Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft
File:                     dGMPFkhbT5M4X5So7HEArUjF_FA.mft (raw, json)
Hash identifier:          N0GfDTSyCAMhP1M2LLgMbWKMbQVCAuEyu7qCJfSF31U=
Subject key identifier:   45:2A:F3:9E:02:E3:08:D5:10:B2:8E:E3:6D:74:7D:27:C1:F2:0B:0E
Authority key identifier: 74:63:0F:16:48:5B:4F:93:38:5F:94:A8:EC:71:00:AD:48:C5:FC:50
Certificate issuer:       /CN=74630f16485b4f93385f94a8ec7100ad48c5fc50
Certificate serial:       0197469E60C96BBB6AAD8AECD3E5D622F732
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dGMPFkhbT5M4X5So7HEArUjF_FA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft
Manifest number:          0CB3
Signing time:             Fri 06 Jun 2025 19:01:13 +0000
Manifest this update:     Fri 06 Jun 2025 19:01:13 +0000
Manifest next update:     Sat 07 Jun 2025 19:01:13 +0000
Files and hashes:         1: dGMPFkhbT5M4X5So7HEArUjF_FA.crl (hash: bY6BUhQTT7ZkJWltAQwpLu8FWyXdfLoPoZmrjyAMEvs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dGMPFkhbT5M4X5So7HEArUjF_FA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9e:60:c9:6b:bb:6a:ad:8a:ec:d3:e5:d6:22:f7:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74630f16485b4f93385f94a8ec7100ad48c5fc50
        Validity
            Not Before: Jun  6 19:01:13 2025 GMT
            Not After : Jun  7 19:01:13 2025 GMT
        Subject: CN=452af39e02e308d510b28ee36d747d27c1f20b0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:bf:0e:6d:ab:75:56:77:61:0e:4b:cf:c6:cf:
                    2d:d2:ff:a8:9b:ab:fa:ce:02:23:b4:71:68:ac:67:
                    60:3e:be:2f:36:2d:dc:7f:1b:f9:4f:5b:cf:47:fd:
                    33:ef:39:25:fa:72:8d:db:20:34:b2:07:44:90:d1:
                    a2:40:49:67:96:8c:22:53:fe:3e:a7:3f:11:40:56:
                    7f:15:a0:de:b4:fa:15:4d:b7:47:80:c3:c7:7c:8e:
                    0d:64:0c:bc:db:f4:c0:e1:f6:61:1a:9b:e8:65:18:
                    dc:26:c4:72:81:94:02:bd:00:e3:8f:07:36:ee:e4:
                    28:a2:00:24:8d:55:4a:b5:57:01:da:f2:88:30:dc:
                    4c:ab:f8:6f:2a:c8:94:10:37:f4:8e:ec:82:ba:b9:
                    a1:21:a9:c8:ab:f9:3d:66:20:ce:27:fd:89:e0:02:
                    22:0e:88:f9:30:66:65:4f:60:80:bc:a5:ff:e9:30:
                    0f:16:ff:ac:b9:f4:ca:23:7f:74:8c:e3:3c:6b:26:
                    1d:cc:c1:59:07:ec:ad:e8:59:f3:78:ba:46:6a:73:
                    44:98:4e:d5:0a:71:68:17:ea:1e:6d:9f:4d:0d:cd:
                    ed:71:b1:62:9c:08:1a:f7:47:0f:37:9e:8c:5b:58:
                    3f:3d:43:e7:fe:10:8e:4a:63:4b:a0:16:b0:73:ec:
                    45:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:2A:F3:9E:02:E3:08:D5:10:B2:8E:E3:6D:74:7D:27:C1:F2:0B:0E
            X509v3 Authority Key Identifier:
                keyid:74:63:0F:16:48:5B:4F:93:38:5F:94:A8:EC:71:00:AD:48:C5:FC:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGMPFkhbT5M4X5So7HEArUjF_FA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:20:41:57:5c:5c:d6:c2:1d:0d:06:fd:db:48:46:19:1b:30:
         61:44:52:93:f8:c8:17:60:98:25:d9:e9:d9:84:b4:f1:00:4c:
         23:6d:49:48:9a:77:67:d9:43:7e:9a:9c:07:c5:1f:98:b0:80:
         30:a1:86:98:b1:f9:a4:52:bd:05:14:39:44:f9:45:cb:dd:ba:
         2a:76:82:d1:8b:ad:b8:3d:fb:cf:e6:a8:f7:09:83:f4:93:43:
         7d:e2:d9:d8:2e:37:92:65:6a:eb:92:b0:ab:d4:10:a0:12:39:
         5d:e3:9e:82:cf:4e:78:10:75:4d:36:fe:83:93:49:93:c3:be:
         e3:bf:43:f3:be:77:10:75:de:b5:81:34:01:17:c6:13:c2:d6:
         b1:02:25:d6:ac:c3:c3:6c:f0:8c:e7:ea:99:08:40:14:b2:08:
         1a:8d:16:73:1f:0c:69:a8:65:07:f3:c8:cf:1d:12:c6:7f:78:
         f6:8a:e6:8a:5d:88:69:1d:13:6c:c6:f2:c1:d1:b8:02:99:11:
         21:56:30:ba:3d:6d:9b:8b:32:a1:61:2e:12:38:f3:30:60:16:
         2f:97:28:b8:8d:1b:cd:da:c8:1e:77:12:46:3f:61:91:30:1d:
         dc:5b:93:65:5e:d6:7b:80:06:89:97:b8:e1:34:1e:f7:05:dd:
         7c:11:a6:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnmDJa7tqrYrs0+XWIvcyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjMwZjE2NDg1YjRmOTMzODVmOTRhOGVjNzEwMGFkNDhj
NWZjNTAwHhcNMjUwNjA2MTkwMTEzWhcNMjUwNjA3MTkwMTEzWjAzMTEwLwYDVQQD
Eyg0NTJhZjM5ZTAyZTMwOGQ1MTBiMjhlZTM2ZDc0N2QyN2MxZjIwYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr8Obat1VndhDkvPxs8t0v+om6v6
zgIjtHForGdgPr4vNi3cfxv5T1vPR/0z7zkl+nKN2yA0sgdEkNGiQElnlowiU/4+
pz8RQFZ/FaDetPoVTbdHgMPHfI4NZAy82/TA4fZhGpvoZRjcJsRygZQCvQDjjwc2
7uQoogAkjVVKtVcB2vKIMNxMq/hvKsiUEDf0juyCurmhIanIq/k9ZiDOJ/2J4AIi
Doj5MGZlT2CAvKX/6TAPFv+sufTKI390jOM8ayYdzMFZB+yt6FnzeLpGanNEmE7V
CnFoF+oebZ9NDc3tcbFinAga90cPN56MW1g/PUPn/hCOSmNLoBawc+xF6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEUq854C4wjVELKO4210fSfB8gsOMB8GA1UdIwQY
MBaAFHRjDxZIW0+TOF+UqOxxAK1IxfxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdNUEZraGJUNU00WDVTbzdIRUFyVWpGX0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9iNDQ4NTYtMjE0YS00NTk2LTkyN2It
M2RhNDE1YWMwZGMwLzEvZEdNUEZraGJUNU00WDVTbzdIRUFyVWpGX0ZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9iNDQ4NTYtMjE0YS00NTk2LTkyN2ItM2RhNDE1YWMwZGMw
LzEvZEdNUEZraGJUNU00WDVTbzdIRUFyVWpGX0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACCBBV1xc
1sIdDQb920hGGRswYURSk/jIF2CYJdnp2YS08QBMI21JSJp3Z9lDfpqcB8UfmLCA
MKGGmLH5pFK9BRQ5RPlFy926KnaC0YutuD37z+ao9wmD9JNDfeLZ2C43kmVq65Kw
q9QQoBI5XeOegs9OeBB1TTb+g5NJk8O+479D8753EHXetYE0ARfGE8LWsQIl1qzD
w2zwjOfqmQhAFLIIGo0Wcx8MaahlB/PIzx0Sxn949ormil2IaR0TbMbywdG4ApkR
IVYwuj1tm4syoWEuEjjzMGAWL5couI0bzdrIHncSRj9hkTAd3FuTZV7We4AGiZe4
4TQe9wXdfBGmAQ==
-----END CERTIFICATE-----