Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft
File:                     dLJ8XVaEhkhT31uBVyIS7eMizgo.mft (raw, json)
Hash identifier:          FVeNbzTU1gcySGNgaHHfTi6cSRgvN2w+4Fu9rds+vQ0=
Subject key identifier:   B7:CA:A5:83:91:45:FC:7F:89:74:20:52:F8:25:FD:CC:E9:41:A5:60
Authority key identifier: 74:B2:7C:5D:56:84:86:48:53:DF:5B:81:57:22:12:ED:E3:22:CE:0A
Certificate issuer:       /CN=74b27c5d5684864853df5b81572212ede322ce0a
Certificate serial:       01967B3246277AAF769B75B42801F5223F23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft
Manifest number:          01E6
Signing time:             Mon 28 Apr 2025 07:00:14 +0000
Manifest this update:     Mon 28 Apr 2025 07:00:14 +0000
Manifest next update:     Tue 29 Apr 2025 07:00:14 +0000
Files and hashes:         1: dLJ8XVaEhkhT31uBVyIS7eMizgo.crl (hash: 515vZ8m9Ef2MRTVYfIkTe0//RXSRj2s+h++aBHXyWdA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 07:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7b:32:46:27:7a:af:76:9b:75:b4:28:01:f5:22:3f:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74b27c5d5684864853df5b81572212ede322ce0a
        Validity
            Not Before: Apr 28 07:00:14 2025 GMT
            Not After : Apr 29 07:00:14 2025 GMT
        Subject: CN=b7caa5839145fc7f89742052f825fdcce941a560
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:8a:68:8d:b1:3a:0b:7b:07:c1:38:9e:85:5b:
                    cc:f9:fb:e7:f9:23:d2:58:b2:41:4c:c7:b4:c8:80:
                    e1:49:13:7e:10:70:4b:b8:9f:2c:ec:c8:5a:de:05:
                    77:79:1d:e7:41:95:e4:22:c5:69:ec:b3:9c:dc:46:
                    1d:52:09:f8:8f:66:37:16:b3:50:80:fc:9b:12:59:
                    82:54:2d:cd:d1:e1:b6:63:33:0b:4d:92:5f:89:6f:
                    29:dd:7c:97:65:37:de:f8:49:f9:29:5b:36:3c:ee:
                    4a:4f:c4:9a:eb:d4:7a:04:c4:06:c0:20:43:af:04:
                    5f:98:fe:c0:7b:10:05:1c:f1:b6:ab:7b:67:7e:10:
                    8d:76:e6:2c:bd:fc:a7:eb:a4:5a:6e:e2:8b:a4:1e:
                    5f:7c:1c:11:52:ec:da:b6:c5:6a:17:42:0c:8f:cf:
                    cc:97:51:bb:f9:06:f8:1b:2a:6e:c9:13:5e:f9:35:
                    50:4c:57:66:90:3a:49:7b:98:78:3c:79:ba:1b:ad:
                    4f:03:8f:c5:81:90:ce:8c:27:7b:fe:5c:6a:a6:92:
                    7e:77:3a:0b:11:1a:46:f8:c0:25:98:8a:fa:66:a5:
                    55:33:5a:56:ae:ac:7a:96:c4:67:f8:db:7c:ce:0c:
                    66:39:85:ae:f6:16:ea:91:fc:ef:e8:73:25:79:a6:
                    62:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:CA:A5:83:91:45:FC:7F:89:74:20:52:F8:25:FD:CC:E9:41:A5:60
