Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft
File:                     dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft (raw, json)
Hash identifier:          4hyXF2j/f8j3WdkGg6AVR5Y07G/+lLylqANnrNQJiNM=
Subject key identifier:   5F:A9:AE:55:2E:B6:94:5D:5F:46:51:4D:0F:4C:2A:82:95:34:DE:6C
Authority key identifier: 74:72:EB:8F:80:15:EB:1B:C2:9E:A3:16:2F:83:E6:AC:ED:BB:42:7E
Certificate issuer:       /CN=7472eb8f8015eb1bc29ea3162f83e6acedbb427e
Certificate serial:       019510FE2926B0EFCA4233AF4D2648ECCD64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dHLrj4AV6xvCnqMWL4PmrO27Qn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft
Manifest number:          0D4A
Signing time:             Sun 16 Feb 2025 23:00:46 +0000
Manifest this update:     Sun 16 Feb 2025 23:00:46 +0000
Manifest next update:     Mon 17 Feb 2025 23:00:46 +0000
Files and hashes:         1: dHLrj4AV6xvCnqMWL4PmrO27Qn4.crl (hash: gxJshB2JZzrRojXB4V7blI0g+FXR2/VnDWueh+fD0L8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dHLrj4AV6xvCnqMWL4PmrO27Qn4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:fe:29:26:b0:ef:ca:42:33:af:4d:26:48:ec:cd:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7472eb8f8015eb1bc29ea3162f83e6acedbb427e
        Validity
            Not Before: Feb 16 23:00:46 2025 GMT
            Not After : Feb 17 23:00:46 2025 GMT
        Subject: CN=5fa9ae552eb6945d5f46514d0f4c2a829534de6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:0a:f8:b6:88:14:65:77:b1:7d:4d:20:ac:8b:
                    61:5f:4e:49:ca:21:fd:51:dc:9f:81:66:89:e5:ee:
                    9f:0e:3e:0e:bd:5b:f8:c6:c5:31:99:ed:45:3b:4d:
                    e1:9f:27:fd:7f:d7:eb:c7:b0:5a:b2:78:26:c1:aa:
                    a0:c4:4d:3d:40:46:4a:ef:a5:b6:47:47:b6:05:b6:
                    76:44:48:1f:92:bc:8a:54:13:c5:cc:aa:3a:d4:08:
                    0b:b0:f3:b1:0b:64:87:b0:f1:91:9b:e5:6f:6d:0c:
                    b4:9b:e5:6d:0a:bb:ce:1b:c9:0e:10:ee:d0:f0:34:
                    7b:49:51:a5:c4:03:0d:e0:3f:41:53:5f:c0:08:1b:
                    16:cf:e1:04:78:dd:1b:a4:7b:ae:51:f9:15:e6:d6:
                    5c:99:e9:20:65:90:58:bb:95:d5:aa:d7:ab:9f:34:
                    c4:82:3e:e6:57:7f:34:f5:5b:e6:9a:af:ca:f2:7e:
                    ee:bc:ae:08:db:e4:20:84:2a:1a:65:df:75:37:07:
                    28:7b:a0:df:9f:3e:e8:2b:f4:f4:ef:5f:ab:d3:6b:
                    cd:c7:20:6a:62:db:12:4a:dc:1f:65:6c:50:7a:c6:
                    39:04:1a:3d:34:44:d5:0b:a5:c7:9f:bc:0c:27:58:
                    d0:1a:5c:c1:a9:a8:ec:05:f6:eb:99:8f:2e:9b:4e:
                    15:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:A9:AE:55:2E:B6:94:5D:5F:46:51:4D:0F:4C:2A:82:95:34:DE:6C
            X509v3 Authority Key Identifier:
