Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/ab82a4-5a72-45a7-96fd-9480b1633f9c/1/do5xE0z2ctauj2b8RNW-5iTNAqM.mft
File:                     do5xE0z2ctauj2b8RNW-5iTNAqM.mft (raw, json)
Hash identifier:          HIe7cA2FhVrG2Z/LSVI3ephycTmFSb37npLzI9Guvw8=
Subject key identifier:   EC:E4:79:67:7A:76:39:3B:00:9A:15:12:75:35:5D:A1:89:9E:E3:A4
Authority key identifier: 76:8E:71:13:4C:F6:72:D6:AE:8F:66:FC:44:D5:BE:E6:24:CD:02:A3
Certificate issuer:       /CN=768e71134cf672d6ae8f66fc44d5bee624cd02a3
Certificate serial:       01958B4D86AC25E4EC4B9FF0821284EFA33A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/do5xE0z2ctauj2b8RNW-5iTNAqM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/ab82a4-5a72-45a7-96fd-9480b1633f9c/1/do5xE0z2ctauj2b8RNW-5iTNAqM.mft
Manifest number:          04E9
Signing time:             Wed 12 Mar 2025 17:01:08 +0000
Manifest this update:     Wed 12 Mar 2025 17:01:08 +0000
Manifest next update:     Thu 13 Mar 2025 17:01:08 +0000
Files and hashes:         1: do5xE0z2ctauj2b8RNW-5iTNAqM.crl (hash: HqMXy+PMS/AAoVk3zfTG1ksIzSyyOtMzUosJxYAvWhs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/ab82a4-5a72-45a7-96fd-9480b1633f9c/1/do5xE0z2ctauj2b8RNW-5iTNAqM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/ab82a4-5a72-45a7-96fd-9480b1633f9c/1/do5xE0z2ctauj2b8RNW-5iTNAqM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/do5xE0z2ctauj2b8RNW-5iTNAqM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 17:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:4d:86:ac:25:e4:ec:4b:9f:f0:82:12:84:ef:a3:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=768e71134cf672d6ae8f66fc44d5bee624cd02a3
        Validity
            Not Before: Mar 12 17:01:08 2025 GMT
            Not After : Mar 13 17:01:08 2025 GMT
        Subject: CN=ece479677a76393b009a151275355da1899ee3a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ae:9d:8b:0c:6d:7c:11:47:82:3e:b0:bd:c0:
                    a5:b5:21:59:36:78:f6:2f:99:a4:29:02:33:04:3d:
                    a8:8b:1d:ed:21:ac:9c:0e:d1:37:9d:85:be:cd:b7:
                    8e:28:1c:ea:9c:be:53:e1:60:1f:98:2a:26:8c:a4:
                    fa:3e:ab:4f:c7:62:6f:52:74:bb:05:b1:f5:c2:90:
                    ee:6a:92:dd:b6:98:4e:ee:af:78:bd:a8:41:c1:81:
                    10:7f:5b:4d:c9:f8:fa:e5:31:b9:ae:c3:9a:09:ec:
                    32:98:52:3f:4c:43:45:1e:cc:46:d3:9c:33:9c:46:
                    74:70:fb:d3:dc:2e:0a:e8:86:03:39:3e:75:23:97:
                    f0:33:90:9f:3a:bd:97:a1:89:bd:59:a5:0f:c7:8d:
                    16:47:ee:f0:2e:43:3d:88:47:69:80:a1:8c:a6:55:
                    fb:5a:58:11:28:61:cc:d9:af:fe:a5:32:73:cb:34:
                    cb:0d:a5:af:ec:0d:7d:7d:6b:7f:e2:81:c6:ce:06:
                    8b:14:24:00:30:e8:67:82:db:36:47:2f:d0:b2:f0:
                    f4:3e:d5:7d:56:45:04:1b:cd:1c:e0:a5:2a:7c:21:
                    9d:04:02:11:ac:e7:8f:7c:1d:28:94:1a:8c:0e:a8:
                    85:b7:25:32:f3:ac:02:d5:75:4b:cb:de:57:21:57:
                    88:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:E4:79:67:7A:76:39:3B:00:9A:15:12:75:35:5D:A1:89:9E:E3:A4
