Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
File:                     l37KDVyVbeF79pcQRvLrlc5hXik.mft (raw, json)
Hash identifier:          WXoUZMaVuM2ykdyxNDoSB2cR9MfVANAxhKs9ssgPzm4=
Subject key identifier:   B6:7E:6A:4B:13:0F:CB:2B:B6:E0:03:B0:BC:EA:D4:02:B5:81:D3:C4
Authority key identifier: 97:7E:CA:0D:5C:95:6D:E1:7B:F6:97:10:46:F2:EB:95:CE:61:5E:29
Certificate issuer:       /CN=977eca0d5c956de17bf6971046f2eb95ce615e29
Certificate serial:       0196760C74B0223AE79B6EA56F8A34968B61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
Manifest number:          150C
Signing time:             Sun 27 Apr 2025 07:00:49 +0000
Manifest this update:     Sun 27 Apr 2025 07:00:49 +0000
Manifest next update:     Mon 28 Apr 2025 07:00:49 +0000
Files and hashes:         1: l37KDVyVbeF79pcQRvLrlc5hXik.crl (hash: 0qLG6Rx2x2U1d2RNrVkrcCycL3KxeF4ray3EGd5EzNQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:74:b0:22:3a:e7:9b:6e:a5:6f:8a:34:96:8b:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=977eca0d5c956de17bf6971046f2eb95ce615e29
        Validity
            Not Before: Apr 27 07:00:49 2025 GMT
            Not After : Apr 28 07:00:49 2025 GMT
        Subject: CN=b67e6a4b130fcb2bb6e003b0bcead402b581d3c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:11:5f:5f:a0:f0:0f:1b:69:88:15:a0:56:33:
                    f9:9b:c4:6f:52:b3:6f:23:dd:32:4c:3f:0a:bf:c2:
                    0e:0b:03:f1:1e:11:dd:da:e4:98:31:d4:3e:0f:a5:
                    2d:e1:d1:fe:b2:cc:2e:7a:3d:c1:44:88:32:fb:8a:
                    91:5b:b7:df:24:a0:93:6d:89:c5:e5:18:72:4a:e2:
                    cf:d8:36:da:48:4e:88:91:fb:fe:5d:27:14:23:54:
                    33:56:8b:fd:60:0d:23:e4:42:78:a8:d7:4d:48:0a:
                    1c:b0:35:dd:4b:7d:cc:71:e2:54:66:fa:3f:0c:2d:
                    69:ea:fa:e6:41:9b:76:57:7a:1e:bd:87:54:60:f0:
                    72:8b:0d:b5:82:75:93:1e:e1:71:ce:e4:e8:8d:79:
                    89:35:07:71:f9:08:87:a4:28:4c:d7:d7:f6:ac:ec:
                    c0:38:85:34:a6:fa:aa:76:f6:22:f7:61:41:c2:c6:
                    e8:c0:ac:32:36:89:20:52:ec:7f:d8:45:ce:8d:df:
                    a2:e4:48:ed:2d:88:41:c1:e5:b4:45:2f:9c:19:34:
                    50:d5:7e:7f:03:18:de:1d:27:91:6d:82:ea:9f:8c:
                    b7:99:19:d0:58:00:c4:aa:04:c7:4b:48:c9:37:79:
                    70:60:5b:01:10:c2:b4:80:32:7a:aa:5f:5d:5f:43:
                    ec:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:7E:6A:4B:13:0F:CB:2B:B6:E0:03:B0:BC:EA:D4:02:B5:81:D3:C4
