Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
File:                     d_bMQsdY59p8S_q8ISEtHSghYDE.mft (raw, json)
Hash identifier:          YfL3FnHzD53PDD3t5Ao9VTqKsIdtHGNP4u2b+4Cs4vc=
Subject key identifier:   96:A6:B8:41:E9:B1:97:FD:62:38:3B:E4:C9:47:A3:6D:A8:DF:55:39
Authority key identifier: 77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31
Certificate issuer:       /CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
Certificate serial:       01977D1EAF148262686B549376BA058FD8D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
Manifest number:          0560
Signing time:             Tue 17 Jun 2025 09:00:52 +0000
Manifest this update:     Tue 17 Jun 2025 09:00:52 +0000
Manifest next update:     Wed 18 Jun 2025 09:00:52 +0000
Files and hashes:         1: d_bMQsdY59p8S_q8ISEtHSghYDE.crl (hash: GEVgTjExPQikJK62Sj69APeZ/e0PHEmwTnz8/vpBJYM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 18 Jun 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7d:1e:af:14:82:62:68:6b:54:93:76:ba:05:8f:d8:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
        Validity
            Not Before: Jun 17 09:00:52 2025 GMT
            Not After : Jun 18 09:00:52 2025 GMT
        Subject: CN=96a6b841e9b197fd62383be4c947a36da8df5539
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:0e:e3:3d:9c:23:0b:d7:76:59:ac:56:58:43:
                    50:e9:f7:35:c5:de:2c:8b:5a:87:e2:77:6e:df:3d:
                    ec:2f:a5:4c:b1:6f:78:aa:7a:14:65:36:e6:fd:eb:
                    4b:f7:0e:28:80:89:e9:93:1b:c5:47:15:5c:d7:43:
                    13:fe:de:1e:9b:c3:7b:cb:f5:f0:ac:42:29:28:7a:
                    bb:fa:64:3e:58:1e:f1:88:75:06:21:ef:e7:62:76:
                    c0:3b:93:cf:ce:e2:30:f9:92:11:d2:6d:68:0e:26:
                    9f:69:6a:5b:98:2f:ac:45:ea:45:15:6d:b3:b8:cd:
                    f8:27:89:37:e5:75:5b:6c:57:52:30:46:db:79:67:
                    45:98:2f:90:f0:ee:c1:60:4e:e8:df:64:eb:65:76:
                    da:d9:4e:d1:5b:ea:32:f7:13:a6:f5:df:af:85:61:
                    fc:04:37:1c:fc:2a:4f:3b:6f:b0:47:df:e2:92:1e:
                    8b:42:11:b1:1f:e9:a8:2d:06:16:39:de:87:25:0f:
                    28:01:b6:a2:3e:0c:c9:a9:cd:b9:f3:06:8c:26:a1:
                    86:0a:9a:59:9e:a9:16:45:26:ad:f3:33:02:3b:54:
                    5f:df:da:1e:5a:2f:aa:1d:b2:b0:eb:8f:6c:a1:da:
                    d0:6e:6a:df:a7:45:3e:9e:2e:95:7a:37:d3:ae:a6:
                    60:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:A6:B8:41:E9:B1:97:FD:62:38:3B:E4:C9:47:A3:6D:A8:DF:55:39
            X509v3 Authority Key Identifier:
                keyid:77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:6a:2f:76:f9:cc:54:90:11:21:74:b6:af:fc:50:93:ef:24:
         e4:98:18:e1:f5:0e:8d:17:8a:9d:7a:0d:cb:17:82:bb:3b:f0:
         a8:db:cd:d2:c0:74:e4:01:b6:20:d2:95:f9:c2:a1:97:19:5a:
         c9:44:10:a4:a8:05:21:67:75:bb:f8:c7:4f:4e:b7:6d:26:7a:
         80:e3:54:5a:e2:82:0d:6e:b0:b0:dd:43:eb:8f:c2:1e:12:c6:
         82:4b:f7:ca:f4:e0:d4:03:cc:7a:27:5e:e5:0e:a4:92:23:d7:
         ca:d8:75:9d:97:a1:93:5a:f7:70:91:8c:04:b7:c7:2c:fb:27:
         70:58:94:b2:78:84:cc:79:00:9d:5d:ed:c3:2b:57:43:e1:3d:
         eb:80:5a:b0:5c:c3:0a:b0:4a:43:4d:dc:51:6d:ab:a6:05:de:
         b6:8f:ce:db:cd:b3:72:54:b2:28:50:c7:78:f1:42:64:0c:9b:
         9b:08:57:32:3f:7c:f4:70:23:83:d9:b5:ed:e9:0e:41:36:58:
         ff:ce:6f:e4:68:a2:df:76:c8:6e:bc:3b:34:39:57:bb:c3:e0:
         f6:23:4c:61:5b:c5:04:02:94:22:31:e7:39:89:f9:03:cc:b8:
         a1:40:b4:c6:81:e7:ea:c6:8c:b8:c1:e4:ea:44:b8:1e:3b:1b:
         ab:93:b8:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd9Hq8UgmJoa1STdroFj9jQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjZjYzQyYzc1OGU3ZGE3YzRiZmFiYzIxMjEyZDFkMjgy
MTYwMzEwHhcNMjUwNjE3MDkwMDUyWhcNMjUwNjE4MDkwMDUyWjAzMTEwLwYDVQQD
Eyg5NmE2Yjg0MWU5YjE5N2ZkNjIzODNiZTRjOTQ3YTM2ZGE4ZGY1NTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQ7jPZwjC9d2WaxWWENQ6fc1xd4s
i1qH4ndu3z3sL6VMsW94qnoUZTbm/etL9w4ogInpkxvFRxVc10MT/t4em8N7y/Xw
rEIpKHq7+mQ+WB7xiHUGIe/nYnbAO5PPzuIw+ZIR0m1oDiafaWpbmC+sRepFFW2z
uM34J4k35XVbbFdSMEbbeWdFmC+Q8O7BYE7o32TrZXba2U7RW+oy9xOm9d+vhWH8
BDcc/CpPO2+wR9/ikh6LQhGxH+moLQYWOd6HJQ8oAbaiPgzJqc258waMJqGGCppZ
nqkWRSat8zMCO1Rf39oeWi+qHbKw649sodrQbmrfp0U+ni6VejfTrqZgewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJamuEHpsZf9Yjg75MlHo22o31U5MB8GA1UdIwQY
MBaAFHf2zELHWOfafEv6vCEhLR0oIWAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQt
NGJlY2IzMzY5ZGVjLzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQtNGJlY2IzMzY5ZGVj
LzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd2ovdvnM
VJARIXS2r/xQk+8k5JgY4fUOjReKnXoNyxeCuzvwqNvN0sB05AG2INKV+cKhlxla
yUQQpKgFIWd1u/jHT063bSZ6gONUWuKCDW6wsN1D64/CHhLGgkv3yvTg1APMeide
5Q6kkiPXyth1nZehk1r3cJGMBLfHLPsncFiUsniEzHkAnV3twytXQ+E964BasFzD
CrBKQ03cUW2rpgXeto/O282zclSyKFDHePFCZAybmwhXMj989HAjg9m17ekOQTZY
/85v5Gii33bIbrw7NDlXu8Pg9iNMYVvFBAKUIjHnOYn5A8y4oUC0xoHn6saMuMHk
6kS4Hjsbq5O41g==
-----END CERTIFICATE-----