Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft
File:                     76psy3hXNGAC5rvEmPiLnobfGAY.mft (raw, json)
Hash identifier:          EW5eWHW5yRo3QYlV2wa8GqgUOQqnwzW+Yn7P6Qy4smY=
Subject key identifier:   2F:B6:E3:D6:E3:F5:79:EA:1B:76:A2:E5:E4:D8:06:3B:52:D9:3A:04
Authority key identifier: EF:AA:6C:CB:78:57:34:60:02:E6:BB:C4:98:F8:8B:9E:86:DF:18:06
Certificate issuer:       /CN=efaa6ccb7857346002e6bbc498f88b9e86df1806
Certificate serial:       019771516A451D5362B50414DA287BD83D55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/76psy3hXNGAC5rvEmPiLnobfGAY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft
Manifest number:          0353
Signing time:             Sun 15 Jun 2025 02:00:50 +0000
Manifest this update:     Sun 15 Jun 2025 02:00:50 +0000
Manifest next update:     Mon 16 Jun 2025 02:00:50 +0000
Files and hashes:         1: 76psy3hXNGAC5rvEmPiLnobfGAY.crl (hash: /jmYvnakrh9FxPz0GRgUBt8mgVNbTqptN5+O6WGlo4c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/76psy3hXNGAC5rvEmPiLnobfGAY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 22:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:51:6a:45:1d:53:62:b5:04:14:da:28:7b:d8:3d:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=efaa6ccb7857346002e6bbc498f88b9e86df1806
        Validity
            Not Before: Jun 15 02:00:50 2025 GMT
            Not After : Jun 16 02:00:50 2025 GMT
        Subject: CN=2fb6e3d6e3f579ea1b76a2e5e4d8063b52d93a04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:2d:74:a2:a1:cf:53:18:44:0f:b8:ea:c6:ee:
                    8f:36:a5:f9:3b:d6:86:91:f4:3b:19:d5:2d:7a:70:
                    f4:e3:f5:38:98:ed:79:a4:d6:c1:82:cc:60:b9:f3:
                    7b:1b:00:2a:42:60:4f:09:99:31:95:a5:f6:e2:5e:
                    9f:38:65:64:a9:de:1d:2f:1c:cb:e0:cf:78:ad:8d:
                    90:8f:79:a6:c9:31:7a:e0:77:95:56:e8:7e:49:e8:
                    d4:16:9e:12:e6:06:73:89:60:9a:6f:a3:3a:ab:e5:
                    15:ca:55:18:9a:fa:e3:7a:29:66:ce:13:aa:1f:dc:
                    9b:be:08:5f:3f:05:0c:1d:71:bb:07:d8:46:5b:c1:
                    01:45:98:e7:44:53:2b:b7:89:db:82:6c:6d:d6:5c:
                    d6:ee:09:3c:53:d0:52:e0:60:31:3a:6e:9e:83:75:
                    1e:d3:d9:9e:3c:85:39:9b:b6:e9:87:d1:7a:16:c2:
                    02:8f:93:0c:1b:bf:84:db:aa:6a:7c:cf:6a:07:5d:
                    83:e1:9c:ef:e2:ba:8b:c8:85:01:c4:80:03:55:fe:
                    13:b8:bb:2e:3e:0d:c5:b7:cc:ed:f3:a4:b2:8e:67:
                    95:81:fb:ff:b6:e7:1e:78:85:84:b1:11:ba:19:24:
                    2b:68:45:02:bd:a7:dd:b3:ad:97:ad:4b:a8:11:87:
                    94:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:B6:E3:D6:E3:F5:79:EA:1B:76:A2:E5:E4:D8:06:3B:52:D9:3A:04
