Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
File:                     hyDPLDSRRvabop66wMiCKIEcovE.mft (raw, json)
Hash identifier:          7pOG1zwYtd9bfWT6bzrUI5FPasuGC8jyndbA6vMmIpg=
Subject key identifier:   DC:10:48:E8:40:0D:FA:E8:33:74:EB:1A:F6:5E:86:45:9E:D8:7C:97
Authority key identifier: 87:20:CF:2C:34:91:46:F6:9B:A2:9E:BA:C0:C8:82:28:81:1C:A2:F1
Certificate issuer:       /CN=8720cf2c349146f69ba29ebac0c88228811ca2f1
Certificate serial:       01967FB4EC6904D56FBA313B0074F80BA6AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
Manifest number:          08E0
Signing time:             Tue 29 Apr 2025 04:01:25 +0000
Manifest this update:     Tue 29 Apr 2025 04:01:25 +0000
Manifest next update:     Wed 30 Apr 2025 04:01:25 +0000
Files and hashes:         1: hyDPLDSRRvabop66wMiCKIEcovE.crl (hash: pZgcz0044OgAGR0jR0fZrf5srPcdOKPubGrc1JdWhFk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:b4:ec:69:04:d5:6f:ba:31:3b:00:74:f8:0b:a6:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8720cf2c349146f69ba29ebac0c88228811ca2f1
        Validity
            Not Before: Apr 29 04:01:25 2025 GMT
            Not After : Apr 30 04:01:25 2025 GMT
        Subject: CN=dc1048e8400dfae83374eb1af65e86459ed87c97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:19:d4:53:ca:7b:59:1b:6c:00:57:85:48:2f:
                    fb:84:0b:1a:1d:55:d6:fd:8a:40:35:5d:2c:a3:bf:
                    ea:63:5d:07:15:97:33:f7:e1:c1:47:04:a1:2a:41:
                    a4:f7:47:86:24:0e:3f:4f:8f:06:2f:2b:d4:e3:d3:
                    91:bc:3b:65:ca:ca:2a:b2:5a:98:c6:f6:6d:b3:b2:
                    14:8d:e8:80:b2:2f:80:6d:91:b9:15:6e:34:74:a7:
                    e1:6b:2b:c2:8c:88:e1:2a:f8:27:31:37:eb:1e:17:
                    9d:74:01:f4:67:49:01:a5:69:05:55:7f:58:b1:bd:
                    34:b8:c3:7c:2d:f0:67:42:68:e5:3b:a1:93:f9:f3:
                    a1:35:32:a3:8b:b1:2b:cc:c4:62:e4:e1:8a:27:f8:
                    67:e6:d6:0c:e4:f4:c3:86:92:01:fc:05:47:f5:4e:
                    ca:e0:41:be:f9:6a:df:79:c3:33:43:a0:7c:1a:5c:
                    12:9a:48:a8:d4:97:77:58:c2:a6:7a:74:da:46:16:
                    c5:6a:19:fe:38:e0:51:05:27:b2:47:43:4e:2c:d3:
                    e8:72:b7:b0:9d:98:6d:7a:3d:e8:68:bc:11:d2:61:
                    8c:bf:93:8a:94:ab:a0:4d:a6:f4:9b:4f:87:6e:81:
                    b7:44:23:1b:26:82:b9:1c:b1:ae:8c:1d:b3:19:be:
                    a2:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:10:48:E8:40:0D:FA:E8:33:74:EB:1A:F6:5E:86:45:9E:D8:7C:97
