Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft
File:                     d7AlLypnrNQplw-mSmQXd29y2NY.mft (raw, json)
Hash identifier:          xwK+1NIoavXIhpmnOMdQ4p27Isp2wM+HSI1ZR/cANWU=
Subject key identifier:   2F:5D:19:EC:57:C6:15:05:56:20:E1:BC:55:37:E7:81:8C:01:3D:CD
Authority key identifier: 77:B0:25:2F:2A:67:AC:D4:29:97:0F:A6:4A:64:17:77:6F:72:D8:D6
Certificate issuer:       /CN=77b0252f2a67acd429970fa64a6417776f72d8d6
Certificate serial:       01958B16CC86025AE230F91DE2BD89F7DF54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft
Manifest number:          0371
Signing time:             Wed 12 Mar 2025 16:01:21 +0000
Manifest this update:     Wed 12 Mar 2025 16:01:21 +0000
Manifest next update:     Thu 13 Mar 2025 16:01:21 +0000
Files and hashes:         1: d7AlLypnrNQplw-mSmQXd29y2NY.crl (hash: Ev86pZYXb66A1P8VKdUVyzU7Iet/a8grddtCRMiFHVg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 16:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:16:cc:86:02:5a:e2:30:f9:1d:e2:bd:89:f7:df:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77b0252f2a67acd429970fa64a6417776f72d8d6
        Validity
            Not Before: Mar 12 16:01:21 2025 GMT
            Not After : Mar 13 16:01:21 2025 GMT
        Subject: CN=2f5d19ec57c615055620e1bc5537e7818c013dcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:de:5b:51:15:9f:c3:99:5e:f7:0f:b6:f7:b0:
                    b6:6a:cc:31:5c:ed:37:24:05:22:ff:0f:70:47:b5:
                    bb:bd:be:ba:59:ba:f7:6c:73:d5:a0:66:c3:b1:4d:
                    9c:d4:f0:4e:be:28:96:45:a8:69:0a:68:89:d3:81:
                    ae:80:88:cc:0d:71:70:af:9a:a1:43:8a:08:88:55:
                    b9:50:97:11:b6:a5:0a:6d:1d:60:88:e4:71:d0:62:
                    1a:56:99:e1:ab:84:dc:1e:b4:b5:45:44:2c:c5:fc:
                    23:1a:e2:04:8f:e7:39:3d:7a:91:48:54:7f:78:71:
                    6f:30:b9:fd:34:22:f6:80:b8:53:d2:10:a1:d6:95:
                    11:7f:bc:65:b6:77:c9:bf:93:3f:84:fe:85:8e:0d:
                    12:cd:c6:ad:2e:57:15:2b:67:31:f0:60:3c:f0:13:
                    e6:d7:37:f7:df:85:de:ec:f1:6b:9e:51:b9:5e:d2:
                    f5:5e:4b:58:d6:72:94:14:79:81:5f:d1:66:80:5f:
                    68:01:70:76:b5:7a:36:1c:4c:85:e4:fc:78:9d:50:
                    73:ca:91:cb:17:8d:e8:95:4f:62:f7:9c:ef:81:b7:
                    88:ce:36:fb:30:bb:bd:83:ed:73:f3:bc:16:22:bb:
                    e9:a7:1a:13:e2:fa:1c:08:74:fd:66:8f:4b:5d:2e:
                    a0:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:5D:19:EC:57:C6:15:05:56:20:E1:BC:55:37:E7:81:8C:01:3D:CD
