Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
File:                     dNUnZVf32kEAET2Fc5VmSBVA5hw.mft (raw, json)
Hash identifier:          5zRpkJD8gnhogr4pnOTpg/5vowsPH82rDtA+Z/HMr8c=
Subject key identifier:   97:63:AF:8F:3D:8F:C8:51:D7:F9:25:F8:32:B7:8F:56:36:1B:A6:60
Authority key identifier: 74:D5:27:65:57:F7:DA:41:00:11:3D:85:73:95:66:48:15:40:E6:1C
Certificate issuer:       /CN=74d5276557f7da4100113d85739566481540e61c
Certificate serial:       01967679F135C3D22CDA118A08BABC912BB7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
Manifest number:          07C1
Signing time:             Sun 27 Apr 2025 09:00:25 +0000
Manifest this update:     Sun 27 Apr 2025 09:00:25 +0000
Manifest next update:     Mon 28 Apr 2025 09:00:25 +0000
Files and hashes:         1: dNUnZVf32kEAET2Fc5VmSBVA5hw.crl (hash: DCNZxiyeH9/DCxVZ+Finj19H5sEPZwMAyPVZ8j4u2so=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:79:f1:35:c3:d2:2c:da:11:8a:08:ba:bc:91:2b:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74d5276557f7da4100113d85739566481540e61c
        Validity
            Not Before: Apr 27 09:00:25 2025 GMT
            Not After : Apr 28 09:00:25 2025 GMT
        Subject: CN=9763af8f3d8fc851d7f925f832b78f56361ba660
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:0e:b6:6e:6b:e1:11:8e:8e:a0:99:7b:2d:0b:
                    3a:7d:bc:43:63:ef:90:f3:ef:2f:80:75:db:15:0a:
                    31:78:c4:db:39:2a:9e:75:52:d1:09:b0:e8:fc:10:
                    b8:58:83:f7:07:e3:1e:98:c9:af:99:0d:df:aa:54:
                    71:46:0e:1a:cd:e1:cd:ac:30:be:81:55:4f:be:56:
                    e5:f8:6d:a8:94:2d:5c:67:34:79:a4:a5:68:9f:05:
                    70:d4:d6:cc:e3:d7:92:e0:6b:58:b1:3a:42:37:52:
                    5f:a9:f1:7c:ba:7e:c9:36:4f:ab:ca:8c:a4:5b:fa:
                    3e:6c:cb:c9:0f:e7:14:c6:9e:5a:41:5a:c1:7f:8d:
                    31:e4:1f:f9:c9:2d:c5:fd:a4:fe:4d:2d:d0:79:85:
                    e2:86:67:df:88:d1:97:6d:95:52:d0:50:70:87:83:
                    8a:a3:6f:16:1e:a2:ec:2a:a8:ef:bc:51:48:4e:90:
                    60:9b:ea:fc:2a:52:b3:ab:e6:17:a0:de:f0:90:5e:
                    7b:ad:b2:c3:d7:5a:3e:91:35:e2:8a:44:a5:fe:e9:
                    55:23:58:61:28:05:6c:62:65:5f:10:f3:57:64:02:
                    d4:35:3c:cc:71:73:66:f1:5c:c7:22:bb:ce:4f:ad:
                    c6:0b:08:ce:f2:8d:7d:c8:12:7e:8e:30:c5:f0:ca:
                    c1:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:63:AF:8F:3D:8F:C8:51:D7:F9:25:F8:32:B7:8F:56:36:1B:A6:60
