Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft
File:                     dbzZGxsvmvS3QhSm1njOBxlo4c8.mft (raw, json)
Hash identifier:          LyxcCnJ1UIk4wpYXaiaSFB77avmeua+WalyBoy1Jihw=
Subject key identifier:   7F:81:90:47:E2:C3:72:02:DA:AB:7B:68:E9:0C:88:45:24:48:43:65
Authority key identifier: 75:BC:D9:1B:1B:2F:9A:F4:B7:42:14:A6:D6:78:CE:07:19:68:E1:CF
Certificate issuer:       /CN=75bcd91b1b2f9af4b74214a6d678ce071968e1cf
Certificate serial:       01965CF1AABEB597AA62578D16DF1C694E74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dbzZGxsvmvS3QhSm1njOBxlo4c8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft
Manifest number:          072B
Signing time:             Tue 22 Apr 2025 10:01:03 +0000
Manifest this update:     Tue 22 Apr 2025 10:01:03 +0000
Manifest next update:     Wed 23 Apr 2025 10:01:03 +0000
Files and hashes:         1: dbzZGxsvmvS3QhSm1njOBxlo4c8.crl (hash: nAVh7mXZemGG3lJLdUztwhKlN10/bJaTgUxAkff4DKU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dbzZGxsvmvS3QhSm1njOBxlo4c8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5c:f1:aa:be:b5:97:aa:62:57:8d:16:df:1c:69:4e:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75bcd91b1b2f9af4b74214a6d678ce071968e1cf
        Validity
            Not Before: Apr 22 10:01:03 2025 GMT
            Not After : Apr 23 10:01:03 2025 GMT
        Subject: CN=7f819047e2c37202daab7b68e90c884524484365
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:3d:73:7e:cf:a1:54:43:16:7c:be:d5:45:91:
                    cc:7c:25:61:a7:db:c8:cd:97:39:56:12:ec:de:26:
                    06:5e:dd:2f:d7:21:50:d8:b1:fb:6f:e2:4a:42:79:
                    72:ed:39:da:62:44:0b:37:d8:b0:fc:fe:33:35:dc:
                    d3:3d:60:dc:e2:b9:2b:d3:da:e9:00:e0:a7:4f:f3:
                    9e:a4:77:62:32:9e:4a:98:05:f2:82:7d:33:c1:bb:
                    c4:10:27:88:18:b7:9d:b2:ad:cf:c4:59:71:a2:df:
                    54:d8:02:7d:87:ea:6c:82:68:a1:c0:f9:8b:18:94:
                    18:53:51:25:b1:6e:90:19:81:3b:92:2e:b6:bf:74:
                    b4:1b:99:09:1d:a8:0a:59:be:88:c2:b8:b6:0d:0c:
                    7d:8f:ae:25:de:a9:a9:99:3f:0b:d5:6d:ed:c5:a4:
                    11:c9:9c:13:f5:78:49:e6:62:83:c3:05:9a:46:d7:
                    8a:a1:2b:f2:a7:37:ff:47:4e:f1:b5:e1:dc:ff:f3:
                    f0:07:1f:7d:2f:bf:6f:11:28:8b:6b:a7:bd:9b:9b:
                    69:bd:d9:2e:40:d8:ec:35:8a:e3:ea:75:73:7d:90:
                    7c:63:07:a8:6e:ea:39:c0:3e:93:da:b4:57:9a:e6:
                    69:2d:22:c1:d8:77:c6:2f:71:1d:df:d2:d2:15:29:
                    09:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:81:90:47:E2:C3:72:02:DA:AB:7B:68:E9:0C:88:45:24:48:43:65
            X509v3 Authority Key Identifier:
