Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.mft
File:                     dPYRYnGtLREZYKLZYaqcFi-VgKY.mft (raw, json)
Hash identifier:          rT0oTztIpTzqF7FGUu/7NqefT/nzhMdAlpPzhFMKzHM=
Subject key identifier:   12:60:C1:2C:23:00:6A:32:39:74:1F:A2:D0:20:4C:1D:28:BE:69:7D
Authority key identifier: 74:F6:11:62:71:AD:2D:11:19:60:A2:D9:61:AA:9C:16:2F:95:80:A6
Certificate issuer:       /CN=74f6116271ad2d111960a2d961aa9c162f9580a6
Certificate serial:       0196760CD38E51F805C40D50EA06A3218DA6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dPYRYnGtLREZYKLZYaqcFi-VgKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.mft
Manifest number:          0F07
Signing time:             Sun 27 Apr 2025 07:01:14 +0000
Manifest this update:     Sun 27 Apr 2025 07:01:14 +0000
Manifest next update:     Mon 28 Apr 2025 07:01:14 +0000
Files and hashes:         1: dPYRYnGtLREZYKLZYaqcFi-VgKY.crl (hash: NIjxb6kYoybRFBGMP5AbcAHwEgrZMhPAjfXYgAlYn4E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dPYRYnGtLREZYKLZYaqcFi-VgKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:d3:8e:51:f8:05:c4:0d:50:ea:06:a3:21:8d:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74f6116271ad2d111960a2d961aa9c162f9580a6
        Validity
            Not Before: Apr 27 07:01:14 2025 GMT
            Not After : Apr 28 07:01:14 2025 GMT
        Subject: CN=1260c12c23006a3239741fa2d0204c1d28be697d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:e2:b6:37:8f:4f:0b:a1:65:2e:cf:dd:d9:c4:
                    f9:7f:f2:f6:0e:22:2b:6c:29:ce:93:4e:aa:44:50:
                    f3:0c:7a:ef:c9:95:ce:06:62:75:32:0d:98:8f:09:
                    a6:c8:c4:a2:a0:40:a2:b8:63:45:0c:92:da:de:29:
                    3a:e1:b4:2e:c3:4c:74:04:56:ea:26:59:89:1f:71:
                    c8:a4:3c:1c:77:d2:2c:f9:77:3e:2e:5e:27:91:92:
                    60:80:66:ce:6c:5c:c3:65:50:e8:d0:fb:4a:de:18:
                    da:0f:12:e1:3a:35:be:20:c6:83:30:b8:0a:df:bb:
                    fa:4b:54:87:ad:12:4d:9d:33:ae:43:7b:7e:65:ee:
                    de:62:bf:34:88:93:a3:07:bc:c4:8c:c7:fc:88:26:
                    63:50:86:5b:ee:25:33:b6:04:3e:10:54:8e:45:08:
                    d7:b5:fe:df:8a:c9:3e:5b:89:fb:01:f1:49:0d:1f:
                    79:d4:d7:10:d8:3d:f0:da:ba:11:d5:62:91:be:d3:
                    41:25:f4:45:53:5e:e1:42:de:8d:73:c0:c5:63:bc:
                    1a:90:2b:27:d3:4a:fc:37:ee:39:97:e7:fc:fb:f2:
                    ae:56:9d:56:07:6a:09:b2:f6:70:4e:fa:cd:bf:3e:
                    60:0e:b7:5b:79:e2:c8:36:b1:85:6c:70:b2:d6:ff:
                    2f:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:60:C1:2C:23:00:6A:32:39:74:1F:A2:D0:20:4C:1D:28:BE:69:7D
            X509v3 Authority Key Identifier:
