Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
File:                     DY05iX3-Ia7thQlskKRzlvyknUE.mft (raw, json)
Hash identifier:          dGiX6J5xBktk7TIV7oqGkDnfszNu/Xvj9Yd7u82TX/s=
Subject key identifier:   79:44:65:1F:64:04:17:7D:CD:E8:D9:C8:B4:CE:6E:71:26:19:E2:B3
Authority key identifier: 0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41
Certificate issuer:       /CN=0d8d39897dfe21aeed85096c90a47396fca49d41
Certificate serial:       01965349948DFF760727BF289B710F6DF070
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
Manifest number:          148B
Signing time:             Sun 20 Apr 2025 13:00:53 +0000
Manifest this update:     Sun 20 Apr 2025 13:00:53 +0000
Manifest next update:     Mon 21 Apr 2025 13:00:53 +0000
Files and hashes:         1: DY05iX3-Ia7thQlskKRzlvyknUE.crl (hash: sEQK1L2ELhb21yK9LEixWS5TU/mFNh4I4S7aijR6HKQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 13:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:49:94:8d:ff:76:07:27:bf:28:9b:71:0f:6d:f0:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d8d39897dfe21aeed85096c90a47396fca49d41
        Validity
            Not Before: Apr 20 13:00:53 2025 GMT
            Not After : Apr 21 13:00:53 2025 GMT
        Subject: CN=7944651f6404177dcde8d9c8b4ce6e712619e2b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:63:1d:ad:85:a1:91:ec:39:74:08:d0:47:a1:
                    30:43:5e:bf:b9:5b:a3:03:8b:12:b3:64:76:0f:53:
                    04:fa:4b:c9:4b:b5:17:87:30:8e:39:8f:84:00:74:
                    e8:d5:37:a1:dc:ec:24:2b:51:5f:19:58:ec:f4:d5:
                    02:b8:3c:74:68:1b:d8:bd:94:87:f0:13:40:22:ed:
                    bc:06:02:6c:64:da:9c:fc:92:f5:d8:79:63:6b:17:
                    95:57:e2:76:4d:9c:7f:3c:db:4c:2d:4d:9f:a6:61:
                    fa:49:78:72:32:5d:59:b0:0e:02:95:26:25:39:d9:
                    7e:0e:4e:1f:a6:62:e3:63:40:03:81:55:3c:c4:ac:
                    f3:7f:59:d4:55:cb:ec:f0:25:76:82:95:90:17:23:
                    c0:08:71:3c:b6:b2:27:59:e6:d6:5c:6d:f9:76:f4:
                    0b:d3:0a:8b:fb:47:3a:7e:fc:13:18:f9:4f:74:2f:
                    8d:3e:cd:cb:cc:a8:15:ad:2b:83:22:86:26:58:fd:
                    d4:ef:93:a0:21:e4:f6:90:f5:09:a7:8c:31:15:28:
                    43:cc:ff:ba:96:f4:3e:c8:8e:25:e3:b3:83:dc:c4:
                    83:15:fb:43:3d:b5:5b:76:4c:af:4a:be:00:da:38:
                    54:b0:b6:a2:d8:16:a5:29:6c:1d:74:64:4a:fd:b1:
                    ce:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:44:65:1F:64:04:17:7D:CD:E8:D9:C8:B4:CE:6E:71:26:19:E2:B3
            X509v3 Authority Key Identifier:
                keyid:0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:6b:0b:c4:fe:b3:b0:78:55:3a:aa:a1:42:fc:61:8a:ac:04:
         67:84:ac:76:ba:a5:df:3a:6b:dc:c6:e1:3b:ae:c4:de:cd:01:
         b8:6e:62:93:21:fc:a0:69:bd:bf:5d:42:39:5e:fb:17:28:60:
         86:67:30:4d:11:e2:65:fc:64:80:9c:72:a5:54:85:bf:2b:4c:
         7a:18:08:c6:dd:e2:8c:48:27:e1:1c:21:ea:18:d2:4c:da:64:
         28:78:04:f1:c7:02:b1:c9:5e:6e:dd:9a:72:f9:b7:85:85:62:
         43:00:33:c9:10:df:d6:17:7b:97:d5:a7:0a:cb:e5:8c:ce:a4:
         9c:64:c5:95:7e:da:e8:c3:03:79:c9:d4:66:b7:73:69:f1:69:
         ad:87:f3:b2:39:4f:77:1e:84:c3:99:8c:77:65:67:29:cd:22:
         b7:11:82:83:f3:57:90:b8:13:a6:67:4e:5e:f1:a8:85:38:2e:
         78:95:fc:35:7f:43:59:c6:64:b7:97:6a:34:3a:e6:7d:ee:0f:
         07:6e:9d:e0:41:86:a4:1e:1c:fb:76:5d:85:cd:97:6f:f0:51:
         90:b3:86:ab:c1:c1:7a:0b:0a:98:6e:49:71:08:6c:ba:7f:75:
         50:83:1f:3e:48:6d:7d:a8:8a:0c:cd:00:eb:d4:f6:97:02:96:
         d2:ad:a9:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTSZSN/3YHJ78om3EPbfBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGQzOTg5N2RmZTIxYWVlZDg1MDk2YzkwYTQ3Mzk2ZmNh
NDlkNDEwHhcNMjUwNDIwMTMwMDUzWhcNMjUwNDIxMTMwMDUzWjAzMTEwLwYDVQQD
Eyg3OTQ0NjUxZjY0MDQxNzdkY2RlOGQ5YzhiNGNlNmU3MTI2MTllMmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2MdrYWhkew5dAjQR6EwQ16/uVuj
A4sSs2R2D1ME+kvJS7UXhzCOOY+EAHTo1Teh3OwkK1FfGVjs9NUCuDx0aBvYvZSH
8BNAIu28BgJsZNqc/JL12HljaxeVV+J2TZx/PNtMLU2fpmH6SXhyMl1ZsA4ClSYl
Odl+Dk4fpmLjY0ADgVU8xKzzf1nUVcvs8CV2gpWQFyPACHE8trInWebWXG35dvQL
0wqL+0c6fvwTGPlPdC+NPs3LzKgVrSuDIoYmWP3U75OgIeT2kPUJp4wxFShDzP+6
lvQ+yI4l47OD3MSDFftDPbVbdkyvSr4A2jhUsLai2BalKWwddGRK/bHONwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHlEZR9kBBd9zejZyLTObnEmGeKzMB8GA1UdIwQY
MBaAFA2NOYl9/iGu7YUJbJCkc5b8pJ1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAt
YmU4MjMxMDk4NTVlLzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAtYmU4MjMxMDk4NTVl
LzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK2sLxP6z
sHhVOqqhQvxhiqwEZ4Ssdrql3zpr3MbhO67E3s0BuG5ikyH8oGm9v11COV77Fyhg
hmcwTRHiZfxkgJxypVSFvytMehgIxt3ijEgn4Rwh6hjSTNpkKHgE8ccCsclebt2a
cvm3hYViQwAzyRDf1hd7l9WnCsvljM6knGTFlX7a6MMDecnUZrdzafFprYfzsjlP
dx6Ew5mMd2VnKc0itxGCg/NXkLgTpmdOXvGohTgueJX8NX9DWcZkt5dqNDrmfe4P
B26d4EGGpB4c+3Zdhc2Xb/BRkLOGq8HBegsKmG5JcQhsun91UIMfPkhtfaiKDM0A
69T2lwKW0q2piA==
-----END CERTIFICATE-----