                keyid:75:BC:D9:1B:1B:2F:9A:F4:B7:42:14:A6:D6:78:CE:07:19:68:E1:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dbzZGxsvmvS3QhSm1njOBxlo4c8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:68:52:ab:02:0f:c9:db:11:e2:19:f3:0d:d5:ab:d7:61:29:
         75:b9:43:fd:10:c8:29:11:47:79:7d:9e:f5:11:ba:d7:f1:9e:
         d4:01:a0:26:b0:77:c5:42:9a:4b:aa:4c:73:0f:b9:9d:63:dc:
         2e:14:c6:ed:74:a3:d7:30:87:9c:71:b9:1b:a6:bd:ed:5c:04:
         1f:37:20:a2:3a:84:31:28:61:e5:88:40:70:89:6e:fe:f7:ea:
         7c:59:57:1e:22:16:6f:4e:cd:13:2e:63:c4:da:45:57:74:83:
         09:46:b8:ea:7a:a6:63:f5:aa:74:7d:68:52:55:7a:46:63:e9:
         39:86:40:1d:d4:a6:87:36:75:f3:0d:9a:00:61:c7:3f:12:11:
         00:77:8c:41:6b:99:39:83:3e:88:ea:31:0c:a9:59:57:9d:84:
         c8:e1:68:9b:61:3e:b7:fc:cc:af:66:a5:c2:45:f3:ce:40:b0:
         af:b1:fa:04:a8:9e:fd:2e:27:3c:22:0a:17:08:1d:c0:cd:4b:
         8f:ab:b3:c6:8f:a0:69:7e:c8:d5:35:76:66:5c:22:3c:38:a3:
         02:6a:44:ef:6a:89:58:f2:22:85:3c:fc:41:12:5d:82:50:07:
         c0:63:62:b7:60:d9:5f:ce:77:57:05:08:44:6e:c7:65:db:05:
         e7:75:1b:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZc8aq+tZeqYleNFt8caU50MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YmNkOTFiMWIyZjlhZjRiNzQyMTRhNmQ2NzhjZTA3MTk2
OGUxY2YwHhcNMjUwNDIyMTAwMTAzWhcNMjUwNDIzMTAwMTAzWjAzMTEwLwYDVQQD
Eyg3ZjgxOTA0N2UyYzM3MjAyZGFhYjdiNjhlOTBjODg0NTI0NDg0MzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0j1zfs+hVEMWfL7VRZHMfCVhp9vI
zZc5VhLs3iYGXt0v1yFQ2LH7b+JKQnly7TnaYkQLN9iw/P4zNdzTPWDc4rkr09rp
AOCnT/OepHdiMp5KmAXygn0zwbvEECeIGLedsq3PxFlxot9U2AJ9h+psgmihwPmL
GJQYU1ElsW6QGYE7ki62v3S0G5kJHagKWb6Iwri2DQx9j64l3qmpmT8L1W3txaQR
yZwT9XhJ5mKDwwWaRteKoSvypzf/R07xteHc//PwBx99L79vESiLa6e9m5tpvdku
QNjsNYrj6nVzfZB8Yweobuo5wD6T2rRXmuZpLSLB2HfGL3Ed39LSFSkJ9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH+BkEfiw3IC2qt7aOkMiEUkSENlMB8GA1UdIwQY
MBaAFHW82RsbL5r0t0IUptZ4zgcZaOHPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGJ6Wkd4c3ZtdlMzUWhTbTFuak9CeGxvNGM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9jOWMwMzAtNTUzZS00MzBhLTk4N2Qt
MWMwNTc1NTI2OTFlLzEvZGJ6Wkd4c3ZtdlMzUWhTbTFuak9CeGxvNGM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9jOWMwMzAtNTUzZS00MzBhLTk4N2QtMWMwNTc1NTI2OTFl
LzEvZGJ6Wkd4c3ZtdlMzUWhTbTFuak9CeGxvNGM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlGhSqwIP
ydsR4hnzDdWr12EpdblD/RDIKRFHeX2e9RG61/Ge1AGgJrB3xUKaS6pMcw+5nWPc
LhTG7XSj1zCHnHG5G6a97VwEHzcgojqEMShh5YhAcIlu/vfqfFlXHiIWb07NEy5j
xNpFV3SDCUa46nqmY/WqdH1oUlV6RmPpOYZAHdSmhzZ18w2aAGHHPxIRAHeMQWuZ
OYM+iOoxDKlZV52EyOFom2E+t/zMr2alwkXzzkCwr7H6BKie/S4nPCIKFwgdwM1L
j6uzxo+gaX7I1TV2ZlwiPDijAmpE72qJWPIihTz8QRJdglAHwGNit2DZX853VwUI
RG7HZdsF53Ubzw==
-----END CERTIFICATE-----