Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft
File:                     dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft (raw, json)
Hash identifier:          +AMdB18RnvSFLBESQi/aVLGynKhtrx+32icXSu8h9qY=
Subject key identifier:   C3:77:72:A8:62:B5:CA:73:20:FC:B9:2B:B9:A5:5B:69:C0:1A:0F:1E
Authority key identifier: 74:72:EB:8F:80:15:EB:1B:C2:9E:A3:16:2F:83:E6:AC:ED:BB:42:7E
Certificate issuer:       /CN=7472eb8f8015eb1bc29ea3162f83e6acedbb427e
Certificate serial:       019590741878E22ECA9CED32F47C29428B56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dHLrj4AV6xvCnqMWL4PmrO27Qn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft
Manifest number:          0D8C
Signing time:             Thu 13 Mar 2025 17:01:22 +0000
Manifest this update:     Thu 13 Mar 2025 17:01:22 +0000
Manifest next update:     Fri 14 Mar 2025 17:01:22 +0000
Files and hashes:         1: dHLrj4AV6xvCnqMWL4PmrO27Qn4.crl (hash: vvroiSDNKL9DFVbsvyJ092FF8BaNCdeT1hDF8crNr+k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dHLrj4AV6xvCnqMWL4PmrO27Qn4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 09:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:90:74:18:78:e2:2e:ca:9c:ed:32:f4:7c:29:42:8b:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7472eb8f8015eb1bc29ea3162f83e6acedbb427e
        Validity
            Not Before: Mar 13 17:01:22 2025 GMT
            Not After : Mar 14 17:01:22 2025 GMT
        Subject: CN=c37772a862b5ca7320fcb92bb9a55b69c01a0f1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:fa:8f:71:d3:cd:88:6c:19:ca:68:03:89:e4:
                    33:be:4f:1e:c9:50:0b:5c:03:f9:fe:66:02:e2:e8:
                    71:d0:a9:b3:ff:cc:30:27:40:c9:04:23:f4:5b:ec:
                    27:30:2a:f9:e7:27:b0:d0:33:f2:0b:c3:b3:92:9a:
                    49:03:cd:d6:5a:6c:e8:4f:c2:ff:b0:70:56:66:0c:
                    d8:f7:66:e4:1a:b6:1c:0a:13:12:d5:2f:46:29:5c:
                    1a:0c:d6:8c:b5:cd:2e:c2:73:d7:15:44:12:d7:84:
                    57:7d:75:22:da:14:e2:12:36:d8:d2:01:d4:a7:88:
                    84:ee:24:77:60:18:f1:f6:3f:63:e9:2d:c9:55:df:
                    bb:63:04:a3:b3:7f:e3:46:68:9a:f4:a8:bc:80:2e:
                    54:5d:dc:af:d6:2c:01:f0:e3:9e:4d:46:1b:0d:c4:
                    02:af:e4:8f:56:4e:ac:13:f6:4d:ff:e6:53:de:26:
                    f5:4f:1e:b4:d3:ca:17:a5:2b:66:f6:36:a0:d1:09:
                    b6:83:3c:bd:95:d8:b3:d5:f8:07:cf:92:99:66:7d:
                    30:4b:a1:e8:77:ad:a0:8d:6c:c5:99:b5:b1:89:43:
                    d4:aa:10:68:1a:a3:91:1b:98:c9:7e:e2:b8:72:8e:
                    59:be:54:ef:91:e1:05:2e:37:97:18:19:97:77:1b:
                    4e:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:77:72:A8:62:B5:CA:73:20:FC:B9:2B:B9:A5:5B:69:C0:1A:0F:1E
