Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.mft
File:                     dPYRYnGtLREZYKLZYaqcFi-VgKY.mft (raw, json)
Hash identifier:          daVpUuZIB85chPIWVOAZHdqiY+gOrkjbirTa5Lp6Vyg=
Subject key identifier:   28:5F:EC:3F:89:9E:8A:58:04:55:8C:A8:9F:CF:8D:1A:DA:8B:42:E8
Authority key identifier: 74:F6:11:62:71:AD:2D:11:19:60:A2:D9:61:AA:9C:16:2F:95:80:A6
Certificate issuer:       /CN=74f6116271ad2d111960a2d961aa9c162f9580a6
Certificate serial:       01976D3E5E7C88010D84BE9F75ED7AB43824
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dPYRYnGtLREZYKLZYaqcFi-VgKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.mft
Manifest number:          0F87
Signing time:             Sat 14 Jun 2025 07:01:33 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:33 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:33 +0000
Files and hashes:         1: dPYRYnGtLREZYKLZYaqcFi-VgKY.crl (hash: MhsJKRsBte06sMAlkDupbA+445hNX8BU7/zvPPONcsg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dPYRYnGtLREZYKLZYaqcFi-VgKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:5e:7c:88:01:0d:84:be:9f:75:ed:7a:b4:38:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74f6116271ad2d111960a2d961aa9c162f9580a6
        Validity
            Not Before: Jun 14 07:01:33 2025 GMT
            Not After : Jun 15 07:01:33 2025 GMT
        Subject: CN=285fec3f899e8a5804558ca89fcf8d1ada8b42e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:51:57:4f:90:5e:74:38:68:80:5c:68:11:d6:
                    05:49:7b:b6:c6:94:80:36:f2:a7:78:bb:fa:53:29:
                    e2:ad:57:c3:b9:e2:d4:3b:a5:79:a9:f4:0b:16:6d:
                    b1:cd:1e:da:51:d8:82:af:f7:8f:f5:ca:c5:ff:05:
                    65:b4:78:6b:13:2a:1b:45:46:ee:3e:12:ae:65:cf:
                    a8:e8:ee:8f:4c:30:f1:4f:03:e2:8a:98:3c:88:66:
                    18:e1:65:fd:54:4e:11:2a:da:4d:f8:72:8d:7e:e9:
                    3e:b8:d7:01:04:4e:c3:3b:58:81:c9:6b:49:b5:9e:
                    b2:50:bc:fd:77:ba:99:6b:5c:31:61:b5:a2:be:8a:
                    10:f8:1f:c8:b5:09:7c:9c:65:b1:15:d5:94:26:34:
                    85:4e:96:fe:21:98:f9:f4:e0:e2:8d:c9:42:db:7a:
                    f3:47:bc:c2:ad:cd:16:5d:0a:32:bb:ea:20:ce:e2:
                    db:4d:23:cc:5e:0a:1d:b3:b9:85:5e:ae:2d:33:c1:
                    75:fb:1a:0e:5a:79:c0:9e:08:a7:28:e4:ff:0d:9e:
                    27:6c:6d:d0:12:7c:93:c9:98:6a:f3:4a:c4:e0:9e:
                    0a:82:a3:5a:77:d4:30:97:85:e8:b5:a0:a5:cd:8f:
                    bd:30:75:ec:97:98:72:b6:24:6a:89:23:4d:04:c6:
                    07:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:5F:EC:3F:89:9E:8A:58:04:55:8C:A8:9F:CF:8D:1A:DA:8B:42:E8
            X509v3 Authority Key Identifier:
