Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft
File:                     SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft (raw, json)
Hash identifier:          xMZAa4baVasdcvJw0PMN9wFD27eJAFS3Ikf/Vax4xT8=
Subject key identifier:   DF:CF:35:B7:2D:DD:5E:32:9B:3B:12:ED:76:87:88:98:66:0C:90:A5
Authority key identifier: 48:34:38:7E:BF:EC:DA:63:7A:76:E1:11:99:E1:CD:03:07:C2:F4:CA
Certificate issuer:       /CN=4834387ebfecda637a76e11199e1cd0307c2f4ca
Certificate serial:       019643D681A13A71A23525BF48E103C74D51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SDQ4fr_s2mN6duERmeHNAwfC9Mo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft
Manifest number:          0E85
Signing time:             Thu 17 Apr 2025 13:00:53 +0000
Manifest this update:     Thu 17 Apr 2025 13:00:53 +0000
Manifest next update:     Fri 18 Apr 2025 13:00:53 +0000
Files and hashes:         1: SDQ4fr_s2mN6duERmeHNAwfC9Mo.crl (hash: 6Z4CcYTYas4qPNzhCmENjp8AFwputcCkuDmwK+kXQeY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SDQ4fr_s2mN6duERmeHNAwfC9Mo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 13:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:43:d6:81:a1:3a:71:a2:35:25:bf:48:e1:03:c7:4d:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4834387ebfecda637a76e11199e1cd0307c2f4ca
        Validity
            Not Before: Apr 17 13:00:53 2025 GMT
            Not After : Apr 18 13:00:53 2025 GMT
        Subject: CN=dfcf35b72ddd5e329b3b12ed76878898660c90a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:76:b5:01:75:23:ee:ad:6b:4d:d2:9f:c0:79:
                    0f:0b:16:cf:28:36:53:b3:c4:fb:61:7d:ae:5b:3f:
                    1a:4b:49:51:7c:93:4d:54:28:8b:43:73:73:6e:e9:
                    04:0d:22:a0:e3:20:ec:d1:a3:d4:ba:a1:4f:2c:04:
                    47:5e:ed:58:cc:bc:f7:cb:ad:25:2d:a1:43:96:ac:
                    3a:cc:cb:ce:69:b0:44:4e:fa:96:28:33:64:e0:9e:
                    c9:84:4f:b4:15:51:6d:65:e7:52:71:09:6c:45:85:
                    72:83:53:01:28:c7:53:20:5b:0f:bc:a9:96:c0:08:
                    c9:03:9e:ca:97:b6:1a:8f:f1:48:5b:d8:00:c3:92:
                    12:ac:39:30:83:63:4a:b2:54:90:ac:13:5b:c2:85:
                    87:ec:17:05:34:ca:ba:17:7d:56:2d:b7:1f:47:24:
                    ec:b2:07:b0:8f:48:a9:2f:a9:c6:5b:87:3b:cf:95:
                    87:9f:76:27:03:a2:97:1f:d6:ba:6c:69:f6:e4:f2:
                    88:17:fa:fe:99:59:5a:48:56:86:c4:55:b4:36:07:
                    89:91:2f:60:43:50:4d:08:dc:c6:a8:1c:70:73:a6:
                    ab:f5:88:02:39:c4:cd:81:4b:11:aa:96:1f:03:dc:
                    cc:96:42:96:c5:84:ea:5b:f3:22:3e:b4:e0:ef:ff:
                    b6:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:CF:35:B7:2D:DD:5E:32:9B:3B:12:ED:76:87:88:98:66:0C:90:A5
