Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.mft
File:                     dt0D59chnX68HyMPcGMtyRNvNBM.mft (raw, json)
Hash identifier:          kXuVWQ4DHNkKcE204tl5dnYl/ZUOIaSKwAgIyjmjNYY=
Subject key identifier:   3B:AC:9F:9B:B2:EB:13:86:7F:2A:5C:37:2A:9D:A8:D4:C9:75:75:2C
Authority key identifier: 76:DD:03:E7:D7:21:9D:7E:BC:1F:23:0F:70:63:2D:C9:13:6F:34:13
Certificate issuer:       /CN=76dd03e7d7219d7ebc1f230f70632dc9136f3413
Certificate serial:       01974931191673B1AF011B84E7BA9BEFEA6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dt0D59chnX68HyMPcGMtyRNvNBM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.mft
Manifest number:          0488
Signing time:             Sat 07 Jun 2025 07:00:43 +0000
Manifest this update:     Sat 07 Jun 2025 07:00:43 +0000
Manifest next update:     Sun 08 Jun 2025 07:00:43 +0000
Files and hashes:         1: dt0D59chnX68HyMPcGMtyRNvNBM.crl (hash: 8Y1fPETg2mASpvYQo24VNFsbz2z29+IOQ2aJZqWSY5k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dt0D59chnX68HyMPcGMtyRNvNBM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:19:16:73:b1:af:01:1b:84:e7:ba:9b:ef:ea:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76dd03e7d7219d7ebc1f230f70632dc9136f3413
        Validity
            Not Before: Jun  7 07:00:43 2025 GMT
            Not After : Jun  8 07:00:43 2025 GMT
        Subject: CN=3bac9f9bb2eb13867f2a5c372a9da8d4c975752c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:7e:80:2f:fd:ef:08:36:63:a5:21:25:91:94:
                    b3:85:a3:9f:83:00:be:c6:47:03:be:c0:37:1c:d9:
                    75:8a:54:d9:9d:65:7c:57:5b:b8:d9:45:7e:98:80:
                    47:00:36:18:e9:e8:c4:44:21:ce:57:99:98:bf:f5:
                    a4:b6:f3:d8:07:87:9e:29:c6:5c:ec:19:83:8b:d6:
                    ac:09:56:ee:ca:68:f9:1a:6b:b7:c1:fd:a2:db:21:
                    0e:5c:04:d2:cc:b7:67:92:1c:8b:3e:33:10:6c:cd:
                    2a:1b:4b:a1:a5:09:6c:15:f5:51:51:44:0d:0b:e4:
                    67:62:14:93:a5:b2:06:e9:8c:e8:9c:6c:48:80:bc:
                    f8:af:4b:41:dd:82:ee:8e:c5:67:20:39:66:50:87:
                    24:e2:e8:29:52:fb:58:23:3d:25:30:59:3c:a4:11:
                    06:a9:fc:81:79:b6:56:04:ee:23:45:94:af:d0:61:
                    fd:01:fe:b8:e2:0c:cd:4a:f2:c7:c4:dc:a6:92:08:
                    b6:58:f2:48:2e:8f:cd:d1:e8:f5:55:ba:56:98:f5:
                    3f:ff:1f:ca:b0:cc:54:92:1b:c8:c7:46:19:95:5b:
                    c7:ef:ba:27:f8:ab:6c:03:ad:a9:5e:47:71:9e:32:
                    e3:80:b6:79:3b:6a:24:a9:77:8f:3e:08:73:09:d5:
                    9a:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:AC:9F:9B:B2:EB:13:86:7F:2A:5C:37:2A:9D:A8:D4:C9:75:75:2C
            X509v3 Authority Key Identifier:
