Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft
File:                     d7AlLypnrNQplw-mSmQXd29y2NY.mft (raw, json)
Hash identifier:          IhAbk+mmbWOql+115sD7SncF5c0d9CYDXpfjyEgv2VU=
Subject key identifier:   91:07:1F:9E:84:60:54:7E:AF:BB:B1:3D:35:84:52:6A:DB:5E:68:14
Authority key identifier: 77:B0:25:2F:2A:67:AC:D4:29:97:0F:A6:4A:64:17:77:6F:72:D8:D6
Certificate issuer:       /CN=77b0252f2a67acd429970fa64a6417776f72d8d6
Certificate serial:       01974742BAF6009B813058A20A28B5DC5079
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft
Manifest number:          0457
Signing time:             Fri 06 Jun 2025 22:00:44 +0000
Manifest this update:     Fri 06 Jun 2025 22:00:44 +0000
Manifest next update:     Sat 07 Jun 2025 22:00:44 +0000
Files and hashes:         1: d7AlLypnrNQplw-mSmQXd29y2NY.crl (hash: bUJKsJ0ikdIyA9c8D5IzKponvxutHyBdPrY9SGa9kJQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:42:ba:f6:00:9b:81:30:58:a2:0a:28:b5:dc:50:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77b0252f2a67acd429970fa64a6417776f72d8d6
        Validity
            Not Before: Jun  6 22:00:44 2025 GMT
            Not After : Jun  7 22:00:44 2025 GMT
        Subject: CN=91071f9e8460547eafbbb13d3584526adb5e6814
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:23:c7:e7:22:55:f5:67:51:4b:70:b3:3d:44:
                    0f:9a:a1:bc:ff:b5:97:83:95:a6:76:35:7d:73:a0:
                    ba:17:1d:be:4d:f7:af:58:b9:55:d4:bb:86:86:84:
                    22:c4:f3:b3:32:a8:21:9f:43:4c:22:2b:6d:84:bd:
                    4f:4b:a9:35:41:0c:5c:96:e7:64:95:4a:c1:76:70:
                    3d:0b:34:4a:51:16:46:a3:78:85:74:c9:4a:18:10:
                    cc:19:f8:4d:dd:f0:ac:90:e9:92:ca:66:bb:a5:74:
                    1c:ba:5c:23:ad:af:5f:f3:28:0a:04:7e:79:be:6d:
                    66:e2:5a:13:f7:5f:b1:6a:07:ac:8a:b4:80:34:db:
                    ed:20:d6:67:fe:6e:90:16:0d:d2:80:36:5f:c1:dc:
                    10:86:79:43:72:1f:4f:b6:2a:ca:48:cc:38:83:87:
                    0f:4a:46:a1:5a:11:17:17:b4:10:38:55:26:9b:eb:
                    fb:56:b4:3c:53:05:91:8a:45:f3:be:50:72:72:75:
                    8e:69:73:58:6f:c0:41:41:47:19:15:eb:9a:f8:f6:
                    4b:5d:c7:72:4a:6d:b6:12:28:a1:73:0c:a0:3c:e3:
                    a2:38:dc:08:45:ed:52:de:cd:86:f5:6e:0d:41:52:
                    b5:74:cc:26:78:0b:3f:23:3b:44:6b:db:06:c6:91:
                    96:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:07:1F:9E:84:60:54:7E:AF:BB:B1:3D:35:84:52:6A:DB:5E:68:14
