Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
File:                     WrJabDkrjmejrSH2D9MxHWt_Hlw.mft (raw, json)
Hash identifier:          V7N8XTMjVi+VrYAydVQ0sJAIz2jKqdM/8JPtgBITimo=
Subject key identifier:   4F:88:C1:BF:70:F2:FF:04:85:7E:F7:02:BB:67:DC:E6:A8:E8:AB:A7
Authority key identifier: 5A:B2:5A:6C:39:2B:8E:67:A3:AD:21:F6:0F:D3:31:1D:6B:7F:1E:5C
Certificate issuer:       /CN=5ab25a6c392b8e67a3ad21f60fd3311d6b7f1e5c
Certificate serial:       019613583A7DF54B30803526DCC30D2FF6F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
Manifest number:          0D77
Signing time:             Tue 08 Apr 2025 03:01:11 +0000
Manifest this update:     Tue 08 Apr 2025 03:01:11 +0000
Manifest next update:     Wed 09 Apr 2025 03:01:11 +0000
Files and hashes:         1: WrJabDkrjmejrSH2D9MxHWt_Hlw.crl (hash: KXBx4DBgefinmHJ4iubfoTW5lD9iwn8C5Hm4XGyMEb8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 09 Apr 2025 03:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:13:58:3a:7d:f5:4b:30:80:35:26:dc:c3:0d:2f:f6:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ab25a6c392b8e67a3ad21f60fd3311d6b7f1e5c
        Validity
            Not Before: Apr  8 03:01:11 2025 GMT
            Not After : Apr  9 03:01:11 2025 GMT
        Subject: CN=4f88c1bf70f2ff04857ef702bb67dce6a8e8aba7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:96:10:5e:27:cb:1d:54:41:ad:19:48:e4:3b:
                    3f:ad:72:03:be:71:38:72:c0:d6:f0:94:15:35:18:
                    e9:87:19:6c:d3:23:f1:a3:23:57:02:79:c2:91:51:
                    84:c5:26:79:b6:ce:8e:be:29:7f:0a:3f:bc:48:83:
                    6c:59:92:82:24:44:d3:8a:50:a6:37:d3:f1:bf:e9:
                    43:94:23:14:fd:be:7e:be:eb:a2:3f:90:74:c1:e0:
                    fe:7a:e7:a8:9c:14:5e:ca:77:8a:a9:ad:12:8d:8e:
                    d3:9c:b4:8e:1c:cd:44:b8:77:31:1b:84:93:43:d5:
                    ce:a8:73:36:63:d4:f7:6b:c3:e5:b5:00:bb:be:5c:
                    ad:19:22:41:2e:6d:d3:70:24:80:52:0c:8e:a4:17:
                    61:54:40:14:30:f2:fd:bf:dd:80:99:e6:12:a7:56:
                    54:82:74:82:cd:f2:c7:a4:ee:a1:57:fc:1c:9a:ab:
                    b6:33:ea:8b:df:d3:93:b7:3a:cd:37:11:c2:c0:11:
                    fd:b5:ad:53:82:41:1f:f3:fc:08:6a:54:5b:cc:bd:
                    25:82:a2:77:31:a9:54:d0:f4:cf:15:31:ad:13:4e:
                    f5:45:00:49:a7:c2:90:bc:3f:2d:7c:72:f4:77:5e:
                    85:8a:63:1b:0b:ac:92:04:00:62:5d:1a:1a:67:d9:
                    d1:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:88:C1:BF:70:F2:FF:04:85:7E:F7:02:BB:67:DC:E6:A8:E8:AB:A7
