc:27:54:87:23:
                    f2:38:58:8d:cb:75:f3:31:fe:64:14:3f:ba:ec:22:
                    fa:0d:da:30:ab:97:88:00:bb:49:26:40:c9:45:c5:
                    05:d6:70:4f:0c:98:25:42:88:2c:fb:c3:c6:26:a4:
                    e5:b3:67:f4:57:3e:3a:3f:bd:15:d7:9c:d8:60:a9:
                    89:8e:39:98:03:77:7b:ff:63:af:ea:e8:97:ec:2f:
                    4e:2e:0a:47:ce:d5:22:62:0b:8c:1f:65:dc:ea:88:
                    67:0c:92:b2:d0:c1:5a:c7:9a:6f:57:f3:3e:86:20:
                    1b:66:96:a7:2d:2a:14:7b:f4:0f:d1:06:95:ba:ef:
                    70:ca:6a:98:23:53:30:74:88:5a:db:9b:15:cc:a1:
                    2d:26:44:99:c3:72:ab:8d:83:ba:ec:7d:4c:71:84:
                    6d:cf:89:e5:16:07:85:6c:8d:90:0c:f2:10:74:18:
                    54:78:29:8f:d8:a8:f0:c0:85:b6:d9:82:7e:6b:0b:
                    29:b1:0e:16:76:62:75:5e:6f:17:63:e8:52:c7:71:
                    23:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:56:EE:63:FE:80:52:8E:0A:35:EE:03:F3:9A:74:B8:54:AB:05:7D
            X509v3 Authority Key Identifier:
                keyid:AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:40:72:9a:01:dd:07:56:d5:a5:39:74:ad:fe:4f:40:99:52:
         84:df:65:a9:f4:17:6d:a3:c7:62:4b:83:86:00:aa:ef:bf:ef:
         63:d5:34:df:7f:59:5d:ea:00:4b:29:45:a7:6b:fd:f9:52:4e:
         39:65:95:af:7c:ad:bc:17:c9:c6:a9:86:95:74:0e:3c:b0:c7:
         1c:72:32:b5:5e:72:37:7a:57:fd:20:d7:d2:64:d9:5f:f6:cf:
         dc:36:e4:e6:b8:05:3e:e1:b2:d7:49:a4:9c:78:36:16:41:ce:
         60:ac:09:93:28:32:6d:0c:b0:61:48:3d:ec:d8:50:38:6c:3f:
         f8:0d:4d:d7:b7:76:0d:f5:da:44:ea:01:65:c5:50:42:62:be:
         72:ee:e1:59:59:db:c7:8f:11:7b:bc:56:f8:d2:02:cb:5b:20:
         da:2a:69:a2:b7:d4:ee:e4:65:39:c0:44:bc:7e:b0:48:ad:12:
         be:c1:77:f3:c4:c1:77:07:d3:9b:8e:82:26:f2:ac:c7:ae:65:
         9d:d9:ac:3f:08:d4:05:68:b3:1f:13:c5:e9:bd:e7:36:61:18:
         ee:48:29:f3:c5:d8:8c:65:6e:77:36:bd:17:3e:c2:fd:f6:ec:
         a0:23:26:a3:ad:71:75:28:11:75:58:3c:6d:8f:27:e1:8f:2c:
         cf:80:10:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDS0/OMgwXkiMPcjDVR/78MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODJhMDk3YTI4YTZiNmE2OTlkOGQ2YWJlNGRjYjk1YmIx
OTgzMzAwHhcNMjUwNTEyMDcwMDE0WhcNMjUwNTEzMDcwMDE0WjAzMTEwLwYDVQQD
EyhlZjU2ZWU2M2ZlODA1MjhlMGEzNWVlMDNmMzlhNzRiODU0YWIwNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjll3Gu4b2Mir43tvlyzaaC05cObe
fJ0EUeyRdn+OyQiknng94Pe/4Sf4U00jqXTEP1AAX3zR/CdUhyPyOFiNy3XzMf5k
FD+67CL6Ddowq5eIALtJJkDJRcUF1nBPDJglQogs+8PGJqTls2f0Vz46P70V15zY
YKmJjjmYA3d7/2Ov6uiX7C9OLgpHztUiYguMH2Xc6ohnDJKy0MFax5pvV/M+hiAb
ZpanLSoUe/QP0QaVuu9wymqYI1MwdIha25sVzKEtJkSZw3KrjYO67H1McYRtz4nl
FgeFbI2QDPIQdBhUeCmP2KjwwIW22YJ+awspsQ4WdmJ1Xm8XY+hSx3EjMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO9W7mP+gFKOCjXuA/OadLhUqwV9MB8GA1UdIwQY
MBaAFK+CoJeiimtqaZ2Nar5Ny5W7GYMwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMt
ZmFhOGI3MThiNmNiLzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMtZmFhOGI3MThiNmNi
LzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdUBymgHd
B1bVpTl0rf5PQJlShN9lqfQXbaPHYkuDhgCq77/vY9U0339ZXeoASylFp2v9+VJO
OWWVr3ytvBfJxqmGlXQOPLDHHHIytV5yN3pX/SDX0mTZX/bP3Dbk5rgFPuGy10mk
nHg2FkHOYKwJkygybQywYUg97NhQOGw/+A1N17d2DfXaROoBZcVQQmK+cu7hWVnb
x48Re7xW+NICy1sg2ipporfU7uRlOcBEvH6wSK0SvsF388TBdwfTm46CJvKsx65l
ndmsPwjUBWizHxPF6b3nNmEY7kgp88XYjGVudza9Fz7C/fbsoCMmo61xdSgRdVg8
bY8n4Y8sz4AQiQ==
-----END CERTIFICATE-----