Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
File:                     dnECLoKiznV3Drwajw1F9E8scxY.mft (raw, json)
Hash identifier:          RXSJpd0MNhWnf2skw3akTXzWvfCElm2TMyxkgZNKm08=
Subject key identifier:   0E:B4:AF:50:76:64:26:36:5D:6E:F8:C4:7E:22:2D:EC:9D:51:4F:4F
Authority key identifier: 76:71:02:2E:82:A2:CE:75:77:0E:BC:1A:8F:0D:45:F4:4F:2C:73:16
Certificate issuer:       /CN=7671022e82a2ce75770ebc1a8f0d45f44f2c7316
Certificate serial:       0197488C039D7DF7E036D1DDF9ADF54FFDF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
Manifest number:          1579
Signing time:             Sat 07 Jun 2025 04:00:24 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:24 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:24 +0000
Files and hashes:         1: dnECLoKiznV3Drwajw1F9E8scxY.crl (hash: ct2oZUril4ecxnCDoElMgxtzEGdizaMKa3nNQcAym8c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:03:9d:7d:f7:e0:36:d1:dd:f9:ad:f5:4f:fd:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7671022e82a2ce75770ebc1a8f0d45f44f2c7316
        Validity
            Not Before: Jun  7 04:00:24 2025 GMT
            Not After : Jun  8 04:00:24 2025 GMT
        Subject: CN=0eb4af50766426365d6ef8c47e222dec9d514f4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:bc:3d:1f:06:00:0a:19:e6:6a:d7:0a:30:55:
                    da:b8:08:59:0d:2f:fb:0a:95:43:2c:c7:4b:c9:52:
                    2e:b4:30:9f:47:b2:44:84:c2:15:be:98:41:d3:be:
                    b6:13:51:ef:73:8b:e6:67:49:59:1c:ad:f9:c7:0e:
                    3c:6b:13:28:5a:25:5c:06:bd:77:dd:05:32:22:6e:
                    c0:52:bf:38:a9:cf:c2:41:6e:66:11:c2:ca:8d:83:
                    3a:84:06:95:f9:0b:3d:0e:f0:10:c6:02:49:5e:79:
                    60:25:71:c7:00:f7:bb:b4:62:d0:74:f2:b4:bf:8a:
                    ed:1c:d0:50:cf:31:e3:31:27:c6:26:71:d3:5e:30:
                    0d:79:85:2d:f0:0c:73:ca:55:57:d4:2c:4e:66:8b:
                    f4:0a:ba:5a:03:7f:e6:bd:54:77:22:47:7c:3a:55:
                    7f:26:e6:af:c1:2d:1c:c5:e2:c2:d9:13:87:9e:80:
                    a6:33:88:b2:c5:a8:a0:3c:68:c4:5e:8f:71:6a:2b:
                    b5:d7:23:75:9b:22:b7:d5:5c:bf:f2:60:aa:cb:36:
                    96:70:6a:2f:d8:a9:62:47:3e:af:0f:8c:24:2f:28:
                    38:40:5b:22:a2:89:af:93:82:3f:73:32:36:32:b0:
                    3d:48:11:99:2c:d2:61:f8:66:9b:d5:de:61:54:2f:
                    4b:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:B4:AF:50:76:64:26:36:5D:6E:F8:C4:7E:22:2D:EC:9D:51:4F:4F
