Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft
File:                     itYGdkMvaHI2YskyV5qEk1IBS5U.mft (raw, json)
Hash identifier:          HjlKx1pPD0vqaTogeH77QGSXdCR0qWHr3AGSWbchRr4=
Subject key identifier:   3E:AE:C3:F5:3E:9A:93:DE:EB:97:25:64:19:0C:8E:37:F2:C3:3D:B7
Authority key identifier: 8A:D6:06:76:43:2F:68:72:36:62:C9:32:57:9A:84:93:52:01:4B:95
Certificate issuer:       /CN=8ad60676432f68723662c932579a849352014b95
Certificate serial:       019682EBF4D3FB02102495681427A1C00788
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/itYGdkMvaHI2YskyV5qEk1IBS5U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft
Manifest number:          06DC
Signing time:             Tue 29 Apr 2025 19:00:23 +0000
Manifest this update:     Tue 29 Apr 2025 19:00:23 +0000
Manifest next update:     Wed 30 Apr 2025 19:00:23 +0000
Files and hashes:         1: itYGdkMvaHI2YskyV5qEk1IBS5U.crl (hash: qXWv01fTc6YlkcYZJHjtkitjf/hZUq1XIPuruNAD2Tw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/itYGdkMvaHI2YskyV5qEk1IBS5U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 19:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:82:eb:f4:d3:fb:02:10:24:95:68:14:27:a1:c0:07:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ad60676432f68723662c932579a849352014b95
        Validity
            Not Before: Apr 29 19:00:23 2025 GMT
            Not After : Apr 30 19:00:23 2025 GMT
        Subject: CN=3eaec3f53e9a93deeb972564190c8e37f2c33db7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:1e:44:e7:b1:5a:62:ce:2a:65:b5:59:9e:16:
                    79:80:7f:b1:5d:03:06:e5:73:6a:8f:a2:86:0d:ff:
                    f5:66:09:c4:b1:35:61:f8:26:bf:c5:e3:4a:00:3d:
                    4f:c5:a2:d3:82:2e:93:9c:ae:47:7d:b2:1c:cf:c1:
                    79:aa:16:47:44:46:d4:aa:56:6b:97:73:c9:07:7d:
                    52:32:9c:15:f6:9c:9a:ca:cf:b3:67:c3:a8:97:09:
                    6d:92:24:04:67:5a:77:bd:2f:9c:75:66:89:20:04:
                    f3:7f:21:40:42:8b:9e:96:d8:0b:4c:56:ea:5b:37:
                    8d:8b:2f:ab:68:32:15:11:3e:4b:ed:d6:7b:4c:6f:
                    bf:a7:ca:5e:f7:f2:ab:ff:80:2b:e2:44:40:d2:b5:
                    b7:d5:74:f6:97:c2:93:cc:96:71:1d:64:db:42:95:
                    70:cb:3b:88:c5:a2:1a:05:bc:20:86:e0:fe:89:94:
                    0e:f5:b8:91:5a:cb:ec:bf:4e:6a:48:1c:80:5d:82:
                    fb:90:e9:9d:ca:ec:c2:4f:d8:8e:69:ca:97:5f:4e:
                    23:3e:09:a7:07:a9:2c:51:cf:e2:b3:68:66:75:4c:
                    71:3b:12:05:c3:2f:b9:23:b6:50:da:20:ea:dd:f3:
                    06:a6:20:65:42:53:91:6d:f0:7c:c3:20:e4:12:a0:
                    5d:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:AE:C3:F5:3E:9A:93:DE:EB:97:25:64:19:0C:8E:37:F2:C3:3D:B7
