Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
File:                     DTr3NGYY2GMOAUanZREkQ-DCyP8.mft (raw, json)
Hash identifier:          rImQyNnHjzN7XYj7T5/4XZiPRkoce9mG3Jm0VVR/aiM=
Subject key identifier:   BE:D8:7E:7F:75:68:87:46:39:7D:F5:02:A2:47:70:D8:23:1F:F1:99
Authority key identifier: 0D:3A:F7:34:66:18:D8:63:0E:01:46:A7:65:11:24:43:E0:C2:C8:FF
Certificate issuer:       /CN=0d3af7346618d8630e0146a765112443e0c2c8ff
Certificate serial:       01965349CEDE5FCEF5B0BC7947B826528F8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
Manifest number:          0590
Signing time:             Sun 20 Apr 2025 13:01:08 +0000
Manifest this update:     Sun 20 Apr 2025 13:01:08 +0000
Manifest next update:     Mon 21 Apr 2025 13:01:08 +0000
Files and hashes:         1: DTr3NGYY2GMOAUanZREkQ-DCyP8.crl (hash: 5FAtzBGwFINNzLBzbLOJua1vN0e5mUGg5swIRHR8jp4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 13:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:49:ce:de:5f:ce:f5:b0:bc:79:47:b8:26:52:8f:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d3af7346618d8630e0146a765112443e0c2c8ff
        Validity
            Not Before: Apr 20 13:01:08 2025 GMT
            Not After : Apr 21 13:01:08 2025 GMT
        Subject: CN=bed87e7f75688746397df502a24770d8231ff199
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:7f:7c:d1:90:b6:e0:c0:65:cc:94:73:07:7a:
                    7b:4f:6a:35:f4:37:0e:0d:f4:67:93:d9:9f:ed:8b:
                    ea:83:1a:9d:5d:8c:ec:2e:45:c2:b9:69:56:39:92:
                    2a:82:bf:c5:29:ac:51:81:c4:0e:b6:c8:ac:8f:65:
                    d3:87:3a:a6:00:c0:59:4d:39:09:e2:ec:c5:16:b3:
                    af:4a:f8:83:1a:84:d3:e5:f0:7e:34:ee:2b:1f:31:
                    64:f5:7b:27:e7:d6:9e:34:13:b8:59:71:d2:d0:40:
                    44:0e:ed:d7:b8:f8:6d:40:72:a6:fb:96:77:29:72:
                    6d:f2:b6:b7:1f:ac:d9:99:3c:1b:e4:9d:12:5e:7e:
                    80:ef:d6:71:f7:57:fc:d2:ff:b9:52:e1:f9:2e:6b:
                    85:14:58:14:f9:c8:76:2b:a2:d3:c9:e3:ca:31:80:
                    63:ef:98:55:8c:61:9d:cc:da:82:d1:20:39:3a:9d:
                    83:bb:cb:7a:62:76:3c:2c:fd:09:13:38:5d:81:a6:
                    ab:6f:2f:a2:c7:16:a7:59:55:13:ab:4e:b3:d1:a4:
                    34:86:ef:dc:59:80:d0:28:87:8b:36:9e:fd:b5:a4:
                    5c:46:5c:6d:d9:1b:ac:0a:0a:f0:c0:1b:bc:b9:7e:
                    f7:19:7b:ae:01:f0:43:79:21:bb:ab:36:94:34:3e:
                    df:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:D8:7E:7F:75:68:87:46:39:7D:F5:02:A2:47:70:D8:23:1F:F1:99
