Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
File:                     dnECLoKiznV3Drwajw1F9E8scxY.mft (raw, json)
Hash identifier:          zv0cnqAuL70Pow6cPinj3bN/j7oMakeyS1Y38EEeP/I=
Subject key identifier:   8C:51:23:2F:AF:34:A1:C3:1E:D5:BA:4A:4A:31:9C:4B:C2:EA:55:70
Authority key identifier: 76:71:02:2E:82:A2:CE:75:77:0E:BC:1A:8F:0D:45:F4:4F:2C:73:16
Certificate issuer:       /CN=7671022e82a2ce75770ebc1a8f0d45f44f2c7316
Certificate serial:       0196515B8D44AE88E8F6E020826042095EAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
Manifest number:          14F9
Signing time:             Sun 20 Apr 2025 04:01:16 +0000
Manifest this update:     Sun 20 Apr 2025 04:01:16 +0000
Manifest next update:     Mon 21 Apr 2025 04:01:16 +0000
Files and hashes:         1: dnECLoKiznV3Drwajw1F9E8scxY.crl (hash: SSELySp6eeGyCThlBDZ3pR8foGTbg8gXg/kHIrMhcIU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 04:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:5b:8d:44:ae:88:e8:f6:e0:20:82:60:42:09:5e:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7671022e82a2ce75770ebc1a8f0d45f44f2c7316
        Validity
            Not Before: Apr 20 04:01:16 2025 GMT
            Not After : Apr 21 04:01:16 2025 GMT
        Subject: CN=8c51232faf34a1c31ed5ba4a4a319c4bc2ea5570
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:0b:df:ed:f0:12:8e:d8:f9:2c:1a:a9:1d:03:
                    2b:5c:d1:b7:e9:44:db:b1:24:eb:26:47:18:ff:0f:
                    34:de:0b:63:2d:e7:9a:6d:28:19:5d:33:60:1c:e5:
                    73:ba:a5:3d:68:50:0a:b0:41:ec:b4:fe:dc:28:2d:
                    b9:a1:4a:a7:b5:80:18:90:91:bb:12:3e:5b:48:4c:
                    5e:6a:f9:b4:48:12:71:e6:b9:44:1c:d3:31:a1:4d:
                    f5:83:47:03:e1:c5:67:d2:b6:b7:4b:bb:eb:18:e9:
                    da:2b:55:1f:21:fd:72:4f:8b:ad:3f:a6:dd:e3:04:
                    5b:13:36:75:91:01:40:1b:5a:01:56:19:e9:0e:5e:
                    49:58:18:e7:75:96:5d:35:07:8f:86:ca:e3:06:7d:
                    d5:81:17:9b:85:95:53:3f:1e:6a:97:d7:0f:4c:0c:
                    50:f0:e4:ed:6e:d6:5c:d1:6a:ec:e1:84:2a:cf:dc:
                    27:f1:7a:0f:bd:d7:cd:83:6a:ca:df:67:62:6c:71:
                    09:1a:59:f8:26:fd:3c:ae:30:6d:84:f6:7c:32:f7:
                    16:e4:14:24:09:93:62:ba:50:41:19:53:22:33:1d:
                    7e:52:dd:4f:04:8b:55:f9:82:df:5a:c7:0d:89:47:
                    c4:85:ab:59:16:a8:17:8b:f1:8a:26:b0:55:c5:d5:
                    66:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:51:23:2F:AF:34:A1:C3:1E:D5:BA:4A:4A:31:9C:4B:C2:EA:55:70
