Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/968732-6d76-464d-97c4-e40a334691c9/1/d1xabqkPXz0AfBDkROO5Y7bTDMU.mft
File:                     d1xabqkPXz0AfBDkROO5Y7bTDMU.mft (raw, json)
Hash identifier:          aKChdiBYlorToZmUURz3teZ50vKWz5/5ORfzLnsJ2/k=
Subject key identifier:   B1:1E:84:B9:62:2B:3A:83:6B:55:D8:AA:40:44:8B:B3:1A:97:37:45
Authority key identifier: 77:5C:5A:6E:A9:0F:5F:3D:00:7C:10:E4:44:E3:B9:63:B6:D3:0C:C5
Certificate issuer:       /CN=775c5a6ea90f5f3d007c10e444e3b963b6d30cc5
Certificate serial:       019654253D63B72DABD303137C155BF07DA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d1xabqkPXz0AfBDkROO5Y7bTDMU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/968732-6d76-464d-97c4-e40a334691c9/1/d1xabqkPXz0AfBDkROO5Y7bTDMU.mft
Manifest number:          02D7
Signing time:             Sun 20 Apr 2025 17:00:48 +0000
Manifest this update:     Sun 20 Apr 2025 17:00:48 +0000
Manifest next update:     Mon 21 Apr 2025 17:00:48 +0000
Files and hashes:         1: d1xabqkPXz0AfBDkROO5Y7bTDMU.crl (hash: jkODbTMYrkxV7AWT1Y7ISlXrIisHdINsvxyaPJy53MM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/968732-6d76-464d-97c4-e40a334691c9/1/d1xabqkPXz0AfBDkROO5Y7bTDMU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/968732-6d76-464d-97c4-e40a334691c9/1/d1xabqkPXz0AfBDkROO5Y7bTDMU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d1xabqkPXz0AfBDkROO5Y7bTDMU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:25:3d:63:b7:2d:ab:d3:03:13:7c:15:5b:f0:7d:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=775c5a6ea90f5f3d007c10e444e3b963b6d30cc5
        Validity
            Not Before: Apr 20 17:00:48 2025 GMT
            Not After : Apr 21 17:00:48 2025 GMT
        Subject: CN=b11e84b9622b3a836b55d8aa40448bb31a973745
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c1:a6:3b:e0:57:39:04:f9:59:11:04:9e:0a:
                    68:8b:ee:97:c2:03:ee:a6:f6:06:2b:bc:a6:2d:f5:
                    8f:b2:d0:48:1a:bd:c7:4f:2f:87:9a:e0:84:cf:7e:
                    7c:05:e3:5a:48:31:99:b7:5f:d7:0a:2f:6e:e3:a0:
                    b4:7a:bc:32:2b:c1:dc:f5:f6:fa:04:2a:0e:9b:7d:
                    39:c9:8b:4b:0e:cd:bd:eb:74:10:e6:8b:8e:a8:69:
                    53:6b:3d:c4:10:ab:0a:71:2b:82:52:c4:33:ce:46:
                    19:b0:b8:e3:1c:5d:08:bc:01:d7:4d:31:0c:8a:e1:
                    d1:67:81:ed:12:f6:4b:b4:9f:47:c6:2f:d1:f3:4f:
                    12:1d:52:1c:03:9c:df:84:0f:7f:4f:67:75:cb:9b:
                    b3:67:1b:1b:fd:27:8c:aa:85:57:e6:10:ba:f7:25:
                    06:0a:61:2e:3b:2b:ca:07:44:eb:fa:08:0d:55:5a:
                    7a:2b:fd:c2:de:a4:6a:f1:0c:c9:f8:e3:ba:ac:89:
                    50:82:09:9b:77:4e:43:c6:fb:2b:a6:1f:27:12:c9:
                    94:fa:2f:6f:a6:e9:2a:7f:f3:7e:f9:45:2c:3d:78:
                    fa:a8:b2:33:33:98:ca:10:6a:b0:84:5d:4b:b1:5a:
                    dc:d3:05:a7:a6:dd:f6:7e:23:25:4c:ca:2f:4d:bd:
                    1f:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:1E:84:B9:62:2B:3A:83:6B:55:D8:AA:40:44:8B:B3:1A:97:37:45
