Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
File:                     l37KDVyVbeF79pcQRvLrlc5hXik.mft (raw, json)
Hash identifier:          zkAasfIlZHm/P1AnFt67CBt+EN1avU/TWdlxPNr0NN0=
Subject key identifier:   01:01:EE:30:E4:CC:D5:98:9C:00:E8:11:10:F5:22:83:34:5D:99:51
Authority key identifier: 97:7E:CA:0D:5C:95:6D:E1:7B:F6:97:10:46:F2:EB:95:CE:61:5E:29
Certificate issuer:       /CN=977eca0d5c956de17bf6971046f2eb95ce615e29
Certificate serial:       01963086EABDAEB7C5F2ACA39E341763F2B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
Manifest number:          14E8
Signing time:             Sun 13 Apr 2025 19:01:10 +0000
Manifest this update:     Sun 13 Apr 2025 19:01:10 +0000
Manifest next update:     Mon 14 Apr 2025 19:01:10 +0000
Files and hashes:         1: l37KDVyVbeF79pcQRvLrlc5hXik.crl (hash: Zg0G+U3pmO0OvTKyZ6ke1paDGHSxXoOK/uvAgdlGsHU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 14 Apr 2025 17:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:30:86:ea:bd:ae:b7:c5:f2:ac:a3:9e:34:17:63:f2:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=977eca0d5c956de17bf6971046f2eb95ce615e29
        Validity
            Not Before: Apr 13 19:01:10 2025 GMT
            Not After : Apr 14 19:01:10 2025 GMT
        Subject: CN=0101ee30e4ccd5989c00e81110f52283345d9951
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:9e:28:be:7a:97:1f:b9:27:d8:c7:c3:ff:97:
                    ee:d6:25:d2:71:3e:38:00:61:bd:01:ac:44:9a:4e:
                    43:53:40:e0:66:cb:da:e4:bd:0d:ec:91:1e:6b:f1:
                    ae:ba:f2:86:e4:60:ad:ae:d9:e7:ee:31:fe:82:ba:
                    1a:81:a0:b1:79:b4:58:0f:1d:6a:f7:23:4e:9a:59:
                    a2:d5:bd:cc:90:91:93:7f:41:d3:43:22:4c:da:12:
                    2c:4c:07:23:f9:f8:69:a8:8c:e4:2d:30:17:29:38:
                    16:5b:11:15:b9:8a:9f:23:23:47:a6:7e:ed:4e:cb:
                    01:f3:3f:4f:43:34:33:ca:58:5f:1a:39:39:08:9c:
                    ff:70:65:41:e9:e1:9d:0a:74:f9:23:16:21:8c:55:
                    8c:85:ce:61:a4:18:12:2b:db:9d:26:86:c7:61:1c:
                    36:b4:c2:7e:bc:7d:40:9a:de:59:20:8a:44:de:26:
                    ea:df:36:73:82:0c:96:6b:09:1d:16:0b:4f:5f:bd:
                    30:73:bb:8e:5f:5e:d5:f2:e4:16:29:57:f4:13:c7:
                    48:0a:3b:2b:86:1f:46:31:0e:4c:46:54:b0:93:f2:
                    12:05:c5:8e:b6:13:ad:be:ca:d7:35:5e:c4:6d:37:
                    95:e8:31:cc:8a:0c:14:75:2e:33:56:93:15:64:cf:
                    92:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:01:EE:30:E4:CC:D5:98:9C:00:E8:11:10:F5:22:83:34:5D:99:51
