Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft
File:                     dtQhWmJUV7wFMhkciAP3xkt_kGU.mft (raw, json)
Hash identifier:          b9974UtWREzDO5KxmZwpxFjMit8Z4kNyOhM0vnFx+2U=
Subject key identifier:   94:7E:2E:09:52:8F:26:90:BB:F3:81:6B:C3:B6:7C:A7:17:BF:BA:1D
Authority key identifier: 76:D4:21:5A:62:54:57:BC:05:32:19:1C:88:03:F7:C6:4B:7F:90:65
Certificate issuer:       /CN=76d4215a625457bc0532191c8803f7c64b7f9065
Certificate serial:       019644E886CF65B3B709AB8BEB76E8429652
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dtQhWmJUV7wFMhkciAP3xkt_kGU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft
Manifest number:          02CC
Signing time:             Thu 17 Apr 2025 18:00:11 +0000
Manifest this update:     Thu 17 Apr 2025 18:00:11 +0000
Manifest next update:     Fri 18 Apr 2025 18:00:11 +0000
Files and hashes:         1: dtQhWmJUV7wFMhkciAP3xkt_kGU.crl (hash: 9sMIljvW5J3TihewDViiEYigF2NOplgCtgN2cZcedPc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dtQhWmJUV7wFMhkciAP3xkt_kGU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:44:e8:86:cf:65:b3:b7:09:ab:8b:eb:76:e8:42:96:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76d4215a625457bc0532191c8803f7c64b7f9065
        Validity
            Not Before: Apr 17 18:00:11 2025 GMT
            Not After : Apr 18 18:00:11 2025 GMT
        Subject: CN=947e2e09528f2690bbf3816bc3b67ca717bfba1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e9:f4:01:c6:94:9c:d2:a8:2c:ef:42:71:7a:
                    c1:80:f8:47:94:5a:4f:a3:69:85:78:84:20:d8:1c:
                    87:a8:4f:5e:c1:73:0a:85:5f:b3:a5:6f:0a:d5:04:
                    88:ca:41:29:82:76:95:36:b5:73:da:5d:05:6e:44:
                    b3:9c:2d:e2:e2:09:41:5c:07:ae:c6:42:9e:53:d6:
                    48:d0:a5:dc:9f:7d:0d:87:b6:4c:76:fc:f9:57:7b:
                    30:f3:89:c6:e6:1a:7c:43:5a:27:f7:da:0a:7d:55:
                    ca:56:36:e1:56:93:71:ae:e9:4d:42:c6:aa:14:f4:
                    2d:b2:fd:9b:94:ef:61:88:b5:73:8a:25:82:d6:71:
                    28:60:45:92:b6:30:39:2c:12:df:c5:78:06:f0:cb:
                    09:38:93:e7:77:f7:0d:07:b9:02:6c:3e:cd:0e:75:
                    db:99:60:62:8c:e4:e4:c1:d7:b4:5c:17:bc:0c:de:
                    00:b8:47:b9:1c:ea:35:ac:95:28:6e:90:c0:11:90:
                    7c:69:42:6f:91:57:76:22:7e:2f:19:c0:e4:3a:d8:
                    72:68:27:f8:91:c5:a8:a9:29:5d:b6:74:21:3a:a3:
                    a9:94:ac:7c:a4:e4:0f:9f:81:24:72:c5:a5:1f:62:
                    ab:36:30:a2:cc:e1:da:49:b4:79:b9:c4:7b:1e:da:
                    31:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:7E:2E:09:52:8F:26:90:BB:F3:81:6B:C3:B6:7C:A7:17:BF:BA:1D
            X509v3 Authority Key Identifier:
