Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
File:                     _D39VAG24EhxYrQuBDdnosKTGnc.mft (raw, json)
Hash identifier:          LN/rn6Q7+fBoKA5COHzRm8cb7sgfOBHDPlqMxLdC3mk=
Subject key identifier:   54:C2:C2:D3:20:4E:C1:53:90:2F:5D:F3:0E:19:DD:30:04:B5:E2:DE
Authority key identifier: FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77
Certificate issuer:       /CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
Certificate serial:       0196760C192FDB6CB1596BCE0241B0550479
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
Manifest number:          0891
Signing time:             Sun 27 Apr 2025 07:00:26 +0000
Manifest this update:     Sun 27 Apr 2025 07:00:26 +0000
Manifest next update:     Mon 28 Apr 2025 07:00:26 +0000
Files and hashes:         1: _D39VAG24EhxYrQuBDdnosKTGnc.crl (hash: HVdX+i4Se8mXg36cfQ2dODzVXHNnL4ejibEkgpdheOk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:19:2f:db:6c:b1:59:6b:ce:02:41:b0:55:04:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
        Validity
            Not Before: Apr 27 07:00:26 2025 GMT
            Not After : Apr 28 07:00:26 2025 GMT
        Subject: CN=54c2c2d3204ec153902f5df30e19dd3004b5e2de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e4:4f:4b:cf:46:bd:b0:a1:f8:79:6c:41:0d:
                    a3:12:b7:b7:e5:8e:fd:2c:6f:c0:4d:89:ec:98:68:
                    cc:0c:d1:02:84:c5:7b:36:bf:6b:97:f9:bb:9b:22:
                    60:9a:d6:cd:4a:3f:b5:76:10:24:3b:f4:02:54:24:
                    ba:f8:28:eb:37:2c:53:1e:8b:dd:8f:88:77:9c:6f:
                    e8:fe:07:c2:60:14:bf:ba:5e:b6:2a:f3:70:2f:bf:
                    5f:8c:56:6c:b2:cf:b6:96:ae:48:d8:ec:0e:3f:3d:
                    1d:a2:33:58:ac:b5:47:a7:72:79:ca:ff:00:df:d3:
                    47:c1:34:29:0e:fe:34:59:6b:97:24:e4:f5:81:e1:
                    c0:3c:b8:51:14:b5:12:08:e5:96:7c:d8:69:68:ae:
                    91:de:d2:4e:1c:d3:5e:69:1a:a0:d9:ef:7e:ff:c3:
                    74:3e:2f:46:d8:74:17:65:3a:3e:0e:f3:15:86:5e:
                    fb:52:38:8b:a7:8c:72:d6:21:3f:72:32:81:7d:7e:
                    45:cd:c0:dc:23:2a:9e:f7:d4:aa:91:4e:f1:60:1a:
                    45:93:2e:cf:f1:1c:c6:6e:f8:87:db:83:7f:95:74:
                    7e:fd:ff:4f:64:67:47:ba:2e:e8:5f:bf:77:82:ee:
                    f6:01:3b:5d:0e:57:90:b8:a9:5e:f4:45:b7:0a:2d:
                    79:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:C2:C2:D3:20:4E:C1:53:90:2F:5D:F3:0E:19:DD:30:04:B5:E2:DE
            X509v3 Authority Key Identifier:
                keyid:FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:9e:29:fe:bf:43:5d:ab:c1:37:3e:dc:03:40:c2:dd:04:66:
         69:75:b8:43:9e:d3:e1:7d:d5:54:09:98:fa:ec:05:45:10:81:
         7b:34:4e:4d:16:ec:c9:1b:55:3c:02:c7:de:af:74:a1:55:46:
         88:52:a1:23:91:71:7b:c7:48:43:b4:1b:54:35:4f:c1:0d:59:
         46:bc:f0:dd:32:e9:97:8e:d6:47:97:fe:0c:f0:d8:96:5e:b6:
         c2:de:75:b0:b6:38:33:dc:43:8c:65:8c:45:03:a7:6c:14:17:
         dd:93:8a:70:3a:ff:4c:ca:0c:9b:8f:92:a5:6b:b8:f4:3d:3e:
         23:26:78:15:36:9f:08:67:1e:56:1d:fe:9a:35:f0:1b:c7:16:
         fd:63:03:de:eb:a1:4d:47:b1:38:5b:04:5a:2c:cf:ce:0a:f7:
         27:88:93:47:3b:f9:71:c9:68:7d:29:95:4f:b4:45:93:15:7e:
         ae:1a:ec:0d:94:9a:f1:cb:53:45:d0:9f:07:a2:40:c8:60:48:
         b4:17:41:a1:09:69:d1:c0:a3:7e:0b:27:7d:36:d2:48:52:e7:
         4a:ff:df:89:9e:ed:27:e1:be:68:18:a1:fc:ee:aa:50:2a:b1:
         16:99:3a:a2:c2:49:03:b3:a1:f7:0f:a6:cc:cb:0e:04:e6:ad:
         12:f8:c8:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DBkv22yxWWvOAkGwVQR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2RmZDU0MDFiNmUwNDg3MTYyYjQyZTA0Mzc2N2EyYzI5
MzFhNzcwHhcNMjUwNDI3MDcwMDI2WhcNMjUwNDI4MDcwMDI2WjAzMTEwLwYDVQQD
Eyg1NGMyYzJkMzIwNGVjMTUzOTAyZjVkZjMwZTE5ZGQzMDA0YjVlMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+RPS89GvbCh+HlsQQ2jEre35Y79
LG/ATYnsmGjMDNEChMV7Nr9rl/m7myJgmtbNSj+1dhAkO/QCVCS6+CjrNyxTHovd
j4h3nG/o/gfCYBS/ul62KvNwL79fjFZsss+2lq5I2OwOPz0dojNYrLVHp3J5yv8A
39NHwTQpDv40WWuXJOT1geHAPLhRFLUSCOWWfNhpaK6R3tJOHNNeaRqg2e9+/8N0
Pi9G2HQXZTo+DvMVhl77UjiLp4xy1iE/cjKBfX5FzcDcIyqe99SqkU7xYBpFky7P
8RzGbviH24N/lXR+/f9PZGdHui7oX793gu72ATtdDleQuKle9EW3Ci15owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFTCwtMgTsFTkC9d8w4Z3TAEteLeMB8GA1UdIwQY
MBaAFPw9/VQBtuBIcWK0LgQ3Z6LCkxp3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEt
ZGRhZGUzZDM0MWM3LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEtZGRhZGUzZDM0MWM3
LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHp4p/r9D
XavBNz7cA0DC3QRmaXW4Q57T4X3VVAmY+uwFRRCBezROTRbsyRtVPALH3q90oVVG
iFKhI5Fxe8dIQ7QbVDVPwQ1ZRrzw3TLpl47WR5f+DPDYll62wt51sLY4M9xDjGWM
RQOnbBQX3ZOKcDr/TMoMm4+SpWu49D0+IyZ4FTafCGceVh3+mjXwG8cW/WMD3uuh
TUexOFsEWizPzgr3J4iTRzv5cclofSmVT7RFkxV+rhrsDZSa8ctTRdCfB6JAyGBI
tBdBoQlp0cCjfgsnfTbSSFLnSv/fiZ7tJ+G+aBih/O6qUCqxFpk6osJJA7Oh9w+m
zMsOBOatEvjI1A==
-----END CERTIFICATE-----