            X509v3 Authority Key Identifier:
                keyid:77:B0:25:2F:2A:67:AC:D4:29:97:0F:A6:4A:64:17:77:6F:72:D8:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:c2:a2:1e:6e:9f:2c:05:51:d8:31:17:6d:cd:48:8e:03:3f:
         e5:18:a6:42:62:cf:a1:db:26:47:24:0b:65:1f:d4:9b:77:20:
         03:b1:ec:5d:4e:f1:d5:c2:15:ac:e0:fe:5f:eb:d9:e5:36:05:
         4f:3f:3e:be:4a:34:c8:9d:52:29:aa:da:96:19:34:75:2f:ba:
         29:c0:9b:7e:2d:f2:a6:14:4b:a7:70:f9:17:36:6e:08:70:1b:
         97:f9:5a:1d:25:31:45:ab:ac:d9:5d:8b:9c:78:15:4a:97:0e:
         93:2c:32:27:43:c0:0b:62:9a:69:d2:c4:53:69:fa:e6:1c:2a:
         c6:ec:c0:0b:31:b5:ea:ec:8b:86:99:58:8f:eb:d5:3f:b5:c4:
         b3:ca:7b:f8:d4:be:78:9f:0b:9c:80:9c:83:86:66:62:51:a4:
         04:04:e0:bc:61:ec:63:f7:17:16:f5:10:05:18:4d:7b:a4:eb:
         dc:a8:9c:b4:2b:04:f0:3f:24:ee:03:a2:ad:2d:1e:7b:7a:0d:
         d2:d7:44:2c:d7:72:82:67:e4:3d:7e:09:d1:7d:d9:ec:6e:11:
         f6:21:dd:64:df:8f:78:39:70:e0:a4:e5:31:0e:41:4d:9e:7b:
         fd:34:65:1b:b9:de:c0:be:f6:75:ea:6e:90:25:db:5d:a1:f9:
         8d:0f:0b:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHQrr2AJuBMFiiCii13FB5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjAyNTJmMmE2N2FjZDQyOTk3MGZhNjRhNjQxNzc3NmY3
MmQ4ZDYwHhcNMjUwNjA2MjIwMDQ0WhcNMjUwNjA3MjIwMDQ0WjAzMTEwLwYDVQQD
Eyg5MTA3MWY5ZTg0NjA1NDdlYWZiYmIxM2QzNTg0NTI2YWRiNWU2ODE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSPH5yJV9WdRS3CzPUQPmqG8/7WX
g5WmdjV9c6C6Fx2+TfevWLlV1LuGhoQixPOzMqghn0NMIitthL1PS6k1QQxcludk
lUrBdnA9CzRKURZGo3iFdMlKGBDMGfhN3fCskOmSyma7pXQculwjra9f8ygKBH55
vm1m4loT91+xagesirSANNvtINZn/m6QFg3SgDZfwdwQhnlDch9PtirKSMw4g4cP
SkahWhEXF7QQOFUmm+v7VrQ8UwWRikXzvlBycnWOaXNYb8BBQUcZFeua+PZLXcdy
Sm22EiihcwygPOOiONwIRe1S3s2G9W4NQVK1dMwmeAs/IztEa9sGxpGWyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJEHH56EYFR+r7uxPTWEUmrbXmgUMB8GA1UdIwQY
MBaAFHewJS8qZ6zUKZcPpkpkF3dvctjWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yOTZlOTQtOTI5Ni00MmU1LWE0YjQt
OTk2YzUyOWVjOTg2LzEvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yOTZlOTQtOTI5Ni00MmU1LWE0YjQtOTk2YzUyOWVjOTg2
LzEvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALcKiHm6f
LAVR2DEXbc1IjgM/5RimQmLPodsmRyQLZR/Um3cgA7HsXU7x1cIVrOD+X+vZ5TYF
Tz8+vko0yJ1SKaralhk0dS+6KcCbfi3yphRLp3D5FzZuCHAbl/laHSUxRaus2V2L
nHgVSpcOkywyJ0PAC2KaadLEU2n65hwqxuzACzG16uyLhplYj+vVP7XEs8p7+NS+
eJ8LnICcg4ZmYlGkBATgvGHsY/cXFvUQBRhNe6Tr3KictCsE8D8k7gOirS0ee3oN
0tdELNdygmfkPX4J0X3Z7G4R9iHdZN+PeDlw4KTlMQ5BTZ57/TRlG7newL72depu
kCXbXaH5jQ8Lfw==
-----END CERTIFICATE-----