Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/150d2b-a088-401d-b559-a061a8c77f16/1/dy9i9-iZgXRBGAk19CuCo5mAotw.mft
File:                     dy9i9-iZgXRBGAk19CuCo5mAotw.mft (raw, json)
Hash identifier:          //2TJSOondgdrfP56UI7/whOe77GhkX77oJ4Zn2i3rE=
Subject key identifier:   8D:26:12:68:97:F6:D6:0E:55:59:85:65:90:FC:9F:9A:F1:73:46:6D
Authority key identifier: 77:2F:62:F7:E8:99:81:74:41:18:09:35:F4:2B:82:A3:99:80:A2:DC
Certificate issuer:       /CN=772f62f7e899817441180935f42b82a39980a2dc
Certificate serial:       0196764350256B1B4A0F20E7D20234D210CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dy9i9-iZgXRBGAk19CuCo5mAotw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/150d2b-a088-401d-b559-a061a8c77f16/1/dy9i9-iZgXRBGAk19CuCo5mAotw.mft
Manifest number:          03B9
Signing time:             Sun 27 Apr 2025 08:00:45 +0000
Manifest this update:     Sun 27 Apr 2025 08:00:45 +0000
Manifest next update:     Mon 28 Apr 2025 08:00:45 +0000
Files and hashes:         1: dy9i9-iZgXRBGAk19CuCo5mAotw.crl (hash: Dg2FodRoo4Eu/fpjGnvHv3goVLL7iMnBSbSaUzFM/VM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/150d2b-a088-401d-b559-a061a8c77f16/1/dy9i9-iZgXRBGAk19CuCo5mAotw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/150d2b-a088-401d-b559-a061a8c77f16/1/dy9i9-iZgXRBGAk19CuCo5mAotw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dy9i9-iZgXRBGAk19CuCo5mAotw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:29:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:43:50:25:6b:1b:4a:0f:20:e7:d2:02:34:d2:10:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=772f62f7e899817441180935f42b82a39980a2dc
        Validity
            Not Before: Apr 27 08:00:45 2025 GMT
            Not After : Apr 28 08:00:45 2025 GMT
        Subject: CN=8d26126897f6d60e5559856590fc9f9af173466d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:37:0f:2f:48:a0:8c:43:bc:63:67:88:3d:77:
                    aa:5f:e6:45:ef:ef:a4:a5:33:e3:62:ca:80:d3:05:
                    a2:65:e2:37:d0:07:b3:b1:d2:ac:59:b9:0d:a7:67:
                    4f:95:ef:a1:96:4e:db:67:27:22:43:be:dd:7c:5d:
                    11:99:2e:e8:4b:a6:23:ef:73:29:c6:05:fb:a4:c1:
                    8e:ae:5f:e4:cd:8d:ed:9f:bb:23:49:04:97:b2:71:
                    a5:4b:82:f5:7e:53:b8:88:b9:33:b1:4b:62:e2:b7:
                    18:8b:f9:63:39:7a:f0:7b:f1:f3:d8:fe:95:f2:62:
                    8e:ce:61:f8:7d:72:dd:73:40:ec:a4:a7:8c:ff:9f:
                    fe:77:af:fb:3e:bc:03:4b:96:5c:73:d4:83:ae:40:
                    ae:8f:c3:10:93:b0:9d:c9:93:d9:a7:12:91:7d:ce:
                    f9:ef:4c:73:99:d4:16:73:2c:39:53:85:40:79:e5:
                    63:c6:b9:80:46:df:c8:8a:07:b2:7b:e1:bb:f2:f3:
                    8d:39:3a:24:f5:25:24:ac:31:45:ce:c8:a5:2b:dd:
                    4a:e2:1d:84:c1:f7:87:a3:19:3d:c3:6a:1b:c1:73:
                    45:5e:14:d4:f9:07:f7:ff:4e:71:46:2a:bb:50:68:
                    6d:99:ba:ba:a4:3a:6f:4f:d2:71:9c:02:d3:3d:ed:
                    12:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:26:12:68:97:F6:D6:0E:55:59:85:65:90:FC:9F:9A:F1:73:46:6D