            X509v3 Authority Key Identifier:
                keyid:76:71:02:2E:82:A2:CE:75:77:0E:BC:1A:8F:0D:45:F4:4F:2C:73:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:e0:f9:bf:9f:6d:7c:e6:0b:45:8c:d2:9e:dd:4b:04:60:da:
         7a:eb:0a:a9:71:76:d3:c5:56:98:3b:4a:83:48:af:0d:c4:1f:
         43:e5:85:53:14:14:94:7a:25:fb:83:81:ae:3e:99:3e:34:9c:
         99:30:d4:28:7f:af:53:92:ab:d2:93:70:1f:12:5f:62:d4:af:
         48:36:88:e4:e4:4c:22:a4:16:8a:46:20:60:b8:4f:b6:06:39:
         85:47:07:7d:ca:92:7e:69:ad:f8:5a:8e:e4:47:5a:38:89:f1:
         49:2d:d2:71:09:49:03:35:65:5f:ba:5c:32:96:f9:ef:de:27:
         a7:aa:c2:74:04:61:69:58:51:9f:05:8b:6b:2a:27:3a:1a:87:
         dd:dd:37:f4:6e:24:e3:a2:5d:44:ae:5a:4b:08:e0:5c:bf:11:
         93:27:f5:b7:3a:ef:74:f7:dd:0f:50:0d:52:17:49:f4:73:55:
         1f:5f:ff:bf:e9:f8:82:2f:d5:89:ed:86:31:3d:6f:64:57:5f:
         57:52:7f:9e:73:9c:9e:15:35:bf:6a:7c:3a:30:8c:d8:f4:7a:
         3b:2e:08:4f:71:bf:19:a5:c0:09:e3:68:f9:73:43:65:f1:ce:
         85:ad:da:0e:21:b2:3a:2a:09:12:a4:ef:d3:75:d8:76:42:c1:
         30:bc:c5:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjAOdfffgNtHd+a31T/33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NzEwMjJlODJhMmNlNzU3NzBlYmMxYThmMGQ0NWY0NGYy
YzczMTYwHhcNMjUwNjA3MDQwMDI0WhcNMjUwNjA4MDQwMDI0WjAzMTEwLwYDVQQD
EygwZWI0YWY1MDc2NjQyNjM2NWQ2ZWY4YzQ3ZTIyMmRlYzlkNTE0ZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrw9HwYAChnmatcKMFXauAhZDS/7
CpVDLMdLyVIutDCfR7JEhMIVvphB0762E1Hvc4vmZ0lZHK35xw48axMoWiVcBr13
3QUyIm7AUr84qc/CQW5mEcLKjYM6hAaV+Qs9DvAQxgJJXnlgJXHHAPe7tGLQdPK0
v4rtHNBQzzHjMSfGJnHTXjANeYUt8AxzylVX1CxOZov0CrpaA3/mvVR3Ikd8OlV/
JuavwS0cxeLC2ROHnoCmM4iyxaigPGjEXo9xaiu11yN1myK31Vy/8mCqyzaWcGov
2KliRz6vD4wkLyg4QFsioomvk4I/czI2MrA9SBGZLNJh+Gab1d5hVC9LCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA60r1B2ZCY2XW74xH4iLeydUU9PMB8GA1UdIwQY
MBaAFHZxAi6Cos51dw68Go8NRfRPLHMWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jMjcxOWQtOGQ3Ny00Njg2LWEyZmIt
N2I0ZjA5Nzg1Zjc5LzEvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jMjcxOWQtOGQ3Ny00Njg2LWEyZmItN2I0ZjA5Nzg1Zjc5
LzEvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAROD5v59t
fOYLRYzSnt1LBGDaeusKqXF208VWmDtKg0ivDcQfQ+WFUxQUlHol+4OBrj6ZPjSc
mTDUKH+vU5Kr0pNwHxJfYtSvSDaI5ORMIqQWikYgYLhPtgY5hUcHfcqSfmmt+FqO
5EdaOInxSS3ScQlJAzVlX7pcMpb5794np6rCdARhaVhRnwWLayonOhqH3d039G4k
46JdRK5aSwjgXL8Rkyf1tzrvdPfdD1ANUhdJ9HNVH1//v+n4gi/Vie2GMT1vZFdf
V1J/nnOcnhU1v2p8OjCM2PR6Oy4IT3G/GaXACeNo+XNDZfHOha3aDiGyOioJEqTv
03XYdkLBMLzF+w==
-----END CERTIFICATE-----