Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
File:                     0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft (raw, json)
Hash identifier:          dxV9ILi2NCeukppSTPeFhMI/dAvl5LsVC5DgdWlVXJo=
Subject key identifier:   97:9D:8D:B8:07:1F:4D:0C:46:E0:63:E5:2B:F9:A9:9D:C8:E9:16:51
Authority key identifier: D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0
Certificate issuer:       /CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
Certificate serial:       019655A60B3DF85E2F4F22A47A75D077F078
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
Manifest number:          0BA8
Signing time:             Mon 21 Apr 2025 00:01:07 +0000
Manifest this update:     Mon 21 Apr 2025 00:01:07 +0000
Manifest next update:     Tue 22 Apr 2025 00:01:07 +0000
Files and hashes:         1: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl (hash: bdTQOycH4HgJ51op1GcDu8TrdPsywylV7DKwzW+Y+YU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 00:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:a6:0b:3d:f8:5e:2f:4f:22:a4:7a:75:d0:77:f0:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
        Validity
            Not Before: Apr 21 00:01:07 2025 GMT
            Not After : Apr 22 00:01:07 2025 GMT
        Subject: CN=979d8db8071f4d0c46e063e52bf9a99dc8e91651
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:b6:5d:45:81:4e:b8:ad:ae:f9:dc:31:27:ab:
                    5c:34:ec:01:24:c7:e4:be:5d:f6:ba:ab:61:6f:1e:
                    79:64:fd:3b:c9:b2:83:21:0f:8d:2d:43:2a:d9:50:
                    8c:d2:41:da:c4:d8:a8:bc:43:37:f9:92:ae:c1:e9:
                    b6:eb:cb:46:9c:e7:ab:4e:3c:5f:22:da:b8:03:62:
                    a9:67:e2:e0:a7:77:b5:74:1d:14:c8:cb:46:0c:d5:
                    02:ce:b4:fa:8c:04:ea:ac:6d:e7:45:96:7c:77:0e:
                    8e:d1:7e:d8:2f:39:c5:21:e4:d2:f7:b8:e2:bd:17:
                    f6:9b:e2:39:a3:3e:2c:ae:77:37:ef:bb:a8:4b:39:
                    4e:05:6f:0b:24:ee:13:b9:32:7f:67:b6:bc:64:f3:
                    10:4e:a0:e1:dd:56:8b:6c:ff:38:9d:41:18:61:8b:
                    b3:65:4a:78:e0:81:32:4e:d0:0a:96:b1:d0:5e:b8:
                    51:66:c7:8b:47:4a:ef:aa:db:50:b2:68:a8:52:2a:
                    32:12:db:10:0c:b7:dd:36:85:a6:b8:32:91:8c:a8:
                    c6:a8:fe:9d:c9:b3:9d:d9:e2:a6:62:0d:8a:bd:12:
                    f9:bc:79:a8:4a:e2:27:f7:9d:ed:0a:fc:f1:dc:d9:
                    8f:76:a1:6f:45:58:10:9f:42:c1:f0:1a:d8:9e:34:
                    71:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:9D:8D:B8:07:1F:4D:0C:46:E0:63:E5:2B:F9:A9:9D:C8:E9:16:51
            X509v3 Authority Key Identifier:
                keyid:D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:bf:d2:94:6e:db:84:b7:03:38:e2:8f:d2:b8:63:18:4f:9e:
         46:ff:bb:e8:c9:fe:6d:38:d2:b3:5f:d2:16:c4:02:b5:20:1d:
         b6:f7:80:a6:ed:6c:cb:eb:7e:f9:bb:52:fd:f9:22:06:c2:6f:
         f7:8e:51:05:e3:2d:38:a3:09:32:f6:c9:be:ad:b0:04:35:ef:
         c5:67:cd:18:f7:8b:cb:7c:91:6d:68:cd:46:15:fa:93:5f:b6:
         41:f9:45:82:c7:01:a2:9f:0f:d6:85:9f:09:65:ad:7b:54:7b:
         e1:6e:64:da:89:f6:fa:2c:8a:d6:7e:6f:90:f2:1f:94:63:e6:
         18:0e:16:f2:53:4a:1f:da:8a:d5:bb:08:3e:9a:92:8e:14:8b:
         90:3f:cf:28:1b:e3:f8:44:a7:09:b1:f0:b7:94:ba:43:c0:32:
         27:2a:ec:86:b4:22:55:35:12:f7:0e:2f:13:5c:e5:8b:ee:6e:
         f7:48:18:16:ba:72:2b:f1:89:f3:6f:24:ba:8e:53:e9:15:45:
         c9:31:5f:f0:ae:b9:12:89:38:15:91:a1:f5:dd:93:b2:d8:4d:
         4e:2b:37:5b:2f:55:2c:81:64:2d:0f:4e:b5:6c:22:1d:5a:31:
         e6:46:4b:d7:02:19:9c:97:fc:3f:0b:8b:10:b8:26:78:23:c8:
         51:c0:4b:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpgs9+F4vTyKkenXQd/B4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGI0YTdkMWU2YWJmZmJjZGE3OGJmYzMzMTI1MGRkMTZi
ZTNkZTAwHhcNMjUwNDIxMDAwMTA3WhcNMjUwNDIyMDAwMTA3WjAzMTEwLwYDVQQD
Eyg5NzlkOGRiODA3MWY0ZDBjNDZlMDYzZTUyYmY5YTk5ZGM4ZTkxNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLZdRYFOuK2u+dwxJ6tcNOwBJMfk
vl32uqthbx55ZP07ybKDIQ+NLUMq2VCM0kHaxNiovEM3+ZKuwem268tGnOerTjxf
Itq4A2KpZ+Lgp3e1dB0UyMtGDNUCzrT6jATqrG3nRZZ8dw6O0X7YLznFIeTS97ji
vRf2m+I5oz4srnc377uoSzlOBW8LJO4TuTJ/Z7a8ZPMQTqDh3VaLbP84nUEYYYuz
ZUp44IEyTtAKlrHQXrhRZseLR0rvqttQsmioUioyEtsQDLfdNoWmuDKRjKjGqP6d
ybOd2eKmYg2KvRL5vHmoSuIn953tCvzx3NmPdqFvRVgQn0LB8BrYnjRxaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJedjbgHH00MRuBj5Sv5qZ3I6RZRMB8GA1UdIwQY
MBaAFNHbSn0ear/7zaeL/DMSUN0Wvj3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjIt
Y2M3OGFmNGU4MDE2LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjItY2M3OGFmNGU4MDE2
LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO7/SlG7b
hLcDOOKP0rhjGE+eRv+76Mn+bTjSs1/SFsQCtSAdtveApu1sy+t++btS/fkiBsJv
945RBeMtOKMJMvbJvq2wBDXvxWfNGPeLy3yRbWjNRhX6k1+2QflFgscBop8P1oWf
CWWte1R74W5k2on2+iyK1n5vkPIflGPmGA4W8lNKH9qK1bsIPpqSjhSLkD/PKBvj
+ESnCbHwt5S6Q8AyJyrshrQiVTUS9w4vE1zli+5u90gYFrpyK/GJ828kuo5T6RVF
yTFf8K65Eok4FZGh9d2TsthNTis3Wy9VLIFkLQ9OtWwiHVox5kZL1wIZnJf8PwuL
ELgmeCPIUcBLrA==
-----END CERTIFICATE-----