            X509v3 Authority Key Identifier:
                keyid:8A:D6:06:76:43:2F:68:72:36:62:C9:32:57:9A:84:93:52:01:4B:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itYGdkMvaHI2YskyV5qEk1IBS5U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:2d:f9:a5:23:8a:2f:85:2f:6b:a3:d3:65:d7:e9:12:bd:36:
         cd:4a:d3:42:cf:52:16:98:d9:eb:e1:3b:c6:5a:fc:f2:83:27:
         1d:d5:ea:a0:3d:9a:fd:d7:8d:38:01:f5:fe:51:ae:fe:b6:4d:
         e9:ab:00:f0:88:8f:32:19:9a:b7:fa:11:6f:4d:04:a8:b9:18:
         b8:50:72:f3:22:65:7a:65:2a:d3:2e:2d:73:c9:20:88:5a:e4:
         8e:5d:1b:93:78:dd:06:2a:59:a5:ce:e5:13:0e:0d:e5:77:26:
         49:4b:a8:34:15:4f:72:b4:db:ce:2f:34:d6:bc:76:80:cc:f4:
         e4:08:00:1d:ce:da:73:2f:ef:2b:24:e0:23:e2:bc:28:9e:05:
         80:c6:dd:58:6b:1c:dc:fe:c6:f7:bb:d5:83:7b:87:cb:ad:3b:
         48:5c:c2:c0:fa:6f:c6:01:5c:ae:60:88:ff:8f:2b:70:b5:10:
         fe:b8:2d:3c:26:82:45:24:ac:70:10:92:31:ff:34:7c:6b:0b:
         c1:dc:9e:25:71:dd:dd:27:64:de:6f:bd:4e:bc:6c:f1:1d:1c:
         d2:b2:4c:93:0e:e7:70:87:d1:ed:ed:82:a6:5e:2d:ad:da:d6:
         ac:55:98:a0:d2:52:f4:2d:84:81:e3:72:64:25:d1:8b:a6:25:
         87:44:50:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaC6/TT+wIQJJVoFCehwAeIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDYwNjc2NDMyZjY4NzIzNjYyYzkzMjU3OWE4NDkzNTIw
MTRiOTUwHhcNMjUwNDI5MTkwMDIzWhcNMjUwNDMwMTkwMDIzWjAzMTEwLwYDVQQD
EygzZWFlYzNmNTNlOWE5M2RlZWI5NzI1NjQxOTBjOGUzN2YyYzMzZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzh5E57FaYs4qZbVZnhZ5gH+xXQMG
5XNqj6KGDf/1ZgnEsTVh+Ca/xeNKAD1PxaLTgi6TnK5HfbIcz8F5qhZHREbUqlZr
l3PJB31SMpwV9pyays+zZ8OolwltkiQEZ1p3vS+cdWaJIATzfyFAQoueltgLTFbq
WzeNiy+raDIVET5L7dZ7TG+/p8pe9/Kr/4Ar4kRA0rW31XT2l8KTzJZxHWTbQpVw
yzuIxaIaBbwghuD+iZQO9biRWsvsv05qSByAXYL7kOmdyuzCT9iOacqXX04jPgmn
B6ksUc/is2hmdUxxOxIFwy+5I7ZQ2iDq3fMGpiBlQlORbfB8wyDkEqBduwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD6uw/U+mpPe65clZBkMjjfywz23MB8GA1UdIwQY
MBaAFIrWBnZDL2hyNmLJMleahJNSAUuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRZR2RrTXZhSEkyWXNreVY1cUVrMUlCUzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9jZGMxNDgtNTcwMy00ZTkxLTlhOGUt
Mjg0MDM2YTgxZDkwLzEvaXRZR2RrTXZhSEkyWXNreVY1cUVrMUlCUzVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9jZGMxNDgtNTcwMy00ZTkxLTlhOGUtMjg0MDM2YTgxZDkw
LzEvaXRZR2RrTXZhSEkyWXNreVY1cUVrMUlCUzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOS35pSOK
L4Uva6PTZdfpEr02zUrTQs9SFpjZ6+E7xlr88oMnHdXqoD2a/deNOAH1/lGu/rZN
6asA8IiPMhmat/oRb00EqLkYuFBy8yJlemUq0y4tc8kgiFrkjl0bk3jdBipZpc7l
Ew4N5XcmSUuoNBVPcrTbzi801rx2gMz05AgAHc7acy/vKyTgI+K8KJ4FgMbdWGsc
3P7G97vVg3uHy607SFzCwPpvxgFcrmCI/48rcLUQ/rgtPCaCRSSscBCSMf80fGsL
wdyeJXHd3Sdk3m+9Trxs8R0c0rJMkw7ncIfR7e2Cpl4trdrWrFWYoNJS9C2EgeNy
ZCXRi6Ylh0RQiw==
-----END CERTIFICATE-----