Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft
File:                     dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft (raw, json)
Hash identifier:          BMbYdCRjJiqz2uN3ySelTKmRgCUuNpU9V734UgDkUr4=
Subject key identifier:   CC:6E:B7:9A:ED:C9:17:96:69:C4:BB:55:82:CC:D2:57:B7:EB:55:54
Authority key identifier: 74:E4:3F:9E:5A:E3:F6:EA:FB:50:68:AE:88:F1:8C:29:E4:43:59:07
Certificate issuer:       /CN=74e43f9e5ae3f6eafb5068ae88f18c29e4435907
Certificate serial:       019659156C06909ED9F43C72BD9037E971C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft
Manifest number:          14FC
Signing time:             Mon 21 Apr 2025 16:01:38 +0000
Manifest this update:     Mon 21 Apr 2025 16:01:38 +0000
Manifest next update:     Tue 22 Apr 2025 16:01:38 +0000
Files and hashes:         1: dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl (hash: C85zk8+R57ybzJbEB3vHooYlbeVyJ40Thw8gS/R52WQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 16:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:15:6c:06:90:9e:d9:f4:3c:72:bd:90:37:e9:71:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74e43f9e5ae3f6eafb5068ae88f18c29e4435907
        Validity
            Not Before: Apr 21 16:01:38 2025 GMT
            Not After : Apr 22 16:01:38 2025 GMT
        Subject: CN=cc6eb79aedc9179669c4bb5582ccd257b7eb5554
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:e3:7c:dc:54:98:0c:5f:37:e7:fc:3f:99:21:
                    e9:e3:c3:1f:bf:e4:d1:90:07:67:e3:d2:2c:a3:95:
                    50:fd:ae:5e:12:76:af:de:d7:36:8b:b7:22:72:ff:
                    b4:6f:05:c7:a9:72:f5:f5:36:d5:81:8a:91:be:28:
                    c9:24:c9:ea:32:72:fb:58:de:7a:f3:48:27:7f:2e:
                    1f:d9:35:24:11:3d:a0:bb:43:d5:43:d9:85:00:0b:
                    13:e9:cc:ef:5a:84:58:68:b3:6f:60:81:a1:b9:0c:
                    9e:b8:37:59:54:79:5d:d9:9f:2e:4b:4b:d1:5e:c6:
                    5e:08:28:ad:e8:db:7c:e7:21:f7:03:fc:9f:8d:f1:
                    51:17:99:b6:9e:7f:6e:f2:fa:0b:07:31:60:d5:e9:
                    2a:87:4a:bb:9c:e1:25:b7:39:52:fd:6d:4d:b6:4e:
                    7d:5c:11:15:a4:48:8a:69:93:50:ce:79:5a:52:01:
                    d1:7e:2b:a2:c6:d0:cd:cc:b6:b5:af:32:0f:55:73:
                    5e:7a:24:18:e4:aa:a2:9d:f5:d5:ed:e7:52:02:12:
                    e2:9b:4e:b6:00:7a:12:fe:31:c4:30:87:63:6e:9d:
                    af:42:0c:3c:06:fb:f2:82:5e:de:8b:47:fa:17:ef:
                    ab:70:3f:ed:dd:6c:74:16:f9:1e:3d:37:8c:69:b1:
                    77:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:6E:B7:9A:ED:C9:17:96:69:C4:BB:55:82:CC:D2:57:B7:EB:55:54