            X509v3 Authority Key Identifier:
                keyid:0D:3A:F7:34:66:18:D8:63:0E:01:46:A7:65:11:24:43:E0:C2:C8:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:de:d1:3f:f5:45:77:2c:05:90:43:2a:77:ea:ed:74:db:80:
         4d:8b:00:f8:e0:3e:7c:8f:85:4d:3b:de:27:92:df:93:d7:8a:
         8f:ca:be:d4:e9:02:3d:7c:8c:1d:35:0b:aa:4e:f6:85:fc:86:
         db:98:16:5e:bd:e2:6f:bd:ae:13:5c:cd:51:30:9a:33:18:6e:
         af:17:0d:c6:28:37:37:8d:c0:9f:8e:a1:66:59:1e:b8:a6:46:
         60:08:8f:81:7c:25:53:8f:5d:62:a3:da:0a:8e:be:0b:46:d2:
         8c:30:65:eb:c3:39:1b:74:eb:23:58:05:e0:9e:0f:98:68:f1:
         aa:a8:87:b4:5c:f1:f9:36:0c:e3:ad:db:e2:e5:fe:3e:9f:ae:
         71:83:31:5d:ed:8c:ea:cf:a9:77:79:44:6a:5a:39:b9:27:8e:
         5a:9f:1c:27:5c:5b:f8:6a:be:cc:8c:ea:d5:a4:c2:99:e2:ff:
         6e:22:be:24:5b:0b:c8:56:8c:86:00:bd:23:d5:65:ee:d5:ad:
         31:f0:85:da:67:f2:97:6c:04:10:88:eb:17:1a:da:e2:29:26:
         8d:3b:af:db:e9:f6:c1:bb:ca:92:42:fc:a7:27:17:c9:a6:df:
         df:12:7e:97:a6:fd:8d:c0:2f:28:3e:81:ee:6b:db:7a:2e:f5:
         16:9f:36:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTSc7eX871sLx5R7gmUo+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkM2FmNzM0NjYxOGQ4NjMwZTAxNDZhNzY1MTEyNDQzZTBj
MmM4ZmYwHhcNMjUwNDIwMTMwMTA4WhcNMjUwNDIxMTMwMTA4WjAzMTEwLwYDVQQD
EyhiZWQ4N2U3Zjc1Njg4NzQ2Mzk3ZGY1MDJhMjQ3NzBkODIzMWZmMTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwn980ZC24MBlzJRzB3p7T2o19DcO
DfRnk9mf7YvqgxqdXYzsLkXCuWlWOZIqgr/FKaxRgcQOtsisj2XThzqmAMBZTTkJ
4uzFFrOvSviDGoTT5fB+NO4rHzFk9Xsn59aeNBO4WXHS0EBEDu3XuPhtQHKm+5Z3
KXJt8ra3H6zZmTwb5J0SXn6A79Zx91f80v+5UuH5LmuFFFgU+ch2K6LTyePKMYBj
75hVjGGdzNqC0SA5Op2Du8t6YnY8LP0JEzhdgaarby+ixxanWVUTq06z0aQ0hu/c
WYDQKIeLNp79taRcRlxt2RusCgrwwBu8uX73GXuuAfBDeSG7qzaUND7fkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL7Yfn91aIdGOX31AqJHcNgjH/GZMB8GA1UdIwQY
MBaAFA069zRmGNhjDgFGp2URJEPgwsj/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80NTU3MDItNWQ1ZC00NjZiLWIxM2Et
ZjNiOWIwYjhkZDcwLzEvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80NTU3MDItNWQ1ZC00NjZiLWIxM2EtZjNiOWIwYjhkZDcw
LzEvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALd7RP/VF
dywFkEMqd+rtdNuATYsA+OA+fI+FTTveJ5Lfk9eKj8q+1OkCPXyMHTULqk72hfyG
25gWXr3ib72uE1zNUTCaMxhurxcNxig3N43An46hZlkeuKZGYAiPgXwlU49dYqPa
Co6+C0bSjDBl68M5G3TrI1gF4J4PmGjxqqiHtFzx+TYM463b4uX+Pp+ucYMxXe2M
6s+pd3lEalo5uSeOWp8cJ1xb+Gq+zIzq1aTCmeL/biK+JFsLyFaMhgC9I9Vl7tWt
MfCF2mfyl2wEEIjrFxra4ikmjTuv2+n2wbvKkkL8pycXyabf3xJ+l6b9jcAvKD6B
7mvbei71Fp82VA==
-----END CERTIFICATE-----