            X509v3 Authority Key Identifier:
                keyid:87:20:CF:2C:34:91:46:F6:9B:A2:9E:BA:C0:C8:82:28:81:1C:A2:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:2a:f3:43:74:60:6f:38:e8:ed:32:e6:7f:45:01:b3:b7:fa:
         9b:5c:14:13:2e:0c:05:8d:58:09:bb:6f:d1:c8:80:f4:af:65:
         92:dd:23:83:97:9a:b9:73:eb:bc:b0:9a:0f:e2:1d:10:29:83:
         93:ca:86:d1:c8:b7:64:05:c0:79:d8:43:6d:6d:92:15:6d:09:
         6d:6f:17:ed:9d:08:87:83:a2:c2:ee:fe:80:c3:5c:10:f4:5c:
         4e:49:35:d6:86:eb:06:08:d4:ca:86:aa:dd:af:0e:0c:dd:fb:
         75:cd:7b:71:21:85:db:af:94:b8:a4:7a:ec:eb:ff:93:4c:13:
         3e:1d:d2:fd:16:a4:aa:c2:4b:0b:d0:cd:0d:1c:c6:dc:33:3f:
         66:85:00:7f:13:db:0d:89:ad:32:95:1c:80:fb:f5:89:c0:c8:
         ca:dc:27:8d:b7:06:60:32:fe:65:ee:c9:d2:1d:2e:44:85:3a:
         a1:ce:e1:65:28:c7:30:18:4e:1b:69:a5:75:54:3f:59:92:ac:
         3b:96:08:32:53:63:07:06:33:33:5d:1e:ae:6f:1d:46:a1:86:
         98:b6:c2:52:fe:8b:72:56:4f:60:f2:30:73:db:f5:22:35:51:
         cb:03:d3:a3:57:72:c1:f9:16:2f:72:a4:30:3a:f6:1b:50:25:
         cb:81:44:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/tOxpBNVvujE7AHT4C6asMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MjBjZjJjMzQ5MTQ2ZjY5YmEyOWViYWMwYzg4MjI4ODEx
Y2EyZjEwHhcNMjUwNDI5MDQwMTI1WhcNMjUwNDMwMDQwMTI1WjAzMTEwLwYDVQQD
EyhkYzEwNDhlODQwMGRmYWU4MzM3NGViMWFmNjVlODY0NTllZDg3Yzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshnUU8p7WRtsAFeFSC/7hAsaHVXW
/YpANV0so7/qY10HFZcz9+HBRwShKkGk90eGJA4/T48GLyvU49ORvDtlysoqslqY
xvZts7IUjeiAsi+AbZG5FW40dKfhayvCjIjhKvgnMTfrHheddAH0Z0kBpWkFVX9Y
sb00uMN8LfBnQmjlO6GT+fOhNTKji7ErzMRi5OGKJ/hn5tYM5PTDhpIB/AVH9U7K
4EG++WrfecMzQ6B8GlwSmkio1Jd3WMKmenTaRhbFahn+OOBRBSeyR0NOLNPocrew
nZhtej3oaLwR0mGMv5OKlKugTab0m0+HboG3RCMbJoK5HLGujB2zGb6igwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNwQSOhADfroM3TrGvZehkWe2HyXMB8GA1UdIwQY
MBaAFIcgzyw0kUb2m6KeusDIgiiBHKLxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8zYmJkMzctZDNjYi00MTViLWEzOGEt
ZDQxNTA2N2E4Zjc2LzEvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8zYmJkMzctZDNjYi00MTViLWEzOGEtZDQxNTA2N2E4Zjc2
LzEvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJyrzQ3Rg
bzjo7TLmf0UBs7f6m1wUEy4MBY1YCbtv0ciA9K9lkt0jg5eauXPrvLCaD+IdECmD
k8qG0ci3ZAXAedhDbW2SFW0JbW8X7Z0Ih4Oiwu7+gMNcEPRcTkk11obrBgjUyoaq
3a8ODN37dc17cSGF26+UuKR67Ov/k0wTPh3S/RakqsJLC9DNDRzG3DM/ZoUAfxPb
DYmtMpUcgPv1icDIytwnjbcGYDL+Ze7J0h0uRIU6oc7hZSjHMBhOG2mldVQ/WZKs
O5YIMlNjBwYzM10erm8dRqGGmLbCUv6LclZPYPIwc9v1IjVRywPTo1dywfkWL3Kk
MDr2G1Aly4FEzw==
-----END CERTIFICATE-----