Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
File:                     WnMRox5rU6F10ZE1sryZOh-5hLE.mft (raw, json)
Hash identifier:          slA4/ZZfdYKo4TwUzgFk7i4HMIBOUk7NAyeoC+yi83o=
Subject key identifier:   D6:B2:62:2A:3F:E7:AB:72:84:9B:88:32:14:A1:1B:4E:0D:6B:4F:4A
Authority key identifier: 5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1
Certificate issuer:       /CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
Certificate serial:       01988C582DF4DFC097F28F99689DD50B5863
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
Manifest number:          1449
Signing time:             Sat 09 Aug 2025 01:00:45 +0000
Manifest this update:     Sat 09 Aug 2025 01:00:45 +0000
Manifest next update:     Sun 10 Aug 2025 01:00:45 +0000
Files and hashes:         1: WnMRox5rU6F10ZE1sryZOh-5hLE.crl (hash: tiZHnLJxGZvE80WrEWxF865xIhGF/xOihfd5K4FJx74=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 01:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8c:58:2d:f4:df:c0:97:f2:8f:99:68:9d:d5:0b:58:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
        Validity
            Not Before: Aug  9 01:00:45 2025 GMT
            Not After : Aug 10 01:00:45 2025 GMT
        Subject: CN=d6b2622a3fe7ab72849b883214a11b4e0d6b4f4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:8c:d7:29:81:ab:e6:c3:be:6a:09:d5:54:cc:
                    d3:c8:b7:0b:c6:21:63:0f:80:47:5a:56:08:a8:01:
                    71:92:85:b5:fa:3e:34:c3:44:33:6d:27:1a:81:26:
                    5b:33:c2:90:60:46:f2:ac:11:6c:4c:66:33:2f:6e:
                    e4:27:ca:83:ed:aa:a1:81:32:e6:7b:d9:1d:26:6a:
                    3d:d3:63:26:8e:1a:0b:c2:38:70:26:df:4c:ec:6a:
                    b3:75:a2:74:bd:28:e9:f9:c3:5f:35:ae:1e:d3:7d:
                    20:16:a3:58:39:13:37:f4:90:4f:cb:8f:fe:52:1a:
                    ab:c7:30:ed:17:6c:ff:ae:72:ba:ff:71:b9:6b:f3:
                    b3:6a:87:61:3f:2f:c4:e6:6a:af:fe:b7:b5:0f:ca:
                    3b:48:96:e3:3b:36:38:22:dc:b3:1c:f2:ee:9f:1c:
                    66:91:6b:96:03:83:77:48:cf:23:86:86:6b:35:ae:
                    f0:e2:31:9f:33:38:b2:06:4e:f5:a3:e7:bc:c8:b8:
                    0c:ef:de:0e:66:99:bc:80:5b:f9:dd:19:dd:9a:25:
                    52:39:27:80:52:d7:7d:0d:6b:2c:c4:54:b9:07:92:
                    7f:32:ba:f6:a4:d9:cd:0a:ad:b7:c5:3c:ae:d3:99:
                    90:6d:17:c4:8f:b1:69:92:d3:1c:fa:de:ab:0d:b2:
                    bf:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:B2:62:2A:3F:E7:AB:72:84:9B:88:32:14:A1:1B:4E:0D:6B:4F:4A
            X509v3 Authority Key Identifier:
                keyid:5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:78:e0:0a:a7:5a:06:47:59:f1:9f:27:52:c3:f3:24:0a:cf:
         1a:45:7d:54:8c:b5:5a:e4:6e:da:ca:3e:54:1b:d2:52:fa:f1:
         e4:00:93:37:72:ad:f8:05:62:06:0d:77:c7:a0:62:dd:6f:47:
         69:83:53:ab:c5:97:7c:fa:73:b1:9d:61:39:fe:4a:0f:17:89:
         20:a2:c7:8a:87:47:61:3e:5a:2a:f7:99:be:e0:0d:43:33:43:
         14:43:fd:85:d9:e9:dd:f4:50:f2:0e:22:b9:0f:1d:5d:e1:1b:
         7b:92:01:45:f5:68:f5:fa:e2:0d:17:02:e8:69:47:12:85:9c:
         75:2a:09:5c:d9:91:20:7a:d9:87:7b:85:38:56:50:58:4d:a7:
         c6:81:06:c6:71:7f:74:c4:4d:c0:30:d5:6f:01:60:72:07:78:
         0c:1f:81:81:43:84:1a:5d:80:31:53:5b:8c:4e:a8:f9:1c:c5:
         c3:55:e3:c9:08:c3:5b:90:78:48:e3:43:9c:8e:7c:ce:7a:09:
         ec:87:2c:50:88:49:89:f4:4e:33:d7:ed:fb:28:00:f8:fa:74:
         e0:57:f1:f6:02:af:c0:f3:78:b6:11:95:fb:3c:ce:ab:50:89:
         15:53:63:13:92:80:f2:a0:0d:16:c0:0e:ce:01:8e:57:e0:c3:
         c6:f2:f4:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiMWC3038CX8o+ZaJ3VC1hjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzMxMWEzMWU2YjUzYTE3NWQxOTEzNWIyYmM5OTNhMWZi
OTg0YjEwHhcNMjUwODA5MDEwMDQ1WhcNMjUwODEwMDEwMDQ1WjAzMTEwLwYDVQQD
EyhkNmIyNjIyYTNmZTdhYjcyODQ5Yjg4MzIxNGExMWI0ZTBkNmI0ZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYzXKYGr5sO+agnVVMzTyLcLxiFj
D4BHWlYIqAFxkoW1+j40w0QzbScagSZbM8KQYEbyrBFsTGYzL27kJ8qD7aqhgTLm
e9kdJmo902MmjhoLwjhwJt9M7GqzdaJ0vSjp+cNfNa4e030gFqNYORM39JBPy4/+
UhqrxzDtF2z/rnK6/3G5a/OzaodhPy/E5mqv/re1D8o7SJbjOzY4ItyzHPLunxxm
kWuWA4N3SM8jhoZrNa7w4jGfMziyBk71o+e8yLgM794OZpm8gFv53RndmiVSOSeA
Utd9DWssxFS5B5J/Mrr2pNnNCq23xTyu05mQbRfEj7FpktMc+t6rDbK/twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNayYio/56tyhJuIMhShG04Na09KMB8GA1UdIwQY
MBaAFFpzEaMea1OhddGRNbK8mTofuYSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzct
MWJhYTgzYzhhMDM2LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzctMWJhYTgzYzhhMDM2
LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdHjgCqda
BkdZ8Z8nUsPzJArPGkV9VIy1WuRu2so+VBvSUvrx5ACTN3Kt+AViBg13x6Bi3W9H
aYNTq8WXfPpzsZ1hOf5KDxeJIKLHiodHYT5aKveZvuANQzNDFEP9hdnp3fRQ8g4i
uQ8dXeEbe5IBRfVo9friDRcC6GlHEoWcdSoJXNmRIHrZh3uFOFZQWE2nxoEGxnF/
dMRNwDDVbwFgcgd4DB+BgUOEGl2AMVNbjE6o+RzFw1XjyQjDW5B4SONDnI58znoJ
7IcsUIhJifROM9ft+ygA+Pp04Ffx9gKvwPN4thGV+zzOq1CJFVNjE5KA8qANFsAO
zgGOV+DDxvL0dg==
-----END CERTIFICATE-----