            X509v3 Authority Key Identifier:
                keyid:74:E4:3F:9E:5A:E3:F6:EA:FB:50:68:AE:88:F1:8C:29:E4:43:59:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:d2:fa:b8:46:39:62:30:27:6f:bb:91:b7:c5:80:25:22:38:
         52:00:af:63:7e:b5:3a:14:3b:6c:36:9b:67:b1:85:28:f0:f5:
         e4:d2:29:a8:05:ad:bc:28:b9:de:b7:e5:fb:27:d0:28:ea:d8:
         6e:10:c4:68:cb:92:e0:c0:90:c9:08:ff:3d:e6:9c:f3:cc:f2:
         5d:6b:3f:fa:4c:fc:cd:8a:2d:77:ad:b5:c8:fd:57:22:86:2a:
         a2:42:1b:c5:2a:01:f7:b2:89:7e:ee:af:0d:e8:5d:e2:50:e9:
         53:92:33:f3:11:2e:bc:2c:a9:8f:83:3c:98:cd:7d:28:c1:cc:
         3a:34:71:ef:70:8f:94:39:70:98:91:fd:24:fd:75:96:ef:7c:
         5d:24:44:87:53:45:b8:1a:88:50:bc:16:77:2c:77:14:d5:3e:
         04:51:92:fe:d6:f8:33:f4:d0:51:d4:ef:56:65:d8:a9:e7:d2:
         c6:7f:15:10:d2:6d:e2:91:2a:13:34:1e:1c:28:ed:75:a2:48:
         ee:01:77:d6:ff:74:1f:11:9d:6c:78:e6:89:d8:20:d8:0e:d0:
         76:4e:0c:73:07:80:a1:e3:df:63:5c:38:f6:96:45:ab:e4:af:
         6b:78:90:c2:00:3b:77:b7:d6:72:0b:92:26:ae:a1:17:e6:f5:
         71:92:45:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZFWwGkJ7Z9DxyvZA36XHIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTQzZjllNWFlM2Y2ZWFmYjUwNjhhZTg4ZjE4YzI5ZTQ0
MzU5MDcwHhcNMjUwNDIxMTYwMTM4WhcNMjUwNDIyMTYwMTM4WjAzMTEwLwYDVQQD
EyhjYzZlYjc5YWVkYzkxNzk2NjljNGJiNTU4MmNjZDI1N2I3ZWI1NTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvON83FSYDF835/w/mSHp48Mfv+TR
kAdn49Iso5VQ/a5eEnav3tc2i7cicv+0bwXHqXL19TbVgYqRvijJJMnqMnL7WN56
80gnfy4f2TUkET2gu0PVQ9mFAAsT6czvWoRYaLNvYIGhuQyeuDdZVHld2Z8uS0vR
XsZeCCit6Nt85yH3A/yfjfFRF5m2nn9u8voLBzFg1ekqh0q7nOEltzlS/W1Ntk59
XBEVpEiKaZNQznlaUgHRfiuixtDNzLa1rzIPVXNeeiQY5KqinfXV7edSAhLim062
AHoS/jHEMIdjbp2vQgw8Bvvygl7ei0f6F++rcD/t3Wx0FvkePTeMabF3ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMxut5rtyReWacS7VYLM0le361VUMB8GA1UdIwQY
MBaAFHTkP55a4/bq+1BorojxjCnkQ1kHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kYTMzYWUtMTZjYy00YzlhLWJmOWMt
NzE3OTk4YWEzY2ZmLzEvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kYTMzYWUtMTZjYy00YzlhLWJmOWMtNzE3OTk4YWEzY2Zm
LzEvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACNL6uEY5
YjAnb7uRt8WAJSI4UgCvY361OhQ7bDabZ7GFKPD15NIpqAWtvCi53rfl+yfQKOrY
bhDEaMuS4MCQyQj/Peac88zyXWs/+kz8zYotd621yP1XIoYqokIbxSoB97KJfu6v
Dehd4lDpU5Iz8xEuvCypj4M8mM19KMHMOjRx73CPlDlwmJH9JP11lu98XSREh1NF
uBqIULwWdyx3FNU+BFGS/tb4M/TQUdTvVmXYqefSxn8VENJt4pEqEzQeHCjtdaJI
7gF31v90HxGdbHjmidgg2A7Qdk4McweAoePfY1w49pZFq+Sva3iQwgA7d7fWcguS
Jq6hF+b1cZJFlQ==
-----END CERTIFICATE-----