            X509v3 Authority Key Identifier:
                keyid:76:8E:71:13:4C:F6:72:D6:AE:8F:66:FC:44:D5:BE:E6:24:CD:02:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/do5xE0z2ctauj2b8RNW-5iTNAqM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/ab82a4-5a72-45a7-96fd-9480b1633f9c/1/do5xE0z2ctauj2b8RNW-5iTNAqM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/ab82a4-5a72-45a7-96fd-9480b1633f9c/1/do5xE0z2ctauj2b8RNW-5iTNAqM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:66:36:51:67:ea:19:74:ea:09:ca:67:e2:a3:00:fd:ef:fc:
         a6:aa:e2:4c:f4:bc:3b:0b:7d:3e:49:5a:c1:47:8d:f2:72:0a:
         98:52:24:b9:7f:3b:bc:ba:4c:40:81:f2:e8:6d:ad:a8:75:93:
         d9:08:c5:7a:f3:52:6d:ce:32:ce:0c:20:08:8f:2d:10:87:ed:
         3b:9e:14:28:77:e9:87:d1:9c:79:3e:68:0b:96:7f:74:30:3f:
         ba:a6:56:1e:72:20:01:00:5f:ad:f8:5b:94:cb:3b:37:a6:d5:
         24:08:1a:b1:f3:a6:bc:32:73:d0:9b:f0:ce:4d:14:ae:42:a0:
         0f:c8:0d:79:10:81:39:58:ed:ac:c9:08:de:ce:0e:bf:d0:b7:
         22:9d:0f:69:47:0c:0c:39:65:41:33:66:d6:a5:34:be:3e:4c:
         d1:87:5f:98:cd:47:28:18:02:a1:57:54:f3:ac:88:9a:ad:86:
         f5:c5:d3:60:6f:c9:34:a2:bc:b4:13:84:5b:5d:f7:ad:e5:1f:
         45:41:9e:53:15:29:a3:21:53:43:a8:41:e7:8c:59:5c:75:2f:
         2e:94:9c:04:5d:b8:80:93:47:d2:f6:a7:bb:d1:d9:48:f0:72:
         19:1a:ae:48:56:53:c3:a7:d0:19:21:96:d3:46:1c:15:fd:88:
         bd:ce:bd:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLTYasJeTsS5/wghKE76M6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2OGU3MTEzNGNmNjcyZDZhZThmNjZmYzQ0ZDViZWU2MjRj
ZDAyYTMwHhcNMjUwMzEyMTcwMTA4WhcNMjUwMzEzMTcwMTA4WjAzMTEwLwYDVQQD
EyhlY2U0Nzk2NzdhNzYzOTNiMDA5YTE1MTI3NTM1NWRhMTg5OWVlM2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsK6diwxtfBFHgj6wvcCltSFZNnj2
L5mkKQIzBD2oix3tIaycDtE3nYW+zbeOKBzqnL5T4WAfmComjKT6PqtPx2JvUnS7
BbH1wpDuapLdtphO7q94vahBwYEQf1tNyfj65TG5rsOaCewymFI/TENFHsxG05wz
nEZ0cPvT3C4K6IYDOT51I5fwM5CfOr2XoYm9WaUPx40WR+7wLkM9iEdpgKGMplX7
WlgRKGHM2a/+pTJzyzTLDaWv7A19fWt/4oHGzgaLFCQAMOhngts2Ry/QsvD0PtV9
VkUEG80c4KUqfCGdBAIRrOePfB0olBqMDqiFtyUy86wC1XVLy95XIVeIowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOzkeWd6djk7AJoVEnU1XaGJnuOkMB8GA1UdIwQY
MBaAFHaOcRNM9nLWro9m/ETVvuYkzQKjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG81eEUwejJjdGF1ajJiOFJOVy01aVROQXFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hYjgyYTQtNWE3Mi00NWE3LTk2ZmQt
OTQ4MGIxNjMzZjljLzEvZG81eEUwejJjdGF1ajJiOFJOVy01aVROQXFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hYjgyYTQtNWE3Mi00NWE3LTk2ZmQtOTQ4MGIxNjMzZjlj
LzEvZG81eEUwejJjdGF1ajJiOFJOVy01aVROQXFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADGY2UWfq
GXTqCcpn4qMA/e/8pqriTPS8Owt9PklawUeN8nIKmFIkuX87vLpMQIHy6G2tqHWT
2QjFevNSbc4yzgwgCI8tEIftO54UKHfph9GceT5oC5Z/dDA/uqZWHnIgAQBfrfhb
lMs7N6bVJAgasfOmvDJz0Jvwzk0UrkKgD8gNeRCBOVjtrMkI3s4Ov9C3Ip0PaUcM
DDllQTNm1qU0vj5M0YdfmM1HKBgCoVdU86yImq2G9cXTYG/JNKK8tBOEW133reUf
RUGeUxUpoyFTQ6hB54xZXHUvLpScBF24gJNH0vanu9HZSPByGRquSFZTw6fQGSGW
00YcFf2Ivc69rA==
-----END CERTIFICATE-----