Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          8z1iDqukoDDOKhGaJMI7L5Lb+cqMgE3udPKhTAzM7F8=
Subject key identifier:   11:23:36:92:B4:D8:77:AF:7E:C0:05:34:89:D3:5D:70:0A:E1:1B:C9
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       0197488C0F6D423C5DF3663F73F31EE878EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          110B
Signing time:             Sat 07 Jun 2025 04:00:27 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:27 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:27 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: jrm7bAxhPKFwY2l+c0zl20w1K63KiREdyLEgrWHfqu8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:0f:6d:42:3c:5d:f3:66:3f:73:f3:1e:e8:78:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: Jun  7 04:00:27 2025 GMT
            Not After : Jun  8 04:00:27 2025 GMT
        Subject: CN=11233692b4d877af7ec0053489d35d700ae11bc9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:51:24:b7:41:43:8b:fa:8d:4a:47:18:3a:4c:
                    72:87:b0:48:d5:d9:72:32:20:5b:03:05:fe:48:bd:
                    9d:51:28:c1:37:ed:a8:89:08:7d:22:65:c8:82:42:
                    30:72:fa:4e:d4:08:46:f4:81:66:ec:0c:ca:43:29:
                    a2:35:cc:34:9b:25:bd:0d:07:b0:d6:bf:01:17:ab:
                    8e:f8:db:3d:7b:9f:fa:b0:7c:06:3c:e2:2b:89:c2:
                    ad:b2:8c:39:e4:6b:46:ce:2a:d1:15:dd:7c:b2:bd:
                    e8:f4:8f:a8:e0:ec:b8:68:82:72:b4:b7:e6:74:ec:
                    7a:a6:fb:9d:17:3c:0d:c9:76:c3:b2:f3:72:f9:9c:
                    90:9b:08:01:01:8d:4b:1e:62:27:65:66:09:db:2b:
                    52:aa:94:b4:86:3a:31:ed:94:6f:a6:45:3e:32:10:
                    a5:06:70:8d:d3:10:5e:5b:8d:cb:dc:f2:31:3a:c8:
                    09:81:fa:86:72:e0:8a:e6:87:5f:16:2e:b1:50:f2:
                    d3:2b:30:b8:f5:4e:18:a3:bf:c7:90:a7:d5:85:0a:
                    e7:1e:b2:61:74:03:9f:2c:22:c3:d1:d9:a4:67:8e:
                    d2:ab:df:89:25:03:ea:91:7e:5e:ee:2f:43:36:00:
                    50:ff:f5:6d:09:b9:38:0a:72:95:e9:5d:e2:53:fe:
                    bc:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:23:36:92:B4:D8:77:AF:7E:C0:05:34:89:D3:5D:70:0A:E1:1B:C9
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:90:e7:58:e3:bb:11:0c:f5:0f:a4:11:cb:af:83:e9:b4:8b:
         5b:ac:03:35:7c:07:29:40:18:15:dd:41:a0:95:2d:ee:0e:aa:
         b6:0d:98:a5:86:81:52:9d:ec:64:44:79:86:da:91:8e:54:69:
         59:c5:69:e0:e5:ab:b0:6e:c2:bf:a9:4b:0e:6a:7c:ff:b4:db:
         ab:98:37:f1:7f:83:6a:b6:89:3b:6d:0b:90:db:a0:42:b4:21:
         aa:c9:ab:69:a4:5e:36:76:4e:a3:8e:c6:37:21:9c:0d:85:2a:
         d8:92:ba:47:76:9d:14:c8:5f:69:8d:1e:ec:20:98:6c:55:6f:
         a6:19:e0:d3:a4:a2:c6:b6:ad:68:80:5e:bd:75:6d:2d:92:1d:
         6d:c8:87:d9:4c:54:64:42:7d:2f:fb:d2:0d:f9:5a:d2:5b:f3:
         69:e9:94:2c:70:7c:b5:5c:9c:2b:71:8b:9f:09:f2:ab:91:46:
         df:59:17:d3:e0:9b:48:49:f3:f1:46:55:b5:a1:ed:a9:e3:ce:
         1d:3d:1f:09:c4:16:58:1e:e9:32:2e:44:f4:cb:9e:90:50:5b:
         41:16:8d:18:0a:a9:bc:9b:d9:67:c4:15:6c:5c:a7:0b:11:11:
         30:70:8c:b7:9f:dc:6b:df:1f:f2:01:ef:a7:f7:54:f5:a6:a1:
         75:91:29:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjA9tQjxd82Y/c/Me6HjrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjUwNjA3MDQwMDI3WhcNMjUwNjA4MDQwMDI3WjAzMTEwLwYDVQQD
EygxMTIzMzY5MmI0ZDg3N2FmN2VjMDA1MzQ4OWQzNWQ3MDBhZTExYmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFEkt0FDi/qNSkcYOkxyh7BI1dly
MiBbAwX+SL2dUSjBN+2oiQh9ImXIgkIwcvpO1AhG9IFm7AzKQymiNcw0myW9DQew
1r8BF6uO+Ns9e5/6sHwGPOIricKtsow55GtGzirRFd18sr3o9I+o4Oy4aIJytLfm
dOx6pvudFzwNyXbDsvNy+ZyQmwgBAY1LHmInZWYJ2ytSqpS0hjox7ZRvpkU+MhCl
BnCN0xBeW43L3PIxOsgJgfqGcuCK5odfFi6xUPLTKzC49U4Yo7/HkKfVhQrnHrJh
dAOfLCLD0dmkZ47Sq9+JJQPqkX5e7i9DNgBQ//VtCbk4CnKV6V3iU/68AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBEjNpK02HevfsAFNInTXXAK4RvJMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACZDnWOO7
EQz1D6QRy6+D6bSLW6wDNXwHKUAYFd1BoJUt7g6qtg2YpYaBUp3sZER5htqRjlRp
WcVp4OWrsG7Cv6lLDmp8/7Tbq5g38X+DaraJO20LkNugQrQhqsmraaReNnZOo47G
NyGcDYUq2JK6R3adFMhfaY0e7CCYbFVvphng06SixrataIBevXVtLZIdbciH2UxU
ZEJ9L/vSDfla0lvzaemULHB8tVycK3GLnwnyq5FG31kX0+CbSEnz8UZVtaHtqePO
HT0fCcQWWB7pMi5E9MuekFBbQRaNGAqpvJvZZ8QVbFynCxERMHCMt5/ca98f8gHv
p/dU9aahdZEpBw==
-----END CERTIFICATE-----