            X509v3 Authority Key Identifier:
                keyid:77:2F:62:F7:E8:99:81:74:41:18:09:35:F4:2B:82:A3:99:80:A2:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dy9i9-iZgXRBGAk19CuCo5mAotw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/150d2b-a088-401d-b559-a061a8c77f16/1/dy9i9-iZgXRBGAk19CuCo5mAotw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/150d2b-a088-401d-b559-a061a8c77f16/1/dy9i9-iZgXRBGAk19CuCo5mAotw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:ad:99:6b:f8:44:95:97:8b:2b:38:d6:fb:7a:ab:b5:a2:26:
         c7:74:8f:52:18:8d:a9:8e:5e:e1:d9:29:1e:83:67:c9:8e:25:
         04:fc:c4:72:50:6f:37:71:64:db:f1:5b:bc:44:f7:aa:2a:37:
         f7:33:dd:9c:38:01:ce:6a:b0:16:0f:c0:51:e3:e4:15:56:6f:
         3e:01:29:f3:75:84:f0:37:3a:56:73:34:62:f2:66:3f:20:49:
         00:ee:eb:fb:44:99:50:76:e2:e6:15:44:69:62:76:fb:52:30:
         31:32:b8:25:17:5d:b3:c0:40:83:cc:06:e1:8b:66:02:f1:91:
         ba:9e:29:53:fe:82:54:07:32:3f:4d:b4:e1:32:dc:6d:ed:12:
         72:78:38:6a:fc:fa:94:02:77:4e:a4:b7:ab:ae:9b:cc:77:13:
         1e:d2:e4:0f:7b:4c:b6:84:ed:d4:0a:71:df:6f:b6:1c:70:f5:
         a8:06:e5:c8:41:d9:93:18:7f:60:80:39:a1:e3:3f:be:17:b6:
         cc:0b:cc:7d:f4:96:7d:62:54:06:cf:5a:f0:3b:13:a8:83:50:
         c6:5c:ec:db:3b:91:a9:f2:f5:8f:c2:af:04:c8:68:a7:60:2a:
         6a:5b:a5:d9:96:fe:01:af:60:d6:f6:69:50:98:0c:6d:5d:35:
         88:8d:f6:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2Q1AlaxtKDyDn0gI00hDMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MmY2MmY3ZTg5OTgxNzQ0MTE4MDkzNWY0MmI4MmEzOTk4
MGEyZGMwHhcNMjUwNDI3MDgwMDQ1WhcNMjUwNDI4MDgwMDQ1WjAzMTEwLwYDVQQD
Eyg4ZDI2MTI2ODk3ZjZkNjBlNTU1OTg1NjU5MGZjOWY5YWYxNzM0NjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDcPL0igjEO8Y2eIPXeqX+ZF7++k
pTPjYsqA0wWiZeI30AezsdKsWbkNp2dPle+hlk7bZyciQ77dfF0RmS7oS6Yj73Mp
xgX7pMGOrl/kzY3tn7sjSQSXsnGlS4L1flO4iLkzsUti4rcYi/ljOXrwe/Hz2P6V
8mKOzmH4fXLdc0DspKeM/5/+d6/7PrwDS5Zcc9SDrkCuj8MQk7CdyZPZpxKRfc75
70xzmdQWcyw5U4VAeeVjxrmARt/Iigeye+G78vONOTok9SUkrDFFzsilK91K4h2E
wfeHoxk9w2obwXNFXhTU+Qf3/05xRiq7UGhtmbq6pDpvT9JxnALTPe0SnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI0mEmiX9tYOVVmFZZD8n5rxc0ZtMB8GA1UdIwQY
MBaAFHcvYvfomYF0QRgJNfQrgqOZgKLcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHk5aTktaVpnWFJCR0FrMTlDdUNvNW1Bb3R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xNTBkMmItYTA4OC00MDFkLWI1NTkt
YTA2MWE4Yzc3ZjE2LzEvZHk5aTktaVpnWFJCR0FrMTlDdUNvNW1Bb3R3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xNTBkMmItYTA4OC00MDFkLWI1NTktYTA2MWE4Yzc3ZjE2
LzEvZHk5aTktaVpnWFJCR0FrMTlDdUNvNW1Bb3R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwK2Za/hE
lZeLKzjW+3qrtaImx3SPUhiNqY5e4dkpHoNnyY4lBPzEclBvN3Fk2/FbvET3qio3
9zPdnDgBzmqwFg/AUePkFVZvPgEp83WE8Dc6VnM0YvJmPyBJAO7r+0SZUHbi5hVE
aWJ2+1IwMTK4JRdds8BAg8wG4YtmAvGRup4pU/6CVAcyP0204TLcbe0Scng4avz6
lAJ3TqS3q66bzHcTHtLkD3tMtoTt1Apx32+2HHD1qAblyEHZkxh/YIA5oeM/vhe2
zAvMffSWfWJUBs9a8DsTqINQxlzs2zuRqfL1j8KvBMhop2Aqalul2Zb+Aa9g1vZp
UJgMbV01iI32XQ==
-----END CERTIFICATE-----