Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/fb147f-04ee-48f0-807d-fe3db5253eb0/1/DtlRtDq5cf2S62PsJqWyJu0Tx1I.mft
File:                     DtlRtDq5cf2S62PsJqWyJu0Tx1I.mft (raw, json)
Hash identifier:          HeyACkjGmUHb6AeZzP0LduAXD8uedP9JjHbYV6tQp3c=
Subject key identifier:   B6:41:41:2E:34:37:D9:DD:71:A4:D8:4C:44:2C:0F:C7:D0:D4:E5:17
Authority key identifier: 0E:D9:51:B4:3A:B9:71:FD:92:EB:63:EC:26:A5:B2:26:ED:13:C7:52
Certificate issuer:       /CN=0ed951b43ab971fd92eb63ec26a5b226ed13c752
Certificate serial:       0196531274C40FB1B92C1892F9ED02D5131C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DtlRtDq5cf2S62PsJqWyJu0Tx1I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/fb147f-04ee-48f0-807d-fe3db5253eb0/1/DtlRtDq5cf2S62PsJqWyJu0Tx1I.mft
Manifest number:          02DE
Signing time:             Sun 20 Apr 2025 12:00:40 +0000
Manifest this update:     Sun 20 Apr 2025 12:00:40 +0000
Manifest next update:     Mon 21 Apr 2025 12:00:40 +0000
Files and hashes:         1: DtlRtDq5cf2S62PsJqWyJu0Tx1I.crl (hash: 4aUuvGSEIsB1gwbdgsT/xwrif0YAZwhLlye9Vp5yFP4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/fb147f-04ee-48f0-807d-fe3db5253eb0/1/DtlRtDq5cf2S62PsJqWyJu0Tx1I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/fb147f-04ee-48f0-807d-fe3db5253eb0/1/DtlRtDq5cf2S62PsJqWyJu0Tx1I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DtlRtDq5cf2S62PsJqWyJu0Tx1I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 12:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:12:74:c4:0f:b1:b9:2c:18:92:f9:ed:02:d5:13:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ed951b43ab971fd92eb63ec26a5b226ed13c752
        Validity
            Not Before: Apr 20 12:00:40 2025 GMT
            Not After : Apr 21 12:00:40 2025 GMT
        Subject: CN=b641412e3437d9dd71a4d84c442c0fc7d0d4e517
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:17:e5:9c:1a:38:68:d4:9b:de:f9:9d:c3:c5:
                    79:8c:90:6b:1f:3a:cb:b4:b8:23:e2:60:1d:e9:3f:
                    a8:0f:f8:66:2e:9d:a7:16:b6:76:dd:d4:a5:c4:47:
                    de:48:6f:b6:f9:cd:02:fb:07:f1:4b:86:c9:47:40:
                    8f:27:7c:0e:35:70:00:5b:fe:b6:1e:10:15:9e:97:
                    fc:c5:57:02:bb:7a:34:cd:83:e6:f9:67:95:24:13:
                    8d:ad:7b:9d:70:f0:da:f1:fd:60:e4:51:f4:49:b1:
                    2a:2b:c3:97:3f:79:8f:2a:bc:f6:b2:3e:73:dd:65:
                    2f:7b:db:6a:17:36:04:e8:e4:50:ce:5e:6c:9a:92:
                    8d:85:af:8a:7c:08:c9:c0:cc:b4:0c:d8:f4:d1:31:
                    96:27:08:3a:25:f3:18:ac:b3:ff:bd:b4:69:56:1c:
                    b5:09:25:16:fb:07:92:2a:1d:14:01:0c:73:db:df:
                    34:31:af:b5:fa:c8:c0:e2:8e:12:63:ec:48:6c:6a:
                    27:fd:13:ea:0e:93:57:af:f6:60:e2:49:28:a7:3a:
                    5d:a8:7a:d0:84:64:78:3f:61:d8:07:74:1e:e2:fd:
                    65:91:84:7c:4a:e0:65:a4:27:a3:c8:8e:6b:12:28:
                    52:ec:7c:bf:b0:3d:71:78:78:2d:98:2b:63:88:56:
                    26:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:41:41:2E:34:37:D9:DD:71:A4:D8:4C:44:2C:0F:C7:D0:D4:E5:17
