Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft
File:                     dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft (raw, json)
Hash identifier:          zf2qOSNnDQGrC7Ptsfnq9Cpsw5fq0kdwgA/jZC/V9ZU=
Subject key identifier:   4E:6B:D1:DC:EC:26:C6:06:F2:57:BB:5C:4E:F9:C8:56:B9:CA:DE:EE
Authority key identifier: 74:72:EB:8F:80:15:EB:1B:C2:9E:A3:16:2F:83:E6:AC:ED:BB:42:7E
Certificate issuer:       /CN=7472eb8f8015eb1bc29ea3162f83e6acedbb427e
Certificate serial:       01965191D51A6D476F966F59F9EF345FC5CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dHLrj4AV6xvCnqMWL4PmrO27Qn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft
Manifest number:          0DF0
Signing time:             Sun 20 Apr 2025 05:00:33 +0000
Manifest this update:     Sun 20 Apr 2025 05:00:33 +0000
Manifest next update:     Mon 21 Apr 2025 05:00:33 +0000
Files and hashes:         1: dHLrj4AV6xvCnqMWL4PmrO27Qn4.crl (hash: 6YkD2cAihJ9t+Bojqqh0lXuQgUXlhnufHzDtf5v66nY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dHLrj4AV6xvCnqMWL4PmrO27Qn4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 05:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:91:d5:1a:6d:47:6f:96:6f:59:f9:ef:34:5f:c5:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7472eb8f8015eb1bc29ea3162f83e6acedbb427e
        Validity
            Not Before: Apr 20 05:00:33 2025 GMT
            Not After : Apr 21 05:00:33 2025 GMT
        Subject: CN=4e6bd1dcec26c606f257bb5c4ef9c856b9cadeee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e6:8c:24:d6:77:b0:d0:e7:c6:52:07:66:bb:
                    57:cf:9f:ca:45:61:bf:ba:b9:74:cb:fa:be:a6:ac:
                    48:d2:4d:fe:28:de:bb:76:b6:3d:2a:ad:71:bb:88:
                    ad:ed:b3:9b:70:3e:33:a6:7d:c9:47:be:b9:f5:ef:
                    16:a4:0f:7d:dc:b0:d4:c3:55:a9:5e:0e:2a:48:14:
                    ab:6c:b3:d2:35:18:7c:80:9c:d5:cd:f1:47:d9:40:
                    a2:c0:25:1f:27:57:a1:da:0a:1f:6f:ce:a6:6a:49:
                    89:68:37:d3:e8:b1:7e:35:be:3a:cc:29:0f:33:2b:
                    9c:a4:ad:e6:2f:6b:b0:d9:a7:ae:44:2b:ce:bd:00:
                    80:f2:6c:3e:4a:b6:44:d2:81:33:5e:2f:c6:b7:7b:
                    67:bd:ae:4e:a7:4e:38:ba:1b:6e:11:1b:f9:6c:26:
                    d4:ed:56:30:78:91:43:0b:fb:73:43:23:4d:57:59:
                    9c:1d:ae:48:bf:70:26:03:eb:6d:84:2a:e3:f9:f8:
                    be:2d:cc:a0:d2:74:d3:17:0c:c2:0c:75:e5:89:d4:
                    1a:ec:4f:7d:81:4c:eb:a8:7e:c6:51:0f:4e:0b:13:
                    cf:26:06:88:70:cb:ab:79:8d:85:12:a5:b2:ab:44:
                    fd:84:1a:6f:b2:55:91:d0:30:01:44:fe:f9:33:20:
                    61:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:6B:D1:DC:EC:26:C6:06:F2:57:BB:5C:4E:F9:C8:56:B9:CA:DE:EE
