Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.mft
File:                     dt0D59chnX68HyMPcGMtyRNvNBM.mft (raw, json)
Hash identifier:          jvOA0NuKwn3Aa0HowVaSfBbYsJ8VjtX2BDyAnNM/AaY=
Subject key identifier:   22:9F:EC:37:BF:9A:D7:EE:6F:6F:63:9E:0E:4A:3D:85:37:17:D1:5F
Authority key identifier: 76:DD:03:E7:D7:21:9D:7E:BC:1F:23:0F:70:63:2D:C9:13:6F:34:13
Certificate issuer:       /CN=76dd03e7d7219d7ebc1f230f70632dc9136f3413
Certificate serial:       01958EF3C0AA1C9FF2BD102A1532B836ED4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dt0D59chnX68HyMPcGMtyRNvNBM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.mft
Manifest number:          03A3
Signing time:             Thu 13 Mar 2025 10:01:33 +0000
Manifest this update:     Thu 13 Mar 2025 10:01:33 +0000
Manifest next update:     Fri 14 Mar 2025 10:01:33 +0000
Files and hashes:         1: dt0D59chnX68HyMPcGMtyRNvNBM.crl (hash: d0Vz+icvHYh7hg7DAaCHNUF+W/WNJ8R/GXuFbodKLn0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dt0D59chnX68HyMPcGMtyRNvNBM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 09:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8e:f3:c0:aa:1c:9f:f2:bd:10:2a:15:32:b8:36:ed:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76dd03e7d7219d7ebc1f230f70632dc9136f3413
        Validity
            Not Before: Mar 13 10:01:33 2025 GMT
            Not After : Mar 14 10:01:33 2025 GMT
        Subject: CN=229fec37bf9ad7ee6f6f639e0e4a3d853717d15f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:25:37:68:ac:16:0c:8f:d2:b0:98:b0:cf:81:
                    95:c9:15:1b:0b:5e:60:ae:58:d8:65:be:c8:01:e4:
                    b5:8a:dc:dc:87:91:bb:75:f8:e0:f1:04:03:51:5b:
                    c5:ae:9d:f2:00:e5:dc:01:b7:f2:cb:23:10:38:df:
                    53:e1:fa:12:56:53:9e:94:e5:5f:ce:59:48:83:52:
                    14:76:39:7b:7d:cf:3a:9a:d6:d9:38:18:49:c6:b4:
                    f0:0d:a6:f8:e0:c8:3a:89:bc:20:9b:af:cd:a1:a3:
                    90:d6:9b:4b:d1:a3:75:05:82:d1:5d:08:e7:ab:4e:
                    b4:86:bb:fe:04:75:1c:9d:84:85:2a:80:07:96:84:
                    85:74:92:e6:08:53:d8:64:26:5a:bd:ce:01:5e:41:
                    ba:c0:ea:24:b4:82:58:37:71:1b:68:62:97:1c:5f:
                    3b:f2:0e:9e:67:d3:a6:a5:5f:5e:90:a6:b0:ad:2f:
                    de:88:ea:a5:71:ac:db:2b:30:fb:97:6b:b0:64:10:
                    df:8d:3b:78:6f:92:cd:05:c2:3d:a2:6e:85:c7:da:
                    0d:bb:13:4c:21:82:92:ec:5c:cb:16:61:d4:c6:a5:
                    92:b9:36:d7:2f:af:75:b2:fd:38:8c:14:f6:ba:6f:
                    5e:1e:3e:df:7d:eb:6b:71:63:d2:2d:66:b3:ef:b9:
                    64:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:9F:EC:37:BF:9A:D7:EE:6F:6F:63:9E:0E:4A:3D:85:37:17:D1:5F
