Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          +P6l6AX7HtNHQCiNYJ4/EgQkVe/xS2VOX2tUlE/2gUs=
Subject key identifier:   5C:FE:24:A1:1C:7B:23:DE:1C:4C:72:F0:3C:B3:B7:E5:13:BD:FD:BB
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       019645C585E70C408D8ACE9DB94F00E11CEF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          04E0
Signing time:             Thu 17 Apr 2025 22:01:34 +0000
Manifest this update:     Thu 17 Apr 2025 22:01:34 +0000
Manifest next update:     Fri 18 Apr 2025 22:01:34 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: 8G/PisScDBgzvq4EXk/1r/KBJJ+k7+o89S618GH8paQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 22:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:45:c5:85:e7:0c:40:8d:8a:ce:9d:b9:4f:00:e1:1c:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: Apr 17 22:01:34 2025 GMT
            Not After : Apr 18 22:01:34 2025 GMT
        Subject: CN=5cfe24a11c7b23de1c4c72f03cb3b7e513bdfdbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ae:e8:4e:79:d5:0d:52:c8:44:ba:10:7d:5a:
                    30:4f:36:08:0b:9f:c0:0f:0b:62:52:f0:08:9b:f1:
                    82:aa:9b:37:d1:c8:cf:c3:47:a5:06:a4:75:3b:48:
                    e4:da:c2:12:2c:52:2a:ef:1d:23:f5:3e:34:f3:b0:
                    9c:f6:80:55:81:1d:84:eb:7b:b5:e2:57:fb:55:a3:
                    2c:85:b2:4f:9e:e3:97:8c:a5:a1:12:02:cb:43:fd:
                    cc:10:61:39:d9:df:8e:06:2a:cd:fb:69:4f:c7:35:
                    32:51:53:35:a8:73:78:3c:ec:99:0f:cc:a6:9b:93:
                    1b:4d:b0:46:3f:d9:b7:1d:2a:17:17:f9:bf:4c:97:
                    2b:c1:96:b5:8b:93:8d:4f:79:3b:9a:fe:15:eb:c5:
                    94:e9:13:f5:e9:c1:2e:a2:22:37:84:00:81:b8:52:
                    40:a5:83:b0:80:c6:d9:cd:7a:78:ba:e8:a8:51:2a:
                    76:08:df:77:31:bb:c8:95:4f:50:54:16:74:9c:00:
                    e4:5c:41:f4:ed:d8:56:2e:10:7c:bb:eb:34:fa:95:
                    32:69:de:1f:9c:bb:3e:f5:54:fd:26:95:75:f5:f9:
                    a8:04:20:ba:75:dc:15:c1:dc:77:03:1c:c7:c0:c1:
                    c8:97:a5:76:0b:16:5f:fa:a7:c8:b8:08:cd:67:01:
                    04:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:FE:24:A1:1C:7B:23:DE:1C:4C:72:F0:3C:B3:B7:E5:13:BD:FD:BB
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:d4:8b:12:3a:d0:76:df:37:3a:f5:41:48:d1:83:a1:6f:2f:
         3f:c4:84:eb:a9:99:e6:aa:ad:3d:5d:78:4d:d6:11:f5:13:fe:
         30:46:a0:8e:77:8b:fb:4f:99:f2:75:52:4f:02:68:2b:20:ce:
         ea:d5:db:d2:4f:70:32:be:75:90:df:65:39:21:fd:4e:5d:cc:
         b8:a8:34:a5:ba:fd:ae:19:88:37:ef:44:52:fd:b9:9c:6a:3c:
         f3:23:20:37:f3:0c:c7:5f:29:82:c4:48:89:ea:72:ff:47:d2:
         45:3d:d4:17:c3:d9:31:c0:af:dc:b9:bc:99:9f:22:00:e5:76:
         d9:2b:bf:c8:02:ef:a2:b6:21:da:d2:48:c8:a8:b7:a1:79:96:
         33:96:89:92:68:15:0e:a1:5f:c8:9a:9e:b9:1d:9c:2c:a1:e1:
         60:37:56:bd:1b:c7:a6:20:17:11:07:ef:24:98:02:d0:b5:49:
         92:d9:0b:0f:ba:01:e1:6c:fd:88:ca:06:3e:d8:75:e8:49:ab:
         74:e1:7d:e5:69:88:5f:7e:ec:c4:d6:3b:08:cf:75:00:d8:81:
         70:dd:8b:fa:cc:47:c7:cd:fd:5d:34:b0:f2:06:a2:73:84:f2:
         ea:e0:7d:fc:ea:a3:91:c2:93:59:11:60:c6:db:93:bc:c8:80:
         36:d1:d2:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZFxYXnDECNis6duU8A4RzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjUwNDE3MjIwMTM0WhcNMjUwNDE4MjIwMTM0WjAzMTEwLwYDVQQD
Eyg1Y2ZlMjRhMTFjN2IyM2RlMWM0YzcyZjAzY2IzYjdlNTEzYmRmZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt67oTnnVDVLIRLoQfVowTzYIC5/A
DwtiUvAIm/GCqps30cjPw0elBqR1O0jk2sISLFIq7x0j9T4087Cc9oBVgR2E63u1
4lf7VaMshbJPnuOXjKWhEgLLQ/3MEGE52d+OBirN+2lPxzUyUVM1qHN4POyZD8ym
m5MbTbBGP9m3HSoXF/m/TJcrwZa1i5ONT3k7mv4V68WU6RP16cEuoiI3hACBuFJA
pYOwgMbZzXp4uuioUSp2CN93MbvIlU9QVBZ0nADkXEH07dhWLhB8u+s0+pUyad4f
nLs+9VT9JpV19fmoBCC6ddwVwdx3AxzHwMHIl6V2CxZf+qfIuAjNZwEEuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFz+JKEceyPeHExy8Dyzt+UTvf27MB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo9SLEjrQ
dt83OvVBSNGDoW8vP8SE66mZ5qqtPV14TdYR9RP+MEagjneL+0+Z8nVSTwJoKyDO
6tXb0k9wMr51kN9lOSH9Tl3MuKg0pbr9rhmIN+9EUv25nGo88yMgN/MMx18pgsRI
iepy/0fSRT3UF8PZMcCv3Lm8mZ8iAOV22Su/yALvorYh2tJIyKi3oXmWM5aJkmgV
DqFfyJqeuR2cLKHhYDdWvRvHpiAXEQfvJJgC0LVJktkLD7oB4Wz9iMoGPth16Emr
dOF95WmIX37sxNY7CM91ANiBcN2L+sxHx839XTSw8gaic4Ty6uB9/OqjkcKTWRFg
xtuTvMiANtHSaA==
-----END CERTIFICATE-----