            X509v3 Authority Key Identifier:
                keyid:97:7E:CA:0D:5C:95:6D:E1:7B:F6:97:10:46:F2:EB:95:CE:61:5E:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:1d:4e:f4:a8:f3:0c:95:19:ed:6c:32:14:83:92:4b:99:22:
         dc:b5:00:6f:68:4c:4c:77:10:b5:ab:0c:2b:4a:ff:60:6e:35:
         87:0a:9e:3a:5b:ff:a2:5a:df:4c:7a:48:6a:34:1a:dd:07:fe:
         4b:47:12:ba:a6:8c:5b:f3:9a:76:11:cc:4f:3d:72:5b:b9:29:
         00:d8:c7:22:b6:7d:24:0a:1b:e6:b3:47:b2:0d:d3:9c:83:46:
         15:76:af:ad:3d:f6:cc:ed:60:09:7d:cb:72:47:cd:f8:51:17:
         15:70:60:88:21:b5:ec:76:cc:24:94:f4:85:97:6a:13:c0:e0:
         dc:cd:f3:ff:e8:fe:58:95:f9:0c:48:e6:86:ae:96:b4:d2:4f:
         61:3d:80:e9:91:4e:02:a6:6d:de:ad:5f:ee:d9:3d:5d:5e:a0:
         74:57:79:80:55:62:86:d7:24:8e:c7:cc:b6:8f:b6:ae:d9:6b:
         92:ff:70:04:bd:4a:f8:4a:4c:5f:ba:ef:bf:00:2a:f3:c6:9a:
         61:94:8a:f4:81:bd:17:d3:de:c2:ea:c1:6a:f5:29:bb:29:66:
         7d:e7:3e:7d:59:a0:ec:d8:60:bc:b1:d7:da:39:e6:e0:e9:ed:
         57:77:a7:1c:af:57:96:0a:c2:1f:17:fc:17:b6:42:d7:bf:97:
         79:11:59:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYwhuq9rrfF8qyjnjQXY/KzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3N2VjYTBkNWM5NTZkZTE3YmY2OTcxMDQ2ZjJlYjk1Y2U2
MTVlMjkwHhcNMjUwNDEzMTkwMTEwWhcNMjUwNDE0MTkwMTEwWjAzMTEwLwYDVQQD
EygwMTAxZWUzMGU0Y2NkNTk4OWMwMGU4MTExMGY1MjI4MzM0NWQ5OTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAup4ovnqXH7kn2MfD/5fu1iXScT44
AGG9AaxEmk5DU0DgZsva5L0N7JEea/GuuvKG5GCtrtnn7jH+groagaCxebRYDx1q
9yNOmlmi1b3MkJGTf0HTQyJM2hIsTAcj+fhpqIzkLTAXKTgWWxEVuYqfIyNHpn7t
TssB8z9PQzQzylhfGjk5CJz/cGVB6eGdCnT5IxYhjFWMhc5hpBgSK9udJobHYRw2
tMJ+vH1Amt5ZIIpE3ibq3zZzggyWawkdFgtPX70wc7uOX17V8uQWKVf0E8dICjsr
hh9GMQ5MRlSwk/ISBcWOthOtvsrXNV7EbTeV6DHMigwUdS4zVpMVZM+S9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAEB7jDkzNWYnADoERD1IoM0XZlRMB8GA1UdIwQY
MBaAFJd+yg1clW3he/aXEEby65XOYV4pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8zMmFiZDgtYmVkYi00YjdkLWE0NjMt
Nzk3MDZiMzQ1YmJiLzEvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8zMmFiZDgtYmVkYi00YjdkLWE0NjMtNzk3MDZiMzQ1YmJi
LzEvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPR1O9Kjz
DJUZ7WwyFIOSS5ki3LUAb2hMTHcQtasMK0r/YG41hwqeOlv/olrfTHpIajQa3Qf+
S0cSuqaMW/OadhHMTz1yW7kpANjHIrZ9JAob5rNHsg3TnINGFXavrT32zO1gCX3L
ckfN+FEXFXBgiCG17HbMJJT0hZdqE8Dg3M3z/+j+WJX5DEjmhq6WtNJPYT2A6ZFO
AqZt3q1f7tk9XV6gdFd5gFVihtckjsfMto+2rtlrkv9wBL1K+EpMX7rvvwAq88aa
YZSK9IG9F9PewurBavUpuylmfec+fVmg7NhgvLHX2jnm4OntV3enHK9XlgrCHxf8
F7ZC17+XeRFZxw==
-----END CERTIFICATE-----