Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft
File:                     dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft (raw, json)
Hash identifier:          o2SezHR9a4YGzebkjeEEh3FCNZSvBcfRsMqxOQcPAb4=
Subject key identifier:   C2:E8:A5:80:22:5B:D3:3F:E2:53:4C:A1:C2:B4:56:A7:64:9B:3F:26
Authority key identifier: 75:71:C8:92:99:9B:B4:56:4B:CE:48:0C:92:1B:6F:F1:72:05:EC:C6
Certificate issuer:       /CN=7571c892999bb4564bce480c921b6ff17205ecc6
Certificate serial:       01964E59BEB00B316306ECED20D162E8DAA0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dXHIkpmbtFZLzkgMkhtv8XIF7MY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft
Manifest number:          04D9
Signing time:             Sat 19 Apr 2025 14:00:26 +0000
Manifest this update:     Sat 19 Apr 2025 14:00:26 +0000
Manifest next update:     Sun 20 Apr 2025 14:00:26 +0000
Files and hashes:         1: dXHIkpmbtFZLzkgMkhtv8XIF7MY.crl (hash: 3jS+s8Y50ANRWEdUUX1OJt//IA1ZMJnOvpXeJaxrKAk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dXHIkpmbtFZLzkgMkhtv8XIF7MY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4e:59:be:b0:0b:31:63:06:ec:ed:20:d1:62:e8:da:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7571c892999bb4564bce480c921b6ff17205ecc6
        Validity
            Not Before: Apr 19 14:00:26 2025 GMT
            Not After : Apr 20 14:00:26 2025 GMT
        Subject: CN=c2e8a580225bd33fe2534ca1c2b456a7649b3f26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:ff:50:28:f3:96:a2:35:71:9f:04:7a:18:c6:
                    51:e8:90:f4:9c:9b:5a:9a:20:53:29:ab:63:37:63:
                    e9:f2:65:79:e4:74:fd:6c:9a:e7:ce:36:91:4f:7a:
                    76:8e:a8:35:2b:88:c1:cd:be:8c:6f:73:1c:80:95:
                    31:0e:c3:14:5a:ec:1e:fa:ac:ef:f5:d1:b7:ac:f2:
                    43:54:ac:55:d7:2d:6f:9e:c1:64:95:1f:df:fa:63:
                    76:45:35:78:3c:01:2e:96:dd:ef:37:74:d3:81:3b:
                    86:b9:ec:bf:9c:a8:14:a5:21:b2:9d:42:c5:da:fe:
                    87:4d:74:81:47:98:ac:24:d4:ec:a0:d5:c4:09:63:
                    3b:05:9d:10:2b:8c:1b:9b:c2:c4:e0:7f:08:6c:be:
                    7a:c8:95:c6:bb:40:46:b6:b0:46:b2:72:13:53:a0:
                    f2:64:3f:e9:c1:54:ee:b5:c9:19:96:f3:30:7c:43:
                    a1:c0:c6:e9:93:b3:86:75:5e:81:e9:78:f8:04:f2:
                    06:5f:44:e2:d4:06:7e:12:fe:a1:21:29:3a:bc:b8:
                    b3:83:c8:fa:61:f8:a3:55:61:f3:95:9b:a4:9c:51:
                    4c:fc:57:75:2b:1a:75:c5:b6:e7:2d:69:e2:e2:8b:
                    88:28:8b:c6:df:45:56:c7:4a:d3:be:5a:f7:d3:f8:
                    97:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:E8:A5:80:22:5B:D3:3F:E2:53:4C:A1:C2:B4:56:A7:64:9B:3F:26
            X509v3 Authority Key Identifier:
                keyid:75:71:C8:92:99:9B:B4:56:4B:CE:48:0C:92:1B:6F:F1:72:05:EC:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXHIkpmbtFZLzkgMkhtv8XIF7MY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:11:8f:86:7d:16:c0:09:2b:80:4f:3c:0e:18:72:ff:1e:2e:
         2f:28:1a:09:45:a7:b6:a4:bd:91:87:18:12:b8:3d:1e:2d:af:
         d6:fa:e0:75:7c:b0:27:69:98:4d:5c:79:aa:f4:7d:0d:e4:49:
         92:7d:ba:05:c0:20:e0:e7:d8:71:53:c0:f9:46:55:1d:ed:10:
         38:b5:a0:74:e1:81:fa:0c:90:a9:f3:18:9d:00:a5:f5:ec:f8:
         1b:27:19:12:5b:d2:19:6f:1f:7e:9b:b2:50:45:77:34:fb:28:
         99:fa:00:23:d8:d5:40:39:0c:82:f0:3f:f9:4f:b6:c5:12:8a:
         c2:e5:6a:91:53:70:4a:61:c3:31:74:01:ec:ca:43:af:a0:e9:
         7c:fc:52:41:19:f1:d1:3a:4e:0c:ee:e4:b0:80:6e:bc:50:43:
         36:ff:ee:27:ab:6e:ed:86:71:56:96:89:95:d0:1e:10:06:4d:
         a9:75:88:0f:f7:08:f7:74:2f:59:d2:c7:ec:cd:68:b6:00:20:
         a1:5d:5a:a5:08:a5:53:e8:0d:24:b1:24:ac:80:95:62:63:ec:
         82:c2:eb:4e:d6:b4:fe:0a:b7:3f:54:5b:54:53:e2:5e:dc:20:
         7e:43:78:23:50:bd:ab:70:e1:c9:64:a9:98:c7:43:a1:a5:82:
         46:5a:66:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZOWb6wCzFjBuztINFi6NqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzFjODkyOTk5YmI0NTY0YmNlNDgwYzkyMWI2ZmYxNzIw
NWVjYzYwHhcNMjUwNDE5MTQwMDI2WhcNMjUwNDIwMTQwMDI2WjAzMTEwLwYDVQQD
EyhjMmU4YTU4MDIyNWJkMzNmZTI1MzRjYTFjMmI0NTZhNzY0OWIzZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8f9QKPOWojVxnwR6GMZR6JD0nJta
miBTKatjN2Pp8mV55HT9bJrnzjaRT3p2jqg1K4jBzb6Mb3McgJUxDsMUWuwe+qzv
9dG3rPJDVKxV1y1vnsFklR/f+mN2RTV4PAEult3vN3TTgTuGuey/nKgUpSGynULF
2v6HTXSBR5isJNTsoNXECWM7BZ0QK4wbm8LE4H8IbL56yJXGu0BGtrBGsnITU6Dy
ZD/pwVTutckZlvMwfEOhwMbpk7OGdV6B6Xj4BPIGX0Ti1AZ+Ev6hISk6vLizg8j6
YfijVWHzlZuknFFM/Fd1Kxp1xbbnLWni4ouIKIvG30VWx0rTvlr30/iXjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMLopYAiW9M/4lNMocK0Vqdkmz8mMB8GA1UdIwQY
MBaAFHVxyJKZm7RWS85IDJIbb/FyBezGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhISWtwbWJ0RlpMemtnTWtodHY4WElGN01ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC84MThhYzUtOTNkZC00MGZkLWJmNmYt
ZTA0ZjhmY2MyY2ExLzEvZFhISWtwbWJ0RlpMemtnTWtodHY4WElGN01ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC84MThhYzUtOTNkZC00MGZkLWJmNmYtZTA0ZjhmY2MyY2Ex
LzEvZFhISWtwbWJ0RlpMemtnTWtodHY4WElGN01ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJhGPhn0W
wAkrgE88Dhhy/x4uLygaCUWntqS9kYcYErg9Hi2v1vrgdXywJ2mYTVx5qvR9DeRJ
kn26BcAg4OfYcVPA+UZVHe0QOLWgdOGB+gyQqfMYnQCl9ez4GycZElvSGW8ffpuy
UEV3NPsomfoAI9jVQDkMgvA/+U+2xRKKwuVqkVNwSmHDMXQB7MpDr6DpfPxSQRnx
0TpODO7ksIBuvFBDNv/uJ6tu7YZxVpaJldAeEAZNqXWID/cI93QvWdLH7M1otgAg
oV1apQilU+gNJLEkrICVYmPsgsLrTta0/gq3P1RbVFPiXtwgfkN4I1C9q3DhyWSp
mMdDoaWCRlpmng==
-----END CERTIFICATE-----