Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft
File:                     Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft (raw, json)
Hash identifier:          Jfft/37fa2DttSzfmJWQUpLz4RTBiEaaDwXMoh2LE2g=
Subject key identifier:   C6:41:91:27:4F:81:34:E6:1E:E9:03:78:E4:37:52:9F:94:13:A5:4E
Authority key identifier: 0E:29:A4:82:DE:0D:56:74:6C:30:45:26:9F:99:20:52:04:F9:54:84
Certificate issuer:       /CN=0e29a482de0d56746c3045269f99205204f95484
Certificate serial:       01965725D91BECF50762E60F435AB5E9B6DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft
Manifest number:          10A5
Signing time:             Mon 21 Apr 2025 07:00:20 +0000
Manifest this update:     Mon 21 Apr 2025 07:00:20 +0000
Manifest next update:     Tue 22 Apr 2025 07:00:20 +0000
Files and hashes:         1: Dimkgt4NVnRsMEUmn5kgUgT5VIQ.crl (hash: RxOIPDYCCA4QXLjOLl31QPPpD57qSxY+nznI9J4CFXg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:25:d9:1b:ec:f5:07:62:e6:0f:43:5a:b5:e9:b6:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e29a482de0d56746c3045269f99205204f95484
        Validity
            Not Before: Apr 21 07:00:20 2025 GMT
            Not After : Apr 22 07:00:20 2025 GMT
        Subject: CN=c64191274f8134e61ee90378e437529f9413a54e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:ef:84:f2:0d:07:65:fc:94:61:4f:8d:1e:3a:
                    d8:3b:62:a6:e0:63:93:fe:2d:ad:05:1b:9e:19:06:
                    62:d3:f3:5d:3a:6f:f0:e7:80:b2:7e:fb:59:3c:77:
                    c7:9d:c7:37:73:e5:3b:25:16:05:ed:0c:2e:a5:15:
                    be:ba:e4:84:0e:81:66:7c:8c:57:f5:7f:d1:19:22:
                    7d:2f:16:96:38:8d:92:d7:32:9e:d8:2e:cd:af:11:
                    3c:e6:5f:f9:8a:5e:43:cd:e0:90:46:ce:a7:a6:ca:
                    1e:b1:73:f2:d4:05:3b:2e:bd:c0:96:c0:ec:36:c4:
                    42:dd:1b:28:cb:a1:b9:db:30:6c:39:7a:f4:61:6d:
                    85:ea:cf:0c:c5:d3:06:b2:a4:23:cd:53:59:71:97:
                    ee:fe:17:44:b0:f6:06:c7:e0:15:d1:9b:69:02:fc:
                    51:e7:26:92:c7:92:a9:aa:09:71:33:ff:3e:7d:77:
                    77:e3:ad:09:4b:c8:40:53:c2:16:bf:88:75:bb:50:
                    02:52:1e:12:07:8b:2b:52:c0:ab:75:10:cf:f0:56:
                    96:e5:7d:71:ea:2c:28:1a:ed:46:90:6d:eb:a1:66:
                    87:92:3b:de:e0:28:79:8f:a4:6e:31:29:89:8c:f1:
                    86:ae:e9:bc:8f:7f:de:85:e9:12:e5:17:90:b5:db:
                    af:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:41:91:27:4F:81:34:E6:1E:E9:03:78:E4:37:52:9F:94:13:A5:4E
            X509v3 Authority Key Identifier:
