Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
File:                     K328XveedAIoXs2gg3ukvyGHYdw.mft (raw, json)
Hash identifier:          VF3itrORqVObVb0KkDATSjWkCutecBw6ADlgKZ43brM=
Subject key identifier:   B6:3A:F4:CD:B6:A3:1E:EA:C9:90:25:C4:22:DA:57:50:67:FC:66:58
Authority key identifier: 2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC
Certificate issuer:       /CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc
Certificate serial:       019686C8EEE636282C82C18AD8ECC932B16D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
Manifest number:          0D2D
Signing time:             Wed 30 Apr 2025 13:00:37 +0000
Manifest this update:     Wed 30 Apr 2025 13:00:37 +0000
Manifest next update:     Thu 01 May 2025 13:00:37 +0000
Files and hashes:         1: K328XveedAIoXs2gg3ukvyGHYdw.crl (hash: WYz7pG+pIl5lhkyZCr1RIk2ZevH+MZ08k4sqOpxkYpc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 13:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:86:c8:ee:e6:36:28:2c:82:c1:8a:d8:ec:c9:32:b1:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc
        Validity
            Not Before: Apr 30 13:00:37 2025 GMT
            Not After : May  1 13:00:37 2025 GMT
        Subject: CN=b63af4cdb6a31eeac99025c422da575067fc6658
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:b8:6f:84:60:49:b9:c6:9e:94:6c:dc:f9:e7:
                    c7:7e:03:c5:a1:2e:05:d1:5f:db:0b:8b:c3:80:02:
                    b7:ff:e9:b5:66:86:22:4c:25:86:95:01:82:f2:07:
                    f4:9f:5f:79:76:23:a7:90:b2:40:6a:ac:33:cb:0e:
                    70:bb:39:f6:aa:93:68:c2:e8:0d:1b:f6:45:dc:8c:
                    2d:c6:e7:1c:38:96:5e:bf:95:18:d0:49:95:78:b0:
                    e7:07:9a:3d:88:6d:76:ab:89:ab:d6:59:5a:99:1b:
                    31:c9:ab:9c:52:c2:08:68:ba:5e:95:04:4c:56:4a:
                    6a:1b:fa:b2:69:08:ba:c2:7b:aa:d7:cb:33:fe:6b:
                    88:e8:6b:bb:41:a0:81:28:1b:3f:35:08:02:dd:db:
                    51:77:dd:8d:b5:48:b6:68:ba:d6:4f:15:dc:31:66:
                    01:82:2f:53:86:19:2b:b7:30:2a:6a:6d:b1:db:1b:
                    09:d4:9c:96:99:67:32:1c:2b:0a:80:a5:ae:9d:c6:
                    66:08:bb:44:2c:de:d1:63:7f:d1:25:0c:1c:97:5c:
                    bb:b4:3a:a4:bf:f4:af:9d:a5:1d:ce:05:97:c6:07:
                    af:60:a0:68:da:c5:d1:e8:fd:da:94:03:1a:98:39:
                    5e:a7:fc:7b:77:7a:0d:51:7b:02:44:a6:6f:04:a1:
                    a0:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:3A:F4:CD:B6:A3:1E:EA:C9:90:25:C4:22:DA:57:50:67:FC:66:58
            X509v3 Authority Key Identifier:
                keyid:2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:9c:ba:9a:5f:34:89:cf:78:99:3d:bc:76:ed:5b:a1:b2:9a:
         57:97:f4:7d:e1:b4:a8:01:b8:27:a5:b1:af:43:de:cd:58:a4:
         a8:7f:3e:6c:88:83:21:01:f0:2e:a4:a0:d4:e3:43:a3:00:82:
         12:ba:9d:3d:02:d6:75:09:68:8d:3d:c4:72:44:4b:c5:2a:e3:
         f4:a4:44:52:6f:5a:ce:9a:f5:fa:0d:e1:28:94:d0:c8:c9:a0:
         03:11:5c:e2:eb:3d:e9:b4:f9:5e:3f:c4:a1:a4:21:34:93:84:
         a9:4f:5c:11:19:46:de:0a:6d:02:3b:d1:ff:f8:09:6b:b7:a1:
         7e:54:02:ad:1e:3c:0f:d7:db:93:07:e2:82:24:21:00:d6:8c:
         56:76:8f:4d:7d:9f:c9:1b:3d:e5:48:9f:51:aa:38:88:4f:d3:
         5c:72:c0:09:0a:cf:8c:a5:b3:7b:4d:b3:b0:11:8e:80:7c:87:
         6a:8b:18:c7:0a:52:3d:1c:a6:26:f2:5c:34:5f:ee:e8:af:ec:
         ec:5c:af:9a:50:cf:53:53:57:9b:f1:98:e6:6e:64:8d:81:44:
         6d:9d:a6:ac:2a:13:71:2a:84:fb:48:44:96:4b:5e:8b:5d:3e:
         1e:e4:11:a1:c8:41:8d:da:1b:45:89:5d:02:ea:b7:1e:54:f7:
         b0:c5:5f:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaGyO7mNigsgsGK2OzJMrFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiN2RiYzVlZjc5ZTc0MDIyODVlY2RhMDgzN2JhNGJmMjE4
NzYxZGMwHhcNMjUwNDMwMTMwMDM3WhcNMjUwNTAxMTMwMDM3WjAzMTEwLwYDVQQD
EyhiNjNhZjRjZGI2YTMxZWVhYzk5MDI1YzQyMmRhNTc1MDY3ZmM2NjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobhvhGBJucaelGzc+efHfgPFoS4F
0V/bC4vDgAK3/+m1ZoYiTCWGlQGC8gf0n195diOnkLJAaqwzyw5wuzn2qpNowugN
G/ZF3IwtxuccOJZev5UY0EmVeLDnB5o9iG12q4mr1llamRsxyaucUsIIaLpelQRM
VkpqG/qyaQi6wnuq18sz/muI6Gu7QaCBKBs/NQgC3dtRd92NtUi2aLrWTxXcMWYB
gi9ThhkrtzAqam2x2xsJ1JyWmWcyHCsKgKWuncZmCLtELN7RY3/RJQwcl1y7tDqk
v/SvnaUdzgWXxgevYKBo2sXR6P3alAMamDlep/x7d3oNUXsCRKZvBKGgYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLY69M22ox7qyZAlxCLaV1Bn/GZYMB8GA1UdIwQY
MBaAFCt9vF73nnQCKF7NoIN7pL8hh2HcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEt
MjRkMGU2MmY3OWMwLzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEtMjRkMGU2MmY3OWMw
LzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOZy6ml80
ic94mT28du1bobKaV5f0feG0qAG4J6Wxr0PezVikqH8+bIiDIQHwLqSg1ONDowCC
ErqdPQLWdQlojT3EckRLxSrj9KREUm9azpr1+g3hKJTQyMmgAxFc4us96bT5Xj/E
oaQhNJOEqU9cERlG3gptAjvR//gJa7ehflQCrR48D9fbkwfigiQhANaMVnaPTX2f
yRs95UifUao4iE/TXHLACQrPjKWze02zsBGOgHyHaosYxwpSPRymJvJcNF/u6K/s
7FyvmlDPU1NXm/GY5m5kjYFEbZ2mrCoTcSqE+0hElktei10+HuQRochBjdobRYld
Auq3HlT3sMVf6g==
-----END CERTIFICATE-----