            X509v3 Authority Key Identifier:
                keyid:77:B0:25:2F:2A:67:AC:D4:29:97:0F:A6:4A:64:17:77:6F:72:D8:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:c0:ba:d1:05:17:50:45:9e:7d:3f:09:db:8f:ee:a2:a3:8e:
         5e:7d:9f:41:60:9c:f6:87:c8:61:d5:62:19:ba:d1:11:2c:9c:
         45:27:1c:5f:f2:71:dc:bf:16:fa:e5:3a:84:7f:62:a4:11:89:
         50:e3:d4:5c:aa:31:d8:15:44:ff:2f:f4:0e:3d:cd:53:b1:ee:
         1f:7d:1f:44:ba:5b:92:dc:4c:43:a2:a2:dc:3f:28:bd:fb:5a:
         7c:7f:da:17:5c:db:14:d6:54:97:42:0a:b4:ab:4c:7f:fb:53:
         8c:83:c7:b1:79:d7:e1:c9:71:5f:eb:71:97:3b:ca:1f:9f:bd:
         14:56:f1:c7:58:3b:45:5a:96:9a:2f:b8:d4:1c:fe:d3:2c:ca:
         1b:b7:eb:8d:0a:2b:a1:d6:3e:99:60:b6:a0:0e:e2:2a:1c:95:
         06:bf:76:1e:f0:aa:8b:51:2c:b7:09:fc:01:c5:d2:6d:57:c6:
         82:9f:ac:ed:30:4c:85:72:0a:20:bb:1e:b4:13:76:14:ab:ae:
         2f:0a:7d:ad:1c:95:96:19:a9:84:74:55:86:21:e2:e2:8a:ed:
         4f:30:3f:ce:7a:73:ff:71:ec:fc:28:c8:08:87:3c:f8:7e:c3:
         31:03:53:4b:bb:5e:d2:e8:64:ab:54:57:ca:fa:28:ef:f2:a9:
         85:60:dc:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLFsyGAlriMPkd4r2J999UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjAyNTJmMmE2N2FjZDQyOTk3MGZhNjRhNjQxNzc3NmY3
MmQ4ZDYwHhcNMjUwMzEyMTYwMTIxWhcNMjUwMzEzMTYwMTIxWjAzMTEwLwYDVQQD
EygyZjVkMTllYzU3YzYxNTA1NTYyMGUxYmM1NTM3ZTc4MThjMDEzZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst5bURWfw5le9w+297C2aswxXO03
JAUi/w9wR7W7vb66Wbr3bHPVoGbDsU2c1PBOviiWRahpCmiJ04GugIjMDXFwr5qh
Q4oIiFW5UJcRtqUKbR1giORx0GIaVpnhq4TcHrS1RUQsxfwjGuIEj+c5PXqRSFR/
eHFvMLn9NCL2gLhT0hCh1pURf7xltnfJv5M/hP6Fjg0SzcatLlcVK2cx8GA88BPm
1zf334Xe7PFrnlG5XtL1XktY1nKUFHmBX9FmgF9oAXB2tXo2HEyF5Px4nVBzypHL
F43olU9i95zvgbeIzjb7MLu9g+1z87wWIrvppxoT4vocCHT9Zo9LXS6g8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC9dGexXxhUFViDhvFU354GMAT3NMB8GA1UdIwQY
MBaAFHewJS8qZ6zUKZcPpkpkF3dvctjWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yOTZlOTQtOTI5Ni00MmU1LWE0YjQt
OTk2YzUyOWVjOTg2LzEvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yOTZlOTQtOTI5Ni00MmU1LWE0YjQtOTk2YzUyOWVjOTg2
LzEvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlcC60QUX
UEWefT8J24/uoqOOXn2fQWCc9ofIYdViGbrRESycRSccX/Jx3L8W+uU6hH9ipBGJ
UOPUXKox2BVE/y/0Dj3NU7HuH30fRLpbktxMQ6Ki3D8ovftafH/aF1zbFNZUl0IK
tKtMf/tTjIPHsXnX4clxX+txlzvKH5+9FFbxx1g7RVqWmi+41Bz+0yzKG7frjQor
odY+mWC2oA7iKhyVBr92HvCqi1Estwn8AcXSbVfGgp+s7TBMhXIKILsetBN2FKuu
Lwp9rRyVlhmphHRVhiHi4ortTzA/znpz/3Hs/CjICIc8+H7DMQNTS7te0uhkq1RX
yvoo7/KphWDceA==
-----END CERTIFICATE-----