                keyid:0E:29:A4:82:DE:0D:56:74:6C:30:45:26:9F:99:20:52:04:F9:54:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:cd:25:4e:f4:63:92:75:9b:96:ec:6f:64:4b:53:87:26:40:
         14:68:f5:4f:1e:f9:51:59:c9:d9:7b:d9:22:6b:ed:a5:c7:88:
         6a:ed:a6:46:08:61:84:08:e4:38:e3:70:52:71:df:6e:a3:03:
         d1:85:89:64:15:c3:bc:e6:93:2f:a9:1d:d4:73:3f:c4:72:39:
         91:91:81:5a:18:54:f4:51:a6:67:0a:b5:99:bc:2e:4d:cb:7d:
         a9:7d:3a:85:5a:3a:73:03:39:e9:23:e7:78:75:71:f6:09:a5:
         66:69:a8:0b:3a:1c:69:c2:59:12:e6:ae:43:6e:2f:08:0b:13:
         b5:3f:e7:4c:63:6a:fe:f0:31:0a:95:57:6b:3b:fe:3c:28:a1:
         10:02:50:97:66:d1:2a:f6:92:d7:c9:37:7a:21:14:a1:cd:54:
         6c:77:71:2a:e2:1e:1c:51:95:95:85:26:15:b0:db:22:0d:fe:
         90:de:94:5b:23:d7:26:4c:d8:e8:e3:57:24:07:0f:a8:5a:d6:
         f5:84:fe:5e:b5:74:39:0a:54:7b:4e:cf:08:4b:58:f1:ed:c6:
         a4:13:58:4a:19:c5:19:94:55:3f:f4:ad:16:53:cd:59:f5:cb:
         ed:07:21:da:1d:f3:c1:75:26:be:42:5f:c1:d8:02:e8:37:d5:
         88:d4:67:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJdkb7PUHYuYPQ1q16bbbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMjlhNDgyZGUwZDU2NzQ2YzMwNDUyNjlmOTkyMDUyMDRm
OTU0ODQwHhcNMjUwNDIxMDcwMDIwWhcNMjUwNDIyMDcwMDIwWjAzMTEwLwYDVQQD
EyhjNjQxOTEyNzRmODEzNGU2MWVlOTAzNzhlNDM3NTI5Zjk0MTNhNTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAou+E8g0HZfyUYU+NHjrYO2Km4GOT
/i2tBRueGQZi0/NdOm/w54CyfvtZPHfHncc3c+U7JRYF7QwupRW+uuSEDoFmfIxX
9X/RGSJ9LxaWOI2S1zKe2C7NrxE85l/5il5DzeCQRs6npsoesXPy1AU7Lr3AlsDs
NsRC3Rsoy6G52zBsOXr0YW2F6s8MxdMGsqQjzVNZcZfu/hdEsPYGx+AV0ZtpAvxR
5yaSx5KpqglxM/8+fXd3460JS8hAU8IWv4h1u1ACUh4SB4srUsCrdRDP8FaW5X1x
6iwoGu1GkG3roWaHkjve4Ch5j6RuMSmJjPGGrum8j3/ehekS5ReQtduv0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMZBkSdPgTTmHukDeOQ3Up+UE6VOMB8GA1UdIwQY
MBaAFA4ppILeDVZ0bDBFJp+ZIFIE+VSEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGlta2d0NE5WblJzTUVVbW41a2dVZ1Q1VklRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xNGEyNzMtOGI3NS00NzZjLWI5ZTMt
OGJiZDkzOTQwZWVmLzEvRGlta2d0NE5WblJzTUVVbW41a2dVZ1Q1VklRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8xNGEyNzMtOGI3NS00NzZjLWI5ZTMtOGJiZDkzOTQwZWVm
LzEvRGlta2d0NE5WblJzTUVVbW41a2dVZ1Q1VklRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkc0lTvRj
knWbluxvZEtThyZAFGj1Tx75UVnJ2XvZImvtpceIau2mRghhhAjkOONwUnHfbqMD
0YWJZBXDvOaTL6kd1HM/xHI5kZGBWhhU9FGmZwq1mbwuTct9qX06hVo6cwM56SPn
eHVx9gmlZmmoCzocacJZEuauQ24vCAsTtT/nTGNq/vAxCpVXazv+PCihEAJQl2bR
KvaS18k3eiEUoc1UbHdxKuIeHFGVlYUmFbDbIg3+kN6UWyPXJkzY6ONXJAcPqFrW
9YT+XrV0OQpUe07PCEtY8e3GpBNYShnFGZRVP/StFlPNWfXL7Qch2h3zwXUmvkJf
wdgC6DfViNRnEQ==
-----END CERTIFICATE-----