Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft
File:                     76psy3hXNGAC5rvEmPiLnobfGAY.mft (raw, json)
Hash identifier:          c6x7sDXGryy+JHMw6Ak7naLGidgT0eCzXtwXV9pVLFE=
Subject key identifier:   A3:8C:6D:3A:EB:E1:A5:8A:8A:1C:FC:0B:54:80:8F:FF:72:E0:0F:8B
Authority key identifier: EF:AA:6C:CB:78:57:34:60:02:E6:BB:C4:98:F8:8B:9E:86:DF:18:06
Certificate issuer:       /CN=efaa6ccb7857346002e6bbc498f88b9e86df1806
Certificate serial:       01967A1FA829FE091A35ED64DDC2ED1C7E21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/76psy3hXNGAC5rvEmPiLnobfGAY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft
Manifest number:          02D3
Signing time:             Mon 28 Apr 2025 02:00:17 +0000
Manifest this update:     Mon 28 Apr 2025 02:00:17 +0000
Manifest next update:     Tue 29 Apr 2025 02:00:17 +0000
Files and hashes:         1: 76psy3hXNGAC5rvEmPiLnobfGAY.crl (hash: I2HLW4Hu0MNtwRIg7y7rGyuX59m8Up0V1RVKExA7Ct8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/76psy3hXNGAC5rvEmPiLnobfGAY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7a:1f:a8:29:fe:09:1a:35:ed:64:dd:c2:ed:1c:7e:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=efaa6ccb7857346002e6bbc498f88b9e86df1806
        Validity
            Not Before: Apr 28 02:00:17 2025 GMT
            Not After : Apr 29 02:00:17 2025 GMT
        Subject: CN=a38c6d3aebe1a58a8a1cfc0b54808fff72e00f8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:a4:36:bb:8c:f9:37:04:6c:34:3e:e8:bd:17:
                    68:76:76:82:12:43:30:ae:ac:a0:b7:32:f7:2c:93:
                    20:d7:d7:24:77:e9:de:3c:59:73:2c:c9:73:f2:1f:
                    e1:76:17:fa:8d:1e:c2:9e:d5:d3:7e:42:2e:59:15:
                    e4:9f:bf:db:1e:cb:0c:5b:fa:92:61:a7:83:5b:6c:
                    f1:f8:29:b3:49:1d:18:b2:70:98:8a:b9:23:af:d2:
                    99:28:03:10:c7:47:6c:a2:ab:b2:c4:8b:91:6a:ac:
                    e5:ca:ce:98:4d:92:ff:da:23:9e:cb:2c:07:45:81:
                    de:4a:e5:2b:b2:30:6a:18:c4:14:fe:f4:e9:db:78:
                    45:98:da:3b:6b:c9:01:11:08:9a:a0:f3:bb:83:9d:
                    43:0c:f5:6b:7a:de:68:b5:04:9b:d4:e8:bf:13:cd:
                    68:03:26:46:20:6f:59:20:31:38:ce:8e:67:31:01:
                    ce:f9:ed:0d:78:f2:b9:e1:eb:ab:3d:2c:6e:d3:be:
                    9e:13:77:de:90:8d:59:74:05:3d:4c:3b:0f:72:d6:
                    2c:9c:65:b8:d6:34:17:f5:35:f5:1f:ce:74:d9:fd:
                    d0:17:4f:78:fb:7d:be:a8:20:d7:6e:d5:d9:e0:62:
                    65:dc:67:30:06:5d:c0:b2:0d:85:61:c9:f8:0e:b7:
                    36:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:8C:6D:3A:EB:E1:A5:8A:8A:1C:FC:0B:54:80:8F:FF:72:E0:0F:8B
            X509v3 Authority Key Identifier:
                keyid:EF:AA:6C:CB:78:57:34:60:02:E6:BB:C4:98:F8:8B:9E:86:DF:18:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76psy3hXNGAC5rvEmPiLnobfGAY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:12:22:6f:e9:a6:dd:5d:2a:16:42:97:80:17:ab:d7:b6:da:
         d6:b6:59:f0:d3:e4:62:b0:6b:bc:5d:ab:a9:58:65:08:d2:83:
         61:11:09:ce:6e:a0:ac:55:44:a4:d8:b6:65:c7:5b:6e:d0:60:
         98:92:d6:78:dd:f6:ea:0a:41:ef:db:59:01:aa:a8:c4:14:a0:
         6d:2d:a6:64:01:9a:bb:24:b9:20:8d:2c:71:17:c6:a5:38:ae:
         3e:3b:90:a5:44:c2:f7:65:c9:99:f6:c4:23:7b:52:82:de:97:
         df:46:3a:f0:69:53:06:ab:eb:76:6c:b9:c8:bc:c2:bd:f9:e5:
         0e:42:e4:16:0d:2e:86:17:84:89:b9:b7:b5:18:ec:3f:89:ee:
         43:2a:34:b7:d2:3c:3d:ce:9b:0f:1f:67:7b:d3:a6:3b:a3:8e:
         78:09:50:42:97:8f:4a:f8:d6:f9:d2:ca:bd:19:12:72:46:d6:
         3f:0c:c5:03:ad:30:7c:de:04:a7:74:48:84:56:14:0e:5e:27:
         95:59:32:d0:4e:aa:b2:49:0f:59:9f:24:ed:7c:14:a7:2f:63:
         60:58:df:bc:e6:c4:2d:05:05:cd:81:0c:7a:76:e0:31:8c:42:
         76:30:2c:d7:fe:fb:eb:ca:3d:bd:77:dc:30:b7:62:a0:28:54:
         7a:e1:b8:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ6H6gp/gkaNe1k3cLtHH4hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYWE2Y2NiNzg1NzM0NjAwMmU2YmJjNDk4Zjg4YjllODZk
ZjE4MDYwHhcNMjUwNDI4MDIwMDE3WhcNMjUwNDI5MDIwMDE3WjAzMTEwLwYDVQQD
EyhhMzhjNmQzYWViZTFhNThhOGExY2ZjMGI1NDgwOGZmZjcyZTAwZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKQ2u4z5NwRsND7ovRdodnaCEkMw
rqygtzL3LJMg19ckd+nePFlzLMlz8h/hdhf6jR7CntXTfkIuWRXkn7/bHssMW/qS
YaeDW2zx+CmzSR0YsnCYirkjr9KZKAMQx0dsoquyxIuRaqzlys6YTZL/2iOeyywH
RYHeSuUrsjBqGMQU/vTp23hFmNo7a8kBEQiaoPO7g51DDPVret5otQSb1Oi/E81o
AyZGIG9ZIDE4zo5nMQHO+e0NePK54eurPSxu076eE3fekI1ZdAU9TDsPctYsnGW4
1jQX9TX1H8502f3QF094+32+qCDXbtXZ4GJl3GcwBl3Asg2FYcn4Drc2YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKOMbTrr4aWKihz8C1SAj/9y4A+LMB8GA1UdIwQY
MBaAFO+qbMt4VzRgAua7xJj4i56G3xgGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZwc3kzaFhOR0FDNXJ2RW1QaUxub2JmR0FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9hYTk2MTQtZjZkNy00YzMzLWI5NGIt
ZDgyMGY2NWNlZDgxLzEvNzZwc3kzaFhOR0FDNXJ2RW1QaUxub2JmR0FZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9hYTk2MTQtZjZkNy00YzMzLWI5NGItZDgyMGY2NWNlZDgx
LzEvNzZwc3kzaFhOR0FDNXJ2RW1QaUxub2JmR0FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYxIib+mm
3V0qFkKXgBer17ba1rZZ8NPkYrBrvF2rqVhlCNKDYREJzm6grFVEpNi2ZcdbbtBg
mJLWeN326gpB79tZAaqoxBSgbS2mZAGauyS5II0scRfGpTiuPjuQpUTC92XJmfbE
I3tSgt6X30Y68GlTBqvrdmy5yLzCvfnlDkLkFg0uhheEibm3tRjsP4nuQyo0t9I8
Pc6bDx9ne9OmO6OOeAlQQpePSvjW+dLKvRkSckbWPwzFA60wfN4Ep3RIhFYUDl4n
lVky0E6qskkPWZ8k7XwUpy9jYFjfvObELQUFzYEMenbgMYxCdjAs1/7768o9vXfc
MLdioChUeuG48w==
-----END CERTIFICATE-----