            X509v3 Authority Key Identifier:
                keyid:EF:AA:6C:CB:78:57:34:60:02:E6:BB:C4:98:F8:8B:9E:86:DF:18:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76psy3hXNGAC5rvEmPiLnobfGAY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:c0:4d:87:ba:87:19:e6:dd:e3:49:94:56:21:a5:b3:0b:ab:
         9c:12:58:66:07:dd:c7:3c:68:80:df:84:76:65:d7:60:d7:be:
         f4:7c:e8:77:77:6b:82:2b:fd:6f:2c:01:21:f1:a9:9c:22:33:
         69:a5:c3:d1:d3:27:a5:54:1d:25:0f:3a:93:95:3f:77:26:56:
         4e:56:0e:aa:4f:1f:64:a9:28:d0:10:28:1e:43:8a:f0:49:74:
         17:64:86:a6:85:d9:ff:91:90:2e:12:74:96:cc:29:71:ed:97:
         0b:b1:ab:ba:09:46:d0:07:39:bd:42:03:f2:6c:7b:77:53:cd:
         fa:0d:3f:5d:9c:1c:12:35:66:c9:ab:7d:04:ed:fe:95:5e:f7:
         15:20:f1:75:8d:e7:b4:c3:a6:34:b1:f8:60:33:85:95:d0:70:
         29:62:80:2b:8f:5d:c1:54:ba:98:3e:38:c2:61:f5:44:a4:11:
         da:6a:c2:4c:95:73:87:cc:ec:18:04:03:60:59:b6:c5:f9:98:
         c2:4d:8f:36:b9:39:88:2d:be:02:d3:56:71:7b:1e:13:6d:1a:
         db:2c:a5:a8:df:b1:e3:36:67:69:37:8f:f1:dd:1a:e7:dc:23:
         c5:73:83:97:db:b8:8c:c1:22:1f:32:5d:52:8d:b8:49:52:49:
         ff:a7:df:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxUWpFHVNitQQU2ih72D1VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYWE2Y2NiNzg1NzM0NjAwMmU2YmJjNDk4Zjg4YjllODZk
ZjE4MDYwHhcNMjUwNjE1MDIwMDUwWhcNMjUwNjE2MDIwMDUwWjAzMTEwLwYDVQQD
EygyZmI2ZTNkNmUzZjU3OWVhMWI3NmEyZTVlNGQ4MDYzYjUyZDkzYTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy10oqHPUxhED7jqxu6PNqX5O9aG
kfQ7GdUtenD04/U4mO15pNbBgsxgufN7GwAqQmBPCZkxlaX24l6fOGVkqd4dLxzL
4M94rY2Qj3mmyTF64HeVVuh+SejUFp4S5gZziWCab6M6q+UVylUYmvrjeilmzhOq
H9ybvghfPwUMHXG7B9hGW8EBRZjnRFMrt4nbgmxt1lzW7gk8U9BS4GAxOm6eg3Ue
09mePIU5m7bph9F6FsICj5MMG7+E26pqfM9qB12D4Zzv4rqLyIUBxIADVf4TuLsu
Pg3Ft8zt86SyjmeVgfv/tuceeIWEsRG6GSQraEUCvafds62XrUuoEYeUsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC+249bj9XnqG3ai5eTYBjtS2ToEMB8GA1UdIwQY
MBaAFO+qbMt4VzRgAua7xJj4i56G3xgGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZwc3kzaFhOR0FDNXJ2RW1QaUxub2JmR0FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9hYTk2MTQtZjZkNy00YzMzLWI5NGIt
ZDgyMGY2NWNlZDgxLzEvNzZwc3kzaFhOR0FDNXJ2RW1QaUxub2JmR0FZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9hYTk2MTQtZjZkNy00YzMzLWI5NGItZDgyMGY2NWNlZDgx
LzEvNzZwc3kzaFhOR0FDNXJ2RW1QaUxub2JmR0FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOsBNh7qH
Gebd40mUViGlswurnBJYZgfdxzxogN+EdmXXYNe+9Hzod3drgiv9bywBIfGpnCIz
aaXD0dMnpVQdJQ86k5U/dyZWTlYOqk8fZKko0BAoHkOK8El0F2SGpoXZ/5GQLhJ0
lswpce2XC7GruglG0Ac5vUID8mx7d1PN+g0/XZwcEjVmyat9BO3+lV73FSDxdY3n
tMOmNLH4YDOFldBwKWKAK49dwVS6mD44wmH1RKQR2mrCTJVzh8zsGAQDYFm2xfmY
wk2PNrk5iC2+AtNWcXseE20a2yylqN+x4zZnaTeP8d0a59wjxXODl9u4jMEiHzJd
Uo24SVJJ/6ffHA==
-----END CERTIFICATE-----