            X509v3 Authority Key Identifier:
                keyid:97:7E:CA:0D:5C:95:6D:E1:7B:F6:97:10:46:F2:EB:95:CE:61:5E:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:ed:63:f3:cd:65:51:4f:76:56:d9:14:96:98:ef:56:8c:eb:
         05:90:de:cd:15:8a:7e:39:84:41:4b:e2:f9:d7:37:94:b0:57:
         49:89:3e:2c:0d:58:47:cb:e2:d9:c7:4d:43:06:ca:0a:3c:0d:
         6b:39:fb:0d:72:3e:6a:d6:1d:e5:10:a5:79:ed:f1:c9:c5:13:
         9b:1f:49:61:af:cf:fb:78:58:d4:6f:0e:48:9d:a8:a2:91:e9:
         46:a4:ea:6a:e0:33:87:83:13:4c:35:db:45:0c:dc:d1:a7:a0:
         ee:42:84:9a:fd:8f:3d:ee:a7:38:e7:88:73:04:21:a6:65:7a:
         e1:19:01:7b:2d:b8:cf:89:82:5f:68:7b:46:e9:9e:a0:4e:bd:
         39:84:5a:66:b4:ee:d3:5d:58:b2:9a:c7:85:b0:bc:b3:de:17:
         cf:4c:76:42:de:9e:13:e6:ff:14:b7:65:3f:4d:45:cf:57:7d:
         cb:6d:64:cf:f0:96:68:9f:d4:36:a4:76:ed:71:51:7b:dd:0f:
         cc:15:89:57:ef:83:c0:bc:e9:60:4e:be:4d:d0:bc:87:42:04:
         53:f5:59:5e:53:7d:70:2f:f3:58:2a:0a:2f:24:6d:6a:84:60:
         a1:ad:91:07:9f:a8:05:ac:09:d2:42:93:7d:70:4f:56:ff:8a:
         18:8b:a5:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DHSwIjrnm26lb4o0lothMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3N2VjYTBkNWM5NTZkZTE3YmY2OTcxMDQ2ZjJlYjk1Y2U2
MTVlMjkwHhcNMjUwNDI3MDcwMDQ5WhcNMjUwNDI4MDcwMDQ5WjAzMTEwLwYDVQQD
EyhiNjdlNmE0YjEzMGZjYjJiYjZlMDAzYjBiY2VhZDQwMmI1ODFkM2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4xFfX6DwDxtpiBWgVjP5m8RvUrNv
I90yTD8Kv8IOCwPxHhHd2uSYMdQ+D6Ut4dH+sswuej3BRIgy+4qRW7ffJKCTbYnF
5RhySuLP2DbaSE6Ikfv+XScUI1QzVov9YA0j5EJ4qNdNSAocsDXdS33MceJUZvo/
DC1p6vrmQZt2V3oevYdUYPByiw21gnWTHuFxzuTojXmJNQdx+QiHpChM19f2rOzA
OIU0pvqqdvYi92FBwsbowKwyNokgUux/2EXOjd+i5EjtLYhBweW0RS+cGTRQ1X5/
AxjeHSeRbYLqn4y3mRnQWADEqgTHS0jJN3lwYFsBEMK0gDJ6ql9dX0PsQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLZ+aksTD8srtuADsLzq1AK1gdPEMB8GA1UdIwQY
MBaAFJd+yg1clW3he/aXEEby65XOYV4pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8zMmFiZDgtYmVkYi00YjdkLWE0NjMt
Nzk3MDZiMzQ1YmJiLzEvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8zMmFiZDgtYmVkYi00YjdkLWE0NjMtNzk3MDZiMzQ1YmJi
LzEvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALe1j881l
UU92VtkUlpjvVozrBZDezRWKfjmEQUvi+dc3lLBXSYk+LA1YR8vi2cdNQwbKCjwN
azn7DXI+atYd5RClee3xycUTmx9JYa/P+3hY1G8OSJ2oopHpRqTqauAzh4MTTDXb
RQzc0aeg7kKEmv2PPe6nOOeIcwQhpmV64RkBey24z4mCX2h7RumeoE69OYRaZrTu
011YsprHhbC8s94Xz0x2Qt6eE+b/FLdlP01Fz1d9y21kz/CWaJ/UNqR27XFRe90P
zBWJV++DwLzpYE6+TdC8h0IEU/VZXlN9cC/zWCoKLyRtaoRgoa2RB5+oBawJ0kKT
fXBPVv+KGIulaQ==
-----END CERTIFICATE-----