            X509v3 Authority Key Identifier:
                keyid:76:71:02:2E:82:A2:CE:75:77:0E:BC:1A:8F:0D:45:F4:4F:2C:73:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:59:bb:0a:a0:c4:2d:9f:68:ab:e8:1a:dd:a9:9f:38:41:e4:
         5f:15:0c:60:cd:01:f5:1b:12:cf:39:5a:ff:c2:11:21:39:d5:
         29:74:0b:27:f3:a7:eb:eb:98:f5:6e:55:d8:a8:ae:d5:78:18:
         86:4b:20:3a:cb:36:65:32:52:e7:89:eb:cb:ee:24:76:83:e2:
         a5:62:d9:a8:fb:7a:1e:2d:72:44:e6:af:ed:fe:10:4e:00:d7:
         18:5b:ff:16:ce:44:43:16:4d:70:14:32:77:c4:2b:68:92:32:
         14:80:34:d3:13:00:fe:53:c3:12:af:e1:48:54:85:19:c7:18:
         e8:ef:05:cc:8f:41:d5:3c:98:02:93:e0:bd:9c:61:ea:dc:36:
         8a:16:88:bb:3a:2f:e9:5a:ad:30:51:7c:3c:35:b6:62:57:9b:
         85:3d:09:a3:c0:95:10:ba:84:14:4a:88:19:c6:20:17:81:4f:
         d0:15:e8:c6:ce:66:f0:b9:2d:29:29:c2:d9:9f:f4:62:0a:b2:
         62:40:ab:45:b4:8c:60:be:81:e1:d5:0d:41:31:3e:d4:6e:d1:
         cd:37:fa:46:08:f0:c8:f0:43:86:47:41:35:8c:6d:40:01:22:
         2f:8d:75:33:97:a2:86:e3:03:51:9d:62:74:1d:7e:6a:b7:32:
         8c:47:03:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRW41Erojo9uAggmBCCV6vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NzEwMjJlODJhMmNlNzU3NzBlYmMxYThmMGQ0NWY0NGYy
YzczMTYwHhcNMjUwNDIwMDQwMTE2WhcNMjUwNDIxMDQwMTE2WjAzMTEwLwYDVQQD
Eyg4YzUxMjMyZmFmMzRhMWMzMWVkNWJhNGE0YTMxOWM0YmMyZWE1NTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAvf7fASjtj5LBqpHQMrXNG36UTb
sSTrJkcY/w803gtjLeeabSgZXTNgHOVzuqU9aFAKsEHstP7cKC25oUqntYAYkJG7
Ej5bSExeavm0SBJx5rlEHNMxoU31g0cD4cVn0ra3S7vrGOnaK1UfIf1yT4utP6bd
4wRbEzZ1kQFAG1oBVhnpDl5JWBjndZZdNQePhsrjBn3VgRebhZVTPx5ql9cPTAxQ
8OTtbtZc0Wrs4YQqz9wn8XoPvdfNg2rK32dibHEJGln4Jv08rjBthPZ8MvcW5BQk
CZNiulBBGVMiMx1+Ut1PBItV+YLfWscNiUfEhatZFqgXi/GKJrBVxdVmEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIxRIy+vNKHDHtW6SkoxnEvC6lVwMB8GA1UdIwQY
MBaAFHZxAi6Cos51dw68Go8NRfRPLHMWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jMjcxOWQtOGQ3Ny00Njg2LWEyZmIt
N2I0ZjA5Nzg1Zjc5LzEvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jMjcxOWQtOGQ3Ny00Njg2LWEyZmItN2I0ZjA5Nzg1Zjc5
LzEvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZlm7CqDE
LZ9oq+ga3amfOEHkXxUMYM0B9RsSzzla/8IRITnVKXQLJ/On6+uY9W5V2Kiu1XgY
hksgOss2ZTJS54nry+4kdoPipWLZqPt6Hi1yROav7f4QTgDXGFv/Fs5EQxZNcBQy
d8QraJIyFIA00xMA/lPDEq/hSFSFGccY6O8FzI9B1TyYApPgvZxh6tw2ihaIuzov
6VqtMFF8PDW2YlebhT0Jo8CVELqEFEqIGcYgF4FP0BXoxs5m8LktKSnC2Z/0Ygqy
YkCrRbSMYL6B4dUNQTE+1G7RzTf6RgjwyPBDhkdBNYxtQAEiL411M5eihuMDUZ1i
dB1+arcyjEcDKg==
-----END CERTIFICATE-----