            X509v3 Authority Key Identifier:
                keyid:74:B2:7C:5D:56:84:86:48:53:DF:5B:81:57:22:12:ED:E3:22:CE:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:f0:ef:fb:bc:ca:ae:8f:5e:20:bf:80:d2:d6:63:96:e4:9e:
         d6:e1:b7:5e:f3:2e:57:e0:21:9e:4d:a2:49:c5:ff:06:fe:ce:
         1a:4d:bc:2c:e7:4b:28:ba:7b:27:f8:23:7b:36:0f:3b:2b:77:
         a8:ea:7d:eb:cf:e0:95:67:9e:2a:a7:99:01:e0:52:9c:cf:e3:
         46:e9:9b:63:15:a8:bd:dd:5d:e3:49:93:aa:96:c0:a6:af:12:
         06:41:41:6a:38:00:f6:ae:7e:06:3a:3c:b1:64:3e:d6:e6:3a:
         fb:07:13:12:5d:8c:de:27:4a:ce:3f:41:bc:55:51:bc:26:2c:
         d5:7d:a8:d7:3c:94:ad:52:47:ff:40:87:b8:0c:e0:d2:6d:ee:
         75:4f:0e:ee:55:87:8b:ac:d6:22:b0:8e:e2:ed:6a:3e:0a:d6:
         fc:9e:c9:09:5b:9c:b7:49:bd:21:5a:bd:35:68:e5:ba:1f:17:
         71:85:04:40:1e:c8:74:79:e0:70:c1:82:7a:92:45:9b:68:ef:
         93:29:7f:0d:65:1b:52:a5:83:f4:c6:8f:c7:5a:4b:47:b3:a4:
         13:7b:2c:77:0f:2e:e3:83:64:21:76:fd:b6:d0:15:2d:8c:45:
         28:a0:c2:21:10:14:5e:3c:cb:c3:ac:12:cb:f7:83:77:f8:4f:
         67:de:14:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ7MkYneq92m3W0KAH1Ij8jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjI3YzVkNTY4NDg2NDg1M2RmNWI4MTU3MjIxMmVkZTMy
MmNlMGEwHhcNMjUwNDI4MDcwMDE0WhcNMjUwNDI5MDcwMDE0WjAzMTEwLwYDVQQD
EyhiN2NhYTU4MzkxNDVmYzdmODk3NDIwNTJmODI1ZmRjY2U5NDFhNTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4pojbE6C3sHwTiehVvM+fvn+SPS
WLJBTMe0yIDhSRN+EHBLuJ8s7Mha3gV3eR3nQZXkIsVp7LOc3EYdUgn4j2Y3FrNQ
gPybElmCVC3N0eG2YzMLTZJfiW8p3XyXZTfe+En5KVs2PO5KT8Sa69R6BMQGwCBD
rwRfmP7AexAFHPG2q3tnfhCNduYsvfyn66RabuKLpB5ffBwRUuzatsVqF0IMj8/M
l1G7+Qb4GypuyRNe+TVQTFdmkDpJe5h4PHm6G61PA4/FgZDOjCd7/lxqppJ+dzoL
ERpG+MAlmIr6ZqVVM1pWrqx6lsRn+Nt8zgxmOYWu9hbqkfzv6HMleaZiTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLfKpYORRfx/iXQgUvgl/czpQaVgMB8GA1UdIwQY
MBaAFHSyfF1WhIZIU99bgVciEu3jIs4KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yOTk2NTYtNzQ0YS00ZGFhLThjZmQt
MDEwYTk4NTZmNzg1LzEvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8yOTk2NTYtNzQ0YS00ZGFhLThjZmQtMDEwYTk4NTZmNzg1
LzEvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjPDv+7zK
ro9eIL+A0tZjluSe1uG3XvMuV+Ahnk2iScX/Bv7OGk28LOdLKLp7J/gjezYPOyt3
qOp968/glWeeKqeZAeBSnM/jRumbYxWovd1d40mTqpbApq8SBkFBajgA9q5+Bjo8
sWQ+1uY6+wcTEl2M3idKzj9BvFVRvCYs1X2o1zyUrVJH/0CHuAzg0m3udU8O7lWH
i6zWIrCO4u1qPgrW/J7JCVuct0m9IVq9NWjluh8XcYUEQB7IdHngcMGCepJFm2jv
kyl/DWUbUqWD9MaPx1pLR7OkE3ssdw8u44NkIXb9ttAVLYxFKKDCIRAUXjzLw6wS
y/eDd/hPZ94UqQ==
-----END CERTIFICATE-----