Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
File:                     _D39VAG24EhxYrQuBDdnosKTGnc.mft (raw, json)
Hash identifier:          FRgU/7c2L6vYPW1WPrTYBB+5MpyDm8n5deKQmYk08ac=
Subject key identifier:   93:85:AA:7C:78:6A:BD:A5:F0:1E:12:88:16:E8:62:A5:6B:D3:0D:15
Authority key identifier: FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77
Certificate issuer:       /CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
Certificate serial:       01964D7DCB6DCCA23877053DB6BBB20FA20A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
Manifest number:          087C
Signing time:             Sat 19 Apr 2025 10:00:11 +0000
Manifest this update:     Sat 19 Apr 2025 10:00:11 +0000
Manifest next update:     Sun 20 Apr 2025 10:00:11 +0000
Files and hashes:         1: _D39VAG24EhxYrQuBDdnosKTGnc.crl (hash: IeYRgYme8884Fr7afqrfXJkcz4TqVq2dah3vZX86J3s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7d:cb:6d:cc:a2:38:77:05:3d:b6:bb:b2:0f:a2:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
        Validity
            Not Before: Apr 19 10:00:11 2025 GMT
            Not After : Apr 20 10:00:11 2025 GMT
        Subject: CN=9385aa7c786abda5f01e128816e862a56bd30d15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:bb:ec:63:82:f1:9c:e0:bd:9d:e7:6e:5b:40:
                    28:ce:96:3b:78:e8:93:17:6e:54:8e:97:ed:25:8d:
                    0d:8c:98:4d:14:b8:0b:6d:82:12:8e:8b:05:a0:9f:
                    01:88:52:14:60:77:fe:b5:4e:30:38:ac:0e:de:ac:
                    37:18:20:f0:7a:27:0a:a4:d4:79:9a:fa:3f:00:69:
                    3f:67:b0:15:bf:07:0f:c0:c3:b5:a2:d1:20:11:7e:
                    fb:ce:10:58:06:c8:55:6e:c8:16:59:d1:1b:67:01:
                    a8:ad:6f:b4:64:12:83:15:3c:fe:12:12:00:43:53:
                    54:a7:5c:86:89:30:86:f6:60:e8:9a:f5:d9:c0:62:
                    3a:e5:f1:88:c7:ad:d2:16:1c:8c:fd:26:46:35:e6:
                    e3:9a:a7:6e:9e:af:c9:0c:7f:ba:ab:67:94:26:a7:
                    ac:4d:4f:6e:f0:70:ad:a1:2c:60:d4:2f:1b:83:4e:
                    e1:21:78:55:be:c4:6a:3a:09:94:9d:43:d1:46:95:
                    4d:8d:54:62:fb:a4:d6:9a:87:a4:e8:72:71:67:d6:
                    52:1e:7a:ac:13:61:07:82:ae:d9:61:54:9f:38:f2:
                    02:d3:e7:44:30:79:9e:87:8f:81:06:7c:e0:6a:c1:
                    0a:72:70:f9:b4:34:d8:8f:37:88:c3:c3:18:ca:88:
                    ab:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:85:AA:7C:78:6A:BD:A5:F0:1E:12:88:16:E8:62:A5:6B:D3:0D:15
            X509v3 Authority Key Identifier:
                keyid:FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c5:e6:56:83:b0:4d:fa:09:e9:73:ab:b4:45:d2:12:c7:88:2e:
         91:e1:0d:2d:e0:76:94:78:3b:2c:7f:6e:9f:31:c5:74:fd:a6:
         63:e7:26:46:10:d4:32:07:70:20:4d:cf:f4:35:74:09:2e:e7:
         78:81:f2:21:7c:34:de:5e:41:23:c3:5e:4e:79:60:a4:b9:39:
         61:7c:4e:94:94:16:d9:f3:57:d8:86:5f:28:e1:48:49:7a:17:
         33:c1:76:31:3f:40:74:a4:8d:e7:9a:9f:fc:10:1a:1a:27:07:
         76:06:ce:f7:5f:cb:9c:13:4d:bd:4a:78:4a:d6:ec:d6:c4:e3:
         61:72:bc:c5:3e:e6:9e:2e:0e:e0:15:20:e1:81:65:2e:c9:a6:
         c3:73:0d:15:de:ca:63:46:14:6b:5b:95:38:45:0c:40:e9:56:
         db:85:b2:05:68:73:3a:c3:ab:fa:20:85:f1:46:4f:85:da:21:
         67:14:7a:c1:f1:93:30:04:9e:31:3a:e4:a8:78:5d:4f:a2:85:
         9a:53:b9:aa:0f:83:28:f5:88:1b:96:c0:bd:c2:85:d9:90:33:
         2c:59:dd:fc:75:ed:b5:d5:ee:5d:4e:d3:b0:35:86:7c:cd:19:
         b1:be:95:7b:1a:43:35:ca:b3:6d:08:41:d9:97:75:75:22:01:
         83:54:67:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfcttzKI4dwU9truyD6IKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2RmZDU0MDFiNmUwNDg3MTYyYjQyZTA0Mzc2N2EyYzI5
MzFhNzcwHhcNMjUwNDE5MTAwMDExWhcNMjUwNDIwMTAwMDExWjAzMTEwLwYDVQQD
Eyg5Mzg1YWE3Yzc4NmFiZGE1ZjAxZTEyODgxNmU4NjJhNTZiZDMwZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7vsY4LxnOC9neduW0AozpY7eOiT
F25UjpftJY0NjJhNFLgLbYISjosFoJ8BiFIUYHf+tU4wOKwO3qw3GCDweicKpNR5
mvo/AGk/Z7AVvwcPwMO1otEgEX77zhBYBshVbsgWWdEbZwGorW+0ZBKDFTz+EhIA
Q1NUp1yGiTCG9mDomvXZwGI65fGIx63SFhyM/SZGNebjmqdunq/JDH+6q2eUJqes
TU9u8HCtoSxg1C8bg07hIXhVvsRqOgmUnUPRRpVNjVRi+6TWmoek6HJxZ9ZSHnqs
E2EHgq7ZYVSfOPIC0+dEMHmeh4+BBnzgasEKcnD5tDTYjzeIw8MYyoirlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJOFqnx4ar2l8B4SiBboYqVr0w0VMB8GA1UdIwQY
MBaAFPw9/VQBtuBIcWK0LgQ3Z6LCkxp3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEt
ZGRhZGUzZDM0MWM3LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEtZGRhZGUzZDM0MWM3
LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxeZWg7BN
+gnpc6u0RdISx4gukeENLeB2lHg7LH9unzHFdP2mY+cmRhDUMgdwIE3P9DV0CS7n
eIHyIXw03l5BI8NeTnlgpLk5YXxOlJQW2fNX2IZfKOFISXoXM8F2MT9AdKSN55qf
/BAaGicHdgbO91/LnBNNvUp4Stbs1sTjYXK8xT7mni4O4BUg4YFlLsmmw3MNFd7K
Y0YUa1uVOEUMQOlW24WyBWhzOsOr+iCF8UZPhdohZxR6wfGTMASeMTrkqHhdT6KF
mlO5qg+DKPWIG5bAvcKF2ZAzLFnd/HXttdXuXU7TsDWGfM0Zsb6VexpDNcqzbQhB
2Zd1dSIBg1RnDQ==
-----END CERTIFICATE-----