            X509v3 Authority Key Identifier:
                keyid:76:DD:03:E7:D7:21:9D:7E:BC:1F:23:0F:70:63:2D:C9:13:6F:34:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dt0D59chnX68HyMPcGMtyRNvNBM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:0d:4e:34:65:af:e3:88:86:52:13:dd:58:79:1f:27:eb:73:
         d7:3c:73:c7:33:45:54:c8:9d:fc:7d:16:66:1b:62:8f:d4:be:
         c9:40:3a:e2:03:7b:cc:f3:9a:79:99:fe:40:42:88:42:6f:38:
         56:1c:03:62:07:16:a8:83:ba:06:69:b4:58:37:e4:36:99:ea:
         9a:dd:60:29:9f:bb:9d:cd:e5:26:de:8a:85:78:94:1c:0f:c6:
         5b:42:02:f2:a1:05:d9:b3:bc:ef:c6:9d:90:f2:13:0c:22:86:
         48:96:2c:09:d8:08:cc:08:73:3c:16:94:75:e4:a9:ff:99:66:
         59:be:97:68:07:a5:e6:ef:97:69:c0:44:bf:c2:0e:24:5b:83:
         7f:d5:47:76:31:d0:c3:0a:10:3d:bb:6c:71:b6:3c:21:cf:41:
         6f:60:53:8b:ff:15:67:58:ce:4f:06:41:a1:f8:ed:3a:5b:e8:
         33:43:44:33:25:46:d0:a6:20:a4:5b:b5:d1:57:67:2a:fb:4c:
         85:27:25:ce:57:18:4f:cb:5c:8f:ff:2d:42:06:c8:3c:ca:cd:
         d0:9f:93:35:97:4d:e7:d7:77:9e:c2:1c:a5:96:b2:52:fa:62:
         6d:f1:3b:01:0f:33:a0:b9:af:b5:99:ab:96:e0:b1:d4:13:46:
         b1:d7:9d:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWO88CqHJ/yvRAqFTK4Nu1PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZGQwM2U3ZDcyMTlkN2ViYzFmMjMwZjcwNjMyZGM5MTM2
ZjM0MTMwHhcNMjUwMzEzMTAwMTMzWhcNMjUwMzE0MTAwMTMzWjAzMTEwLwYDVQQD
EygyMjlmZWMzN2JmOWFkN2VlNmY2ZjYzOWUwZTRhM2Q4NTM3MTdkMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryU3aKwWDI/SsJiwz4GVyRUbC15g
rljYZb7IAeS1itzch5G7dfjg8QQDUVvFrp3yAOXcAbfyyyMQON9T4foSVlOelOVf
zllIg1IUdjl7fc86mtbZOBhJxrTwDab44Mg6ibwgm6/NoaOQ1ptL0aN1BYLRXQjn
q060hrv+BHUcnYSFKoAHloSFdJLmCFPYZCZavc4BXkG6wOoktIJYN3EbaGKXHF87
8g6eZ9OmpV9ekKawrS/eiOqlcazbKzD7l2uwZBDfjTt4b5LNBcI9om6Fx9oNuxNM
IYKS7FzLFmHUxqWSuTbXL691sv04jBT2um9eHj7ffetrcWPSLWaz77lkRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCKf7De/mtfub29jng5KPYU3F9FfMB8GA1UdIwQY
MBaAFHbdA+fXIZ1+vB8jD3BjLckTbzQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHQwRDU5Y2huWDY4SHlNUGNHTXR5Uk52TkJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8xNDI2YTEtYjU1My00ZGE1LWE2ZDkt
YWMwMTAyNzkzYzVhLzEvZHQwRDU5Y2huWDY4SHlNUGNHTXR5Uk52TkJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8xNDI2YTEtYjU1My00ZGE1LWE2ZDktYWMwMTAyNzkzYzVh
LzEvZHQwRDU5Y2huWDY4SHlNUGNHTXR5Uk52TkJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApA1ONGWv
44iGUhPdWHkfJ+tz1zxzxzNFVMid/H0WZhtij9S+yUA64gN7zPOaeZn+QEKIQm84
VhwDYgcWqIO6Bmm0WDfkNpnqmt1gKZ+7nc3lJt6KhXiUHA/GW0IC8qEF2bO878ad
kPITDCKGSJYsCdgIzAhzPBaUdeSp/5lmWb6XaAel5u+XacBEv8IOJFuDf9VHdjHQ
wwoQPbtscbY8Ic9Bb2BTi/8VZ1jOTwZBofjtOlvoM0NEMyVG0KYgpFu10VdnKvtM
hSclzlcYT8tcj/8tQgbIPMrN0J+TNZdN59d3nsIcpZayUvpibfE7AQ8zoLmvtZmr
luCx1BNGsdedFg==
-----END CERTIFICATE-----