Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
File:                     DY05iX3-Ia7thQlskKRzlvyknUE.mft (raw, json)
Hash identifier:          8uvdTJ4zsGvHXo+FnnGQtE3gPQuyEjzb8yHTbZUSCTs=
Subject key identifier:   25:59:4B:56:F4:1D:6B:9E:05:83:E3:13:83:37:B2:41:C4:27:AF:30
Authority key identifier: 0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41
Certificate issuer:       /CN=0d8d39897dfe21aeed85096c90a47396fca49d41
Certificate serial:       01940645BD465ED28D18E7B8A5035CFA8900
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
Manifest number:          135A
Signing time:             Fri 27 Dec 2024 04:00:21 +0000
Manifest this update:     Fri 27 Dec 2024 04:00:21 +0000
Manifest next update:     Sat 28 Dec 2024 04:00:21 +0000
Files and hashes:         1: DY05iX3-Ia7thQlskKRzlvyknUE.crl (hash: oH9bGPINpddG4nEjx65wLqgn1YAJAkZoX+DB+AAcDKU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 00:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:06:45:bd:46:5e:d2:8d:18:e7:b8:a5:03:5c:fa:89:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d8d39897dfe21aeed85096c90a47396fca49d41
        Validity
            Not Before: Dec 27 04:00:21 2024 GMT
            Not After : Dec 28 04:00:21 2024 GMT
        Subject: CN=25594b56f41d6b9e0583e3138337b241c427af30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:e8:4e:eb:79:48:0a:97:b1:fd:f3:89:b2:18:
                    25:26:0c:8c:e9:a3:2f:6d:ca:88:94:1a:0a:df:9b:
                    4d:c6:d9:62:c6:60:f2:41:3d:20:13:c1:b4:a0:71:
                    70:62:8d:22:6a:20:c7:4a:a6:1f:ae:64:c4:7a:81:
                    bd:73:d3:6e:98:ac:0e:1b:dd:d4:74:ff:94:ee:b0:
                    3f:d2:fe:c6:1c:25:9c:73:5e:c6:54:ab:ac:d8:71:
                    c7:3d:73:be:10:fa:4f:29:2c:39:31:1f:f7:45:22:
                    da:60:3f:ba:12:fc:ae:5e:f1:e0:20:53:bf:30:d3:
                    4d:c1:29:ab:ec:f1:01:dc:8d:74:ce:90:9e:cc:f9:
                    6f:ac:29:4f:31:1c:f8:2e:19:5c:c0:af:b2:a3:75:
                    78:b2:75:9d:d2:ef:f4:8f:7a:93:9b:e9:b0:7f:dd:
                    1c:39:31:7b:43:9e:34:64:58:b9:5c:1e:f9:72:03:
                    ed:2d:7c:29:d3:24:b5:bb:4a:21:79:64:a4:c3:84:
                    23:2d:ce:ef:ee:db:52:15:6f:6e:37:e7:7d:bf:f7:
                    4d:f8:23:0a:f9:d3:fc:e2:63:18:ed:80:ef:17:32:
                    d1:90:3e:03:ce:a8:56:53:d2:21:be:cf:6d:2b:7c:
                    d9:13:15:5e:23:00:26:19:dd:eb:cd:0f:10:d8:f9:
                    70:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:59:4B:56:F4:1D:6B:9E:05:83:E3:13:83:37:B2:41:C4:27:AF:30
            X509v3 Authority Key Identifier:
                keyid:0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:6c:8c:65:3d:55:68:75:6d:2d:ab:78:76:e0:22:23:c8:96:
         5f:3a:9c:d4:c6:28:af:4b:70:0c:58:29:e8:41:51:b9:9c:c6:
         9f:93:90:7c:9e:4e:a0:2a:22:a7:5b:d2:62:73:1f:62:17:34:
         b5:c7:19:0b:a8:dd:f0:40:69:93:af:23:7d:11:b1:21:76:97:
         e2:15:25:78:e0:ec:4f:c5:38:89:71:9a:01:86:2b:a5:28:78:
         8a:c4:97:ef:35:36:35:25:e5:d3:ee:2e:55:54:cd:3c:9b:2b:
         6c:b7:1a:dd:34:46:fc:09:34:6f:13:d1:9b:6b:87:a6:56:37:
         63:c7:b4:a3:0f:77:50:c1:ef:67:14:96:85:45:22:56:31:af:
         e2:6e:e1:d8:71:be:a8:72:bb:d8:bd:c6:31:e7:33:b9:f6:b0:
         db:ba:37:5d:18:1b:c0:9a:38:9c:3e:23:ce:86:2b:a7:47:3f:
         f4:89:20:fa:c8:0a:45:70:9d:9d:ca:b6:90:6f:0b:60:02:7d:
         bb:49:d4:7e:8c:89:00:1d:b0:83:7e:45:3d:ac:f7:41:9d:9a:
         1e:9b:b5:10:e5:7d:83:c1:85:e2:55:54:07:de:31:51:6f:ec:
         c3:4c:8b:e1:e9:39:6e:52:e8:12:5b:ee:75:5d:83:ff:f9:71:
         c5:5f:5c:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQGRb1GXtKNGOe4pQNc+okAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGQzOTg5N2RmZTIxYWVlZDg1MDk2YzkwYTQ3Mzk2ZmNh
NDlkNDEwHhcNMjQxMjI3MDQwMDIxWhcNMjQxMjI4MDQwMDIxWjAzMTEwLwYDVQQD
EygyNTU5NGI1NmY0MWQ2YjllMDU4M2UzMTM4MzM3YjI0MWM0MjdhZjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjehO63lICpex/fOJshglJgyM6aMv
bcqIlBoK35tNxtlixmDyQT0gE8G0oHFwYo0iaiDHSqYfrmTEeoG9c9NumKwOG93U
dP+U7rA/0v7GHCWcc17GVKus2HHHPXO+EPpPKSw5MR/3RSLaYD+6EvyuXvHgIFO/
MNNNwSmr7PEB3I10zpCezPlvrClPMRz4LhlcwK+yo3V4snWd0u/0j3qTm+mwf90c
OTF7Q540ZFi5XB75cgPtLXwp0yS1u0oheWSkw4QjLc7v7ttSFW9uN+d9v/dN+CMK
+dP84mMY7YDvFzLRkD4DzqhWU9Ihvs9tK3zZExVeIwAmGd3rzQ8Q2Plw9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCVZS1b0HWueBYPjE4M3skHEJ68wMB8GA1UdIwQY
MBaAFA2NOYl9/iGu7YUJbJCkc5b8pJ1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAt
YmU4MjMxMDk4NTVlLzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAtYmU4MjMxMDk4NTVl
LzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArGyMZT1V
aHVtLat4duAiI8iWXzqc1MYor0twDFgp6EFRuZzGn5OQfJ5OoCoip1vSYnMfYhc0
tccZC6jd8EBpk68jfRGxIXaX4hUleODsT8U4iXGaAYYrpSh4isSX7zU2NSXl0+4u
VVTNPJsrbLca3TRG/Ak0bxPRm2uHplY3Y8e0ow93UMHvZxSWhUUiVjGv4m7h2HG+
qHK72L3GMeczufaw27o3XRgbwJo4nD4jzoYrp0c/9Ikg+sgKRXCdncq2kG8LYAJ9
u0nUfoyJAB2wg35FPaz3QZ2aHpu1EOV9g8GF4lVUB94xUW/sw0yL4ek5blLoElvu
dV2D//lxxV9cTg==
-----END CERTIFICATE-----