Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
File:                     DUlCfYpEd823aAhhqexQ3HMhaYI.mft (raw, json)
Hash identifier:          Av7zrGbWArfikl7C6HElF//vlnSLJA9+oow540RW4dQ=
Subject key identifier:   E9:9C:AA:05:5D:44:C0:EC:97:DF:18:99:C9:1C:05:19:C4:BD:62:DE
Authority key identifier: 0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82
Certificate issuer:       /CN=0d49427d8a4477cdb7680861a9ec50dc73216982
Certificate serial:       01958C5FFB7D20AEF54CCC0637DA8BF002B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
Manifest number:          0522
Signing time:             Wed 12 Mar 2025 22:00:55 +0000
Manifest this update:     Wed 12 Mar 2025 22:00:55 +0000
Manifest next update:     Thu 13 Mar 2025 22:00:55 +0000
Files and hashes:         1: DUlCfYpEd823aAhhqexQ3HMhaYI.crl (hash: c1AgpQMiz9ZThwloA9tS0jwqcrsoCFB3eq2/ncm8AGU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:5f:fb:7d:20:ae:f5:4c:cc:06:37:da:8b:f0:02:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d49427d8a4477cdb7680861a9ec50dc73216982
        Validity
            Not Before: Mar 12 22:00:55 2025 GMT
            Not After : Mar 13 22:00:55 2025 GMT
        Subject: CN=e99caa055d44c0ec97df1899c91c0519c4bd62de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:48:f1:12:d3:08:2c:99:f3:28:6d:24:a9:47:
                    4f:be:0a:16:82:57:0a:bb:bc:b3:9f:9f:12:b8:84:
                    ee:03:f7:e6:62:25:67:14:84:3a:b4:de:56:fc:85:
                    60:72:95:6b:95:6f:8d:e2:be:5a:13:74:cf:2a:ff:
                    6f:ed:79:16:75:8b:1d:78:29:e0:3c:8f:cc:e3:48:
                    b8:ea:1f:f0:03:ff:22:b4:48:26:99:f9:12:39:6a:
                    7e:e3:13:8c:34:de:58:6e:5c:a4:34:b7:6a:c0:7c:
                    24:94:c4:da:4d:7a:2d:dd:7e:d5:10:bb:7f:1c:cb:
                    1d:0b:1d:b6:39:45:c2:07:21:55:cc:3e:29:55:3b:
                    fe:c0:29:df:55:01:10:bd:c0:42:e8:dd:77:e3:06:
                    92:25:66:41:98:86:fe:03:2f:10:34:27:b9:2e:a1:
                    4c:6b:e8:df:9a:d6:d0:86:a3:1a:d6:87:41:d4:4c:
                    ab:a9:44:4c:19:8b:0e:eb:47:93:42:0d:e1:cf:a4:
                    8f:ab:21:6f:df:07:f6:9d:35:28:0d:21:db:d8:76:
                    99:21:39:36:c5:e0:9f:1c:4f:e8:63:e9:65:d3:85:
                    a5:1d:ff:9c:68:43:94:a1:eb:05:c3:06:c6:61:98:
                    88:3e:33:82:9d:97:f4:fc:ef:f8:e1:d8:47:6f:30:
                    65:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:9C:AA:05:5D:44:C0:EC:97:DF:18:99:C9:1C:05:19:C4:BD:62:DE
            X509v3 Authority Key Identifier:
                keyid:0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:f4:c1:bf:31:8b:c0:4d:0a:fe:4e:0f:27:10:b0:b6:c9:89:
         26:76:00:ee:b9:af:26:5e:b5:79:c2:df:b7:fc:26:33:83:89:
         5f:1b:92:02:48:8d:2e:52:e1:5a:ce:5b:5a:f8:0c:82:49:9c:
         5c:2f:1b:d2:15:b8:2f:83:9d:eb:41:3b:d1:27:67:95:16:cb:
         6e:e7:b5:b4:a5:7f:de:a5:52:e7:d7:a9:c0:55:09:ff:c2:0c:
         3e:18:c3:c4:8e:d2:a4:6e:98:0c:2b:39:1e:47:83:8f:90:2b:
         a1:80:cb:4e:22:bc:3c:7b:4a:b3:ed:a9:d1:50:7b:86:2b:4d:
         8f:06:e2:0a:97:65:ff:9f:55:03:4a:18:0f:d2:48:46:b6:e7:
         b2:ad:3f:f8:b6:65:43:6f:9d:c1:da:e9:2c:35:99:ba:87:37:
         8d:9c:e4:35:f4:09:fb:49:e2:9a:f9:c6:3e:f8:3a:85:ec:34:
         3c:19:2c:76:5a:5e:5a:81:61:96:57:a9:18:84:6f:47:18:fe:
         e9:a7:ee:2d:d8:08:08:0a:7a:84:94:a4:6b:12:60:5d:87:16:
         95:3e:8e:fa:22:d0:ef:b3:d3:c6:63:02:06:c2:80:b4:31:e2:
         61:48:d5:75:be:47:d6:01:eb:26:1e:71:4e:4a:d7:a5:cb:ea:
         22:17:33:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMX/t9IK71TMwGN9qL8AKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDk0MjdkOGE0NDc3Y2RiNzY4MDg2MWE5ZWM1MGRjNzMy
MTY5ODIwHhcNMjUwMzEyMjIwMDU1WhcNMjUwMzEzMjIwMDU1WjAzMTEwLwYDVQQD
EyhlOTljYWEwNTVkNDRjMGVjOTdkZjE4OTljOTFjMDUxOWM0YmQ2MmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0jxEtMILJnzKG0kqUdPvgoWglcK
u7yzn58SuITuA/fmYiVnFIQ6tN5W/IVgcpVrlW+N4r5aE3TPKv9v7XkWdYsdeCng
PI/M40i46h/wA/8itEgmmfkSOWp+4xOMNN5YblykNLdqwHwklMTaTXot3X7VELt/
HMsdCx22OUXCByFVzD4pVTv+wCnfVQEQvcBC6N134waSJWZBmIb+Ay8QNCe5LqFM
a+jfmtbQhqMa1odB1EyrqURMGYsO60eTQg3hz6SPqyFv3wf2nTUoDSHb2HaZITk2
xeCfHE/oY+ll04WlHf+caEOUoesFwwbGYZiIPjOCnZf0/O/44dhHbzBlkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOmcqgVdRMDsl98YmckcBRnEvWLeMB8GA1UdIwQY
MBaAFA1JQn2KRHfNt2gIYansUNxzIWmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQt
N2E0MDU3MzE0MTY3LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQtN2E0MDU3MzE0MTY3
LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAifTBvzGL
wE0K/k4PJxCwtsmJJnYA7rmvJl61ecLft/wmM4OJXxuSAkiNLlLhWs5bWvgMgkmc
XC8b0hW4L4Od60E70SdnlRbLbue1tKV/3qVS59epwFUJ/8IMPhjDxI7SpG6YDCs5
HkeDj5AroYDLTiK8PHtKs+2p0VB7hitNjwbiCpdl/59VA0oYD9JIRrbnsq0/+LZl
Q2+dwdrpLDWZuoc3jZzkNfQJ+0nimvnGPvg6hew0PBksdlpeWoFhllepGIRvRxj+
6afuLdgICAp6hJSkaxJgXYcWlT6O+iLQ77PTxmMCBsKAtDHiYUjVdb5H1gHrJh5x
TkrXpcvqIhczGg==
-----END CERTIFICATE-----