Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
File:                     dzW3DconD8uOS5CStyADZBOPXfE.mft (raw, json)
Hash identifier:          N3qnGxyP6IzdQrYGTa3VLaDLJQNaCRmpqiMAxSovRi0=
Subject key identifier:   B6:34:60:EC:6A:B0:61:69:1A:A2:4C:8C:70:C0:95:A6:21:E8:54:71
Authority key identifier: 77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1
Certificate issuer:       /CN=7735b70dca270fcb8e4b9092b7200364138f5df1
Certificate serial:       0197488C6D2EEE7DD726E20A2E942D211909
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
Manifest number:          1579
Signing time:             Sat 07 Jun 2025 04:00:51 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:51 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:51 +0000
Files and hashes:         1: dzW3DconD8uOS5CStyADZBOPXfE.crl (hash: 0CRuxqXhiKaDUGICjMPMuZ1U2YRxgxCVcGfG2FwALXE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:6d:2e:ee:7d:d7:26:e2:0a:2e:94:2d:21:19:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7735b70dca270fcb8e4b9092b7200364138f5df1
        Validity
            Not Before: Jun  7 04:00:51 2025 GMT
            Not After : Jun  8 04:00:51 2025 GMT
        Subject: CN=b63460ec6ab061691aa24c8c70c095a621e85471
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:0c:4d:e3:c9:6c:2e:3a:52:9d:50:ab:46:3a:
                    b8:49:4f:7f:92:7a:ae:26:12:6f:99:d8:0b:63:db:
                    5c:b7:bb:fd:1a:f1:f7:5d:af:b7:c3:c5:93:33:26:
                    09:ae:6d:fa:35:cc:6a:eb:61:f3:98:2f:27:39:d8:
                    f5:a6:1a:76:4d:b9:3a:ed:9d:5f:d9:4d:3c:3b:62:
                    12:71:b1:9f:9f:93:7d:88:6e:db:de:30:30:c9:74:
                    58:65:24:2d:ec:3c:3a:c0:39:dd:65:50:eb:77:3c:
                    97:90:b9:90:61:5f:86:f7:b2:62:d2:ab:bc:ad:a3:
                    0e:05:64:2d:2d:30:30:3d:22:68:d1:66:24:d5:1e:
                    7f:c9:1d:10:87:25:89:ca:77:68:dd:cf:51:ec:1a:
                    55:ab:59:8d:3a:0e:5a:3e:21:12:ad:94:e3:3b:34:
                    b7:a3:f7:de:7c:4e:99:65:f6:33:11:d8:72:e5:e2:
                    0e:e7:cf:1d:c7:63:a4:73:25:9a:47:3f:c5:f3:6a:
                    73:e3:02:b1:fd:34:c3:04:74:31:c0:04:f6:60:22:
                    9a:c0:88:63:c8:b4:e1:26:e0:6d:80:b6:3c:ad:ed:
                    73:89:bd:2c:08:ad:8d:31:b4:05:6b:44:a1:46:98:
                    19:0a:c6:80:3c:8f:c0:f0:ad:6f:c4:86:94:aa:e3:
                    b6:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:34:60:EC:6A:B0:61:69:1A:A2:4C:8C:70:C0:95:A6:21:E8:54:71
            X509v3 Authority Key Identifier:
                keyid:77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:b1:5d:af:62:a9:00:d0:66:5b:e7:ea:04:6b:39:dc:f1:f7:
         c1:0d:a6:9e:47:57:27:51:6e:3b:10:46:c9:08:e1:2f:48:fa:
         9b:9a:8d:d2:77:94:47:84:c4:d3:80:32:c3:d8:0e:6c:17:5b:
         30:93:d7:87:56:35:dd:9e:f8:4b:ed:ce:30:d2:ee:e1:cf:89:
         2f:5a:96:ff:88:c2:99:59:03:fd:d8:71:84:af:0d:c3:64:05:
         cd:44:f8:9e:ca:7d:08:81:24:db:ba:3e:82:aa:b8:e7:0a:2d:
         51:9c:79:cb:40:fa:cd:73:46:c2:54:c6:dd:50:b4:74:2b:7d:
         96:13:e1:92:e6:5f:c6:6f:df:c1:7d:ef:ea:47:37:5d:bb:ca:
         de:ee:17:ca:62:7e:2c:b6:dd:bc:3f:96:c8:37:49:3c:4f:94:
         4b:11:15:96:08:54:6f:2e:6e:20:0a:f4:cd:99:41:31:0e:87:
         c7:91:5e:4b:05:7d:60:c6:9b:3e:b6:8d:46:72:33:b1:e8:d4:
         7f:5f:d7:a3:43:32:c1:b1:bf:31:b3:fb:ab:93:8b:f3:2e:f2:
         23:9a:f6:ef:34:79:29:e1:80:a1:cf:8b:d2:80:66:18:73:5c:
         74:5e:ca:ac:e1:15:9a:b5:86:ca:0d:54:a7:bb:d2:13:98:03:
         17:00:02:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjG0u7n3XJuIKLpQtIRkJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzViNzBkY2EyNzBmY2I4ZTRiOTA5MmI3MjAwMzY0MTM4
ZjVkZjEwHhcNMjUwNjA3MDQwMDUxWhcNMjUwNjA4MDQwMDUxWjAzMTEwLwYDVQQD
EyhiNjM0NjBlYzZhYjA2MTY5MWFhMjRjOGM3MGMwOTVhNjIxZTg1NDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogxN48lsLjpSnVCrRjq4SU9/knqu
JhJvmdgLY9tct7v9GvH3Xa+3w8WTMyYJrm36Ncxq62HzmC8nOdj1php2Tbk67Z1f
2U08O2IScbGfn5N9iG7b3jAwyXRYZSQt7Dw6wDndZVDrdzyXkLmQYV+G97Ji0qu8
raMOBWQtLTAwPSJo0WYk1R5/yR0QhyWJyndo3c9R7BpVq1mNOg5aPiESrZTjOzS3
o/fefE6ZZfYzEdhy5eIO588dx2OkcyWaRz/F82pz4wKx/TTDBHQxwAT2YCKawIhj
yLThJuBtgLY8re1zib0sCK2NMbQFa0ShRpgZCsaAPI/A8K1vxIaUquO2pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLY0YOxqsGFpGqJMjHDAlaYh6FRxMB8GA1UdIwQY
MBaAFHc1tw3KJw/LjkuQkrcgA2QTj13xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3Zjkt
YzZkZGViNDk0NzM1LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3ZjktYzZkZGViNDk0NzM1
LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyLFdr2Kp
ANBmW+fqBGs53PH3wQ2mnkdXJ1FuOxBGyQjhL0j6m5qN0neUR4TE04Ayw9gObBdb
MJPXh1Y13Z74S+3OMNLu4c+JL1qW/4jCmVkD/dhxhK8Nw2QFzUT4nsp9CIEk27o+
gqq45wotUZx5y0D6zXNGwlTG3VC0dCt9lhPhkuZfxm/fwX3v6kc3XbvK3u4XymJ+
LLbdvD+WyDdJPE+USxEVlghUby5uIAr0zZlBMQ6Hx5FeSwV9YMabPraNRnIzsejU
f1/Xo0MywbG/MbP7q5OL8y7yI5r27zR5KeGAoc+L0oBmGHNcdF7KrOEVmrWGyg1U
p7vSE5gDFwACUg==
-----END CERTIFICATE-----