Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/a630cf-b257-401f-b3fb-156f3cfbc161/1/cRK3KIxVnh7Uo5BX4K4MK-xC2qI.mft
File:                     cRK3KIxVnh7Uo5BX4K4MK-xC2qI.mft (raw, json)
Hash identifier:          +zzpOw9S034vy7G03ZSnWJ1eLEQ7OmCuoe3/vlZnt2Y=
Subject key identifier:   1F:B4:44:97:D6:C8:6E:36:08:E0:F9:9E:F2:89:5A:D4:F3:1F:33:58
Authority key identifier: 71:12:B7:28:8C:55:9E:1E:D4:A3:90:57:E0:AE:0C:2B:EC:42:DA:A2
Certificate issuer:       /CN=7112b7288c559e1ed4a39057e0ae0c2bec42daa2
Certificate serial:       01968021E89CD3C5DA20F523DB7C222DDAE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cRK3KIxVnh7Uo5BX4K4MK-xC2qI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/a630cf-b257-401f-b3fb-156f3cfbc161/1/cRK3KIxVnh7Uo5BX4K4MK-xC2qI.mft
Manifest number:          0588
Signing time:             Tue 29 Apr 2025 06:00:27 +0000
Manifest this update:     Tue 29 Apr 2025 06:00:27 +0000
Manifest next update:     Wed 30 Apr 2025 06:00:27 +0000
Files and hashes:         1: cRK3KIxVnh7Uo5BX4K4MK-xC2qI.crl (hash: KghFnM8fA3Pqsl6Qi4GIckyQ5spi3gqiQlnVTR5X8o8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/79/a630cf-b257-401f-b3fb-156f3cfbc161/1/cRK3KIxVnh7Uo5BX4K4MK-xC2qI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/79/a630cf-b257-401f-b3fb-156f3cfbc161/1/cRK3KIxVnh7Uo5BX4K4MK-xC2qI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cRK3KIxVnh7Uo5BX4K4MK-xC2qI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 06:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:80:21:e8:9c:d3:c5:da:20:f5:23:db:7c:22:2d:da:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7112b7288c559e1ed4a39057e0ae0c2bec42daa2
        Validity
            Not Before: Apr 29 06:00:27 2025 GMT
            Not After : Apr 30 06:00:27 2025 GMT
        Subject: CN=1fb44497d6c86e3608e0f99ef2895ad4f31f3358
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:5c:44:08:ae:b1:98:ce:b3:db:9e:b2:37:87:
                    72:32:02:74:6c:c6:1f:aa:58:d2:92:94:40:25:c1:
                    e1:b0:d6:c1:99:47:2e:4a:87:d1:00:5e:55:41:fa:
                    56:a3:bb:d9:5c:e0:c9:71:58:f8:59:3d:eb:4a:39:
                    2f:da:d9:ae:da:56:fc:3f:53:35:00:33:9f:a5:16:
                    66:f9:ac:9f:91:03:0b:fc:6c:3d:1d:ab:f8:82:c2:
                    a0:e0:4a:b2:d5:d5:07:9d:83:34:a8:2c:21:79:05:
                    b8:03:a7:b9:a6:d5:99:2e:1e:ac:f4:ff:0b:89:c2:
                    24:2f:f5:90:33:d6:cb:6a:44:ab:76:b1:10:56:d1:
                    c2:e7:47:c8:78:aa:00:75:6f:c8:af:88:47:24:73:
                    7a:80:8e:88:89:7c:02:19:7f:d2:6e:c1:64:68:1f:
                    09:b3:c6:a7:58:d0:7a:a2:71:23:a1:73:6a:fb:0e:
                    82:fd:28:53:6f:86:cd:a6:9c:75:0d:2d:9f:15:ba:
                    10:e9:f8:90:f5:5a:69:14:13:01:25:d0:14:35:26:
                    97:93:5f:4d:95:73:4a:34:61:6e:d9:ff:c7:ea:fc:
                    ef:6a:77:cf:dc:ed:d0:31:55:23:34:b0:49:fc:da:
                    38:46:46:23:4e:26:c4:50:a0:ab:0d:d1:ea:cb:74:
                    da:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:B4:44:97:D6:C8:6E:36:08:E0:F9:9E:F2:89:5A:D4:F3:1F:33:58
