Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft
File:                     d7AlLypnrNQplw-mSmQXd29y2NY.mft (raw, json)
Hash identifier:          9am8ldQzDSh3gJElWTvGJIcVUQHFRp7xKpAvitxARNY=
Subject key identifier:   3E:61:43:F0:B3:3D:D6:18:AE:71:CF:3B:3C:26:47:A7:61:8F:F8:09
Authority key identifier: 77:B0:25:2F:2A:67:AC:D4:29:97:0F:A6:4A:64:17:77:6F:72:D8:D6
Certificate issuer:       /CN=77b0252f2a67acd429970fa64a6417776f72d8d6
Certificate serial:       01964E22E1105E6CC151D87965E9130E9828
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft
Manifest number:          03D6
Signing time:             Sat 19 Apr 2025 13:00:30 +0000
Manifest this update:     Sat 19 Apr 2025 13:00:30 +0000
Manifest next update:     Sun 20 Apr 2025 13:00:30 +0000
Files and hashes:         1: d7AlLypnrNQplw-mSmQXd29y2NY.crl (hash: BXrnPPGldoEPPctfBzOD2pjmONPILb4AJfnN0HmN/NQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4e:22:e1:10:5e:6c:c1:51:d8:79:65:e9:13:0e:98:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77b0252f2a67acd429970fa64a6417776f72d8d6
        Validity
            Not Before: Apr 19 13:00:30 2025 GMT
            Not After : Apr 20 13:00:30 2025 GMT
        Subject: CN=3e6143f0b33dd618ae71cf3b3c2647a7618ff809
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:2d:ac:2b:74:37:f3:ff:8b:0b:d3:e4:61:a4:
                    6e:18:56:38:f5:c5:ed:3d:48:14:39:86:70:43:65:
                    0a:f8:63:58:a7:01:e6:32:6d:5e:cb:47:20:9b:11:
                    5e:6b:ef:26:61:8e:e3:90:8a:57:89:10:99:6b:03:
                    e0:41:4f:e8:87:af:ce:cc:ce:10:2b:53:e2:73:88:
                    26:66:86:19:3a:82:29:bd:7e:34:6e:da:eb:c4:af:
                    a2:fa:86:ce:15:3d:44:c3:e9:d7:51:0b:61:a2:3f:
                    4b:d4:63:78:dc:77:b6:b6:41:d6:48:0c:62:00:50:
                    b6:6a:ba:94:8f:be:76:88:bb:08:08:55:49:04:63:
                    ae:01:01:dc:43:56:59:90:88:5c:af:11:f4:25:f2:
                    ff:0d:07:9b:ee:f6:ee:c3:66:d0:60:af:3e:7d:24:
                    f9:25:84:b9:de:17:9a:bf:35:fb:45:80:57:5e:07:
                    ab:54:ce:de:a6:7c:03:3d:8b:13:ae:db:b9:f5:c8:
                    ba:de:76:91:89:34:d3:3a:18:d0:37:51:0b:ea:ef:
                    44:71:3c:47:d4:95:52:f7:e1:b9:35:48:42:f8:6e:
                    d1:2a:b2:aa:fa:4d:d3:30:49:19:f8:a2:cd:30:2c:
                    7c:4f:19:53:6e:82:e3:e0:a3:9a:6f:04:4f:41:7f:
                    89:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:61:43:F0:B3:3D:D6:18:AE:71:CF:3B:3C:26:47:A7:61:8F:F8:09