            X509v3 Authority Key Identifier:
                keyid:74:72:EB:8F:80:15:EB:1B:C2:9E:A3:16:2F:83:E6:AC:ED:BB:42:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dHLrj4AV6xvCnqMWL4PmrO27Qn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:c6:f6:cd:d7:10:6c:cf:c8:61:3e:df:b6:72:44:56:69:96:
         d4:f3:fd:a6:1e:4e:3e:89:21:68:48:fd:b1:71:03:ac:97:20:
         ba:32:89:15:17:18:e1:2e:41:80:c0:17:6e:61:8b:88:98:1c:
         83:56:b1:10:9d:d0:17:b6:fc:91:3a:4f:6e:a3:8e:8e:aa:78:
         66:75:26:9a:c5:ba:de:26:1f:a6:fe:ee:1d:25:13:a9:2d:9b:
         f5:5c:35:66:cf:4a:05:26:f2:4a:4d:c7:e4:97:5a:f2:e0:ff:
         44:ee:de:bc:6e:e8:40:fd:87:6a:1d:23:42:26:6c:be:57:07:
         5d:4a:36:8b:96:c7:1d:1c:b3:6d:7b:5a:7c:ad:7c:91:d2:05:
         cd:61:75:80:0e:c5:9b:c7:23:fb:bb:ee:27:05:1f:98:6d:bb:
         66:7d:84:75:1b:5a:1b:62:ba:65:7f:05:e5:14:04:cc:79:28:
         c5:04:d7:f0:d6:67:b6:99:a3:f0:aa:a5:48:fc:ab:11:eb:a8:
         dd:a7:2c:b2:21:3a:a9:79:c6:4e:49:e6:96:d3:19:35:ba:57:
         46:31:f0:6a:10:bf:31:a3:30:0b:f0:e6:c7:aa:be:f7:79:e5:
         d4:e6:10:cc:dc:71:09:86:b2:fd:c2:3c:16:f4:77:34:92:c7:
         13:4f:ae:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWQdBh44i7KnO0y9HwpQotWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NzJlYjhmODAxNWViMWJjMjllYTMxNjJmODNlNmFjZWRi
YjQyN2UwHhcNMjUwMzEzMTcwMTIyWhcNMjUwMzE0MTcwMTIyWjAzMTEwLwYDVQQD
EyhjMzc3NzJhODYyYjVjYTczMjBmY2I5MmJiOWE1NWI2OWMwMWEwZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfqPcdPNiGwZymgDieQzvk8eyVAL
XAP5/mYC4uhx0Kmz/8wwJ0DJBCP0W+wnMCr55yew0DPyC8OzkppJA83WWmzoT8L/
sHBWZgzY92bkGrYcChMS1S9GKVwaDNaMtc0uwnPXFUQS14RXfXUi2hTiEjbY0gHU
p4iE7iR3YBjx9j9j6S3JVd+7YwSjs3/jRmia9Ki8gC5UXdyv1iwB8OOeTUYbDcQC
r+SPVk6sE/ZN/+ZT3ib1Tx6008oXpStm9jag0Qm2gzy9ldiz1fgHz5KZZn0wS6Ho
d62gjWzFmbWxiUPUqhBoGqORG5jJfuK4co5ZvlTvkeEFLjeXGBmXdxtOiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMN3cqhitcpzIPy5K7mlW2nAGg8eMB8GA1UdIwQY
MBaAFHRy64+AFesbwp6jFi+D5qztu0J+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEhMcmo0QVY2eHZDbnFNV0w0UG1yTzI3UW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82NTVlMjgtMzM5MS00MGE3LTg4Y2Et
MWJmZmRhMzgyZWJlLzEvZEhMcmo0QVY2eHZDbnFNV0w0UG1yTzI3UW40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82NTVlMjgtMzM5MS00MGE3LTg4Y2EtMWJmZmRhMzgyZWJl
LzEvZEhMcmo0QVY2eHZDbnFNV0w0UG1yTzI3UW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnMb2zdcQ
bM/IYT7ftnJEVmmW1PP9ph5OPokhaEj9sXEDrJcgujKJFRcY4S5BgMAXbmGLiJgc
g1axEJ3QF7b8kTpPbqOOjqp4ZnUmmsW63iYfpv7uHSUTqS2b9Vw1Zs9KBSbySk3H
5Jda8uD/RO7evG7oQP2Hah0jQiZsvlcHXUo2i5bHHRyzbXtafK18kdIFzWF1gA7F
m8cj+7vuJwUfmG27Zn2EdRtaG2K6ZX8F5RQEzHkoxQTX8NZntpmj8KqlSPyrEeuo
3acssiE6qXnGTknmltMZNbpXRjHwahC/MaMwC/Dmx6q+93nl1OYQzNxxCYay/cI8
FvR3NJLHE0+ubw==
-----END CERTIFICATE-----