                keyid:76:DD:03:E7:D7:21:9D:7E:BC:1F:23:0F:70:63:2D:C9:13:6F:34:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dt0D59chnX68HyMPcGMtyRNvNBM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:5f:37:ae:19:f6:d2:7d:61:8a:cb:19:ee:ca:9d:4f:dc:6c:
         4f:8e:22:5c:ed:bd:fd:23:30:16:82:d2:19:e1:a0:41:07:1c:
         c2:4f:fb:11:7a:33:21:d1:ea:cf:3f:fe:26:e2:8c:77:f8:52:
         dd:d0:48:62:b4:09:74:f2:a2:08:a6:39:4e:bb:64:12:a9:e7:
         65:a6:de:56:39:aa:26:93:85:5b:2e:d6:0d:df:86:6d:6d:56:
         9f:8f:38:5c:20:4f:9d:74:d5:3d:a2:83:7d:df:1a:90:91:fb:
         d8:b0:7e:f2:03:7f:d6:c1:10:cf:4a:6e:ca:c8:3b:40:b3:a6:
         c3:c4:ff:6a:ad:f2:6f:c6:40:37:82:11:c6:ac:7e:51:a6:ab:
         80:cd:ee:53:e4:29:eb:87:e3:38:e6:89:e7:bd:0d:cb:0f:c2:
         2d:3d:61:a1:99:50:34:dd:35:91:ed:f4:68:91:36:e2:86:17:
         17:1d:52:16:ae:b1:55:68:86:68:70:c5:c0:2e:4b:97:94:ba:
         f5:b4:18:5d:26:0f:fb:e9:a3:c6:f7:8e:e7:3e:b7:4e:3b:be:
         f5:99:6e:c7:e3:68:3f:e8:e3:c5:cb:a7:78:13:c5:dd:a1:fa:
         ce:54:c0:cc:4c:40:49:43:f8:b3:0d:55:cc:f5:d4:44:88:fd:
         05:02:d4:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMRkWc7GvARuE57qb7+ptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZGQwM2U3ZDcyMTlkN2ViYzFmMjMwZjcwNjMyZGM5MTM2
ZjM0MTMwHhcNMjUwNjA3MDcwMDQzWhcNMjUwNjA4MDcwMDQzWjAzMTEwLwYDVQQD
EygzYmFjOWY5YmIyZWIxMzg2N2YyYTVjMzcyYTlkYThkNGM5NzU3NTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoX6AL/3vCDZjpSElkZSzhaOfgwC+
xkcDvsA3HNl1ilTZnWV8V1u42UV+mIBHADYY6ejERCHOV5mYv/WktvPYB4eeKcZc
7BmDi9asCVbuymj5Gmu3wf2i2yEOXATSzLdnkhyLPjMQbM0qG0uhpQlsFfVRUUQN
C+RnYhSTpbIG6YzonGxIgLz4r0tB3YLujsVnIDlmUIck4ugpUvtYIz0lMFk8pBEG
qfyBebZWBO4jRZSv0GH9Af644gzNSvLHxNymkgi2WPJILo/N0ej1VbpWmPU//x/K
sMxUkhvIx0YZlVvH77on+KtsA62pXkdxnjLjgLZ5O2okqXePPghzCdWa7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDusn5uy6xOGfypcNyqdqNTJdXUsMB8GA1UdIwQY
MBaAFHbdA+fXIZ1+vB8jD3BjLckTbzQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHQwRDU5Y2huWDY4SHlNUGNHTXR5Uk52TkJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8xNDI2YTEtYjU1My00ZGE1LWE2ZDkt
YWMwMTAyNzkzYzVhLzEvZHQwRDU5Y2huWDY4SHlNUGNHTXR5Uk52TkJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8xNDI2YTEtYjU1My00ZGE1LWE2ZDktYWMwMTAyNzkzYzVh
LzEvZHQwRDU5Y2huWDY4SHlNUGNHTXR5Uk52TkJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN183rhn2
0n1hissZ7sqdT9xsT44iXO29/SMwFoLSGeGgQQccwk/7EXozIdHqzz/+JuKMd/hS
3dBIYrQJdPKiCKY5TrtkEqnnZabeVjmqJpOFWy7WDd+GbW1Wn484XCBPnXTVPaKD
fd8akJH72LB+8gN/1sEQz0puysg7QLOmw8T/aq3yb8ZAN4IRxqx+UaargM3uU+Qp
64fjOOaJ570Nyw/CLT1hoZlQNN01ke30aJE24oYXFx1SFq6xVWiGaHDFwC5Ll5S6
9bQYXSYP++mjxveO5z63Tju+9Zlux+NoP+jjxcuneBPF3aH6zlTAzExASUP4sw1V
zPXURIj9BQLUpQ==
-----END CERTIFICATE-----