            X509v3 Authority Key Identifier:
                keyid:74:72:EB:8F:80:15:EB:1B:C2:9E:A3:16:2F:83:E6:AC:ED:BB:42:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dHLrj4AV6xvCnqMWL4PmrO27Qn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:f0:fa:60:8d:5d:28:bb:c2:70:cc:1b:d6:95:f7:3f:f9:49:
         cf:14:c2:96:bd:0d:ab:3b:ad:72:ac:85:68:cd:81:f1:f8:dd:
         9a:46:43:2f:71:db:52:cd:b8:e6:90:69:f8:3a:19:8b:ef:df:
         0a:f8:b0:da:b9:21:59:32:a0:86:91:6d:b5:4d:3d:5e:e2:fc:
         76:ab:d7:8e:cd:8f:26:9c:9a:95:fa:f5:bd:7b:ba:b7:10:64:
         f6:43:43:46:60:55:03:8f:80:d1:26:ef:29:65:92:7b:c4:dc:
         bf:42:e1:67:fd:88:d3:97:87:e6:74:6f:e0:d5:f9:cb:ad:b3:
         16:5e:9a:f2:a0:ef:25:75:c7:51:01:0e:a1:bf:a7:57:e8:47:
         3e:27:ea:00:52:44:71:3b:d4:20:83:8d:9e:78:01:dd:3c:85:
         3f:4b:2e:f6:56:5a:56:1d:a4:79:77:26:e6:57:58:c7:09:9a:
         8a:42:05:30:9e:0d:ad:47:90:df:0d:16:b9:77:1c:20:29:7f:
         af:bf:42:c6:26:a6:54:0a:ce:ff:ac:ad:cd:5d:7b:b7:3b:d1:
         42:cd:48:d2:a8:6e:68:f1:51:a9:98:ec:34:f5:de:43:fb:13:
         cf:6d:c5:62:7d:c8:0e:e5:f7:7a:0b:91:0b:26:00:87:4f:c9:
         b4:14:d1:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRkdUabUdvlm9Z+e80X8XOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NzJlYjhmODAxNWViMWJjMjllYTMxNjJmODNlNmFjZWRi
YjQyN2UwHhcNMjUwNDIwMDUwMDMzWhcNMjUwNDIxMDUwMDMzWjAzMTEwLwYDVQQD
Eyg0ZTZiZDFkY2VjMjZjNjA2ZjI1N2JiNWM0ZWY5Yzg1NmI5Y2FkZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOaMJNZ3sNDnxlIHZrtXz5/KRWG/
url0y/q+pqxI0k3+KN67drY9Kq1xu4it7bObcD4zpn3JR7659e8WpA993LDUw1Wp
Xg4qSBSrbLPSNRh8gJzVzfFH2UCiwCUfJ1eh2gofb86makmJaDfT6LF+Nb46zCkP
MyucpK3mL2uw2aeuRCvOvQCA8mw+SrZE0oEzXi/Gt3tnva5Op044uhtuERv5bCbU
7VYweJFDC/tzQyNNV1mcHa5Iv3AmA+tthCrj+fi+Lcyg0nTTFwzCDHXlidQa7E99
gUzrqH7GUQ9OCxPPJgaIcMureY2FEqWyq0T9hBpvslWR0DABRP75MyBhiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE5r0dzsJsYG8le7XE75yFa5yt7uMB8GA1UdIwQY
MBaAFHRy64+AFesbwp6jFi+D5qztu0J+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEhMcmo0QVY2eHZDbnFNV0w0UG1yTzI3UW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82NTVlMjgtMzM5MS00MGE3LTg4Y2Et
MWJmZmRhMzgyZWJlLzEvZEhMcmo0QVY2eHZDbnFNV0w0UG1yTzI3UW40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82NTVlMjgtMzM5MS00MGE3LTg4Y2EtMWJmZmRhMzgyZWJl
LzEvZEhMcmo0QVY2eHZDbnFNV0w0UG1yTzI3UW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXvD6YI1d
KLvCcMwb1pX3P/lJzxTClr0NqzutcqyFaM2B8fjdmkZDL3HbUs245pBp+DoZi+/f
Cviw2rkhWTKghpFttU09XuL8dqvXjs2PJpyalfr1vXu6txBk9kNDRmBVA4+A0Sbv
KWWSe8Tcv0LhZ/2I05eH5nRv4NX5y62zFl6a8qDvJXXHUQEOob+nV+hHPifqAFJE
cTvUIIONnngB3TyFP0su9lZaVh2keXcm5ldYxwmaikIFMJ4NrUeQ3w0WuXccICl/
r79CxiamVArO/6ytzV17tzvRQs1I0qhuaPFRqZjsNPXeQ/sTz23FYn3IDuX3eguR
CyYAh0/JtBTROA==
-----END CERTIFICATE-----