Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft
File:                     d7AlLypnrNQplw-mSmQXd29y2NY.mft (raw, json)
Hash identifier:          Iy6rayF54ek3AiW8o2uVfjg0udhMiVTyUXTrrsSYtz8=
Subject key identifier:   C3:23:DE:FB:77:1F:19:8A:5D:E0:64:56:09:15:4F:38:A0:73:77:7D
Authority key identifier: 77:B0:25:2F:2A:67:AC:D4:29:97:0F:A6:4A:64:17:77:6F:72:D8:D6
Certificate issuer:       /CN=77b0252f2a67acd429970fa64a6417776f72d8d6
Certificate serial:       019674C259D57013F56780724239C5EC3EA8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft
Manifest number:          03EA
Signing time:             Sun 27 Apr 2025 01:00:16 +0000
Manifest this update:     Sun 27 Apr 2025 01:00:16 +0000
Manifest next update:     Mon 28 Apr 2025 01:00:16 +0000
Files and hashes:         1: d7AlLypnrNQplw-mSmQXd29y2NY.crl (hash: jjDb6IdGT/ZAs8hMxWJGw0NwIu29x9t2ILRe3QSzwxI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 20:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:c2:59:d5:70:13:f5:67:80:72:42:39:c5:ec:3e:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77b0252f2a67acd429970fa64a6417776f72d8d6
        Validity
            Not Before: Apr 27 01:00:16 2025 GMT
            Not After : Apr 28 01:00:16 2025 GMT
        Subject: CN=c323defb771f198a5de0645609154f38a073777d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:72:17:ad:fd:06:48:7f:0a:bf:bb:77:93:cd:
                    6a:5f:ca:e9:4c:1f:ec:55:3e:dc:4d:3b:7d:ba:ab:
                    fa:46:57:4b:ba:14:32:4e:31:62:c7:ca:46:b6:0e:
                    9a:ef:f0:bc:1b:e9:0c:ea:19:e0:0f:50:7a:86:2b:
                    b9:10:a5:e0:ad:53:65:86:28:83:a5:ae:08:f7:cf:
                    c9:da:5e:c0:cd:2c:0b:6d:05:16:1f:76:5a:df:cf:
                    7c:e3:77:de:ee:7c:0e:c1:c9:9b:84:ce:af:c8:d0:
                    d0:08:a2:81:fd:6f:27:26:86:58:b8:4f:fd:07:0d:
                    26:cc:1f:11:8e:04:af:dc:30:cc:70:3b:17:58:29:
                    19:c0:d5:e0:a6:0e:55:2a:20:25:33:dc:37:de:00:
                    22:aa:22:48:38:b3:df:3a:be:ab:41:45:b7:24:8d:
                    7b:2c:98:e6:44:b7:cd:c2:02:c9:b5:c1:40:01:bd:
                    e2:17:8c:ee:0b:13:07:62:ec:80:c5:96:23:e3:f0:
                    1e:e5:31:e0:55:70:3d:65:1f:b2:c7:7f:00:23:45:
                    04:bc:80:e4:26:41:e0:ff:07:39:5d:05:6a:31:5b:
                    62:3b:85:55:fd:6e:c1:9e:4f:89:db:0a:8f:7a:38:
                    e0:b7:06:9f:a6:c6:30:fa:c6:0e:29:7a:bf:b2:75:
                    e9:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:23:DE:FB:77:1F:19:8A:5D:E0:64:56:09:15:4F:38:A0:73:77:7D