            X509v3 Authority Key Identifier:
                keyid:77:B0:25:2F:2A:67:AC:D4:29:97:0F:A6:4A:64:17:77:6F:72:D8:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:4c:59:85:10:48:cf:e6:cc:f8:8b:53:64:10:e5:b0:eb:c7:
         7b:ac:76:79:b6:c3:6f:55:ce:c3:98:7e:88:0f:99:9e:0d:b6:
         4c:fb:25:0d:5b:a4:9a:73:aa:8e:fd:80:8a:d2:b3:37:52:f9:
         2f:10:69:a9:71:e9:11:03:fc:0c:d3:50:d8:05:87:1f:57:02:
         e3:27:20:2b:ab:7f:77:68:53:74:d6:3d:cb:14:92:83:ba:24:
         be:82:03:ce:95:1d:d8:38:08:a0:ce:07:2e:5d:9e:7a:89:dc:
         cc:34:1a:85:00:1c:20:b5:6d:a4:02:7e:87:d5:c0:bb:5c:94:
         52:7f:f7:b2:6d:49:57:1d:b0:76:0d:4b:39:95:14:ba:9b:26:
         5c:2c:e9:96:43:59:ea:17:e1:c5:c1:07:e5:83:0f:bc:c9:10:
         a0:b6:a2:39:ac:0d:f5:26:62:be:74:ab:17:4e:08:d0:9e:04:
         6c:6a:e4:7c:a5:26:89:31:4a:54:b3:40:8b:25:eb:48:25:d2:
         f9:8a:de:f9:8f:5a:c6:f6:28:c3:2d:96:b2:c1:22:ad:2f:43:
         25:4e:74:d8:22:65:c7:29:cd:f8:26:b0:0c:e2:b4:32:0d:04:
         00:4d:59:3b:cb:3f:e1:8e:5c:51:f1:5b:33:85:b9:ce:77:13:
         78:4b:a0:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZOIuEQXmzBUdh5ZekTDpgoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjAyNTJmMmE2N2FjZDQyOTk3MGZhNjRhNjQxNzc3NmY3
MmQ4ZDYwHhcNMjUwNDE5MTMwMDMwWhcNMjUwNDIwMTMwMDMwWjAzMTEwLwYDVQQD
EygzZTYxNDNmMGIzM2RkNjE4YWU3MWNmM2IzYzI2NDdhNzYxOGZmODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwS2sK3Q38/+LC9PkYaRuGFY49cXt
PUgUOYZwQ2UK+GNYpwHmMm1ey0cgmxFea+8mYY7jkIpXiRCZawPgQU/oh6/OzM4Q
K1Pic4gmZoYZOoIpvX40btrrxK+i+obOFT1Ew+nXUQthoj9L1GN43He2tkHWSAxi
AFC2arqUj752iLsICFVJBGOuAQHcQ1ZZkIhcrxH0JfL/DQeb7vbuw2bQYK8+fST5
JYS53heavzX7RYBXXgerVM7epnwDPYsTrtu59ci63naRiTTTOhjQN1EL6u9EcTxH
1JVS9+G5NUhC+G7RKrKq+k3TMEkZ+KLNMCx8TxlTboLj4KOabwRPQX+JYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD5hQ/CzPdYYrnHPOzwmR6dhj/gJMB8GA1UdIwQY
MBaAFHewJS8qZ6zUKZcPpkpkF3dvctjWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yOTZlOTQtOTI5Ni00MmU1LWE0YjQt
OTk2YzUyOWVjOTg2LzEvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yOTZlOTQtOTI5Ni00MmU1LWE0YjQtOTk2YzUyOWVjOTg2
LzEvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyExZhRBI
z+bM+ItTZBDlsOvHe6x2ebbDb1XOw5h+iA+Zng22TPslDVukmnOqjv2AitKzN1L5
LxBpqXHpEQP8DNNQ2AWHH1cC4ycgK6t/d2hTdNY9yxSSg7okvoIDzpUd2DgIoM4H
Ll2eeonczDQahQAcILVtpAJ+h9XAu1yUUn/3sm1JVx2wdg1LOZUUupsmXCzplkNZ
6hfhxcEH5YMPvMkQoLaiOawN9SZivnSrF04I0J4EbGrkfKUmiTFKVLNAiyXrSCXS
+Yre+Y9axvYowy2WssEirS9DJU502CJlxynN+CawDOK0Mg0EAE1ZO8s/4Y5cUfFb
M4W5zncTeEugMQ==
-----END CERTIFICATE-----