Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft
File:                     dtQhWmJUV7wFMhkciAP3xkt_kGU.mft (raw, json)
Hash identifier:          rC0sXv1KMzKBIoufSAa4ja0vAHlgTuLiYVLTJWO4ppc=
Subject key identifier:   C2:23:F7:BD:7E:02:D0:F1:38:3C:93:07:2A:0F:08:3D:D7:3C:8A:73
Authority key identifier: 76:D4:21:5A:62:54:57:BC:05:32:19:1C:88:03:F7:C6:4B:7F:90:65
Certificate issuer:       /CN=76d4215a625457bc0532191c8803f7c64b7f9065
Certificate serial:       01974F6A1F29F93EBAD66CEEB287D2B82DB2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dtQhWmJUV7wFMhkciAP3xkt_kGU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft
Manifest number:          0356
Signing time:             Sun 08 Jun 2025 12:00:44 +0000
Manifest this update:     Sun 08 Jun 2025 12:00:44 +0000
Manifest next update:     Mon 09 Jun 2025 12:00:44 +0000
Files and hashes:         1: dtQhWmJUV7wFMhkciAP3xkt_kGU.crl (hash: w+Mc1EfAoKHaJ8YEAcbB2RdfN4zTueWrQxy2gPlp0GI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dtQhWmJUV7wFMhkciAP3xkt_kGU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 11:44:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4f:6a:1f:29:f9:3e:ba:d6:6c:ee:b2:87:d2:b8:2d:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76d4215a625457bc0532191c8803f7c64b7f9065
        Validity
            Not Before: Jun  8 12:00:44 2025 GMT
            Not After : Jun  9 12:00:44 2025 GMT
        Subject: CN=c223f7bd7e02d0f1383c93072a0f083dd73c8a73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:c9:bd:af:21:2a:5a:00:cb:dd:50:93:1b:4e:
                    50:0d:e7:e2:d2:da:cf:a3:74:a9:77:45:37:42:e8:
                    14:18:e3:b6:11:ca:b2:4d:f2:a3:5f:06:29:be:d0:
                    62:ab:21:53:a4:05:bc:ca:f0:44:0f:95:69:28:fe:
                    5c:3f:1b:e0:9d:29:08:9b:7c:53:0a:2c:dc:ed:0e:
                    79:6b:b4:00:a4:a9:af:bc:19:bf:07:8b:af:ba:88:
                    e8:e8:c9:1d:bc:78:a8:1c:81:99:36:67:2e:1d:39:
                    ee:fd:56:38:93:5e:d8:04:37:0c:d7:bc:4c:3c:84:
                    26:9c:40:e1:25:be:08:36:0c:67:39:dc:3e:03:91:
                    62:74:1f:95:64:18:7c:b4:1a:27:ac:b8:5b:bc:1c:
                    f9:10:5a:12:5a:c6:e1:a7:91:b9:cd:d4:d7:f5:5b:
                    b1:c2:85:b2:c9:ca:f6:19:d8:b1:4b:dd:a3:93:0c:
                    33:dd:6a:29:00:b6:b9:fd:e9:15:ea:46:50:4f:73:
                    73:e8:e3:1c:88:4c:5c:43:bf:2c:8e:73:42:76:79:
                    e5:d7:d5:ac:8a:9f:94:ed:bc:8d:a9:93:93:4a:91:
                    c8:03:81:c6:5a:69:b2:b8:ff:24:7e:b4:d3:48:2d:
                    49:d1:81:dd:47:74:ab:00:a7:a2:56:12:ca:7f:0d:
                    05:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:23:F7:BD:7E:02:D0:F1:38:3C:93:07:2A:0F:08:3D:D7:3C:8A:73
