Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
File:                     DUlCfYpEd823aAhhqexQ3HMhaYI.mft (raw, json)
Hash identifier:          9YIkPgCrvAJwr4xXjLg/DuqcCDQ8Fss7yXKfTXd2K/E=
Subject key identifier:   A9:5E:66:50:FD:E8:98:98:A9:59:68:B9:5C:48:C3:EA:EE:6A:98:05
Authority key identifier: 0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82
Certificate issuer:       /CN=0d49427d8a4477cdb7680861a9ec50dc73216982
Certificate serial:       0197488BF3229FA543203F7FB73E0171DBAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
Manifest number:          0608
Signing time:             Sat 07 Jun 2025 04:00:20 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:20 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:20 +0000
Files and hashes:         1: DUlCfYpEd823aAhhqexQ3HMhaYI.crl (hash: E6BW45eUqVv4F5tgN02yhJGHVhcC6RehHwIwmYNs5Zk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8b:f3:22:9f:a5:43:20:3f:7f:b7:3e:01:71:db:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d49427d8a4477cdb7680861a9ec50dc73216982
        Validity
            Not Before: Jun  7 04:00:20 2025 GMT
            Not After : Jun  8 04:00:20 2025 GMT
        Subject: CN=a95e6650fde89898a95968b95c48c3eaee6a9805
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:3d:70:e2:df:cd:41:aa:36:47:09:2b:ec:19:
                    68:1c:92:62:9c:32:50:88:f2:6e:70:5d:83:6d:6e:
                    f9:31:c6:99:71:5a:b9:fd:a3:a8:8a:a7:62:04:95:
                    8a:39:a2:6d:6b:0b:b9:96:28:df:87:45:ed:48:b1:
                    67:db:b2:3f:0a:b6:08:5b:44:47:12:f6:88:8f:2e:
                    23:14:b7:20:05:47:49:a4:fa:21:5f:1c:5a:8d:e5:
                    b4:fe:f2:c8:21:ee:46:d2:f0:b7:d2:b8:0b:cb:73:
                    fe:2e:2c:6c:db:1b:76:eb:c6:38:f9:5b:26:08:c1:
                    c8:34:92:e1:dc:51:61:28:c6:0a:e6:44:c4:a9:8f:
                    51:df:e8:1f:84:07:03:23:17:9a:83:fc:94:b4:f3:
                    ed:c4:84:8d:61:fb:e7:bf:b5:04:16:7f:e6:f4:5b:
                    ad:54:51:cf:a6:87:e7:da:25:6b:75:01:c0:cc:ec:
                    0a:45:6e:78:23:48:b4:a6:41:c7:41:c2:92:7d:c2:
                    88:63:74:bc:d9:b5:b6:10:ca:b8:d9:95:8f:f3:3f:
                    ef:e3:9b:1b:e4:85:5e:f2:d1:78:a6:27:87:da:87:
                    0a:2a:a4:f0:02:8e:bb:f0:00:f7:0f:6d:6d:e8:8d:
                    ea:81:bd:10:1d:a1:77:42:c0:10:d0:d8:d2:a4:df:
                    ab:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:5E:66:50:FD:E8:98:98:A9:59:68:B9:5C:48:C3:EA:EE:6A:98:05
            X509v3 Authority Key Identifier:
                keyid:0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:84:31:5b:4d:08:f5:d4:8f:22:91:01:06:d5:dd:38:bf:31:
         0a:d5:c4:c4:ff:c6:9f:e3:20:cb:18:6a:dc:c4:c6:61:74:91:
         1a:91:c1:f1:f4:f3:ea:46:41:88:bc:2d:13:bc:1f:a6:63:0e:
         6d:0e:3a:6d:70:63:c5:be:e0:3f:93:14:a0:b1:33:ac:69:7d:
         fd:de:ac:f4:7a:34:ea:17:a2:1c:e0:f3:ae:a1:fc:5c:82:3a:
         2e:f6:73:9c:b2:d3:df:d9:b8:7a:49:f4:03:a9:64:28:b7:42:
         5a:15:02:4c:7a:d6:7f:ab:fe:a5:79:23:53:e9:81:18:85:54:
         f2:cf:11:ca:d0:63:6f:e7:89:b1:67:67:0f:a5:dd:d7:38:84:
         36:01:96:e5:45:af:ae:79:c6:1d:8e:1a:c0:64:e9:75:b0:96:
         38:72:79:85:5f:c5:d5:f8:26:e8:72:dd:9f:7e:f1:91:73:19:
         62:5d:93:62:a5:8a:0d:c6:f1:ff:bb:0f:53:8c:77:b7:9d:e5:
         76:2b:22:20:ca:ef:c7:18:15:78:83:7c:81:e3:fe:86:8a:4f:
         be:49:29:e2:a3:53:c5:61:b4:ac:55:dc:5f:63:81:f9:db:c7:
         cd:0e:3b:69:33:37:54:84:f6:57:10:02:a8:b9:26:c4:81:a0:
         7e:c4:4d:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIi/Min6VDID9/tz4BcdutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDk0MjdkOGE0NDc3Y2RiNzY4MDg2MWE5ZWM1MGRjNzMy
MTY5ODIwHhcNMjUwNjA3MDQwMDIwWhcNMjUwNjA4MDQwMDIwWjAzMTEwLwYDVQQD
EyhhOTVlNjY1MGZkZTg5ODk4YTk1OTY4Yjk1YzQ4YzNlYWVlNmE5ODA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1D1w4t/NQao2Rwkr7BloHJJinDJQ
iPJucF2DbW75McaZcVq5/aOoiqdiBJWKOaJtawu5lijfh0XtSLFn27I/CrYIW0RH
EvaIjy4jFLcgBUdJpPohXxxajeW0/vLIIe5G0vC30rgLy3P+Lixs2xt268Y4+Vsm
CMHINJLh3FFhKMYK5kTEqY9R3+gfhAcDIxeag/yUtPPtxISNYfvnv7UEFn/m9Fut
VFHPpofn2iVrdQHAzOwKRW54I0i0pkHHQcKSfcKIY3S82bW2EMq42ZWP8z/v45sb
5IVe8tF4pieH2ocKKqTwAo678AD3D21t6I3qgb0QHaF3QsAQ0NjSpN+ruwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKleZlD96JiYqVlouVxIw+ruapgFMB8GA1UdIwQY
MBaAFA1JQn2KRHfNt2gIYansUNxzIWmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQt
N2E0MDU3MzE0MTY3LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQtN2E0MDU3MzE0MTY3
LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX4QxW00I
9dSPIpEBBtXdOL8xCtXExP/Gn+Mgyxhq3MTGYXSRGpHB8fTz6kZBiLwtE7wfpmMO
bQ46bXBjxb7gP5MUoLEzrGl9/d6s9Ho06heiHODzrqH8XII6LvZznLLT39m4ekn0
A6lkKLdCWhUCTHrWf6v+pXkjU+mBGIVU8s8RytBjb+eJsWdnD6Xd1ziENgGW5UWv
rnnGHY4awGTpdbCWOHJ5hV/F1fgm6HLdn37xkXMZYl2TYqWKDcbx/7sPU4x3t53l
disiIMrvxxgVeIN8geP+hopPvkkp4qNTxWG0rFXcX2OB+dvHzQ47aTM3VIT2VxAC
qLkmxIGgfsRNmA==
-----END CERTIFICATE-----