Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
File:                     d_bMQsdY59p8S_q8ISEtHSghYDE.mft (raw, json)
Hash identifier:          gwh5YpLRrfAyjRvA8xHpSePYOsLv7VhRX8D6sHtub/0=
Subject key identifier:   46:16:84:8D:3D:73:00:E3:A1:7A:CE:08:47:12:21:98:B3:7B:22:B0
Authority key identifier: 77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31
Certificate issuer:       /CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
Certificate serial:       01965B70C9A0CBD2DB64609E006BCEEFA14A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
Manifest number:          04CA
Signing time:             Tue 22 Apr 2025 03:00:40 +0000
Manifest this update:     Tue 22 Apr 2025 03:00:40 +0000
Manifest next update:     Wed 23 Apr 2025 03:00:40 +0000
Files and hashes:         1: d_bMQsdY59p8S_q8ISEtHSghYDE.crl (hash: +rwJAJZu1ZGryq3XzZuBlCwMatiKfeinAJ7NoKvqsbU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5b:70:c9:a0:cb:d2:db:64:60:9e:00:6b:ce:ef:a1:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
        Validity
            Not Before: Apr 22 03:00:40 2025 GMT
            Not After : Apr 23 03:00:40 2025 GMT
        Subject: CN=4616848d3d7300e3a17ace0847122198b37b22b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:76:6b:bc:eb:ad:7c:1c:7f:5a:69:fb:83:65:
                    17:ca:33:98:52:b4:70:0a:0d:06:33:d6:e8:de:e7:
                    23:14:73:dd:41:51:c2:a3:3a:c4:b3:de:bd:30:0e:
                    90:d1:ee:9c:b3:f1:5d:c8:85:3e:31:be:a2:ef:2f:
                    8d:37:34:d9:40:df:2d:1b:13:d7:a4:e6:20:ec:e4:
                    ff:4c:01:50:ac:fd:7d:2f:b1:e7:80:e4:5c:fb:ff:
                    97:6b:8d:2a:b0:b0:93:9f:1a:66:4e:7d:e3:ad:f4:
                    63:1e:83:9e:32:c7:48:af:89:37:e5:eb:78:9b:b7:
                    e8:ad:67:21:f9:c5:14:17:6a:b1:f9:5d:cf:cb:dc:
                    a4:a3:2b:28:4c:9e:06:77:c1:53:d1:dd:4c:c9:b7:
                    4e:ad:c7:93:91:87:8b:91:73:62:bc:fe:cc:8c:77:
                    34:50:3a:28:26:cc:25:0e:e3:20:50:0e:f7:ac:5c:
                    7e:61:59:64:19:12:26:24:82:2c:5f:2e:fe:1f:c2:
                    42:e3:5f:3d:b6:b7:0f:50:61:01:cd:fa:bb:7e:06:
                    fb:ce:d5:eb:f9:db:ce:2c:43:9c:d4:09:68:c5:74:
                    68:4c:87:89:1e:02:71:8f:29:8b:02:73:2e:74:b7:
                    f8:b6:f4:32:8c:b4:f9:3a:b2:90:06:76:db:97:c2:
                    1e:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:16:84:8D:3D:73:00:E3:A1:7A:CE:08:47:12:21:98:B3:7B:22:B0
            X509v3 Authority Key Identifier:
                keyid:77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:58:43:17:f7:4b:1e:2e:06:f6:eb:a0:21:bb:12:e9:87:55:
         b1:bc:49:9f:09:74:05:1d:2b:93:92:c0:12:15:d3:b4:98:2e:
         50:eb:0f:5a:05:14:6c:1f:7e:93:f5:0c:31:b4:94:f0:8e:a2:
         97:78:d6:fe:a1:b1:cb:de:82:00:c4:82:7a:de:bb:c0:25:c1:
         ad:4b:61:44:f3:72:47:21:00:8d:b3:61:89:53:dd:2c:14:14:
         6e:b0:88:ea:57:58:b2:83:99:79:d8:5a:5e:f7:89:b7:2f:a9:
         9a:4e:95:4d:cb:8f:bb:76:12:16:f4:d3:5c:2e:ca:87:7d:20:
         ca:7f:bf:e1:81:43:e3:d8:b6:a8:c4:f4:45:72:b0:f4:14:4e:
         3c:ae:7e:d9:81:61:61:b0:c1:af:73:b8:43:58:28:4c:5a:3d:
         5a:30:84:f6:ce:be:e1:83:3c:5e:14:4b:90:9d:57:7a:f3:b1:
         d0:08:da:34:62:c3:17:24:20:52:74:35:dd:0a:d8:6a:db:1d:
         b3:3e:11:87:98:bd:56:6b:c1:66:5c:52:1c:5f:dd:c0:d3:e1:
         e6:91:e6:01:96:5b:30:79:db:f8:31:35:03:d2:04:be:97:db:
         07:17:57:1d:7d:42:6a:ef:b2:e3:bf:ce:8b:51:b2:4b:42:20:
         8b:30:1a:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZbcMmgy9LbZGCeAGvO76FKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjZjYzQyYzc1OGU3ZGE3YzRiZmFiYzIxMjEyZDFkMjgy
MTYwMzEwHhcNMjUwNDIyMDMwMDQwWhcNMjUwNDIzMDMwMDQwWjAzMTEwLwYDVQQD
Eyg0NjE2ODQ4ZDNkNzMwMGUzYTE3YWNlMDg0NzEyMjE5OGIzN2IyMmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHZrvOutfBx/Wmn7g2UXyjOYUrRw
Cg0GM9bo3ucjFHPdQVHCozrEs969MA6Q0e6cs/FdyIU+Mb6i7y+NNzTZQN8tGxPX
pOYg7OT/TAFQrP19L7HngORc+/+Xa40qsLCTnxpmTn3jrfRjHoOeMsdIr4k35et4
m7forWch+cUUF2qx+V3Py9ykoysoTJ4Gd8FT0d1MybdOrceTkYeLkXNivP7MjHc0
UDooJswlDuMgUA73rFx+YVlkGRImJIIsXy7+H8JC4189trcPUGEBzfq7fgb7ztXr
+dvOLEOc1AloxXRoTIeJHgJxjymLAnMudLf4tvQyjLT5OrKQBnbbl8IeDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEYWhI09cwDjoXrOCEcSIZizeyKwMB8GA1UdIwQY
MBaAFHf2zELHWOfafEv6vCEhLR0oIWAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQt
NGJlY2IzMzY5ZGVjLzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQtNGJlY2IzMzY5ZGVj
LzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiVhDF/dL
Hi4G9uugIbsS6YdVsbxJnwl0BR0rk5LAEhXTtJguUOsPWgUUbB9+k/UMMbSU8I6i
l3jW/qGxy96CAMSCet67wCXBrUthRPNyRyEAjbNhiVPdLBQUbrCI6ldYsoOZedha
XveJty+pmk6VTcuPu3YSFvTTXC7Kh30gyn+/4YFD49i2qMT0RXKw9BROPK5+2YFh
YbDBr3O4Q1goTFo9WjCE9s6+4YM8XhRLkJ1XevOx0AjaNGLDFyQgUnQ13QrYatsd
sz4Rh5i9VmvBZlxSHF/dwNPh5pHmAZZbMHnb+DE1A9IEvpfbBxdXHX1Cau+y47/O
i1GyS0IgizAauA==
-----END CERTIFICATE-----