Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
File:                     DXtk3YGIxSbrXrReqB6mqK-cWek.mft (raw, json)
Hash identifier:          o6WVPiCrHgyMU8Vtct9oVnjSgu8U2yejeqh/Ju7mVa0=
Subject key identifier:   8F:76:D4:A2:EC:AD:B7:EF:7F:C9:37:19:C7:AE:72:BA:D6:2A:F1:CC
Authority key identifier: 0D:7B:64:DD:81:88:C5:26:EB:5E:B4:5E:A8:1E:A6:A8:AF:9C:59:E9
Certificate issuer:       /CN=0d7b64dd8188c526eb5eb45ea81ea6a8af9c59e9
Certificate serial:       019748FA37E1BED053AEE0AC9640EE819B94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
Manifest number:          0202
Signing time:             Sat 07 Jun 2025 06:00:47 +0000
Manifest this update:     Sat 07 Jun 2025 06:00:47 +0000
Manifest next update:     Sun 08 Jun 2025 06:00:47 +0000
Files and hashes:         1: DXtk3YGIxSbrXrReqB6mqK-cWek.crl (hash: B8kTgbWCKxOwvUk1RHANeLetP8FodJBOKkiS9vD4uck=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:37:e1:be:d0:53:ae:e0:ac:96:40:ee:81:9b:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d7b64dd8188c526eb5eb45ea81ea6a8af9c59e9
        Validity
            Not Before: Jun  7 06:00:47 2025 GMT
            Not After : Jun  8 06:00:47 2025 GMT
        Subject: CN=8f76d4a2ecadb7ef7fc93719c7ae72bad62af1cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:74:d9:69:4c:dc:6a:c3:60:a7:cd:ec:fc:66:
                    22:3a:d1:a3:77:52:87:ab:15:67:99:52:c2:c7:10:
                    23:ef:37:6e:1c:fe:36:c2:fb:79:12:e0:34:5d:4f:
                    5f:68:ba:94:54:19:e3:da:ca:04:b0:d7:72:43:2c:
                    ad:e4:57:9f:a4:de:44:3c:3f:30:25:88:83:01:55:
                    ad:7a:5d:91:62:39:54:a1:68:84:79:20:90:a2:f4:
                    eb:60:6b:16:1b:82:53:05:f6:32:31:6a:25:14:a4:
                    db:c4:3e:c4:7a:d7:b5:44:0c:a8:8b:61:db:d5:4d:
                    fe:9c:ba:b2:29:5a:53:58:24:9e:6d:d3:8e:5f:7c:
                    41:76:7e:e1:5b:cd:3a:26:b8:44:c2:59:0d:37:3f:
                    a9:46:1f:7d:af:1d:64:83:51:e6:fe:73:3e:b3:22:
                    d6:37:56:82:d1:3a:c9:34:a7:0c:df:c1:1b:de:5f:
                    6b:c6:8a:c9:54:37:7e:8a:2b:60:56:17:2c:fb:9e:
                    e3:f5:f0:e7:f5:4f:5b:7f:68:9d:f4:18:0c:de:a1:
                    9e:4d:5f:0d:8d:0e:82:de:6b:89:3c:68:33:30:17:
                    c7:03:78:25:aa:5e:f1:ee:49:21:e6:36:96:e1:02:
                    34:74:c8:1e:3d:f7:1c:a9:66:a9:24:3d:e0:29:e5:
                    80:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:76:D4:A2:EC:AD:B7:EF:7F:C9:37:19:C7:AE:72:BA:D6:2A:F1:CC
