Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
File:                     l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft (raw, json)
Hash identifier:          jYpLA57lDCMj/M4ySHDMrND2Iat+JeKqT33kw+pplaE=
Subject key identifier:   FF:26:0B:A0:E2:5A:A2:3B:07:57:A4:DB:B1:A8:A4:3B:2B:7E:DB:98
Authority key identifier: 97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8
Certificate issuer:       /CN=97577f84188e283fdb5d7a6fcccc4856c19949b8
Certificate serial:       019687DB80256CDE34BCACDAF6356F4D085B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
Manifest number:          1513
Signing time:             Wed 30 Apr 2025 18:00:31 +0000
Manifest this update:     Wed 30 Apr 2025 18:00:31 +0000
Manifest next update:     Thu 01 May 2025 18:00:31 +0000
Files and hashes:         1: l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl (hash: jqEu7xfGzHFyPQ8StwhyYwiRwxR8ROnsKGKQqcsk4os=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 13:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:87:db:80:25:6c:de:34:bc:ac:da:f6:35:6f:4d:08:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97577f84188e283fdb5d7a6fcccc4856c19949b8
        Validity
            Not Before: Apr 30 18:00:31 2025 GMT
            Not After : May  1 18:00:31 2025 GMT
        Subject: CN=ff260ba0e25aa23b0757a4dbb1a8a43b2b7edb98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:a6:7b:f0:a3:2c:34:92:22:bc:53:ce:f4:43:
                    25:41:fc:c3:a2:3b:26:d9:10:0f:c5:fd:ac:7e:ca:
                    24:68:07:93:ee:fe:3e:41:d5:31:a8:9f:2f:9d:52:
                    b0:94:b1:be:39:59:3e:14:80:75:7d:5b:2c:c9:d5:
                    ea:ee:c7:bd:4b:34:9b:56:5c:19:a1:87:25:cd:46:
                    df:40:46:53:a2:70:1b:49:55:4b:34:ae:58:da:1b:
                    96:15:bc:85:97:53:c9:7e:e7:21:56:34:a6:c0:01:
                    28:94:51:92:7e:b4:67:c7:50:5d:b1:33:27:a5:c8:
                    77:da:96:30:3d:d1:f4:75:dd:65:40:96:47:f2:79:
                    a8:15:22:e4:81:8a:fe:07:b6:d5:e0:14:1d:a9:6a:
                    89:bc:89:f8:94:f7:a5:af:4a:27:62:1e:ce:ee:23:
                    be:ae:a4:9a:96:82:81:31:f6:71:41:f8:6e:c7:23:
                    35:ee:8d:a6:a7:7c:95:a0:07:3f:6e:d6:fb:af:75:
                    f1:43:f4:2e:76:76:17:1d:e0:e8:4a:d3:2a:bd:53:
                    a5:8b:5d:69:66:32:6f:86:d5:19:4c:84:cc:4d:56:
                    3a:27:cd:9b:a3:a7:ee:cc:a1:bd:f6:61:7e:fb:38:
                    6b:a2:20:f2:59:46:1b:01:dc:0c:38:3a:dc:e9:57:
                    e8:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:26:0B:A0:E2:5A:A2:3B:07:57:A4:DB:B1:A8:A4:3B:2B:7E:DB:98
            X509v3 Authority Key Identifier:
                keyid:97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:2a:ec:1f:1c:55:88:2b:4d:d1:94:3c:ec:2b:b5:18:f0:f3:
         c2:c4:33:81:56:84:56:8f:88:2b:49:a2:6d:a9:e3:61:cf:ec:
         36:87:60:6f:54:b7:de:e2:85:92:d4:01:e2:ec:0a:4d:82:44:
         42:ee:74:77:e5:d5:b3:1c:8c:15:a5:95:1d:fb:26:a5:5e:11:
         ef:8c:99:db:ed:33:bc:01:20:ca:9f:e0:a0:29:a3:5a:c2:a8:
         3b:b5:11:c9:6c:b2:60:c6:c7:66:e4:68:5c:cc:ee:60:e3:6e:
         c9:23:39:b0:91:44:0a:30:76:bb:1a:83:50:9a:2e:af:f2:46:
         fe:6e:3b:14:39:fe:a6:0b:35:9e:7d:0c:84:77:fa:8c:ee:8b:
         86:c2:32:d5:a7:86:ae:1c:3b:11:ad:89:0a:86:d1:ef:f3:8b:
         fe:69:ab:ba:ae:5f:ee:de:a3:b5:18:f5:01:78:d7:1e:7f:06:
         7b:97:e2:ea:98:35:f8:fa:84:9a:e0:fe:d0:02:62:de:c4:72:
         08:b1:3d:3d:5b:95:34:f5:ef:ae:3f:e7:8a:c0:31:71:f1:20:
         13:8a:24:d5:c3:97:f4:1a:3a:a3:9e:9a:b9:5a:a9:6a:d6:37:
         b9:c1:f6:43:54:2b:70:35:a1:68:89:59:e0:94:24:7a:fe:20:
         44:18:e4:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaH24AlbN40vKza9jVvTQhbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NTc3Zjg0MTg4ZTI4M2ZkYjVkN2E2ZmNjY2M0ODU2YzE5
OTQ5YjgwHhcNMjUwNDMwMTgwMDMxWhcNMjUwNTAxMTgwMDMxWjAzMTEwLwYDVQQD
EyhmZjI2MGJhMGUyNWFhMjNiMDc1N2E0ZGJiMWE4YTQzYjJiN2VkYjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qZ78KMsNJIivFPO9EMlQfzDojsm
2RAPxf2sfsokaAeT7v4+QdUxqJ8vnVKwlLG+OVk+FIB1fVssydXq7se9SzSbVlwZ
oYclzUbfQEZTonAbSVVLNK5Y2huWFbyFl1PJfuchVjSmwAEolFGSfrRnx1BdsTMn
pch32pYwPdH0dd1lQJZH8nmoFSLkgYr+B7bV4BQdqWqJvIn4lPelr0onYh7O7iO+
rqSaloKBMfZxQfhuxyM17o2mp3yVoAc/btb7r3XxQ/QudnYXHeDoStMqvVOli11p
ZjJvhtUZTITMTVY6J82bo6fuzKG99mF++zhroiDyWUYbAdwMODrc6VfoXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP8mC6DiWqI7B1ek27GopDsrftuYMB8GA1UdIwQY
MBaAFJdXf4QYjig/2116b8zMSFbBmUm4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAt
YTFhNjRiNDlmYTUwLzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAtYTFhNjRiNDlmYTUw
LzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKSrsHxxV
iCtN0ZQ87Cu1GPDzwsQzgVaEVo+IK0mibanjYc/sNodgb1S33uKFktQB4uwKTYJE
Qu50d+XVsxyMFaWVHfsmpV4R74yZ2+0zvAEgyp/goCmjWsKoO7URyWyyYMbHZuRo
XMzuYONuySM5sJFECjB2uxqDUJour/JG/m47FDn+pgs1nn0MhHf6jO6LhsIy1aeG
rhw7Ea2JCobR7/OL/mmruq5f7t6jtRj1AXjXHn8Ge5fi6pg1+PqEmuD+0AJi3sRy
CLE9PVuVNPXvrj/nisAxcfEgE4ok1cOX9Bo6o56auVqpatY3ucH2Q1QrcDWhaIlZ
4JQkev4gRBjkUw==
-----END CERTIFICATE-----