Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          Iauowvc4z14ACYDMOvNGcCttKOsQin+t3wGSiAXx8Z4=
Subject key identifier:   4D:73:05:F7:BC:AD:B6:2B:E5:6A:93:5D:00:41:69:F1:B1:76:7F:76
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       019510C7D3B7386EF9C425249C3A958D858E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          0440
Signing time:             Sun 16 Feb 2025 22:01:26 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:26 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:26 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: dKzDSj6SLHUA4nXC2bW7NplF3SD7czt6qEuOwGxwLEo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:d3:b7:38:6e:f9:c4:25:24:9c:3a:95:8d:85:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: Feb 16 22:01:26 2025 GMT
            Not After : Feb 17 22:01:26 2025 GMT
        Subject: CN=4d7305f7bcadb62be56a935d004169f1b1767f76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:e3:bd:64:19:28:d7:05:d9:a9:e5:2f:2d:39:
                    8e:b5:fb:95:80:00:e1:76:1e:8b:2d:3e:44:60:19:
                    83:2e:7e:57:12:a8:f2:5f:2e:b1:64:94:08:1f:7d:
                    4c:c5:76:63:c1:f4:9b:67:91:68:92:ba:55:aa:1a:
                    e7:58:76:6f:79:37:1a:ea:86:61:a5:26:52:e5:e2:
                    7f:74:72:70:99:6a:0d:6a:33:c5:f6:31:b2:02:f4:
                    cb:9c:c2:79:e9:9e:6d:50:9b:a7:a9:24:8f:98:b1:
                    18:70:86:f8:d2:b4:3d:ee:aa:92:ef:26:71:1a:fd:
                    e6:85:42:6c:a2:c7:c6:57:93:88:1f:8d:46:cd:7d:
                    41:52:d9:e2:30:72:e5:07:6d:27:42:00:60:e0:ca:
                    d2:80:55:1e:ea:3a:1c:78:43:40:5d:f5:6f:d5:86:
                    54:4b:3f:48:da:d7:32:9a:14:7a:dd:e0:79:4e:77:
                    d2:28:a9:48:ee:9e:a6:d5:13:2e:03:7f:f4:7b:e1:
                    c6:8d:ad:44:ea:71:39:5b:61:04:19:28:2e:7e:ee:
                    7e:68:df:b3:28:af:c1:93:a6:09:a5:a4:44:e9:75:
                    96:69:8b:cc:96:9c:d5:94:58:b8:ff:e6:b1:b2:e0:
                    c2:ce:0e:fa:0f:d4:c9:e0:4d:b4:f5:59:1c:fd:22:
                    f7:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:73:05:F7:BC:AD:B6:2B:E5:6A:93:5D:00:41:69:F1:B1:76:7F:76
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:e7:74:76:cb:ca:5d:9f:34:41:ac:57:4e:47:4d:01:2c:77:
         3d:36:86:cd:24:c7:63:1d:b3:40:bd:90:aa:0d:8c:3a:99:96:
         3c:a9:e6:0b:73:a5:29:29:1d:a5:9c:04:df:b8:be:47:0e:ae:
         80:cd:b8:72:18:e1:28:1f:95:16:48:3d:3a:bc:c0:c2:18:e2:
         59:26:4d:50:dd:c8:26:cd:9e:3f:a9:b2:a2:95:9d:ce:0c:85:
         f0:f4:dd:0f:2c:31:f1:c2:17:ff:0b:3b:d0:06:01:56:09:07:
         cd:e4:81:d8:63:ca:4c:80:c0:b3:19:9d:7a:f5:23:8d:1c:ed:
         76:9f:70:7e:19:72:76:9d:e4:19:eb:c5:2b:e4:13:85:65:52:
         d8:72:dc:59:ff:3f:0f:37:9c:07:27:56:3a:7e:b0:92:0b:9f:
         40:b8:cc:18:a1:b2:62:f7:16:69:e3:ad:8a:bc:bd:3c:5c:1c:
         d2:f2:f4:0e:71:a7:a2:98:69:30:5d:3c:2d:17:19:c8:68:65:
         b6:fd:e4:c8:6b:eb:b6:e6:56:87:6a:3b:ba:d4:77:93:6c:71:
         41:22:fc:2d:e4:df:6a:f8:cc:ca:7b:95:2f:6c:ca:3f:12:38:
         c3:be:52:ea:87:4d:a4:e3:ac:40:55:4b:58:dc:50:aa:54:fa:
         e2:57:9c:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx9O3OG75xCUknDqVjYWOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjUwMjE2MjIwMTI2WhcNMjUwMjE3MjIwMTI2WjAzMTEwLwYDVQQD
Eyg0ZDczMDVmN2JjYWRiNjJiZTU2YTkzNWQwMDQxNjlmMWIxNzY3Zjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOO9ZBko1wXZqeUvLTmOtfuVgADh
dh6LLT5EYBmDLn5XEqjyXy6xZJQIH31MxXZjwfSbZ5FokrpVqhrnWHZveTca6oZh
pSZS5eJ/dHJwmWoNajPF9jGyAvTLnMJ56Z5tUJunqSSPmLEYcIb40rQ97qqS7yZx
Gv3mhUJsosfGV5OIH41GzX1BUtniMHLlB20nQgBg4MrSgFUe6joceENAXfVv1YZU
Sz9I2tcymhR63eB5TnfSKKlI7p6m1RMuA3/0e+HGja1E6nE5W2EEGSgufu5+aN+z
KK/Bk6YJpaRE6XWWaYvMlpzVlFi4/+axsuDCzg76D9TJ4E209Vkc/SL32wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE1zBfe8rbYr5WqTXQBBafGxdn92MB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAud0dsvK
XZ80QaxXTkdNASx3PTaGzSTHYx2zQL2Qqg2MOpmWPKnmC3OlKSkdpZwE37i+Rw6u
gM24chjhKB+VFkg9OrzAwhjiWSZNUN3IJs2eP6myopWdzgyF8PTdDywx8cIX/ws7
0AYBVgkHzeSB2GPKTIDAsxmdevUjjRztdp9wfhlydp3kGevFK+QThWVS2HLcWf8/
DzecBydWOn6wkgufQLjMGKGyYvcWaeOtiry9PFwc0vL0DnGnophpMF08LRcZyGhl
tv3kyGvrtuZWh2o7utR3k2xxQSL8LeTfavjMynuVL2zKPxI4w75S6odNpOOsQFVL
WNxQqlT64lecSQ==
-----END CERTIFICATE-----