Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft
File:                     dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft (raw, json)
Hash identifier:          /hdXr237Gm5XPhj5UzeR0kT4Wkix9ykYcRNqNGxtgqI=
Subject key identifier:   77:68:A0:C3:12:58:FE:3A:47:FD:5D:5E:29:44:0F:1B:0A:CA:BB:5B
Authority key identifier: 74:F6:75:A1:67:98:16:79:3D:5B:30:AD:2F:25:3F:56:C8:E2:44:5C
Certificate issuer:       /CN=74f675a1679816793d5b30ad2f253f56c8e2445c
Certificate serial:       01965A5E4DEF576E2992ECBB75A741E13721
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft
Manifest number:          14FC
Signing time:             Mon 21 Apr 2025 22:00:51 +0000
Manifest this update:     Mon 21 Apr 2025 22:00:51 +0000
Manifest next update:     Tue 22 Apr 2025 22:00:51 +0000
Files and hashes:         1: dPZ1oWeYFnk9WzCtLyU_VsjiRFw.crl (hash: DBAjWJGfImo9og3Oui3UfA2gP8+Ib/tCdRhH9dmgmss=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5a:5e:4d:ef:57:6e:29:92:ec:bb:75:a7:41:e1:37:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74f675a1679816793d5b30ad2f253f56c8e2445c
        Validity
            Not Before: Apr 21 22:00:51 2025 GMT
            Not After : Apr 22 22:00:51 2025 GMT
        Subject: CN=7768a0c31258fe3a47fd5d5e29440f1b0acabb5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:11:62:e1:a9:b7:7f:49:24:cc:4f:8d:c1:13:
                    27:ef:95:cf:cb:01:58:bf:06:f2:cd:39:12:96:a8:
                    0b:60:57:11:7e:b8:83:4e:56:da:50:81:54:56:c3:
                    2d:5a:bd:90:5a:ac:6e:2c:1f:0a:13:df:6d:b9:a4:
                    62:fc:68:4f:78:26:91:18:b8:57:f3:60:76:45:3a:
                    3d:3b:5e:88:0a:96:99:a7:08:24:72:59:a9:0e:9c:
                    a7:cd:e3:01:8d:fc:9f:22:84:e2:a0:e6:e3:75:96:
                    f9:b4:28:dc:86:8f:ed:f4:2f:86:bd:ec:bd:ed:82:
                    fb:cd:4f:0c:48:65:f1:8b:88:00:4c:2a:af:dc:a5:
                    9a:0a:c1:6f:0e:80:34:61:9e:b3:b2:43:af:cd:36:
                    fa:4f:32:4c:3f:05:56:77:45:5c:ed:67:bf:5a:d3:
                    d7:e8:2a:62:4f:f1:33:38:2c:9c:d2:a4:1a:d2:ea:
                    91:ab:18:35:3e:c4:cb:08:48:72:ed:ee:7e:f4:5f:
                    80:bc:75:a4:e2:f4:e3:24:36:9b:0c:ea:c5:32:d5:
                    af:cf:f3:4a:5b:e9:12:e3:d1:70:4c:a0:0b:02:21:
                    d1:a3:04:6a:25:e0:b3:3c:38:db:c7:92:3f:95:4c:
                    83:2a:d1:72:27:ae:c8:77:cc:b4:e5:52:05:cb:cf:
                    17:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:68:A0:C3:12:58:FE:3A:47:FD:5D:5E:29:44:0F:1B:0A:CA:BB:5B
            X509v3 Authority Key Identifier:
