Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/654504-54e1-4502-ab22-40459d6934ae/1/V9wqO2671XpOSCmt0_KgKnbld4k.mft
File:                     V9wqO2671XpOSCmt0_KgKnbld4k.mft (raw, json)
Hash identifier:          3c5eVwHzTSsQijw20UoORstuBdao/ZTacNdhZVnNOg8=
Subject key identifier:   55:76:57:88:B7:D0:D3:9C:14:1E:5D:A2:E0:65:E7:76:B4:28:1A:F4
Authority key identifier: 57:DC:2A:3B:6E:BB:D5:7A:4E:48:29:AD:D3:F2:A0:2A:76:E5:77:89
Certificate issuer:       /CN=57dc2a3b6ebbd57a4e4829add3f2a02a76e57789
Certificate serial:       01968A6F1F06E61C071672C06A282B4B88A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V9wqO2671XpOSCmt0_KgKnbld4k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/654504-54e1-4502-ab22-40459d6934ae/1/V9wqO2671XpOSCmt0_KgKnbld4k.mft
Manifest number:          0210
Signing time:             Thu 01 May 2025 06:01:00 +0000
Manifest this update:     Thu 01 May 2025 06:01:00 +0000
Manifest next update:     Fri 02 May 2025 06:01:00 +0000
Files and hashes:         1: V9wqO2671XpOSCmt0_KgKnbld4k.crl (hash: NTqOXymUwEZPIZEbKKRXTmO0bbJkE4ayR59i7SjOypw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/654504-54e1-4502-ab22-40459d6934ae/1/V9wqO2671XpOSCmt0_KgKnbld4k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/654504-54e1-4502-ab22-40459d6934ae/1/V9wqO2671XpOSCmt0_KgKnbld4k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/V9wqO2671XpOSCmt0_KgKnbld4k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8a:6f:1f:06:e6:1c:07:16:72:c0:6a:28:2b:4b:88:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57dc2a3b6ebbd57a4e4829add3f2a02a76e57789
        Validity
            Not Before: May  1 06:01:00 2025 GMT
            Not After : May  2 06:01:00 2025 GMT
        Subject: CN=55765788b7d0d39c141e5da2e065e776b4281af4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:7a:7d:96:0f:8b:36:69:2f:b3:34:2e:64:da:
                    13:ca:3a:ba:d2:4a:c6:8c:8e:2e:5b:75:f1:0a:6a:
                    02:83:4e:52:23:01:75:89:5f:48:0b:91:4a:af:67:
                    6b:7b:33:1a:46:68:53:e7:cc:29:52:3d:28:7b:a3:
                    c0:bc:d8:67:0b:91:ff:99:0e:87:14:66:8a:a8:f4:
                    96:1e:c3:c0:00:12:36:20:9e:d9:a2:ca:4e:ec:5b:
                    cb:20:06:14:7c:ff:38:a6:27:44:04:ac:44:6d:34:
                    bf:fa:cb:3e:2f:cb:07:40:4c:21:0e:96:f7:92:35:
                    27:f4:1f:f4:04:05:d2:b4:81:51:72:12:63:b6:72:
                    4a:0d:b6:40:6f:31:49:a1:f8:f0:fe:f4:e0:6e:eb:
                    57:57:c0:84:65:2a:02:c3:63:36:e9:9a:d6:ef:d5:
                    d4:b8:18:47:c6:fb:4c:c1:cd:7a:be:fe:7b:30:ab:
                    da:e6:37:eb:b2:36:96:8e:ba:96:84:df:54:e6:ba:
                    90:d5:23:2d:7d:1f:37:62:06:cf:33:7d:26:c9:51:
                    4e:77:ba:c0:41:07:20:8f:02:44:fa:a2:27:b0:07:
                    c4:c1:28:86:75:30:0d:d6:00:99:bf:e5:80:d1:d3:
                    d5:9e:74:c0:b7:cd:34:6b:a7:5e:f5:85:f9:81:37:
                    82:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:76:57:88:B7:D0:D3:9C:14:1E:5D:A2:E0:65:E7:76:B4:28:1A:F4
