Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
File:                     d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft (raw, json)
Hash identifier:          p57pfN9HKj6ql7gcZA2NTWdOk43AeqgVgLNrSIGaXrM=
Subject key identifier:   D3:2F:AC:1B:35:56:DC:24:DA:58:54:C9:1B:3F:AF:AC:83:BC:86:75
Authority key identifier: 77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC
Certificate issuer:       /CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
Certificate serial:       01964D7E1AD6318F304B1347DFE11AADD9C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
Manifest number:          0723
Signing time:             Sat 19 Apr 2025 10:00:32 +0000
Manifest this update:     Sat 19 Apr 2025 10:00:32 +0000
Manifest next update:     Sun 20 Apr 2025 10:00:32 +0000
Files and hashes:         1: d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl (hash: ALOhXlHM9wrPCIpU+GMJnas2WpEKoT+tP9uu1tQ54N8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7e:1a:d6:31:8f:30:4b:13:47:df:e1:1a:ad:d9:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
        Validity
            Not Before: Apr 19 10:00:32 2025 GMT
            Not After : Apr 20 10:00:32 2025 GMT
        Subject: CN=d32fac1b3556dc24da5854c91b3fafac83bc8675
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:30:e0:1a:a4:6c:0c:07:e1:17:07:81:02:33:
                    ca:57:9b:cc:61:5a:f0:c1:a6:ee:2d:fe:4e:68:81:
                    81:ac:7c:3b:ac:41:ff:4b:78:c6:75:76:65:c0:76:
                    9c:b4:ae:c3:e1:91:db:10:45:f2:ad:1e:92:3e:1e:
                    b2:32:d7:fa:11:bf:ae:70:00:f9:75:c3:55:aa:ab:
                    09:f6:66:93:c9:b1:86:1b:a2:5a:20:e2:9a:65:b7:
                    62:9a:39:c1:ce:c9:26:02:a0:1a:c3:53:8d:76:dc:
                    d6:7f:a6:c3:5b:db:11:d4:53:ac:1d:98:64:50:70:
                    2d:9e:c3:d3:23:f6:3a:7e:7c:b1:b5:2a:25:1e:94:
                    82:6d:ad:f5:39:ab:54:f4:cd:50:32:bb:78:db:81:
                    ea:83:ba:a4:47:0b:94:40:0b:dc:54:62:b0:3d:7f:
                    9c:d9:1d:83:22:e1:9a:80:b0:3d:29:04:22:b0:35:
                    17:8c:50:47:45:28:8c:6d:cd:15:34:30:75:81:11:
                    d5:47:a4:a4:73:c5:2e:51:14:59:57:8c:f1:5c:9e:
                    11:50:70:d0:73:c4:61:6b:e0:eb:83:04:3e:50:28:
                    40:61:52:46:44:14:c6:60:9a:2e:7c:8c:7a:4c:10:
                    91:8a:2b:fe:67:60:e5:ad:9f:ca:c1:4d:23:e0:62:
                    46:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:2F:AC:1B:35:56:DC:24:DA:58:54:C9:1B:3F:AF:AC:83:BC:86:75
            X509v3 Authority Key Identifier:
                keyid:77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:6b:82:78:ca:b5:01:b8:58:66:32:37:3f:82:67:d1:fc:38:
         62:c0:b3:e2:32:7d:92:31:76:ce:15:b0:6d:8b:63:6e:ff:5f:
         c8:37:d9:37:48:ab:6a:05:62:37:64:fa:0b:dc:bc:42:e6:cd:
         1f:39:16:08:1b:b0:db:1e:89:8a:0b:43:f8:dd:71:66:70:00:
         ec:ba:db:6b:96:e0:ac:b0:64:a5:27:6c:e0:7b:8a:fa:44:a6:
         fd:56:44:9c:08:d8:c2:7c:f2:0f:b6:e9:06:eb:98:f8:2f:cf:
         00:e3:a4:77:0d:50:d0:56:e6:07:74:72:2e:1a:b1:96:2f:9f:
         68:22:b6:5b:27:fe:3a:a7:61:0e:57:ec:4a:f9:58:80:eb:5c:
         c3:95:ae:b7:81:3f:0f:0d:04:e3:c2:e6:b7:81:6e:03:54:3f:
         54:8a:72:c2:cd:79:cd:3a:f8:17:55:44:55:8d:b0:4c:8e:81:
         de:21:0b:27:19:89:35:c3:8f:6e:d0:b8:0f:19:77:32:5f:f1:
         cf:48:1c:78:7a:7f:3c:0e:c1:cf:c4:95:68:65:df:ae:15:82:
         8b:0e:7b:e8:ef:61:97:8e:27:ad:0e:f2:f1:55:e5:24:f3:f4:
         3d:55:53:bf:73:96:18:05:3a:ec:38:f6:95:38:a0:29:5e:ea:
         f9:94:8d:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfhrWMY8wSxNH3+EardnEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NjNlNDdmYzg1MGFjYzhmZmRhMDZlM2RhMjNhNGE0NDRj
MmQ2ZmMwHhcNMjUwNDE5MTAwMDMyWhcNMjUwNDIwMTAwMDMyWjAzMTEwLwYDVQQD
EyhkMzJmYWMxYjM1NTZkYzI0ZGE1ODU0YzkxYjNmYWZhYzgzYmM4Njc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TDgGqRsDAfhFweBAjPKV5vMYVrw
wabuLf5OaIGBrHw7rEH/S3jGdXZlwHactK7D4ZHbEEXyrR6SPh6yMtf6Eb+ucAD5
dcNVqqsJ9maTybGGG6JaIOKaZbdimjnBzskmAqAaw1ONdtzWf6bDW9sR1FOsHZhk
UHAtnsPTI/Y6fnyxtSolHpSCba31OatU9M1QMrt424Hqg7qkRwuUQAvcVGKwPX+c
2R2DIuGagLA9KQQisDUXjFBHRSiMbc0VNDB1gRHVR6Skc8UuURRZV4zxXJ4RUHDQ
c8Rha+DrgwQ+UChAYVJGRBTGYJoufIx6TBCRiiv+Z2DlrZ/KwU0j4GJG8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNMvrBs1Vtwk2lhUyRs/r6yDvIZ1MB8GA1UdIwQY
MBaAFHdj5H/IUKzI/9oG49ojpKREwtb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTkt
MmZmOWQ0MmVlMjEzLzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTktMmZmOWQ0MmVlMjEz
LzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXmuCeMq1
AbhYZjI3P4Jn0fw4YsCz4jJ9kjF2zhWwbYtjbv9fyDfZN0iragViN2T6C9y8QubN
HzkWCBuw2x6JigtD+N1xZnAA7Lrba5bgrLBkpSds4HuK+kSm/VZEnAjYwnzyD7bp
BuuY+C/PAOOkdw1Q0FbmB3RyLhqxli+faCK2Wyf+OqdhDlfsSvlYgOtcw5Wut4E/
Dw0E48Lmt4FuA1Q/VIpyws15zTr4F1VEVY2wTI6B3iELJxmJNcOPbtC4Dxl3Ml/x
z0gceHp/PA7Bz8SVaGXfrhWCiw576O9hl44nrQ7y8VXlJPP0PVVTv3OWGAU67Dj2
lTigKV7q+ZSNNA==
-----END CERTIFICATE-----