            X509v3 Authority Key Identifier:
                keyid:74:D5:27:65:57:F7:DA:41:00:11:3D:85:73:95:66:48:15:40:E6:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:46:0c:be:58:52:fa:cd:e7:eb:86:c3:6f:68:21:f0:a4:38:
         a6:00:3d:4e:ca:f8:95:04:f1:ec:ea:19:90:4a:d6:50:5b:a8:
         e7:92:d9:f7:fd:11:51:92:45:42:fd:98:e8:37:0e:3b:43:96:
         65:c0:65:32:f8:d4:9b:ea:c1:21:bc:2c:67:c0:f7:9e:c9:5a:
         0a:2f:26:c9:17:06:49:2b:eb:ea:ee:96:31:3b:2a:86:c6:9f:
         33:c7:ab:db:b4:e7:e0:71:86:13:f5:77:3f:84:fb:6c:cc:21:
         98:2d:ef:11:5f:26:31:f7:04:6b:37:28:2a:32:2a:6b:86:d1:
         68:53:1d:5d:49:e5:2a:b2:12:ae:af:86:87:d4:61:91:ad:3e:
         90:25:25:e3:04:a2:44:05:bf:0b:b1:43:8d:a4:2e:53:5a:09:
         7b:be:4c:fa:cb:27:16:e9:e5:e3:2b:4a:66:7e:bf:1d:dd:43:
         38:79:13:ff:ae:12:1e:6d:4a:c9:2c:c6:b4:c3:25:0d:98:f6:
         9d:94:85:79:20:d8:6b:5a:fa:23:ff:cd:2b:d4:51:60:c0:51:
         89:f8:c2:c8:9d:f9:b2:45:91:2d:b6:e0:c3:30:a3:52:f4:f9:
         74:aa:0b:53:14:f3:b8:9c:c1:7f:77:4f:d0:46:3b:d4:bd:09:
         f8:67:7f:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2efE1w9Is2hGKCLq8kSu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZDUyNzY1NTdmN2RhNDEwMDExM2Q4NTczOTU2NjQ4MTU0
MGU2MWMwHhcNMjUwNDI3MDkwMDI1WhcNMjUwNDI4MDkwMDI1WjAzMTEwLwYDVQQD
Eyg5NzYzYWY4ZjNkOGZjODUxZDdmOTI1ZjgzMmI3OGY1NjM2MWJhNjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQ62bmvhEY6OoJl7LQs6fbxDY++Q
8+8vgHXbFQoxeMTbOSqedVLRCbDo/BC4WIP3B+MemMmvmQ3fqlRxRg4azeHNrDC+
gVVPvlbl+G2olC1cZzR5pKVonwVw1NbM49eS4GtYsTpCN1JfqfF8un7JNk+ryoyk
W/o+bMvJD+cUxp5aQVrBf40x5B/5yS3F/aT+TS3QeYXihmffiNGXbZVS0FBwh4OK
o28WHqLsKqjvvFFITpBgm+r8KlKzq+YXoN7wkF57rbLD11o+kTXiikSl/ulVI1hh
KAVsYmVfEPNXZALUNTzMcXNm8VzHIrvOT63GCwjO8o19yBJ+jjDF8MrBswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdjr489j8hR1/kl+DK3j1Y2G6ZgMB8GA1UdIwQY
MBaAFHTVJ2VX99pBABE9hXOVZkgVQOYcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9lNWFmMTYtZGRmZC00ZjNkLTk2YTYt
NWM1YTc4YmIyYjhkLzEvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9lNWFmMTYtZGRmZC00ZjNkLTk2YTYtNWM1YTc4YmIyYjhk
LzEvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARUYMvlhS
+s3n64bDb2gh8KQ4pgA9Tsr4lQTx7OoZkErWUFuo55LZ9/0RUZJFQv2Y6DcOO0OW
ZcBlMvjUm+rBIbwsZ8D3nslaCi8myRcGSSvr6u6WMTsqhsafM8er27Tn4HGGE/V3
P4T7bMwhmC3vEV8mMfcEazcoKjIqa4bRaFMdXUnlKrISrq+Gh9Rhka0+kCUl4wSi
RAW/C7FDjaQuU1oJe75M+ssnFunl4ytKZn6/Hd1DOHkT/64SHm1KySzGtMMlDZj2
nZSFeSDYa1r6I//NK9RRYMBRifjCyJ35skWRLbbgwzCjUvT5dKoLUxTzuJzBf3dP
0EY71L0J+Gd/5Q==
-----END CERTIFICATE-----