            X509v3 Authority Key Identifier:
                keyid:5A:B2:5A:6C:39:2B:8E:67:A3:AD:21:F6:0F:D3:31:1D:6B:7F:1E:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:4c:16:f7:11:44:09:16:2a:20:c7:28:01:6f:1a:5a:4f:b9:
         93:32:9e:62:ad:07:41:0a:5c:85:64:f3:ba:fc:7e:3d:08:d9:
         0d:09:75:4f:1b:99:bc:b5:1d:be:f7:17:ec:9c:9a:e8:8e:68:
         f0:f6:a7:ca:a1:39:b1:e3:93:5a:93:50:d5:38:39:8c:09:eb:
         49:de:45:c6:93:d9:b7:ce:15:2a:2e:da:16:bc:71:cd:63:d3:
         cd:46:37:7b:74:5d:a2:98:1d:5f:1f:30:68:85:74:fd:5b:9f:
         eb:46:05:d7:7b:59:70:ba:6c:9c:50:20:c4:87:8c:8b:4a:47:
         4f:df:3e:4a:d3:45:39:2d:43:3d:93:3a:b2:63:ae:80:ca:e3:
         e7:9b:bc:c0:ab:2e:e8:ab:2c:43:20:73:40:96:e0:3a:99:5d:
         d4:cf:52:fa:d1:53:81:bd:f2:f2:19:e6:85:0e:fc:1c:26:7a:
         56:8f:fb:6f:60:4b:2d:c2:a9:c6:df:a4:bb:27:f9:b0:67:af:
         d9:15:73:82:cb:64:ce:52:21:37:f4:8e:75:6e:76:f4:6e:2d:
         2a:a8:c7:2a:a2:3c:b1:00:39:35:5a:8d:ce:9c:df:67:05:70:
         cf:6b:12:d0:bf:5f:5b:1e:a6:d7:69:5f:5b:7f:58:3d:1d:97:
         ba:11:db:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYTWDp99UswgDUm3MMNL/b3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYjI1YTZjMzkyYjhlNjdhM2FkMjFmNjBmZDMzMTFkNmI3
ZjFlNWMwHhcNMjUwNDA4MDMwMTExWhcNMjUwNDA5MDMwMTExWjAzMTEwLwYDVQQD
Eyg0Zjg4YzFiZjcwZjJmZjA0ODU3ZWY3MDJiYjY3ZGNlNmE4ZThhYmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJYQXifLHVRBrRlI5Ds/rXIDvnE4
csDW8JQVNRjphxls0yPxoyNXAnnCkVGExSZ5ts6Ovil/Cj+8SINsWZKCJETTilCm
N9Pxv+lDlCMU/b5+vuuiP5B0weD+eueonBReyneKqa0SjY7TnLSOHM1EuHcxG4ST
Q9XOqHM2Y9T3a8PltQC7vlytGSJBLm3TcCSAUgyOpBdhVEAUMPL9v92AmeYSp1ZU
gnSCzfLHpO6hV/wcmqu2M+qL39OTtzrNNxHCwBH9ta1TgkEf8/wIalRbzL0lgqJ3
MalU0PTPFTGtE071RQBJp8KQvD8tfHL0d16FimMbC6ySBABiXRoaZ9nRfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE+Iwb9w8v8EhX73Artn3Oao6KunMB8GA1UdIwQY
MBaAFFqyWmw5K45no60h9g/TMR1rfx5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84MWY3NmYtZDg3OC00NGExLTgyYzct
MmNjYjVmMGM1ZjZiLzEvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84MWY3NmYtZDg3OC00NGExLTgyYzctMmNjYjVmMGM1ZjZi
LzEvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEUwW9xFE
CRYqIMcoAW8aWk+5kzKeYq0HQQpchWTzuvx+PQjZDQl1TxuZvLUdvvcX7Jya6I5o
8PanyqE5seOTWpNQ1Tg5jAnrSd5FxpPZt84VKi7aFrxxzWPTzUY3e3RdopgdXx8w
aIV0/Vuf60YF13tZcLpsnFAgxIeMi0pHT98+StNFOS1DPZM6smOugMrj55u8wKsu
6KssQyBzQJbgOpld1M9S+tFTgb3y8hnmhQ78HCZ6Vo/7b2BLLcKpxt+kuyf5sGev
2RVzgstkzlIhN/SOdW529G4tKqjHKqI8sQA5NVqNzpzfZwVwz2sS0L9fWx6m12lf
W39YPR2XuhHb3Q==
-----END CERTIFICATE-----