Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
File:                     DUlCfYpEd823aAhhqexQ3HMhaYI.mft (raw, json)
Hash identifier:          219P7ZsCUlcI4QhIU80T5iEbK7MVstl3D5whnK4SxtU=
Subject key identifier:   26:F2:D5:7D:0E:DE:BF:DD:06:05:E0:85:20:D7:6D:99:BE:BE:6D:7D
Authority key identifier: 0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82
Certificate issuer:       /CN=0d49427d8a4477cdb7680861a9ec50dc73216982
Certificate serial:       01964F6D09A0E21F39037F7A83990288BF25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
Manifest number:          0587
Signing time:             Sat 19 Apr 2025 19:01:07 +0000
Manifest this update:     Sat 19 Apr 2025 19:01:07 +0000
Manifest next update:     Sun 20 Apr 2025 19:01:07 +0000
Files and hashes:         1: DUlCfYpEd823aAhhqexQ3HMhaYI.crl (hash: Vs5EniLBJ3YFeT/aFB1Fv7GBYi5/16J6rF8V5bXjewg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 16:41:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:6d:09:a0:e2:1f:39:03:7f:7a:83:99:02:88:bf:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d49427d8a4477cdb7680861a9ec50dc73216982
        Validity
            Not Before: Apr 19 19:01:07 2025 GMT
            Not After : Apr 20 19:01:07 2025 GMT
        Subject: CN=26f2d57d0edebfdd0605e08520d76d99bebe6d7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:b2:14:ba:e7:c8:48:7d:8a:dd:59:9d:d4:88:
                    eb:82:bf:30:03:b6:fb:42:94:be:6b:ba:6d:c5:28:
                    0a:b4:51:e7:2f:d7:ba:00:d0:e9:6c:1c:7b:dd:f6:
                    5e:a6:74:e2:9b:1d:e6:e7:c1:9b:7d:2f:30:1c:89:
                    b3:d0:17:6d:bf:9d:49:75:3b:ec:dc:6b:38:31:5e:
                    68:cb:5e:5a:6b:87:35:43:2e:8b:a0:81:01:2a:94:
                    6c:3e:a3:38:ec:e9:54:a4:c3:2d:69:3d:cb:0a:19:
                    49:c1:9a:06:b4:93:ab:ae:e7:d3:24:17:e4:64:db:
                    8a:48:5c:59:40:10:59:90:81:7f:67:b2:48:59:b0:
                    a4:42:ef:89:f2:2f:a0:72:0f:01:48:0d:00:53:db:
                    db:b8:82:03:53:90:a3:ab:14:93:9b:f1:58:47:6b:
                    94:2a:a0:06:39:5d:cc:6b:8f:ea:1e:8a:03:49:45:
                    25:55:28:ab:ce:8e:d8:6a:97:72:0f:aa:89:bd:da:
                    2e:46:f8:16:9d:f9:06:2f:81:7b:58:c2:71:c3:4f:
                    99:87:64:66:4f:14:e8:75:75:cc:18:e8:40:ef:e9:
                    15:08:a7:f5:ce:f2:39:5e:02:3b:67:68:21:96:00:
                    f3:ba:64:ff:cf:35:b4:16:a6:aa:e3:b8:fd:c6:6e:
                    dd:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:F2:D5:7D:0E:DE:BF:DD:06:05:E0:85:20:D7:6D:99:BE:BE:6D:7D
            X509v3 Authority Key Identifier:
                keyid:0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:f6:3e:2c:b7:03:e4:09:db:d2:37:a3:9f:a1:24:e9:e6:66:
         b4:d0:a0:fc:89:95:96:7c:6f:5e:1b:4f:9c:39:50:27:8b:f3:
         a1:02:e8:be:c4:eb:4f:d4:80:e0:ce:12:34:d6:7c:f4:68:14:
         72:12:84:7b:1f:2e:3f:68:6a:36:20:be:4a:c3:ff:d2:ef:14:
         7b:b6:7d:c0:e2:f9:be:0f:2d:18:e2:73:83:d7:1c:c0:08:11:
         29:dd:0d:24:8a:80:36:19:f1:3d:b1:37:60:55:a3:4c:e9:5d:
         3e:f8:85:06:c9:79:5c:34:68:76:ea:23:98:7e:54:08:4b:d3:
         e5:d3:8c:a8:fa:17:4e:bb:27:a5:6a:82:2a:af:54:96:cf:aa:
         1a:ec:b0:c7:bd:a6:f2:81:db:86:28:b4:5c:1c:08:86:7a:a6:
         41:76:74:64:78:ae:f4:2b:eb:eb:9d:67:34:cd:d1:ff:c8:9a:
         5a:5e:d7:41:8b:c4:7e:00:a1:55:ad:79:08:ad:8f:63:13:1d:
         86:61:33:4b:cb:a2:04:50:75:74:7e:ce:be:89:35:60:fa:6b:
         40:ae:a1:ad:fe:19:bc:be:38:6a:9e:9f:68:b7:b6:15:cd:7d:
         af:2e:69:a4:0c:b7:a6:e0:9a:b8:a0:36:40:27:f2:a2:51:9e:
         a3:fa:3a:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPbQmg4h85A396g5kCiL8lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDk0MjdkOGE0NDc3Y2RiNzY4MDg2MWE5ZWM1MGRjNzMy
MTY5ODIwHhcNMjUwNDE5MTkwMTA3WhcNMjUwNDIwMTkwMTA3WjAzMTEwLwYDVQQD
EygyNmYyZDU3ZDBlZGViZmRkMDYwNWUwODUyMGQ3NmQ5OWJlYmU2ZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbIUuufISH2K3Vmd1Ijrgr8wA7b7
QpS+a7ptxSgKtFHnL9e6ANDpbBx73fZepnTimx3m58GbfS8wHImz0Bdtv51JdTvs
3Gs4MV5oy15aa4c1Qy6LoIEBKpRsPqM47OlUpMMtaT3LChlJwZoGtJOrrufTJBfk
ZNuKSFxZQBBZkIF/Z7JIWbCkQu+J8i+gcg8BSA0AU9vbuIIDU5CjqxSTm/FYR2uU
KqAGOV3Ma4/qHooDSUUlVSirzo7YapdyD6qJvdouRvgWnfkGL4F7WMJxw0+Zh2Rm
TxTodXXMGOhA7+kVCKf1zvI5XgI7Z2ghlgDzumT/zzW0Fqaq47j9xm7d5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCby1X0O3r/dBgXghSDXbZm+vm19MB8GA1UdIwQY
MBaAFA1JQn2KRHfNt2gIYansUNxzIWmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQt
N2E0MDU3MzE0MTY3LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQtN2E0MDU3MzE0MTY3
LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU/Y+LLcD
5Anb0jejn6Ek6eZmtNCg/ImVlnxvXhtPnDlQJ4vzoQLovsTrT9SA4M4SNNZ89GgU
chKEex8uP2hqNiC+SsP/0u8Ue7Z9wOL5vg8tGOJzg9ccwAgRKd0NJIqANhnxPbE3
YFWjTOldPviFBsl5XDRoduojmH5UCEvT5dOMqPoXTrsnpWqCKq9Uls+qGuywx72m
8oHbhii0XBwIhnqmQXZ0ZHiu9Cvr651nNM3R/8iaWl7XQYvEfgChVa15CK2PYxMd
hmEzS8uiBFB1dH7Ovok1YPprQK6hrf4ZvL44ap6faLe2Fc19ry5ppAy3puCauKA2
QCfyolGeo/o6qw==
-----END CERTIFICATE-----