Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
File:                     Mnib05LhxcabdCDMA2gDrxJYzvk.mft (raw, json)
Hash identifier:          TQxsxKMqe5qcP5uQeXX+HEHTMpRZZYBx/3fgdyQnG38=
Subject key identifier:   64:A5:BD:3F:CD:F5:E0:D9:30:BC:26:67:0C:38:7F:CD:F1:89:CB:7D
Authority key identifier: 32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9
Certificate issuer:       /CN=32789bd392e1c5c69b7420cc036803af1258cef9
Certificate serial:       0196444433CC0056A40D95ECF592D34194D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
Manifest number:          0647
Signing time:             Thu 17 Apr 2025 15:00:42 +0000
Manifest this update:     Thu 17 Apr 2025 15:00:42 +0000
Manifest next update:     Fri 18 Apr 2025 15:00:42 +0000
Files and hashes:         1: Mnib05LhxcabdCDMA2gDrxJYzvk.crl (hash: 9/DuDIRNs0oj89HruizJPTXz+yqhZBfT8RXnxqezdxU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:44:44:33:cc:00:56:a4:0d:95:ec:f5:92:d3:41:94:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32789bd392e1c5c69b7420cc036803af1258cef9
        Validity
            Not Before: Apr 17 15:00:42 2025 GMT
            Not After : Apr 18 15:00:42 2025 GMT
        Subject: CN=64a5bd3fcdf5e0d930bc26670c387fcdf189cb7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:37:00:6b:0f:d6:96:ec:20:84:d5:8b:17:36:
                    4b:37:2e:69:30:3b:17:b6:9f:72:a8:d1:36:e2:aa:
                    1f:57:ba:38:87:f4:cc:fa:22:ad:87:9c:f2:ce:7f:
                    e7:54:42:68:8b:3d:8d:ee:8e:a2:cb:05:09:8a:9c:
                    a2:2f:87:3f:ce:bb:35:f8:58:75:0c:12:0d:18:80:
                    74:e8:f8:a4:4c:b7:ed:68:44:22:76:0f:31:89:0f:
                    3b:a2:d6:b7:80:36:74:df:ce:0e:c1:31:1e:6e:e4:
                    97:b3:4a:6d:c3:96:4b:51:21:de:66:13:18:31:c3:
                    27:27:62:00:2a:41:e3:49:c4:60:36:c2:92:0d:33:
                    88:3a:8f:06:76:0d:4e:47:e7:3b:29:97:4e:74:ce:
                    9c:7e:f3:f5:c6:76:0d:8c:4f:d6:a6:f6:ca:bf:df:
                    4e:a8:2e:59:cf:8f:7c:b0:f7:47:fc:a7:af:f8:4d:
                    a4:57:03:db:30:62:2e:8b:60:43:2b:39:8f:cb:cc:
                    45:02:f5:ed:a6:04:1e:f2:50:e5:1a:91:5e:03:f2:
                    05:74:bc:3d:4b:03:ee:9a:5b:b9:8d:af:1e:53:4b:
                    91:2b:20:bf:4a:9b:d7:1c:a1:1c:47:68:79:33:c1:
                    c1:43:7b:9f:75:49:f0:34:6f:02:59:f4:e5:09:f5:
                    06:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:A5:BD:3F:CD:F5:E0:D9:30:BC:26:67:0C:38:7F:CD:F1:89:CB:7D
            X509v3 Authority Key Identifier:
                keyid:32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:4f:df:97:7a:97:30:2d:fa:44:2c:7d:a1:7a:dd:6a:ba:37:
         ea:9f:8d:d5:aa:47:1f:ac:5e:5f:0a:eb:c5:cb:a9:89:36:27:
         3d:b4:4a:9a:b9:dd:33:af:52:67:ac:f3:3b:e6:3e:3a:bb:5f:
         6c:d4:90:b9:42:25:07:11:d4:b0:ed:d3:7e:cc:21:1b:03:14:
         39:df:8c:8e:db:cc:17:4f:37:f7:2d:11:d2:57:62:c4:98:1b:
         56:cf:5b:4d:4b:23:7b:62:23:d6:94:9b:5e:b5:f8:4d:ef:45:
         d4:1e:1d:60:e7:32:bc:6c:b5:39:51:24:2d:5c:52:8a:14:29:
         d1:f6:04:78:96:cc:9b:1a:47:83:a8:7c:07:73:6c:c9:eb:54:
         3a:fc:3f:71:34:63:dd:5a:c3:a6:6d:59:d9:0b:15:b2:de:06:
         96:ec:86:52:92:8f:21:bd:e2:43:04:19:f3:0e:08:c2:69:ab:
         61:a3:70:e7:9c:cd:fe:02:6c:c0:04:04:7c:15:ee:4b:ec:b6:
         8e:40:be:ab:11:27:c6:ed:ed:fc:ca:ce:00:bb:09:ee:a4:3b:
         90:08:d7:fd:9a:7f:8d:25:5b:7d:ec:d5:24:a1:49:e0:74:de:
         30:11:c6:bb:d1:b5:d2:fb:87:98:f3:7e:5f:b2:2d:6b:e9:8b:
         72:b9:69:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZERDPMAFakDZXs9ZLTQZTXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNzg5YmQzOTJlMWM1YzY5Yjc0MjBjYzAzNjgwM2FmMTI1
OGNlZjkwHhcNMjUwNDE3MTUwMDQyWhcNMjUwNDE4MTUwMDQyWjAzMTEwLwYDVQQD
Eyg2NGE1YmQzZmNkZjVlMGQ5MzBiYzI2NjcwYzM4N2ZjZGYxODljYjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTcAaw/WluwghNWLFzZLNy5pMDsX
tp9yqNE24qofV7o4h/TM+iKth5zyzn/nVEJoiz2N7o6iywUJipyiL4c/zrs1+Fh1
DBINGIB06PikTLftaEQidg8xiQ87ota3gDZ0384OwTEebuSXs0ptw5ZLUSHeZhMY
McMnJ2IAKkHjScRgNsKSDTOIOo8Gdg1OR+c7KZdOdM6cfvP1xnYNjE/WpvbKv99O
qC5Zz498sPdH/Kev+E2kVwPbMGIui2BDKzmPy8xFAvXtpgQe8lDlGpFeA/IFdLw9
SwPumlu5ja8eU0uRKyC/SpvXHKEcR2h5M8HBQ3ufdUnwNG8CWfTlCfUGbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGSlvT/N9eDZMLwmZww4f83xict9MB8GA1UdIwQY
MBaAFDJ4m9OS4cXGm3QgzANoA68SWM75MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMt
Mzg2NmQ0NDEyODkzLzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMtMzg2NmQ0NDEyODkz
LzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQU/fl3qX
MC36RCx9oXrdaro36p+N1apHH6xeXwrrxcupiTYnPbRKmrndM69SZ6zzO+Y+Ortf
bNSQuUIlBxHUsO3TfswhGwMUOd+MjtvMF0839y0R0ldixJgbVs9bTUsje2Ij1pSb
XrX4Te9F1B4dYOcyvGy1OVEkLVxSihQp0fYEeJbMmxpHg6h8B3NsyetUOvw/cTRj
3VrDpm1Z2QsVst4GluyGUpKPIb3iQwQZ8w4IwmmrYaNw55zN/gJswAQEfBXuS+y2
jkC+qxEnxu3t/MrOALsJ7qQ7kAjX/Zp/jSVbfezVJKFJ4HTeMBHGu9G10vuHmPN+
X7Ita+mLcrlpVw==
-----END CERTIFICATE-----