            X509v3 Authority Key Identifier:
                keyid:0E:D9:51:B4:3A:B9:71:FD:92:EB:63:EC:26:A5:B2:26:ED:13:C7:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DtlRtDq5cf2S62PsJqWyJu0Tx1I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/fb147f-04ee-48f0-807d-fe3db5253eb0/1/DtlRtDq5cf2S62PsJqWyJu0Tx1I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/fb147f-04ee-48f0-807d-fe3db5253eb0/1/DtlRtDq5cf2S62PsJqWyJu0Tx1I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:eb:78:89:a7:f9:0b:9c:2e:98:fc:83:0f:27:8e:af:23:da:
         b8:b6:9b:ba:19:93:4b:4c:07:c5:03:15:bc:7b:70:1a:f0:56:
         0c:00:b5:85:13:c8:ed:b3:9a:86:9a:31:3f:90:78:7a:e6:07:
         c2:a5:68:6b:1d:b7:f8:a6:5f:4b:03:0c:f8:6a:98:c6:9c:28:
         cc:e0:39:ce:f1:80:f6:40:b2:ce:11:0d:86:0e:fc:58:2f:e1:
         7b:d6:82:c5:50:fb:e2:4f:91:e7:e0:ef:18:72:45:87:53:36:
         45:b8:fe:2e:38:b9:ce:83:7a:de:fc:cd:87:a9:0d:ce:7d:af:
         1b:9c:0a:3a:12:54:8c:4c:11:6a:0f:88:42:fb:97:a7:c6:a0:
         a2:09:72:29:cd:83:16:05:0e:57:2d:89:fe:bd:e4:f6:87:4b:
         e8:66:cd:ff:f7:6f:fd:ff:43:fd:01:01:4b:17:5c:b5:6f:8e:
         11:db:64:6e:ab:f4:1e:e4:3f:c7:ff:a2:08:0a:b8:9d:77:4b:
         0b:7e:21:cb:02:34:eb:50:7d:70:0d:d8:e5:4e:b2:8b:f9:01:
         1a:33:7c:4c:51:d9:7a:37:c4:27:43:b3:8e:c4:17:73:aa:ae:
         21:17:b3:d2:c5:c8:bf:d3:fa:ef:e0:e9:bd:2f:cc:05:66:a4:
         68:7a:dd:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTEnTED7G5LBiS+e0C1RMcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZDk1MWI0M2FiOTcxZmQ5MmViNjNlYzI2YTViMjI2ZWQx
M2M3NTIwHhcNMjUwNDIwMTIwMDQwWhcNMjUwNDIxMTIwMDQwWjAzMTEwLwYDVQQD
EyhiNjQxNDEyZTM0MzdkOWRkNzFhNGQ4NGM0NDJjMGZjN2QwZDRlNTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBflnBo4aNSb3vmdw8V5jJBrHzrL
tLgj4mAd6T+oD/hmLp2nFrZ23dSlxEfeSG+2+c0C+wfxS4bJR0CPJ3wONXAAW/62
HhAVnpf8xVcCu3o0zYPm+WeVJBONrXudcPDa8f1g5FH0SbEqK8OXP3mPKrz2sj5z
3WUve9tqFzYE6ORQzl5smpKNha+KfAjJwMy0DNj00TGWJwg6JfMYrLP/vbRpVhy1
CSUW+weSKh0UAQxz2980Ma+1+sjA4o4SY+xIbGon/RPqDpNXr/Zg4kkopzpdqHrQ
hGR4P2HYB3Qe4v1lkYR8SuBlpCejyI5rEihS7Hy/sD1xeHgtmCtjiFYm9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLZBQS40N9ndcaTYTEQsD8fQ1OUXMB8GA1UdIwQY
MBaAFA7ZUbQ6uXH9kutj7CalsibtE8dSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHRsUnREcTVjZjJTNjJQc0pxV3lKdTBUeDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mYjE0N2YtMDRlZS00OGYwLTgwN2Qt
ZmUzZGI1MjUzZWIwLzEvRHRsUnREcTVjZjJTNjJQc0pxV3lKdTBUeDFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mYjE0N2YtMDRlZS00OGYwLTgwN2QtZmUzZGI1MjUzZWIw
LzEvRHRsUnREcTVjZjJTNjJQc0pxV3lKdTBUeDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwut4iaf5
C5wumPyDDyeOryPauLabuhmTS0wHxQMVvHtwGvBWDAC1hRPI7bOahpoxP5B4euYH
wqVoax23+KZfSwMM+GqYxpwozOA5zvGA9kCyzhENhg78WC/he9aCxVD74k+R5+Dv
GHJFh1M2Rbj+Lji5zoN63vzNh6kNzn2vG5wKOhJUjEwRag+IQvuXp8agoglyKc2D
FgUOVy2J/r3k9odL6GbN//dv/f9D/QEBSxdctW+OEdtkbqv0HuQ/x/+iCAq4nXdL
C34hywI061B9cA3Y5U6yi/kBGjN8TFHZejfEJ0OzjsQXc6quIRez0sXIv9P67+Dp
vS/MBWakaHrdqg==
-----END CERTIFICATE-----