Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
File:                     hyDPLDSRRvabop66wMiCKIEcovE.mft (raw, json)
Hash identifier:          TKjVvx0ruA5FLTM1v7GM5abG76m9j5j24mGsx8VVfko=
Subject key identifier:   76:02:0B:2F:7E:84:81:CA:BA:0C:0D:A9:7D:CD:1F:5D:02:43:21:07
Authority key identifier: 87:20:CF:2C:34:91:46:F6:9B:A2:9E:BA:C0:C8:82:28:81:1C:A2:F1
Certificate issuer:       /CN=8720cf2c349146f69ba29ebac0c88228811ca2f1
Certificate serial:       01976960AAB89F2F765E29BA0C56375D61F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
Manifest number:          0959
Signing time:             Fri 13 Jun 2025 13:00:32 +0000
Manifest this update:     Fri 13 Jun 2025 13:00:32 +0000
Manifest next update:     Sat 14 Jun 2025 13:00:32 +0000
Files and hashes:         1: hyDPLDSRRvabop66wMiCKIEcovE.crl (hash: TRqf1dGlemZXiAXD4foqlVDZY+bNKEZny/nik5JA/MY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:60:aa:b8:9f:2f:76:5e:29:ba:0c:56:37:5d:61:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8720cf2c349146f69ba29ebac0c88228811ca2f1
        Validity
            Not Before: Jun 13 13:00:32 2025 GMT
            Not After : Jun 14 13:00:32 2025 GMT
        Subject: CN=76020b2f7e8481caba0c0da97dcd1f5d02432107
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:e3:6b:8e:91:0a:e2:19:09:4b:ce:f7:4e:83:
                    4f:16:69:ef:93:47:37:7f:0c:49:73:91:20:76:fa:
                    01:44:2b:6b:21:02:95:d8:75:20:e3:3a:ca:8b:35:
                    03:ee:2c:34:83:11:74:5e:31:7d:f7:c3:22:2e:ae:
                    56:20:9e:fc:2f:17:74:8c:f0:18:a7:f9:de:e1:78:
                    3c:53:ed:b0:08:2f:39:18:fd:fc:6d:4c:af:62:43:
                    aa:35:ae:26:60:fd:28:61:43:c2:be:58:81:8a:c9:
                    d0:5f:e7:e4:5e:ca:b4:5e:01:a0:1c:7c:cc:21:ab:
                    db:a3:6f:2f:fd:a4:65:c3:c4:d9:7f:12:53:8c:01:
                    23:48:2b:77:f9:3a:19:c5:c6:17:64:eb:e5:d0:96:
                    1e:e7:94:35:fc:d0:75:5b:d8:b0:b7:27:08:35:f8:
                    9c:67:c2:36:c4:8f:51:e3:c5:c8:9a:53:1f:a7:48:
                    cc:85:a7:e5:fb:5f:1b:4f:d4:24:1f:d0:a3:aa:d2:
                    7b:be:40:14:7f:c1:76:68:f3:16:04:d5:44:99:2e:
                    d4:99:b0:9f:55:9f:6b:55:a6:65:34:a1:ec:83:9b:
                    e0:1a:32:66:75:b6:83:e7:cb:8a:34:90:0a:31:c1:
                    6a:1b:69:bb:4c:e4:4b:8d:0b:37:4a:07:db:2d:a4:
                    2b:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:02:0B:2F:7E:84:81:CA:BA:0C:0D:A9:7D:CD:1F:5D:02:43:21:07