            X509v3 Authority Key Identifier:
                keyid:77:B0:25:2F:2A:67:AC:D4:29:97:0F:A6:4A:64:17:77:6F:72:D8:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:8a:ba:ed:ef:a2:98:bc:67:04:2f:89:41:7f:18:56:e5:c6:
         28:0e:38:fe:0b:59:44:5a:76:08:ac:fe:ce:69:0d:04:a1:27:
         dd:d2:63:a7:68:77:56:01:63:a0:c5:86:b8:99:28:d4:8b:75:
         ed:cc:e8:71:fe:39:b7:e0:a4:17:2e:c0:65:f0:36:44:3e:5a:
         79:bc:74:92:35:ce:5b:34:b2:d0:ea:fb:85:41:fc:9d:0b:d8:
         c1:69:c0:12:74:f7:64:cd:5e:0f:66:16:1b:7c:fa:d2:6e:c9:
         c2:aa:3b:09:85:cb:f3:37:0b:7d:3c:b2:3f:bf:9f:c5:f9:ad:
         01:d7:7a:ac:9e:0a:7e:00:04:c7:ee:b1:84:d3:61:08:15:ef:
         bd:6f:cb:29:56:cc:c6:77:6b:63:62:32:53:c9:b9:e4:58:b7:
         64:b1:0d:fb:b6:99:6e:d1:96:2d:78:46:2b:4f:1b:8e:0b:76:
         46:61:2c:04:80:8c:2d:e1:56:86:24:75:c6:82:f3:3e:45:4b:
         02:e0:a0:e4:52:39:a0:89:57:58:52:d4:fe:2a:b0:28:0e:ce:
         f2:61:e9:fd:8a:0e:01:82:e7:15:ae:5e:84:72:77:c1:90:3b:
         d3:3f:89:4b:ec:07:28:30:0c:65:62:16:2e:0b:c1:5d:71:ae:
         9b:47:3a:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0wlnVcBP1Z4ByQjnF7D6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjAyNTJmMmE2N2FjZDQyOTk3MGZhNjRhNjQxNzc3NmY3
MmQ4ZDYwHhcNMjUwNDI3MDEwMDE2WhcNMjUwNDI4MDEwMDE2WjAzMTEwLwYDVQQD
EyhjMzIzZGVmYjc3MWYxOThhNWRlMDY0NTYwOTE1NGYzOGEwNzM3NzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nIXrf0GSH8Kv7t3k81qX8rpTB/s
VT7cTTt9uqv6RldLuhQyTjFix8pGtg6a7/C8G+kM6hngD1B6hiu5EKXgrVNlhiiD
pa4I98/J2l7AzSwLbQUWH3Za389843fe7nwOwcmbhM6vyNDQCKKB/W8nJoZYuE/9
Bw0mzB8RjgSv3DDMcDsXWCkZwNXgpg5VKiAlM9w33gAiqiJIOLPfOr6rQUW3JI17
LJjmRLfNwgLJtcFAAb3iF4zuCxMHYuyAxZYj4/Ae5THgVXA9ZR+yx38AI0UEvIDk
JkHg/wc5XQVqMVtiO4VV/W7Bnk+J2wqPejjgtwafpsYw+sYOKXq/snXpcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMMj3vt3HxmKXeBkVgkVTzigc3d9MB8GA1UdIwQY
MBaAFHewJS8qZ6zUKZcPpkpkF3dvctjWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yOTZlOTQtOTI5Ni00MmU1LWE0YjQt
OTk2YzUyOWVjOTg2LzEvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yOTZlOTQtOTI5Ni00MmU1LWE0YjQtOTk2YzUyOWVjOTg2
LzEvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJYq67e+i
mLxnBC+JQX8YVuXGKA44/gtZRFp2CKz+zmkNBKEn3dJjp2h3VgFjoMWGuJko1It1
7czocf45t+CkFy7AZfA2RD5aebx0kjXOWzSy0Or7hUH8nQvYwWnAEnT3ZM1eD2YW
G3z60m7Jwqo7CYXL8zcLfTyyP7+fxfmtAdd6rJ4KfgAEx+6xhNNhCBXvvW/LKVbM
xndrY2IyU8m55Fi3ZLEN+7aZbtGWLXhGK08bjgt2RmEsBICMLeFWhiR1xoLzPkVL
AuCg5FI5oIlXWFLU/iqwKA7O8mHp/YoOAYLnFa5ehHJ3wZA70z+JS+wHKDAMZWIW
LgvBXXGum0c6FQ==
-----END CERTIFICATE-----