Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/35aa48-3ed6-4b72-aa76-8cebc5d16489/1/7sI7DnggvD7NT4cI57mQ7daSDV0.mft
File:                     7sI7DnggvD7NT4cI57mQ7daSDV0.mft (raw, json)
Hash identifier:          Jy4mwIfTruHDXTKnCKrASZq5DJoqN4JWcEWWa6Xiz2Q=
Subject key identifier:   A5:BF:9A:2D:8D:8E:EC:60:7D:D1:28:D9:51:70:B5:4D:5A:52:21:89
Authority key identifier: EE:C2:3B:0E:78:20:BC:3E:CD:4F:87:08:E7:B9:90:ED:D6:92:0D:5D
Certificate issuer:       /CN=eec23b0e7820bc3ecd4f8708e7b990edd6920d5d
Certificate serial:       0196741E7003D163D576A4B6FF398F40584E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7sI7DnggvD7NT4cI57mQ7daSDV0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/35aa48-3ed6-4b72-aa76-8cebc5d16489/1/7sI7DnggvD7NT4cI57mQ7daSDV0.mft
Manifest number:          04D2
Signing time:             Sat 26 Apr 2025 22:01:13 +0000
Manifest this update:     Sat 26 Apr 2025 22:01:13 +0000
Manifest next update:     Sun 27 Apr 2025 22:01:13 +0000
Files and hashes:         1: 7sI7DnggvD7NT4cI57mQ7daSDV0.crl (hash: Awg4H+Zhmui0nsk0oB5w86H73XjFZCrRfkBYk90XCP4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/35aa48-3ed6-4b72-aa76-8cebc5d16489/1/7sI7DnggvD7NT4cI57mQ7daSDV0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/35aa48-3ed6-4b72-aa76-8cebc5d16489/1/7sI7DnggvD7NT4cI57mQ7daSDV0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7sI7DnggvD7NT4cI57mQ7daSDV0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 20:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:1e:70:03:d1:63:d5:76:a4:b6:ff:39:8f:40:58:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eec23b0e7820bc3ecd4f8708e7b990edd6920d5d
        Validity
            Not Before: Apr 26 22:01:13 2025 GMT
            Not After : Apr 27 22:01:13 2025 GMT
        Subject: CN=a5bf9a2d8d8eec607dd128d95170b54d5a522189
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:02:c9:f3:01:49:e1:90:43:0a:10:5c:1e:7c:
                    ab:34:fc:6c:bf:89:9d:96:07:13:19:6c:6f:c8:1d:
                    78:7d:dd:36:1d:fa:90:79:6b:2c:93:d7:78:bf:cb:
                    2f:d5:f7:a9:bc:03:28:7e:f6:0f:a2:10:41:63:43:
                    05:41:f7:72:1f:bb:40:52:d9:5f:a4:94:80:f7:60:
                    05:1b:e6:93:5d:c6:1e:44:7c:39:c0:1e:8f:d1:40:
                    f8:76:f0:f2:a0:d2:51:49:63:2b:1a:3a:99:61:3c:
                    c1:ab:a8:b7:20:02:04:8e:04:02:d9:8f:d9:30:29:
                    05:c9:e0:1e:3b:ea:f1:ee:4a:06:d1:4b:bc:0e:c7:
                    8d:4a:2a:25:1e:d6:71:13:d0:dc:f6:dd:55:1e:5d:
                    52:32:37:76:17:b7:1d:0b:e6:1e:09:42:f1:7f:38:
                    6d:0f:c2:7e:d8:29:47:c6:2f:25:e3:35:7d:47:86:
                    f0:02:ee:b0:9d:f4:ae:a2:2d:dd:a7:e2:60:fe:ac:
                    24:04:09:c2:a9:35:7d:0d:22:7c:21:d4:71:a9:f0:
                    e8:09:96:ec:78:94:37:6d:7b:c3:81:0d:a9:99:c3:
                    28:9d:ef:00:c7:8a:28:63:dc:8f:c8:d9:61:e7:64:
                    06:00:84:71:84:12:b6:a1:2f:0e:83:02:4e:d8:ab:
                    49:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:BF:9A:2D:8D:8E:EC:60:7D:D1:28:D9:51:70:B5:4D:5A:52:21:89