            X509v3 Authority Key Identifier:
                keyid:0D:7B:64:DD:81:88:C5:26:EB:5E:B4:5E:A8:1E:A6:A8:AF:9C:59:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:3a:d5:34:5d:81:b5:6a:f5:7e:1c:24:1b:91:89:16:01:fa:
         71:3a:2e:88:07:7d:8d:fd:d5:f6:84:29:70:e7:ba:a9:d5:1c:
         46:4d:d6:40:8f:03:0c:dd:ee:73:18:d8:d4:7c:de:52:83:23:
         77:2f:c2:86:a5:ca:73:af:76:62:00:c7:15:47:72:72:cb:49:
         20:c3:3c:8b:13:e2:07:02:b2:3d:09:fb:a9:a4:a7:62:99:4a:
         c3:f8:b1:5d:1f:85:d6:63:d6:f3:f4:21:23:b0:75:06:2c:b4:
         33:09:74:a3:1e:6d:db:48:b0:2c:8b:a9:56:0e:64:f5:2b:a6:
         2a:96:fc:71:18:08:39:2b:b8:62:6b:7b:74:24:42:72:b8:df:
         99:30:3d:72:99:50:d4:da:76:9b:59:cb:ce:3f:10:af:76:d7:
         ca:d0:f1:58:f3:5e:42:6b:80:c8:d8:f7:ae:0e:51:ca:82:59:
         7f:47:e1:f6:6d:a8:98:b9:63:05:5d:83:d2:0f:73:91:dc:bd:
         ae:99:3d:a3:ca:02:c7:8a:aa:3b:5c:b2:8c:a3:f7:1f:1a:a2:
         4f:d9:69:eb:c5:af:82:42:da:ac:cd:31:49:6a:f5:e0:99:80:
         b5:dc:e7:5d:64:d6:12:c3:81:13:2f:1b:e7:d1:04:c7:f0:0b:
         64:3e:c6:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+jfhvtBTruCslkDugZuUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkN2I2NGRkODE4OGM1MjZlYjVlYjQ1ZWE4MWVhNmE4YWY5
YzU5ZTkwHhcNMjUwNjA3MDYwMDQ3WhcNMjUwNjA4MDYwMDQ3WjAzMTEwLwYDVQQD
Eyg4Zjc2ZDRhMmVjYWRiN2VmN2ZjOTM3MTljN2FlNzJiYWQ2MmFmMWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3TZaUzcasNgp83s/GYiOtGjd1KH
qxVnmVLCxxAj7zduHP42wvt5EuA0XU9faLqUVBnj2soEsNdyQyyt5FefpN5EPD8w
JYiDAVWtel2RYjlUoWiEeSCQovTrYGsWG4JTBfYyMWolFKTbxD7Eete1RAyoi2Hb
1U3+nLqyKVpTWCSebdOOX3xBdn7hW806JrhEwlkNNz+pRh99rx1kg1Hm/nM+syLW
N1aC0TrJNKcM38Eb3l9rxorJVDd+iitgVhcs+57j9fDn9U9bf2id9BgM3qGeTV8N
jQ6C3muJPGgzMBfHA3glql7x7kkh5jaW4QI0dMgePfccqWapJD3gKeWACwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI921KLsrbfvf8k3GceucrrWKvHMMB8GA1UdIwQY
MBaAFA17ZN2BiMUm6160XqgepqivnFnpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iYzkxZDItZTIwOS00YTFkLTlmNzgt
MzNkMzEyOTNmMGUxLzEvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iYzkxZDItZTIwOS00YTFkLTlmNzgtMzNkMzEyOTNmMGUx
LzEvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXTrVNF2B
tWr1fhwkG5GJFgH6cTouiAd9jf3V9oQpcOe6qdUcRk3WQI8DDN3ucxjY1HzeUoMj
dy/ChqXKc692YgDHFUdycstJIMM8ixPiBwKyPQn7qaSnYplKw/ixXR+F1mPW8/Qh
I7B1Biy0Mwl0ox5t20iwLIupVg5k9SumKpb8cRgIOSu4Ymt7dCRCcrjfmTA9cplQ
1Np2m1nLzj8Qr3bXytDxWPNeQmuAyNj3rg5RyoJZf0fh9m2omLljBV2D0g9zkdy9
rpk9o8oCx4qqO1yyjKP3HxqiT9lp68WvgkLarM0xSWr14JmAtdznXWTWEsOBEy8b
59EEx/ALZD7GZA==
-----END CERTIFICATE-----