                keyid:74:F6:11:62:71:AD:2D:11:19:60:A2:D9:61:AA:9C:16:2F:95:80:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dPYRYnGtLREZYKLZYaqcFi-VgKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:6c:a8:96:f3:96:26:23:51:57:9e:2d:b8:97:41:98:3d:55:
         fa:e2:bd:72:f0:7c:db:27:d1:fb:87:e7:e6:ec:ef:4f:3e:db:
         65:a7:a4:38:a4:9c:bb:fe:0c:90:12:fa:75:14:1b:8b:e8:9e:
         45:64:95:7c:8d:06:c2:e4:4e:5e:d9:92:ea:f4:40:ac:e7:b9:
         8c:79:19:62:46:a6:0b:ff:99:f4:99:77:c7:04:dc:50:54:0b:
         2c:74:39:63:63:6d:58:69:13:7b:fb:c2:25:34:a2:0d:6a:c4:
         c3:8a:2c:97:f3:39:94:ed:d9:e0:2e:97:bd:11:9a:b3:1b:5f:
         9a:b8:17:f3:08:15:be:1a:15:8a:bd:4f:cd:5f:b8:ed:26:ba:
         9b:d7:d7:39:15:25:32:79:8f:fc:fb:0d:e2:e9:ff:8f:7d:47:
         25:d3:01:15:c1:46:01:6a:bf:71:74:9e:02:3f:2e:80:e0:0e:
         92:e7:96:fc:bf:ea:5f:80:d0:9d:5b:d0:63:f8:05:bd:58:af:
         5f:83:3f:c3:5d:3a:a1:25:7f:ad:10:8d:4d:25:87:16:a7:2e:
         75:9d:52:ef:da:70:2f:4d:8b:35:25:a3:c5:03:c5:e8:39:62:
         f5:38:38:a9:88:1d:44:c1:69:0c:e5:ef:f9:04:08:02:75:6a:
         9f:12:1b:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPl58iAENhL6fde16tDgkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZjYxMTYyNzFhZDJkMTExOTYwYTJkOTYxYWE5YzE2MmY5
NTgwYTYwHhcNMjUwNjE0MDcwMTMzWhcNMjUwNjE1MDcwMTMzWjAzMTEwLwYDVQQD
EygyODVmZWMzZjg5OWU4YTU4MDQ1NThjYTg5ZmNmOGQxYWRhOGI0MmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1FXT5BedDhogFxoEdYFSXu2xpSA
NvKneLv6UynirVfDueLUO6V5qfQLFm2xzR7aUdiCr/eP9crF/wVltHhrEyobRUbu
PhKuZc+o6O6PTDDxTwPiipg8iGYY4WX9VE4RKtpN+HKNfuk+uNcBBE7DO1iByWtJ
tZ6yULz9d7qZa1wxYbWivooQ+B/ItQl8nGWxFdWUJjSFTpb+IZj59ODijclC23rz
R7zCrc0WXQoyu+ogzuLbTSPMXgods7mFXq4tM8F1+xoOWnnAnginKOT/DZ4nbG3Q
EnyTyZhq80rE4J4KgqNad9Qwl4XotaClzY+9MHXsl5hytiRqiSNNBMYH0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChf7D+JnopYBFWMqJ/PjRrai0LoMB8GA1UdIwQY
MBaAFHT2EWJxrS0RGWCi2WGqnBYvlYCmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFBZUlluR3RMUkVaWUtMWllhcWNGaS1WZ0tZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni81NmM4YTctNTYyYi00OGM4LThhOGYt
NWEwNWI5MWIyYjhjLzEvZFBZUlluR3RMUkVaWUtMWllhcWNGaS1WZ0tZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni81NmM4YTctNTYyYi00OGM4LThhOGYtNWEwNWI5MWIyYjhj
LzEvZFBZUlluR3RMUkVaWUtMWllhcWNGaS1WZ0tZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFmyolvOW
JiNRV54tuJdBmD1V+uK9cvB82yfR+4fn5uzvTz7bZaekOKScu/4MkBL6dRQbi+ie
RWSVfI0GwuROXtmS6vRArOe5jHkZYkamC/+Z9Jl3xwTcUFQLLHQ5Y2NtWGkTe/vC
JTSiDWrEw4osl/M5lO3Z4C6XvRGasxtfmrgX8wgVvhoVir1PzV+47Sa6m9fXORUl
MnmP/PsN4un/j31HJdMBFcFGAWq/cXSeAj8ugOAOkueW/L/qX4DQnVvQY/gFvViv
X4M/w106oSV/rRCNTSWHFqcudZ1S79pwL02LNSWjxQPF6Dli9Tg4qYgdRMFpDOXv
+QQIAnVqnxIb9Q==
-----END CERTIFICATE-----