Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
File:                     G7Qd9-pn1O3-D60S99XOzYPhjZo.mft (raw, json)
Hash identifier:          mvnPYS1fNu1BhSG0qblBj1CekuB6niwgQ3kEAk4ogLU=
Subject key identifier:   7C:5B:D7:65:F0:7B:C5:AC:8A:4C:49:A2:7F:25:D1:1A:7A:43:F5:0B
Authority key identifier: 1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A
Certificate issuer:       /CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a
Certificate serial:       0196556EDD8834239F67B4A78B758D4B9D48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
Manifest number:          02DB
Signing time:             Sun 20 Apr 2025 23:00:51 +0000
Manifest this update:     Sun 20 Apr 2025 23:00:51 +0000
Manifest next update:     Mon 21 Apr 2025 23:00:51 +0000
Files and hashes:         1: G7Qd9-pn1O3-D60S99XOzYPhjZo.crl (hash: KURcryZ2kRNv/zdR9u2KrskvZhHrYnHhnJB6GSySdEM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 23:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:6e:dd:88:34:23:9f:67:b4:a7:8b:75:8d:4b:9d:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a
        Validity
            Not Before: Apr 20 23:00:51 2025 GMT
            Not After : Apr 21 23:00:51 2025 GMT
        Subject: CN=7c5bd765f07bc5ac8a4c49a27f25d11a7a43f50b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:c1:10:3c:cf:ad:fb:17:a3:f2:1f:fb:6b:5f:
                    8e:68:a4:3b:9b:09:f8:6c:ac:bb:e6:f1:55:ee:06:
                    40:6c:f3:d9:3d:37:76:67:ae:82:ab:bb:03:1e:b3:
                    a9:34:0b:5d:7d:1d:7e:30:76:e1:7b:b8:fe:f7:54:
                    20:51:10:b0:33:18:d4:d7:85:2b:e7:c0:4c:7c:f3:
                    19:06:ba:70:00:b8:3b:01:7b:c7:ce:60:e0:66:af:
                    b2:86:b9:af:8a:81:1d:9f:17:78:14:f2:b8:d4:fd:
                    ea:ae:97:a3:6b:27:77:db:c3:f6:d4:65:a0:f5:da:
                    1b:8d:58:c0:62:ad:58:5a:94:76:a1:73:75:04:9b:
                    0f:f7:d0:01:5d:ab:57:5d:32:df:88:ad:b9:aa:27:
                    40:ea:db:fa:19:c6:b5:2f:4b:07:58:f5:c0:5c:c1:
                    f8:02:a3:0b:b6:71:47:76:93:8f:f3:ca:89:6e:6a:
                    33:3c:39:24:3a:ed:03:e4:f5:72:21:ac:3e:49:72:
                    55:07:dd:16:d1:a3:a2:01:4e:55:75:fd:0b:51:7c:
                    51:ec:ee:bf:53:27:e7:83:1b:f5:64:43:4e:ca:44:
                    d0:ee:00:77:0b:49:7f:8e:0c:77:42:ab:f0:a7:7a:
                    a5:da:1b:ee:cf:6b:2a:bf:5a:e8:34:f0:a8:55:6b:
                    a5:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:5B:D7:65:F0:7B:C5:AC:8A:4C:49:A2:7F:25:D1:1A:7A:43:F5:0B
            X509v3 Authority Key Identifier:
                keyid:1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:57:1c:fc:f6:1e:e3:9d:f8:92:12:72:24:bf:4b:76:fd:84:
         e4:4d:2a:8f:68:92:98:34:37:ef:f4:13:1e:0c:6b:51:46:3e:
         b0:5b:3e:5d:e2:00:d6:c8:2c:0e:07:42:b4:e6:74:35:b9:c0:
         7e:27:4d:1c:91:45:1a:76:99:c4:f4:f9:74:6c:ea:57:80:24:
         75:07:c4:0d:2d:ad:b7:2e:e1:f4:ec:0c:4a:88:d2:e7:84:e3:
         c2:40:66:04:a4:a7:5d:20:3a:b7:24:ae:9d:a4:77:bf:6a:ef:
         72:fa:ab:2b:93:a1:19:ac:36:ef:b1:57:1d:3e:36:38:17:c6:
         ea:cb:79:cd:ab:9c:bc:8d:8f:d7:af:7a:af:72:a5:25:88:c2:
         81:c6:6a:07:0f:c2:89:a4:33:77:2d:18:61:f9:0d:8a:16:ca:
         5a:d1:d6:a8:f6:8d:d2:c6:fa:43:0a:d7:df:db:39:28:75:3e:
         cf:b4:16:7c:f9:90:eb:5a:06:49:fe:0c:b9:89:5d:c1:a1:e2:
         a2:0f:b0:d2:c0:85:51:39:af:27:2f:75:1d:31:b0:ca:c5:28:
         e6:46:5a:9d:41:3b:74:cc:ca:1a:a1:50:94:4e:03:d9:a0:a3:
         dc:f4:cf:82:98:6c:2a:f4:25:f3:8a:14:77:64:4b:1f:ef:ff:
         da:1f:58:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVbt2INCOfZ7Sni3WNS51IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYjQxZGY3ZWE2N2Q0ZWRmZTBmYWQxMmY3ZDVjZWNkODNl
MThkOWEwHhcNMjUwNDIwMjMwMDUxWhcNMjUwNDIxMjMwMDUxWjAzMTEwLwYDVQQD
Eyg3YzViZDc2NWYwN2JjNWFjOGE0YzQ5YTI3ZjI1ZDExYTdhNDNmNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sEQPM+t+xej8h/7a1+OaKQ7mwn4
bKy75vFV7gZAbPPZPTd2Z66Cq7sDHrOpNAtdfR1+MHbhe7j+91QgURCwMxjU14Ur
58BMfPMZBrpwALg7AXvHzmDgZq+yhrmvioEdnxd4FPK41P3qrpejayd328P21GWg
9dobjVjAYq1YWpR2oXN1BJsP99ABXatXXTLfiK25qidA6tv6Gca1L0sHWPXAXMH4
AqMLtnFHdpOP88qJbmozPDkkOu0D5PVyIaw+SXJVB90W0aOiAU5Vdf0LUXxR7O6/
Uyfngxv1ZENOykTQ7gB3C0l/jgx3Qqvwp3ql2hvuz2sqv1roNPCoVWuluQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHxb12Xwe8WsikxJon8l0Rp6Q/ULMB8GA1UdIwQY
MBaAFBu0HffqZ9Tt/g+tEvfVzs2D4Y2aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDIt
M2U2ZTdjZGVmNzNlLzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDItM2U2ZTdjZGVmNzNl
LzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALFcc/PYe
4534khJyJL9Ldv2E5E0qj2iSmDQ37/QTHgxrUUY+sFs+XeIA1sgsDgdCtOZ0NbnA
fidNHJFFGnaZxPT5dGzqV4AkdQfEDS2tty7h9OwMSojS54TjwkBmBKSnXSA6tySu
naR3v2rvcvqrK5OhGaw277FXHT42OBfG6st5zaucvI2P1696r3KlJYjCgcZqBw/C
iaQzdy0YYfkNihbKWtHWqPaN0sb6QwrX39s5KHU+z7QWfPmQ61oGSf4MuYldwaHi
og+w0sCFUTmvJy91HTGwysUo5kZanUE7dMzKGqFQlE4D2aCj3PTPgphsKvQl84oU
d2RLH+//2h9Y7Q==
-----END CERTIFICATE-----