Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
File:                     DwQeIIaCRVpnlCzipkhYygcEfos.mft (raw, json)
Hash identifier:          fUJ8qjdLHjebM8ZRsz8vGfHYJ5FzfaLK0J+cf6lGN7E=
Subject key identifier:   E4:6D:AB:2E:CA:E9:93:C6:EB:32:5E:25:D7:D8:57:26:EC:B2:81:A9
Authority key identifier: 0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B
Certificate issuer:       /CN=0f041e208682455a67942ce2a64858ca07047e8b
Certificate serial:       01964CD936E13C979A0540297E5A1279C962
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
Manifest number:          14F8
Signing time:             Sat 19 Apr 2025 07:00:25 +0000
Manifest this update:     Sat 19 Apr 2025 07:00:25 +0000
Manifest next update:     Sun 20 Apr 2025 07:00:25 +0000
Files and hashes:         1: DwQeIIaCRVpnlCzipkhYygcEfos.crl (hash: gCwOxGli0a3p1Fon6cuNHrLiSO5cbCRia/mBUsKJCCs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:d9:36:e1:3c:97:9a:05:40:29:7e:5a:12:79:c9:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f041e208682455a67942ce2a64858ca07047e8b
        Validity
            Not Before: Apr 19 07:00:25 2025 GMT
            Not After : Apr 20 07:00:25 2025 GMT
        Subject: CN=e46dab2ecae993c6eb325e25d7d85726ecb281a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:28:f8:63:08:77:89:6f:3c:ed:48:73:61:94:
                    f9:98:77:07:4e:1c:72:68:05:5d:bb:cc:8c:5f:b8:
                    00:1a:dd:15:0a:53:81:45:5b:10:a5:53:64:5d:ea:
                    29:95:df:4d:fb:74:fe:03:4a:8a:af:62:31:00:94:
                    21:4b:78:34:5b:68:de:98:9f:77:64:42:74:d1:02:
                    0f:6c:d7:9d:10:c7:d3:19:38:56:85:da:31:96:44:
                    40:8c:cb:b6:22:03:a3:5c:2a:e4:82:e2:6c:cf:70:
                    59:79:a4:a5:2e:96:ef:b2:87:bb:fe:06:f8:e6:53:
                    5f:21:cd:d5:00:3a:56:d3:da:bb:c0:91:f8:de:e7:
                    a6:e1:bb:ad:07:d8:9e:89:b1:68:fc:69:d8:02:42:
                    bc:90:57:40:1f:4a:42:22:03:71:b0:42:9a:ed:dc:
                    21:93:95:f7:6f:b5:f3:4f:5e:86:04:19:ee:86:9d:
                    33:73:89:af:dc:f8:9b:0a:f3:13:b4:a9:40:47:e1:
                    79:65:ca:97:01:86:6f:5c:49:88:2a:0d:a6:eb:11:
                    a1:7a:3b:6a:bc:ca:43:54:c5:95:b2:46:52:7b:d0:
                    e3:81:0f:00:c4:42:08:aa:3d:f0:10:1e:a4:8e:c3:
                    6b:44:76:5c:94:d0:c6:97:49:2a:a2:96:64:da:28:
                    3b:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:6D:AB:2E:CA:E9:93:C6:EB:32:5E:25:D7:D8:57:26:EC:B2:81:A9
            X509v3 Authority Key Identifier:
                keyid:0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:4f:7e:66:a9:84:9c:f3:22:e8:fe:dc:ac:79:68:4f:0e:13:
         4d:bc:7c:61:f5:ec:3e:e2:10:cd:1b:9d:eb:9a:45:82:ac:fd:
         a5:0b:0b:95:2b:54:d2:bb:11:9d:6a:24:f2:eb:ba:e6:b7:19:
         bb:93:3c:e0:8c:f7:59:62:b0:58:f6:2f:20:24:b7:ad:d6:5b:
         4a:4a:2c:e9:d7:5a:30:cf:e5:4c:23:b2:85:3f:f3:81:78:1e:
         25:cd:09:0c:6a:9f:77:f2:cc:92:55:89:ee:95:32:c6:99:8d:
         11:ef:0c:34:d8:c6:91:57:e5:4a:0d:e3:b8:2e:0d:45:bd:c1:
         c2:4c:cc:4b:99:c3:f3:be:f4:ba:94:cd:e3:1a:3e:ce:29:9d:
         b2:74:85:ea:65:3d:8c:2e:ec:0a:b9:df:5c:d5:14:f1:d5:bd:
         64:5c:dc:83:c8:87:11:34:27:09:f4:c0:a2:88:ca:4c:d9:c6:
         fa:6f:94:0d:70:2a:7e:9b:ca:6a:3e:10:2c:8f:89:a7:f1:61:
         fc:ea:df:e4:63:bd:8b:04:a4:70:09:c4:87:14:5b:38:ac:64:
         3e:0e:0c:8d:b8:63:51:de:11:c5:f5:ae:b4:0c:6d:c6:94:0e:
         a1:f5:af:06:d5:fd:23:a8:4d:42:10:d0:45:00:81:0f:7d:65:
         f9:de:f3:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZM2TbhPJeaBUApfloSecliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDQxZTIwODY4MjQ1NWE2Nzk0MmNlMmE2NDg1OGNhMDcw
NDdlOGIwHhcNMjUwNDE5MDcwMDI1WhcNMjUwNDIwMDcwMDI1WjAzMTEwLwYDVQQD
EyhlNDZkYWIyZWNhZTk5M2M2ZWIzMjVlMjVkN2Q4NTcyNmVjYjI4MWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoij4Ywh3iW887UhzYZT5mHcHThxy
aAVdu8yMX7gAGt0VClOBRVsQpVNkXeopld9N+3T+A0qKr2IxAJQhS3g0W2jemJ93
ZEJ00QIPbNedEMfTGThWhdoxlkRAjMu2IgOjXCrkguJsz3BZeaSlLpbvsoe7/gb4
5lNfIc3VADpW09q7wJH43uem4butB9ieibFo/GnYAkK8kFdAH0pCIgNxsEKa7dwh
k5X3b7XzT16GBBnuhp0zc4mv3PibCvMTtKlAR+F5ZcqXAYZvXEmIKg2m6xGhejtq
vMpDVMWVskZSe9DjgQ8AxEIIqj3wEB6kjsNrRHZclNDGl0kqopZk2ig7KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFORtqy7K6ZPG6zJeJdfYVybssoGpMB8GA1UdIwQY
MBaAFA8EHiCGgkVaZ5Qs4qZIWMoHBH6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAt
N2ZmZGZlZTU3ZjUyLzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAtN2ZmZGZlZTU3ZjUy
LzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANU9+ZqmE
nPMi6P7crHloTw4TTbx8YfXsPuIQzRud65pFgqz9pQsLlStU0rsRnWok8uu65rcZ
u5M84Iz3WWKwWPYvICS3rdZbSkos6ddaMM/lTCOyhT/zgXgeJc0JDGqfd/LMklWJ
7pUyxpmNEe8MNNjGkVflSg3juC4NRb3BwkzMS5nD8770upTN4xo+zimdsnSF6mU9
jC7sCrnfXNUU8dW9ZFzcg8iHETQnCfTAoojKTNnG+m+UDXAqfpvKaj4QLI+Jp/Fh
/Orf5GO9iwSkcAnEhxRbOKxkPg4MjbhjUd4RxfWutAxtxpQOofWvBtX9I6hNQhDQ
RQCBD31l+d7ziw==
-----END CERTIFICATE-----