Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
File:                     aPw7CfVvin8ea-PJTw8IikKiy1s.mft (raw, json)
Hash identifier:          u7O2EUGfDoNbW4ghizzF927yMCFzYDLNi/OWb/Bg3Zk=
Subject key identifier:   75:D2:33:02:17:56:7A:78:E5:D5:14:C0:C7:3B:5A:D9:1A:84:35:C4
Authority key identifier: 68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B
Certificate issuer:       /CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b
Certificate serial:       01968A37E0453C9B7D470A571BA4ACFFDA74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
Manifest number:          06D7
Signing time:             Thu 01 May 2025 05:00:39 +0000
Manifest this update:     Thu 01 May 2025 05:00:39 +0000
Manifest next update:     Fri 02 May 2025 05:00:39 +0000
Files and hashes:         1: aPw7CfVvin8ea-PJTw8IikKiy1s.crl (hash: YkBIhMYDzF/mwwlHU0DadflJbC73lpOicKLdPocja/Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 05:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8a:37:e0:45:3c:9b:7d:47:0a:57:1b:a4:ac:ff:da:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b
        Validity
            Not Before: May  1 05:00:39 2025 GMT
            Not After : May  2 05:00:39 2025 GMT
        Subject: CN=75d2330217567a78e5d514c0c73b5ad91a8435c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:c4:8b:f6:eb:a3:40:a5:fd:da:aa:6c:b3:8c:
                    9d:b3:51:c3:0e:d1:01:90:60:29:9d:3f:e7:69:05:
                    6a:a2:c6:71:9e:e1:6f:44:f5:21:6b:2b:f0:0e:88:
                    02:cc:03:a4:f2:fe:3e:1a:70:47:65:6e:94:4b:c8:
                    2a:29:1a:4d:7d:cb:c4:1e:6b:a4:16:2a:1f:0c:84:
                    75:b7:9a:0a:7c:d3:4b:ae:56:b1:60:a7:d4:45:54:
                    f5:3c:49:99:52:81:67:0b:72:44:b0:ca:0b:7b:31:
                    67:90:66:1b:43:06:85:27:ec:1d:f5:99:5f:74:cf:
                    29:6f:ac:5a:8e:ee:df:81:9b:ce:fd:42:f3:a2:5e:
                    ad:af:d1:9d:6c:a9:2e:9f:2a:67:6c:44:5e:5a:3c:
                    00:b8:c0:ae:bc:dd:1a:4e:91:da:03:60:94:87:3c:
                    66:cc:20:3c:40:b9:32:b0:2c:24:f9:12:90:29:de:
                    d9:03:a6:8f:4f:36:5d:08:8e:ae:dd:08:77:a1:99:
                    66:c6:c1:82:70:8e:d6:a8:80:8d:a0:10:0d:b8:dd:
                    e6:ab:e3:d8:c1:dd:be:7c:3d:f3:ab:0c:a7:d5:ab:
                    72:79:0d:ee:89:0c:ed:22:96:0c:cd:ec:21:4d:1a:
                    76:4c:b7:5f:78:70:c0:56:56:c9:3e:5d:db:22:3b:
                    54:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:D2:33:02:17:56:7A:78:E5:D5:14:C0:C7:3B:5A:D9:1A:84:35:C4
            X509v3 Authority Key Identifier:
                keyid:68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:db:58:42:c9:c3:64:1f:16:79:28:ec:df:ef:a3:cb:fb:4f:
         7e:19:e6:ed:44:cc:2f:41:a2:bc:e2:96:f8:3a:17:75:b1:98:
         8b:90:44:20:d7:1c:e3:6a:86:a1:31:28:57:5f:c5:40:84:81:
         76:e7:86:e6:95:6c:60:a7:d6:2c:88:49:a9:4c:4f:4d:f8:da:
         87:bf:16:f8:b4:d6:03:b4:11:16:f8:18:80:a2:82:53:8f:97:
         97:e6:86:cf:ff:c8:95:01:58:3e:a1:9f:05:8b:f4:66:b2:e8:
         11:f3:19:70:51:4b:ca:19:91:2b:c9:53:18:2c:12:8e:e0:0e:
         f5:76:72:89:07:fc:a0:e8:7c:cb:7a:30:3e:2c:f4:15:94:ce:
         ac:3b:d4:9d:62:08:de:dc:f1:e8:b4:8b:c8:c3:e1:45:77:4b:
         23:f3:10:01:1f:1f:6a:91:bb:fa:80:27:3c:01:3a:f3:6b:6e:
         cc:5b:d8:cb:24:eb:6f:5a:63:76:4d:06:8e:93:89:5d:e7:e7:
         c7:fc:f1:9a:2c:13:43:14:75:06:ab:97:be:b8:cb:c7:aa:71:
         aa:95:b2:bc:c7:7f:a8:02:92:53:ee:f2:93:df:58:a8:4f:cd:
         c9:c1:87:ef:91:73:34:fe:dd:f8:25:67:c4:18:fe:39:ab:e7:
         d3:81:51:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaKN+BFPJt9RwpXG6Ss/9p0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZmMzYjA5ZjU2ZjhhN2YxZTZiZTNjOTRmMGYwODhhNDJh
MmNiNWIwHhcNMjUwNTAxMDUwMDM5WhcNMjUwNTAyMDUwMDM5WjAzMTEwLwYDVQQD
Eyg3NWQyMzMwMjE3NTY3YTc4ZTVkNTE0YzBjNzNiNWFkOTFhODQzNWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsSL9uujQKX92qpss4yds1HDDtEB
kGApnT/naQVqosZxnuFvRPUhayvwDogCzAOk8v4+GnBHZW6US8gqKRpNfcvEHmuk
FiofDIR1t5oKfNNLrlaxYKfURVT1PEmZUoFnC3JEsMoLezFnkGYbQwaFJ+wd9Zlf
dM8pb6xaju7fgZvO/ULzol6tr9GdbKkunypnbEReWjwAuMCuvN0aTpHaA2CUhzxm
zCA8QLkysCwk+RKQKd7ZA6aPTzZdCI6u3Qh3oZlmxsGCcI7WqICNoBANuN3mq+PY
wd2+fD3zqwyn1atyeQ3uiQztIpYMzewhTRp2TLdfeHDAVlbJPl3bIjtUxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHXSMwIXVnp45dUUwMc7WtkahDXEMB8GA1UdIwQY
MBaAFGj8Own1b4p/HmvjyU8PCIpCostbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMt
Yzg1MzRhM2M5NDk4LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMtYzg1MzRhM2M5NDk4
LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb9tYQsnD
ZB8WeSjs3++jy/tPfhnm7UTML0GivOKW+DoXdbGYi5BEINcc42qGoTEoV1/FQISB
dueG5pVsYKfWLIhJqUxPTfjah78W+LTWA7QRFvgYgKKCU4+Xl+aGz//IlQFYPqGf
BYv0ZrLoEfMZcFFLyhmRK8lTGCwSjuAO9XZyiQf8oOh8y3owPiz0FZTOrDvUnWII
3tzx6LSLyMPhRXdLI/MQAR8fapG7+oAnPAE682tuzFvYyyTrb1pjdk0GjpOJXefn
x/zxmiwTQxR1BquXvrjLx6pxqpWyvMd/qAKSU+7yk99YqE/NycGH75FzNP7d+CVn
xBj+Oavn04FRbw==
-----END CERTIFICATE-----