                keyid:76:D4:21:5A:62:54:57:BC:05:32:19:1C:88:03:F7:C6:4B:7F:90:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dtQhWmJUV7wFMhkciAP3xkt_kGU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:a0:f4:b9:e0:39:ca:44:25:8d:08:5a:eb:22:41:19:05:c6:
         60:fb:83:ba:23:cc:1f:a2:ca:6f:6f:a2:29:d9:13:40:ea:63:
         16:8c:3e:a4:c4:0c:75:73:70:cc:2f:40:62:71:9c:a1:44:75:
         64:a1:f0:98:81:b5:16:58:c5:13:20:be:61:c5:76:f0:b9:79:
         84:bd:cc:d3:a3:7a:d1:29:d3:c8:bc:f0:bd:a3:b0:57:3b:35:
         1c:1d:2c:d7:72:bc:2f:0a:eb:b5:6d:d2:9d:b9:09:ff:81:83:
         dd:f9:ed:30:75:93:34:10:67:bf:a7:59:29:36:e1:7a:a1:22:
         0d:3c:e6:63:48:57:ff:c5:f8:3b:96:10:4f:3c:ea:8a:0d:a2:
         66:f0:4e:6c:e9:ae:67:2d:53:24:2b:48:16:fd:4b:51:b9:17:
         02:92:0a:76:8a:be:18:23:53:be:9a:cd:78:55:50:50:9c:f9:
         0e:ff:ac:2a:7f:15:81:6b:03:2b:89:0f:dd:35:b2:be:6b:11:
         da:fd:e7:f5:11:42:4e:c0:da:00:9a:a4:19:be:75:09:ae:62:
         a4:c5:a8:4a:07:9d:dd:8d:cd:8d:69:6e:a4:32:2f:51:28:8c:
         36:eb:bf:04:6a:fc:10:3d:c8:c8:85:87:c0:79:6d:3d:5a:4a:
         f7:65:bf:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZE6IbPZbO3CauL63boQpZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZDQyMTVhNjI1NDU3YmMwNTMyMTkxYzg4MDNmN2M2NGI3
ZjkwNjUwHhcNMjUwNDE3MTgwMDExWhcNMjUwNDE4MTgwMDExWjAzMTEwLwYDVQQD
Eyg5NDdlMmUwOTUyOGYyNjkwYmJmMzgxNmJjM2I2N2NhNzE3YmZiYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsun0AcaUnNKoLO9CcXrBgPhHlFpP
o2mFeIQg2ByHqE9ewXMKhV+zpW8K1QSIykEpgnaVNrVz2l0FbkSznC3i4glBXAeu
xkKeU9ZI0KXcn30Nh7ZMdvz5V3sw84nG5hp8Q1on99oKfVXKVjbhVpNxrulNQsaq
FPQtsv2blO9hiLVziiWC1nEoYEWStjA5LBLfxXgG8MsJOJPnd/cNB7kCbD7NDnXb
mWBijOTkwde0XBe8DN4AuEe5HOo1rJUobpDAEZB8aUJvkVd2In4vGcDkOthyaCf4
kcWoqSldtnQhOqOplKx8pOQPn4EkcsWlH2KrNjCizOHaSbR5ucR7HtoxuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJR+LglSjyaQu/OBa8O2fKcXv7odMB8GA1UdIwQY
MBaAFHbUIVpiVFe8BTIZHIgD98ZLf5BlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHRRaFdtSlVWN3dGTWhrY2lBUDN4a3Rfa0dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9iNTAxZGUtM2IxZC00ZDgwLWI2ZTkt
Zjg4ZDdlYzNhNTI2LzEvZHRRaFdtSlVWN3dGTWhrY2lBUDN4a3Rfa0dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9iNTAxZGUtM2IxZC00ZDgwLWI2ZTktZjg4ZDdlYzNhNTI2
LzEvZHRRaFdtSlVWN3dGTWhrY2lBUDN4a3Rfa0dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZKD0ueA5
ykQljQha6yJBGQXGYPuDuiPMH6LKb2+iKdkTQOpjFow+pMQMdXNwzC9AYnGcoUR1
ZKHwmIG1FljFEyC+YcV28Ll5hL3M06N60SnTyLzwvaOwVzs1HB0s13K8LwrrtW3S
nbkJ/4GD3fntMHWTNBBnv6dZKTbheqEiDTzmY0hX/8X4O5YQTzzqig2iZvBObOmu
Zy1TJCtIFv1LUbkXApIKdoq+GCNTvprNeFVQUJz5Dv+sKn8VgWsDK4kP3TWyvmsR
2v3n9RFCTsDaAJqkGb51Ca5ipMWoSged3Y3NjWlupDIvUSiMNuu/BGr8ED3IyIWH
wHltPVpK92W/iw==
-----END CERTIFICATE-----