            X509v3 Authority Key Identifier:
                keyid:57:DC:2A:3B:6E:BB:D5:7A:4E:48:29:AD:D3:F2:A0:2A:76:E5:77:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V9wqO2671XpOSCmt0_KgKnbld4k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/654504-54e1-4502-ab22-40459d6934ae/1/V9wqO2671XpOSCmt0_KgKnbld4k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/654504-54e1-4502-ab22-40459d6934ae/1/V9wqO2671XpOSCmt0_KgKnbld4k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:ce:22:9c:e2:dc:58:3e:72:06:36:59:d9:98:48:08:58:06:
         42:0b:07:53:5a:06:c1:35:7a:6a:f6:cb:52:e0:26:4a:bc:79:
         4d:6d:51:16:ee:56:f3:8f:83:43:55:93:26:b4:b5:81:3e:84:
         7b:04:48:a3:81:c4:5c:b8:73:b2:d7:1f:05:2d:01:68:f1:43:
         15:2d:a3:9f:02:81:f7:70:e6:12:86:64:c5:da:21:dc:95:9b:
         b5:b0:b1:87:20:9c:9b:73:ff:08:37:b5:9c:60:1c:d3:bf:8b:
         9b:47:aa:65:e7:b1:6b:10:c6:02:00:d8:69:07:73:40:b1:80:
         17:04:39:a9:44:fc:a7:61:c2:2a:5a:d9:61:42:75:f6:85:3e:
         e2:d2:e5:f3:ee:d4:4f:5e:88:21:49:3b:c8:96:92:1d:34:5b:
         47:1e:fa:97:bc:b0:5d:f5:ff:3c:af:c7:f3:cb:eb:73:03:66:
         98:e9:ae:e1:e4:e1:3d:55:b2:e4:a0:7e:6e:4d:df:f3:61:78:
         9e:e4:c8:1f:02:cb:d4:0c:66:24:10:9d:f2:8b:24:dd:bc:a1:
         3f:e9:ca:c7:56:7c:99:5d:4a:b6:6c:7d:f8:fc:0e:69:92:44:
         5d:12:09:c1:ae:f9:11:2d:93:b1:49:cb:ac:05:da:95:4d:07:
         52:e8:9b:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaKbx8G5hwHFnLAaigrS4ikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3ZGMyYTNiNmViYmQ1N2E0ZTQ4MjlhZGQzZjJhMDJhNzZl
NTc3ODkwHhcNMjUwNTAxMDYwMTAwWhcNMjUwNTAyMDYwMTAwWjAzMTEwLwYDVQQD
Eyg1NTc2NTc4OGI3ZDBkMzljMTQxZTVkYTJlMDY1ZTc3NmI0MjgxYWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnp9lg+LNmkvszQuZNoTyjq60krG
jI4uW3XxCmoCg05SIwF1iV9IC5FKr2drezMaRmhT58wpUj0oe6PAvNhnC5H/mQ6H
FGaKqPSWHsPAABI2IJ7ZospO7FvLIAYUfP84pidEBKxEbTS/+ss+L8sHQEwhDpb3
kjUn9B/0BAXStIFRchJjtnJKDbZAbzFJofjw/vTgbutXV8CEZSoCw2M26ZrW79XU
uBhHxvtMwc16vv57MKva5jfrsjaWjrqWhN9U5rqQ1SMtfR83YgbPM30myVFOd7rA
QQcgjwJE+qInsAfEwSiGdTAN1gCZv+WA0dPVnnTAt800a6de9YX5gTeC8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFV2V4i30NOcFB5douBl53a0KBr0MB8GA1UdIwQY
MBaAFFfcKjtuu9V6TkgprdPyoCp25XeJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjl3cU8yNjcxWHBPU0NtdDBfS2dLbmJsZDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82NTQ1MDQtNTRlMS00NTAyLWFiMjIt
NDA0NTlkNjkzNGFlLzEvVjl3cU8yNjcxWHBPU0NtdDBfS2dLbmJsZDRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82NTQ1MDQtNTRlMS00NTAyLWFiMjItNDA0NTlkNjkzNGFl
LzEvVjl3cU8yNjcxWHBPU0NtdDBfS2dLbmJsZDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARs4inOLc
WD5yBjZZ2ZhICFgGQgsHU1oGwTV6avbLUuAmSrx5TW1RFu5W84+DQ1WTJrS1gT6E
ewRIo4HEXLhzstcfBS0BaPFDFS2jnwKB93DmEoZkxdoh3JWbtbCxhyCcm3P/CDe1
nGAc07+Lm0eqZeexaxDGAgDYaQdzQLGAFwQ5qUT8p2HCKlrZYUJ19oU+4tLl8+7U
T16IIUk7yJaSHTRbRx76l7ywXfX/PK/H88vrcwNmmOmu4eThPVWy5KB+bk3f82F4
nuTIHwLL1AxmJBCd8osk3byhP+nKx1Z8mV1Ktmx9+PwOaZJEXRIJwa75ES2TsUnL
rAXalU0HUuibUw==
-----END CERTIFICATE-----