                keyid:74:72:EB:8F:80:15:EB:1B:C2:9E:A3:16:2F:83:E6:AC:ED:BB:42:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dHLrj4AV6xvCnqMWL4PmrO27Qn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:09:37:da:1b:f5:9b:80:5d:82:02:ff:d3:df:41:2d:25:da:
         d4:8a:1e:8f:6b:11:96:33:b3:00:0a:20:a3:7b:80:c7:91:97:
         cc:e6:9f:18:87:74:e6:32:3a:0f:9b:ca:bf:f1:51:90:4c:89:
         fe:bd:14:a6:f5:03:f2:e3:7f:fa:39:f5:c2:a3:fc:b5:7d:52:
         9f:18:93:ea:2b:78:bc:fb:e1:b2:30:b7:5d:82:4a:2c:11:f2:
         46:a8:ab:54:a5:5e:43:da:ca:e8:ea:33:1a:c8:50:80:89:17:
         44:76:ca:0e:c4:e1:52:b8:71:78:9c:f4:2d:11:0c:44:9a:dc:
         22:4a:c2:b9:57:b3:09:dd:7b:26:ff:d9:bf:0b:b8:cd:28:2b:
         e2:58:e4:ed:c9:b0:5d:27:97:7e:79:a2:cf:a3:50:f0:4d:cb:
         88:a7:6e:35:ce:96:78:fd:61:a7:37:43:b5:9d:29:49:81:1c:
         95:4b:42:46:90:d3:40:d1:46:04:e0:37:4d:c7:c6:8b:21:d8:
         c4:8c:23:56:46:12:ec:32:b9:a5:ee:14:7c:bf:37:9b:22:63:
         52:68:21:2b:da:99:91:68:1d:0c:48:a5:cd:a8:2a:99:50:84:
         0c:71:a8:6f:8d:9d:65:d3:97:8e:7f:65:b1:80:cc:c1:6e:d1:
         89:19:97:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQ/ikmsO/KQjOvTSZI7M1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NzJlYjhmODAxNWViMWJjMjllYTMxNjJmODNlNmFjZWRi
YjQyN2UwHhcNMjUwMjE2MjMwMDQ2WhcNMjUwMjE3MjMwMDQ2WjAzMTEwLwYDVQQD
Eyg1ZmE5YWU1NTJlYjY5NDVkNWY0NjUxNGQwZjRjMmE4Mjk1MzRkZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQr4togUZXexfU0grIthX05JyiH9
UdyfgWaJ5e6fDj4OvVv4xsUxme1FO03hnyf9f9frx7BasngmwaqgxE09QEZK76W2
R0e2BbZ2REgfkryKVBPFzKo61AgLsPOxC2SHsPGRm+VvbQy0m+VtCrvOG8kOEO7Q
8DR7SVGlxAMN4D9BU1/ACBsWz+EEeN0bpHuuUfkV5tZcmekgZZBYu5XVqternzTE
gj7mV3809Vvmmq/K8n7uvK4I2+QghCoaZd91Nwcoe6Dfnz7oK/T071+r02vNxyBq
YtsSStwfZWxQesY5BBo9NETVC6XHn7wMJ1jQGlzBqajsBfbrmY8um04VtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF+prlUutpRdX0ZRTQ9MKoKVNN5sMB8GA1UdIwQY
MBaAFHRy64+AFesbwp6jFi+D5qztu0J+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEhMcmo0QVY2eHZDbnFNV0w0UG1yTzI3UW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82NTVlMjgtMzM5MS00MGE3LTg4Y2Et
MWJmZmRhMzgyZWJlLzEvZEhMcmo0QVY2eHZDbnFNV0w0UG1yTzI3UW40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82NTVlMjgtMzM5MS00MGE3LTg4Y2EtMWJmZmRhMzgyZWJl
LzEvZEhMcmo0QVY2eHZDbnFNV0w0UG1yTzI3UW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEAk32hv1
m4BdggL/099BLSXa1Ioej2sRljOzAAogo3uAx5GXzOafGId05jI6D5vKv/FRkEyJ
/r0UpvUD8uN/+jn1wqP8tX1SnxiT6it4vPvhsjC3XYJKLBHyRqirVKVeQ9rK6Ooz
GshQgIkXRHbKDsThUrhxeJz0LREMRJrcIkrCuVezCd17Jv/Zvwu4zSgr4ljk7cmw
XSeXfnmiz6NQ8E3LiKduNc6WeP1hpzdDtZ0pSYEclUtCRpDTQNFGBOA3TcfGiyHY
xIwjVkYS7DK5pe4UfL83myJjUmghK9qZkWgdDEilzagqmVCEDHGob42dZdOXjn9l
sYDMwW7RiRmXQA==
-----END CERTIFICATE-----