            X509v3 Authority Key Identifier:
                keyid:77:5C:5A:6E:A9:0F:5F:3D:00:7C:10:E4:44:E3:B9:63:B6:D3:0C:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1xabqkPXz0AfBDkROO5Y7bTDMU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/968732-6d76-464d-97c4-e40a334691c9/1/d1xabqkPXz0AfBDkROO5Y7bTDMU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/968732-6d76-464d-97c4-e40a334691c9/1/d1xabqkPXz0AfBDkROO5Y7bTDMU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:c6:1c:32:43:f8:f8:79:66:23:45:43:68:0a:ff:31:00:a2:
         dc:0f:bc:16:84:c2:d6:8f:50:ee:df:3a:f7:7d:7c:48:f5:48:
         06:b6:cc:c2:6d:2d:44:dc:7a:f7:2c:40:b6:63:5a:35:a2:4f:
         ee:f6:ec:ce:b4:6b:80:ce:ef:c4:61:0b:73:b6:51:ad:3f:4e:
         73:6f:ad:ae:63:d1:c0:1b:86:3d:e1:ea:2c:9d:fb:3a:25:fa:
         82:bc:4a:e1:3c:e5:94:12:d5:e9:1e:d3:81:a2:66:72:0c:b6:
         a2:8b:54:f4:1a:6e:e5:b5:ed:f8:7f:77:f1:30:7a:27:ac:c5:
         f6:55:20:fa:b3:da:2f:a0:77:95:f5:5b:f0:62:ce:bb:11:87:
         e6:16:ff:65:67:f2:f7:ed:d1:10:ff:f1:5b:95:1e:2d:60:7f:
         55:a0:6b:85:0e:5d:2d:23:a7:46:48:74:14:16:91:34:2e:c9:
         8c:27:ce:f9:87:d2:60:a8:ea:1f:32:82:c5:88:2e:ec:b4:3b:
         b2:ff:13:8d:e3:18:83:e8:7a:d3:19:0f:da:cb:94:13:3c:a5:
         85:5b:76:e1:6a:11:8d:98:8e:78:8d:8f:1d:5e:ba:78:e2:7d:
         b1:49:7e:af:37:b1:57:c2:fd:17:ca:21:45:04:04:98:ee:aa:
         f1:29:59:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUJT1jty2r0wMTfBVb8H2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NWM1YTZlYTkwZjVmM2QwMDdjMTBlNDQ0ZTNiOTYzYjZk
MzBjYzUwHhcNMjUwNDIwMTcwMDQ4WhcNMjUwNDIxMTcwMDQ4WjAzMTEwLwYDVQQD
EyhiMTFlODRiOTYyMmIzYTgzNmI1NWQ4YWE0MDQ0OGJiMzFhOTczNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8GmO+BXOQT5WREEngpoi+6XwgPu
pvYGK7ymLfWPstBIGr3HTy+HmuCEz358BeNaSDGZt1/XCi9u46C0erwyK8Hc9fb6
BCoOm305yYtLDs2963QQ5ouOqGlTaz3EEKsKcSuCUsQzzkYZsLjjHF0IvAHXTTEM
iuHRZ4HtEvZLtJ9Hxi/R808SHVIcA5zfhA9/T2d1y5uzZxsb/SeMqoVX5hC69yUG
CmEuOyvKB0Tr+ggNVVp6K/3C3qRq8QzJ+OO6rIlQggmbd05Dxvsrph8nEsmU+i9v
pukqf/N++UUsPXj6qLIzM5jKEGqwhF1LsVrc0wWnpt32fiMlTMovTb0fPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLEehLliKzqDa1XYqkBEi7MalzdFMB8GA1UdIwQY
MBaAFHdcWm6pD189AHwQ5ETjuWO20wzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDF4YWJxa1BYejBBZkJEa1JPTzVZN2JURE1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85Njg3MzItNmQ3Ni00NjRkLTk3YzQt
ZTQwYTMzNDY5MWM5LzEvZDF4YWJxa1BYejBBZkJEa1JPTzVZN2JURE1VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85Njg3MzItNmQ3Ni00NjRkLTk3YzQtZTQwYTMzNDY5MWM5
LzEvZDF4YWJxa1BYejBBZkJEa1JPTzVZN2JURE1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC8YcMkP4
+HlmI0VDaAr/MQCi3A+8FoTC1o9Q7t869318SPVIBrbMwm0tRNx69yxAtmNaNaJP
7vbszrRrgM7vxGELc7ZRrT9Oc2+trmPRwBuGPeHqLJ37OiX6grxK4TzllBLV6R7T
gaJmcgy2ootU9Bpu5bXt+H938TB6J6zF9lUg+rPaL6B3lfVb8GLOuxGH5hb/ZWfy
9+3REP/xW5UeLWB/VaBrhQ5dLSOnRkh0FBaRNC7JjCfO+YfSYKjqHzKCxYgu7LQ7
sv8TjeMYg+h60xkP2suUEzylhVt24WoRjZiOeI2PHV66eOJ9sUl+rzexV8L9F8oh
RQQEmO6q8SlZPQ==
-----END CERTIFICATE-----