            X509v3 Authority Key Identifier:
                keyid:EE:C2:3B:0E:78:20:BC:3E:CD:4F:87:08:E7:B9:90:ED:D6:92:0D:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7sI7DnggvD7NT4cI57mQ7daSDV0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/35aa48-3ed6-4b72-aa76-8cebc5d16489/1/7sI7DnggvD7NT4cI57mQ7daSDV0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/35aa48-3ed6-4b72-aa76-8cebc5d16489/1/7sI7DnggvD7NT4cI57mQ7daSDV0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:0d:4a:37:ee:0f:da:03:81:41:77:a1:7f:68:6b:16:fc:12:
         b0:12:bd:89:96:8b:e8:36:04:38:6a:e9:ca:5a:1e:60:10:b9:
         72:f5:07:07:f9:6f:42:2f:a1:4e:5f:c9:eb:02:e7:c1:73:f3:
         75:2f:70:22:73:91:6b:e4:64:8a:c6:15:0f:dc:57:59:f9:06:
         39:a1:90:d3:aa:74:19:31:56:24:f2:a7:3e:58:58:c0:30:57:
         59:e1:2a:cd:d1:fc:ae:d4:32:93:ef:d0:66:73:35:2d:5b:81:
         38:da:85:40:97:a6:79:6a:b3:4b:17:35:e4:c4:1c:62:e2:1f:
         6c:b2:bb:fd:be:96:00:2e:a3:b5:90:68:fb:cf:eb:41:c2:69:
         a1:4c:16:33:74:c9:96:b1:0a:dd:36:e8:d5:70:b9:93:3a:7d:
         bd:1f:c4:d4:10:81:b4:53:27:81:4f:be:45:cf:9c:b0:1c:d8:
         96:e2:14:e6:aa:fb:65:89:64:4e:c1:82:d3:25:12:4e:c1:b2:
         9c:35:b7:f7:f3:45:30:c2:5a:e0:44:93:19:c3:c1:ef:dd:f5:
         f4:4d:b7:13:5c:42:02:87:27:12:ef:b0:de:f4:c3:98:7c:94:
         60:06:7d:63:b9:22:d3:11:de:34:82:57:c6:9a:25:3f:89:00:
         cb:7f:c9:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0HnAD0WPVdqS2/zmPQFhOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYzIzYjBlNzgyMGJjM2VjZDRmODcwOGU3Yjk5MGVkZDY5
MjBkNWQwHhcNMjUwNDI2MjIwMTEzWhcNMjUwNDI3MjIwMTEzWjAzMTEwLwYDVQQD
EyhhNWJmOWEyZDhkOGVlYzYwN2RkMTI4ZDk1MTcwYjU0ZDVhNTIyMTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwLJ8wFJ4ZBDChBcHnyrNPxsv4md
lgcTGWxvyB14fd02HfqQeWssk9d4v8sv1fepvAMofvYPohBBY0MFQfdyH7tAUtlf
pJSA92AFG+aTXcYeRHw5wB6P0UD4dvDyoNJRSWMrGjqZYTzBq6i3IAIEjgQC2Y/Z
MCkFyeAeO+rx7koG0Uu8DseNSiolHtZxE9Dc9t1VHl1SMjd2F7cdC+YeCULxfzht
D8J+2ClHxi8l4zV9R4bwAu6wnfSuoi3dp+Jg/qwkBAnCqTV9DSJ8IdRxqfDoCZbs
eJQ3bXvDgQ2pmcMone8Ax4ooY9yPyNlh52QGAIRxhBK2oS8OgwJO2KtJEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKW/mi2NjuxgfdEo2VFwtU1aUiGJMB8GA1UdIwQY
MBaAFO7COw54ILw+zU+HCOe5kO3Wkg1dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3NJN0RuZ2d2RDdOVDRjSTU3bVE3ZGFTRFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zNWFhNDgtM2VkNi00YjcyLWFhNzYt
OGNlYmM1ZDE2NDg5LzEvN3NJN0RuZ2d2RDdOVDRjSTU3bVE3ZGFTRFYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zNWFhNDgtM2VkNi00YjcyLWFhNzYtOGNlYmM1ZDE2NDg5
LzEvN3NJN0RuZ2d2RDdOVDRjSTU3bVE3ZGFTRFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADw1KN+4P
2gOBQXehf2hrFvwSsBK9iZaL6DYEOGrpyloeYBC5cvUHB/lvQi+hTl/J6wLnwXPz
dS9wInORa+RkisYVD9xXWfkGOaGQ06p0GTFWJPKnPlhYwDBXWeEqzdH8rtQyk+/Q
ZnM1LVuBONqFQJemeWqzSxc15MQcYuIfbLK7/b6WAC6jtZBo+8/rQcJpoUwWM3TJ
lrEK3Tbo1XC5kzp9vR/E1BCBtFMngU++Rc+csBzYluIU5qr7ZYlkTsGC0yUSTsGy
nDW39/NFMMJa4ESTGcPB79319E23E1xCAocnEu+w3vTDmHyUYAZ9Y7ki0xHeNIJX
xpolP4kAy3/J0A==
-----END CERTIFICATE-----