            X509v3 Authority Key Identifier:
                keyid:76:D4:21:5A:62:54:57:BC:05:32:19:1C:88:03:F7:C6:4B:7F:90:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dtQhWmJUV7wFMhkciAP3xkt_kGU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:49:97:fc:9a:2f:09:75:02:5b:50:fc:76:bd:e6:cc:86:d5:
         e1:ca:54:3f:0c:7e:9e:69:bc:25:ee:9d:ac:04:e5:3d:63:73:
         ab:c5:23:f3:0f:99:c2:2b:d1:47:0a:2d:0c:38:d4:55:9e:9c:
         71:2b:e0:13:14:f4:de:6f:c2:d5:0a:b2:34:ab:f9:2e:d4:54:
         7d:81:27:54:f9:1b:ab:86:d6:74:0f:fb:46:9c:61:9c:2d:83:
         1c:60:d9:2a:50:15:82:00:54:92:ac:da:10:59:c2:65:9b:b5:
         5c:23:f9:4a:f9:1a:c3:03:ad:8f:0c:f2:44:2c:17:ec:22:4b:
         99:ec:8c:0d:c5:80:b5:3f:14:ae:8b:1a:4a:94:25:3e:7d:d4:
         30:8b:fa:45:bb:8b:ac:77:59:9d:0c:f8:11:56:34:51:95:cb:
         32:74:7d:7e:ca:1f:06:54:e9:84:96:37:cd:17:57:19:a9:bb:
         d1:4b:2a:8d:8b:7d:39:86:ed:a6:c3:3b:41:5e:bb:ad:8e:63:
         17:bd:a0:db:da:f5:df:d2:36:17:fe:8d:c3:59:56:1c:53:9e:
         e0:47:36:ea:4b:d3:11:7e:9d:67:67:21:00:88:e0:e9:a8:5f:
         2d:64:69:82:c7:5f:96:40:20:2f:c1:9b:c6:0b:7b:36:67:22:
         03:84:bb:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdPah8p+T661mzusofSuC2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZDQyMTVhNjI1NDU3YmMwNTMyMTkxYzg4MDNmN2M2NGI3
ZjkwNjUwHhcNMjUwNjA4MTIwMDQ0WhcNMjUwNjA5MTIwMDQ0WjAzMTEwLwYDVQQD
EyhjMjIzZjdiZDdlMDJkMGYxMzgzYzkzMDcyYTBmMDgzZGQ3M2M4YTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcm9ryEqWgDL3VCTG05QDefi0trP
o3Spd0U3QugUGOO2EcqyTfKjXwYpvtBiqyFTpAW8yvBED5VpKP5cPxvgnSkIm3xT
Cizc7Q55a7QApKmvvBm/B4uvuojo6MkdvHioHIGZNmcuHTnu/VY4k17YBDcM17xM
PIQmnEDhJb4INgxnOdw+A5FidB+VZBh8tBonrLhbvBz5EFoSWsbhp5G5zdTX9Vux
woWyycr2GdixS92jkwwz3WopALa5/ekV6kZQT3Nz6OMciExcQ78sjnNCdnnl19Ws
ip+U7byNqZOTSpHIA4HGWmmyuP8kfrTTSC1J0YHdR3SrAKeiVhLKfw0FKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMIj971+AtDxODyTByoPCD3XPIpzMB8GA1UdIwQY
MBaAFHbUIVpiVFe8BTIZHIgD98ZLf5BlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHRRaFdtSlVWN3dGTWhrY2lBUDN4a3Rfa0dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9iNTAxZGUtM2IxZC00ZDgwLWI2ZTkt
Zjg4ZDdlYzNhNTI2LzEvZHRRaFdtSlVWN3dGTWhrY2lBUDN4a3Rfa0dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9iNTAxZGUtM2IxZC00ZDgwLWI2ZTktZjg4ZDdlYzNhNTI2
LzEvZHRRaFdtSlVWN3dGTWhrY2lBUDN4a3Rfa0dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAakmX/Jov
CXUCW1D8dr3mzIbV4cpUPwx+nmm8Je6drATlPWNzq8Uj8w+ZwivRRwotDDjUVZ6c
cSvgExT03m/C1QqyNKv5LtRUfYEnVPkbq4bWdA/7RpxhnC2DHGDZKlAVggBUkqza
EFnCZZu1XCP5SvkawwOtjwzyRCwX7CJLmeyMDcWAtT8UrosaSpQlPn3UMIv6RbuL
rHdZnQz4EVY0UZXLMnR9fsofBlTphJY3zRdXGam70UsqjYt9OYbtpsM7QV67rY5j
F72g29r139I2F/6Nw1lWHFOe4Ec26kvTEX6dZ2chAIjg6ahfLWRpgsdflkAgL8Gb
xgt7NmciA4S7KQ==
-----END CERTIFICATE-----