                keyid:74:F6:11:62:71:AD:2D:11:19:60:A2:D9:61:AA:9C:16:2F:95:80:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dPYRYnGtLREZYKLZYaqcFi-VgKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:9a:7e:9c:4b:b5:68:55:7b:76:ea:82:e6:1e:1b:a7:58:e3:
         9b:90:1e:f1:2a:ba:fc:8f:77:70:a4:74:bf:09:a2:63:8e:70:
         29:2f:94:1f:38:4d:b8:18:08:a0:31:72:f7:3f:af:83:44:60:
         9a:9d:bd:19:67:83:38:cc:1e:cd:60:e1:ba:ec:ef:69:4b:14:
         4e:28:2c:82:b3:bf:17:30:33:60:c1:4c:69:25:6b:97:e6:31:
         50:36:11:08:fd:ba:11:85:5e:2e:a7:87:df:f9:60:d7:ba:04:
         d6:fe:eb:bc:96:be:10:a5:2c:23:ea:84:c5:4a:0e:7c:0c:cc:
         c3:e6:70:95:e9:87:37:96:30:d1:6a:f5:94:7c:b1:cb:4c:24:
         7e:99:7c:3f:c3:0f:3c:df:07:3f:e8:76:0f:6d:74:e6:17:02:
         95:07:77:dc:22:e4:dc:ae:62:5c:61:b3:e7:fa:a5:33:ac:2d:
         0f:d0:2c:d5:21:d4:f3:91:ce:63:6a:01:10:cb:f0:0a:62:7e:
         f8:4d:17:9b:19:85:22:40:c4:93:86:aa:fb:c8:c9:86:d1:ee:
         6a:94:56:e4:4c:34:1a:8c:c2:ea:bc:cc:03:53:4c:7c:f0:57:
         5f:5c:1b:f9:5e:f0:70:ce:8a:aa:1e:54:d9:d9:30:88:ea:42:
         80:36:76:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DNOOUfgFxA1Q6gajIY2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZjYxMTYyNzFhZDJkMTExOTYwYTJkOTYxYWE5YzE2MmY5
NTgwYTYwHhcNMjUwNDI3MDcwMTE0WhcNMjUwNDI4MDcwMTE0WjAzMTEwLwYDVQQD
EygxMjYwYzEyYzIzMDA2YTMyMzk3NDFmYTJkMDIwNGMxZDI4YmU2OTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveK2N49PC6FlLs/d2cT5f/L2DiIr
bCnOk06qRFDzDHrvyZXOBmJ1Mg2YjwmmyMSioECiuGNFDJLa3ik64bQuw0x0BFbq
JlmJH3HIpDwcd9Is+Xc+Ll4nkZJggGbObFzDZVDo0PtK3hjaDxLhOjW+IMaDMLgK
37v6S1SHrRJNnTOuQ3t+Ze7eYr80iJOjB7zEjMf8iCZjUIZb7iUztgQ+EFSORQjX
tf7fisk+W4n7AfFJDR951NcQ2D3w2roR1WKRvtNBJfRFU17hQt6Nc8DFY7wakCsn
00r8N+45l+f8+/KuVp1WB2oJsvZwTvrNvz5gDrdbeeLINrGFbHCy1v8vDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBJgwSwjAGoyOXQfotAgTB0ovml9MB8GA1UdIwQY
MBaAFHT2EWJxrS0RGWCi2WGqnBYvlYCmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFBZUlluR3RMUkVaWUtMWllhcWNGaS1WZ0tZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni81NmM4YTctNTYyYi00OGM4LThhOGYt
NWEwNWI5MWIyYjhjLzEvZFBZUlluR3RMUkVaWUtMWllhcWNGaS1WZ0tZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni81NmM4YTctNTYyYi00OGM4LThhOGYtNWEwNWI5MWIyYjhj
LzEvZFBZUlluR3RMUkVaWUtMWllhcWNGaS1WZ0tZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYZp+nEu1
aFV7duqC5h4bp1jjm5Ae8Sq6/I93cKR0vwmiY45wKS+UHzhNuBgIoDFy9z+vg0Rg
mp29GWeDOMwezWDhuuzvaUsUTigsgrO/FzAzYMFMaSVrl+YxUDYRCP26EYVeLqeH
3/lg17oE1v7rvJa+EKUsI+qExUoOfAzMw+ZwlemHN5Yw0Wr1lHyxy0wkfpl8P8MP
PN8HP+h2D2105hcClQd33CLk3K5iXGGz5/qlM6wtD9As1SHU85HOY2oBEMvwCmJ+
+E0XmxmFIkDEk4aq+8jJhtHuapRW5Ew0GozC6rzMA1NMfPBXX1wb+V7wcM6Kqh5U
2dkwiOpCgDZ2Eg==
-----END CERTIFICATE-----