            X509v3 Authority Key Identifier:
                keyid:87:20:CF:2C:34:91:46:F6:9B:A2:9E:BA:C0:C8:82:28:81:1C:A2:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:f1:6b:8e:a7:91:02:fb:71:be:f7:04:2a:c9:61:a0:be:a0:
         23:f7:a9:45:5c:4e:3e:65:49:a5:41:d7:72:5d:d3:99:6e:64:
         2c:48:73:be:dd:05:5e:00:83:a0:2c:c5:c4:25:00:71:34:b9:
         de:7d:c5:ed:33:a7:ff:96:2e:a3:7a:47:13:d0:fb:cd:8d:21:
         1f:06:d8:10:d2:4d:26:5a:67:9d:60:dc:bd:80:d6:bc:b9:6a:
         6a:b9:c5:88:52:3f:51:8e:4c:66:75:86:c2:ae:3b:3c:c8:29:
         ef:9c:19:c4:2a:7f:fb:79:6f:13:db:3d:75:8e:59:e7:ce:07:
         79:d8:21:3c:dd:32:41:96:a3:1c:8e:75:5d:06:dd:2c:92:86:
         a7:10:cf:b8:f9:a3:75:cf:0b:01:20:64:d2:bd:8c:d7:00:ef:
         a2:43:1e:29:f2:d9:7a:79:28:26:47:7c:90:0f:a1:4f:57:33:
         ea:22:87:7a:b3:ef:a4:a5:f2:f8:21:41:d3:6f:52:51:d7:14:
         f5:5c:d7:4c:e2:8b:4b:c1:dc:7f:69:c5:7a:38:5c:d2:f0:2f:
         60:1d:03:e6:2d:4e:06:83:aa:20:19:47:59:8a:1d:14:bf:71:
         bf:a8:aa:2c:2f:85:5d:65:b8:0f:4e:18:2a:99:99:9d:4d:ec:
         ce:1b:f6:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYKq4ny92Xim6DFY3XWHwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MjBjZjJjMzQ5MTQ2ZjY5YmEyOWViYWMwYzg4MjI4ODEx
Y2EyZjEwHhcNMjUwNjEzMTMwMDMyWhcNMjUwNjE0MTMwMDMyWjAzMTEwLwYDVQQD
Eyg3NjAyMGIyZjdlODQ4MWNhYmEwYzBkYTk3ZGNkMWY1ZDAyNDMyMTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+NrjpEK4hkJS873ToNPFmnvk0c3
fwxJc5EgdvoBRCtrIQKV2HUg4zrKizUD7iw0gxF0XjF998MiLq5WIJ78Lxd0jPAY
p/ne4Xg8U+2wCC85GP38bUyvYkOqNa4mYP0oYUPCvliBisnQX+fkXsq0XgGgHHzM
Iavbo28v/aRlw8TZfxJTjAEjSCt3+ToZxcYXZOvl0JYe55Q1/NB1W9iwtycINfic
Z8I2xI9R48XImlMfp0jMhafl+18bT9QkH9CjqtJ7vkAUf8F2aPMWBNVEmS7UmbCf
VZ9rVaZlNKHsg5vgGjJmdbaD58uKNJAKMcFqG2m7TORLjQs3SgfbLaQrZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHYCCy9+hIHKugwNqX3NH10CQyEHMB8GA1UdIwQY
MBaAFIcgzyw0kUb2m6KeusDIgiiBHKLxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8zYmJkMzctZDNjYi00MTViLWEzOGEt
ZDQxNTA2N2E4Zjc2LzEvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8zYmJkMzctZDNjYi00MTViLWEzOGEtZDQxNTA2N2E4Zjc2
LzEvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMvFrjqeR
AvtxvvcEKslhoL6gI/epRVxOPmVJpUHXcl3TmW5kLEhzvt0FXgCDoCzFxCUAcTS5
3n3F7TOn/5Yuo3pHE9D7zY0hHwbYENJNJlpnnWDcvYDWvLlqarnFiFI/UY5MZnWG
wq47PMgp75wZxCp/+3lvE9s9dY5Z584HedghPN0yQZajHI51XQbdLJKGpxDPuPmj
dc8LASBk0r2M1wDvokMeKfLZenkoJkd8kA+hT1cz6iKHerPvpKXy+CFB029SUdcU
9VzXTOKLS8Hcf2nFejhc0vAvYB0D5i1OBoOqIBlHWYodFL9xv6iqLC+FXWW4D04Y
KpmZnU3szhv2aw==
-----END CERTIFICATE-----