            X509v3 Authority Key Identifier:
                keyid:71:12:B7:28:8C:55:9E:1E:D4:A3:90:57:E0:AE:0C:2B:EC:42:DA:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cRK3KIxVnh7Uo5BX4K4MK-xC2qI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/a630cf-b257-401f-b3fb-156f3cfbc161/1/cRK3KIxVnh7Uo5BX4K4MK-xC2qI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/a630cf-b257-401f-b3fb-156f3cfbc161/1/cRK3KIxVnh7Uo5BX4K4MK-xC2qI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:23:61:fe:6e:0e:cc:8a:f1:f7:fe:a2:81:45:9f:e6:c2:b0:
         67:26:25:b6:b4:25:95:5b:1f:c7:8c:a9:74:10:f7:d3:e3:ff:
         fc:6b:16:21:37:5c:ff:b1:bb:4a:66:d4:27:f2:b7:9f:96:99:
         c9:2c:84:a5:d5:98:84:bf:e4:ff:3b:a1:5c:15:63:be:24:f5:
         49:38:f6:06:db:a9:28:75:a6:56:c8:c5:9d:5b:45:3a:4d:c8:
         b1:ae:6b:ef:d1:8e:89:68:2f:47:35:92:89:d2:fb:b7:dc:70:
         e8:e3:06:a0:df:38:43:3b:a8:79:dc:bb:ac:9c:e1:e3:4e:c3:
         06:1e:61:22:d0:16:16:7b:7c:ce:8b:be:ef:ed:10:a3:f2:15:
         14:3d:18:a4:3e:fb:18:4a:f6:8f:6c:30:99:d2:a7:42:0f:95:
         ce:98:cf:af:26:25:43:f3:fa:0f:ad:80:74:08:b5:5c:25:58:
         9c:ef:9a:67:2d:1b:c4:31:08:56:35:f3:19:a5:dc:3d:40:c6:
         3a:01:b3:72:51:cb:d1:b6:68:f4:90:3f:40:a2:9d:e7:a3:f1:
         ae:67:28:42:64:73:b7:1a:75:7a:6b:a3:38:46:3e:36:99:09:
         c1:f2:1a:ca:03:63:c2:a3:5d:a2:27:52:43:eb:6f:d4:47:bc:
         3e:d7:0b:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAIeic08XaIPUj23wiLdrmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMTJiNzI4OGM1NTllMWVkNGEzOTA1N2UwYWUwYzJiZWM0
MmRhYTIwHhcNMjUwNDI5MDYwMDI3WhcNMjUwNDMwMDYwMDI3WjAzMTEwLwYDVQQD
EygxZmI0NDQ5N2Q2Yzg2ZTM2MDhlMGY5OWVmMjg5NWFkNGYzMWYzMzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlxECK6xmM6z256yN4dyMgJ0bMYf
qljSkpRAJcHhsNbBmUcuSofRAF5VQfpWo7vZXODJcVj4WT3rSjkv2tmu2lb8P1M1
ADOfpRZm+ayfkQML/Gw9Hav4gsKg4Eqy1dUHnYM0qCwheQW4A6e5ptWZLh6s9P8L
icIkL/WQM9bLakSrdrEQVtHC50fIeKoAdW/Ir4hHJHN6gI6IiXwCGX/SbsFkaB8J
s8anWNB6onEjoXNq+w6C/ShTb4bNppx1DS2fFboQ6fiQ9VppFBMBJdAUNSaXk19N
lXNKNGFu2f/H6vzvanfP3O3QMVUjNLBJ/No4RkYjTibEUKCrDdHqy3TavwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+0RJfWyG42COD5nvKJWtTzHzNYMB8GA1UdIwQY
MBaAFHEStyiMVZ4e1KOQV+CuDCvsQtqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1JLM0tJeFZuaDdVbzVCWDRLNE1LLXhDMnFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9hNjMwY2YtYjI1Ny00MDFmLWIzZmIt
MTU2ZjNjZmJjMTYxLzEvY1JLM0tJeFZuaDdVbzVCWDRLNE1LLXhDMnFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9hNjMwY2YtYjI1Ny00MDFmLWIzZmItMTU2ZjNjZmJjMTYx
LzEvY1JLM0tJeFZuaDdVbzVCWDRLNE1LLXhDMnFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYSNh/m4O
zIrx9/6igUWf5sKwZyYltrQllVsfx4ypdBD30+P//GsWITdc/7G7SmbUJ/K3n5aZ
ySyEpdWYhL/k/zuhXBVjviT1STj2BtupKHWmVsjFnVtFOk3Isa5r79GOiWgvRzWS
idL7t9xw6OMGoN84Qzuoedy7rJzh407DBh5hItAWFnt8zou+7+0Qo/IVFD0YpD77
GEr2j2wwmdKnQg+VzpjPryYlQ/P6D62AdAi1XCVYnO+aZy0bxDEIVjXzGaXcPUDG
OgGzclHL0bZo9JA/QKKd56PxrmcoQmRztxp1emujOEY+NpkJwfIaygNjwqNdoidS
Q+tv1Ee8PtcLug==
-----END CERTIFICATE-----