            X509v3 Authority Key Identifier:
                keyid:48:34:38:7E:BF:EC:DA:63:7A:76:E1:11:99:E1:CD:03:07:C2:F4:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SDQ4fr_s2mN6duERmeHNAwfC9Mo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:30:d6:64:ea:66:56:36:88:60:fb:ad:cb:d3:e2:4a:c1:b5:
         74:66:6e:6d:9c:e7:b6:12:48:5e:0d:e4:ef:a8:c4:d9:a7:bf:
         76:52:2e:b9:46:86:3a:3b:b4:4a:bf:ee:0b:bc:6e:e0:5a:91:
         81:46:67:e0:38:e7:fe:67:a9:e0:8a:cd:fc:86:f2:42:82:7c:
         8a:37:e3:e0:4f:b8:28:54:ad:32:09:dd:85:7d:3d:d3:92:f7:
         5a:37:a3:08:d8:13:50:05:10:3e:b6:0d:99:c0:8c:07:a9:74:
         fa:ba:51:22:2e:cb:f6:59:83:ea:17:cc:69:a9:c6:46:39:a1:
         60:60:ed:56:b8:c0:80:a2:5a:1f:5a:3c:a3:e7:ad:f6:fc:44:
         0b:cd:2a:06:85:bc:03:44:7c:9a:c3:2f:43:d5:91:0a:a4:f8:
         f8:06:2c:e5:c9:be:5a:e1:d6:ff:c1:d2:f6:00:39:96:6e:3c:
         33:b1:2f:e9:e3:4a:75:89:f4:af:11:cc:9b:2e:3f:de:67:0d:
         69:2d:5a:c8:eb:77:d9:e2:85:9b:c0:8f:02:14:7b:72:22:07:
         9a:00:b5:a4:23:63:e0:b9:16:25:19:f1:34:a4:93:ce:4f:c6:
         a3:b4:e9:5a:6a:2b:5c:9e:e9:9a:f1:9d:6f:fd:e3:7d:a5:f2:
         7e:cd:39:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZD1oGhOnGiNSW/SOEDx01RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MzQzODdlYmZlY2RhNjM3YTc2ZTExMTk5ZTFjZDAzMDdj
MmY0Y2EwHhcNMjUwNDE3MTMwMDUzWhcNMjUwNDE4MTMwMDUzWjAzMTEwLwYDVQQD
EyhkZmNmMzViNzJkZGQ1ZTMyOWIzYjEyZWQ3Njg3ODg5ODY2MGM5MGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3a1AXUj7q1rTdKfwHkPCxbPKDZT
s8T7YX2uWz8aS0lRfJNNVCiLQ3NzbukEDSKg4yDs0aPUuqFPLARHXu1YzLz3y60l
LaFDlqw6zMvOabBETvqWKDNk4J7JhE+0FVFtZedScQlsRYVyg1MBKMdTIFsPvKmW
wAjJA57Kl7Yaj/FIW9gAw5ISrDkwg2NKslSQrBNbwoWH7BcFNMq6F31WLbcfRyTs
sgewj0ipL6nGW4c7z5WHn3YnA6KXH9a6bGn25PKIF/r+mVlaSFaGxFW0NgeJkS9g
Q1BNCNzGqBxwc6ar9YgCOcTNgUsRqpYfA9zMlkKWxYTqW/MiPrTg7/+2OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/PNbct3V4ymzsS7XaHiJhmDJClMB8GA1UdIwQY
MBaAFEg0OH6/7NpjenbhEZnhzQMHwvTKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0RRNGZyX3MybU42ZHVFUm1lSE5Bd2ZDOU1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85ZWU2YzgtZjNlMi00ZmFlLTk5OGEt
NTkxYTJhNDE5NGNkLzEvU0RRNGZyX3MybU42ZHVFUm1lSE5Bd2ZDOU1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85ZWU2YzgtZjNlMi00ZmFlLTk5OGEtNTkxYTJhNDE5NGNk
LzEvU0RRNGZyX3MybU42ZHVFUm1lSE5Bd2ZDOU1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwDDWZOpm
VjaIYPuty9PiSsG1dGZubZznthJIXg3k76jE2ae/dlIuuUaGOju0Sr/uC7xu4FqR
gUZn4Djn/mep4IrN/IbyQoJ8ijfj4E+4KFStMgndhX0905L3WjejCNgTUAUQPrYN
mcCMB6l0+rpRIi7L9lmD6hfMaanGRjmhYGDtVrjAgKJaH1o8o+et9vxEC80qBoW8
A0R8msMvQ9WRCqT4+AYs5cm+WuHW/8HS9gA5lm48M7Ev6eNKdYn0rxHMmy4/3mcN
aS1ayOt32eKFm8CPAhR7ciIHmgC1pCNj4LkWJRnxNKSTzk/Go7TpWmorXJ7pmvGd
b/3jfaXyfs05dQ==
-----END CERTIFICATE-----