                keyid:74:F6:75:A1:67:98:16:79:3D:5B:30:AD:2F:25:3F:56:C8:E2:44:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:df:c2:45:16:d7:1f:c4:3a:8f:73:4f:55:e1:d2:65:1a:74:
         1b:eb:61:86:28:9b:f1:72:89:1f:ec:8b:b2:0d:62:2e:72:cf:
         dd:32:0f:24:5e:e1:b5:cf:65:5a:af:d1:2c:1f:ee:1d:77:47:
         0c:65:ae:44:4a:94:45:92:b8:1e:63:4c:28:9d:6b:de:16:cb:
         44:9d:cc:f4:03:c1:17:20:c0:c3:7a:dc:07:48:4a:2a:a2:a0:
         70:66:44:ea:e7:42:67:9e:4b:de:e5:4b:a9:7e:4a:0b:7d:50:
         03:29:1f:31:f2:e0:53:77:b6:dd:64:c9:11:f0:a8:50:c5:e8:
         3c:f6:7a:60:9e:55:f6:f1:5d:67:72:49:43:6e:24:47:e9:86:
         2a:45:c4:69:62:ac:21:be:3f:a2:2e:7e:85:4f:c3:1a:76:a7:
         35:ee:16:48:2f:d0:71:89:f7:b4:09:a8:9d:2a:e8:39:fb:56:
         a8:79:96:cd:7c:d2:a8:7b:ed:85:74:92:63:62:7a:50:fc:81:
         5a:f5:20:aa:85:00:b4:91:b3:c2:7c:f3:b6:06:ad:d9:ef:08:
         55:40:7b:16:da:ee:a2:f6:0c:02:a4:19:57:0b:f3:46:22:77:
         d5:f1:99:5a:49:ce:2b:23:18:bc:8b:d1:fe:e0:73:98:7e:1c:
         e5:40:65:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZaXk3vV24pkuy7dadB4TchMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZjY3NWExNjc5ODE2NzkzZDViMzBhZDJmMjUzZjU2Yzhl
MjQ0NWMwHhcNMjUwNDIxMjIwMDUxWhcNMjUwNDIyMjIwMDUxWjAzMTEwLwYDVQQD
Eyg3NzY4YTBjMzEyNThmZTNhNDdmZDVkNWUyOTQ0MGYxYjBhY2FiYjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hFi4am3f0kkzE+NwRMn75XPywFY
vwbyzTkSlqgLYFcRfriDTlbaUIFUVsMtWr2QWqxuLB8KE99tuaRi/GhPeCaRGLhX
82B2RTo9O16ICpaZpwgkclmpDpynzeMBjfyfIoTioObjdZb5tCjcho/t9C+Gvey9
7YL7zU8MSGXxi4gATCqv3KWaCsFvDoA0YZ6zskOvzTb6TzJMPwVWd0Vc7We/WtPX
6CpiT/EzOCyc0qQa0uqRqxg1PsTLCEhy7e5+9F+AvHWk4vTjJDabDOrFMtWvz/NK
W+kS49FwTKALAiHRowRqJeCzPDjbx5I/lUyDKtFyJ67Id8y05VIFy88XrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHdooMMSWP46R/1dXilEDxsKyrtbMB8GA1UdIwQY
MBaAFHT2daFnmBZ5PVswrS8lP1bI4kRcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFBaMW9XZVlGbms5V3pDdEx5VV9Wc2ppUkZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84OTc4Y2ItMWEyNy00ZjI0LWI1NTIt
MzM2MjkzNzM0NTA3LzEvZFBaMW9XZVlGbms5V3pDdEx5VV9Wc2ppUkZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84OTc4Y2ItMWEyNy00ZjI0LWI1NTItMzM2MjkzNzM0NTA3
LzEvZFBaMW9XZVlGbms5V3pDdEx5VV9Wc2ppUkZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXt/CRRbX
H8Q6j3NPVeHSZRp0G+thhiib8XKJH+yLsg1iLnLP3TIPJF7htc9lWq/RLB/uHXdH
DGWuREqURZK4HmNMKJ1r3hbLRJ3M9APBFyDAw3rcB0hKKqKgcGZE6udCZ55L3uVL
qX5KC31QAykfMfLgU3e23WTJEfCoUMXoPPZ6YJ5V9vFdZ3JJQ24kR+mGKkXEaWKs
Ib4/oi5+hU/DGnanNe4WSC/QcYn3tAmonSroOftWqHmWzXzSqHvthXSSY2J6UPyB
WvUgqoUAtJGzwnzztgat2e8IVUB7FtruovYMAqQZVwvzRiJ31fGZWknOKyMYvIvR
/uBzmH4c5UBl+w==
-----END CERTIFICATE-----