Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft
File:                     dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft (raw, json)
Hash identifier:          pKKI3XJT2/eNPkvoj8l+/niO8QEs0xIo7EOMCfpnBE0=
Subject key identifier:   4E:68:A4:22:DE:DE:99:40:C2:9B:C7:6A:E5:7F:10:3F:C9:B3:2C:35
Authority key identifier: 75:71:C8:92:99:9B:B4:56:4B:CE:48:0C:92:1B:6F:F1:72:05:EC:C6
Certificate issuer:       /CN=7571c892999bb4564bce480c921b6ff17205ecc6
Certificate serial:       0194C4634677785BE7ECC05E263AAD436658
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dXHIkpmbtFZLzkgMkhtv8XIF7MY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft
Manifest number:          040D
Signing time:             Sun 02 Feb 2025 02:00:27 +0000
Manifest this update:     Sun 02 Feb 2025 02:00:27 +0000
Manifest next update:     Mon 03 Feb 2025 02:00:27 +0000
Files and hashes:         1: dXHIkpmbtFZLzkgMkhtv8XIF7MY.crl (hash: mEW1I41iwyh+gSwBc0oD3UQPkRFYIXv+oAPGYR1y6e0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dXHIkpmbtFZLzkgMkhtv8XIF7MY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:63:46:77:78:5b:e7:ec:c0:5e:26:3a:ad:43:66:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7571c892999bb4564bce480c921b6ff17205ecc6
        Validity
            Not Before: Feb  2 02:00:27 2025 GMT
            Not After : Feb  3 02:00:27 2025 GMT
        Subject: CN=4e68a422dede9940c29bc76ae57f103fc9b32c35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:f5:b9:85:86:ff:68:65:77:37:06:3b:b0:26:
                    9b:7c:0a:fd:01:ea:b6:cb:f6:44:5c:1e:7e:5d:95:
                    3c:84:18:21:00:e6:1b:64:d5:ef:fc:a2:d5:cd:dc:
                    8b:89:4f:c6:e5:25:f0:db:bf:31:ae:35:4b:9b:da:
                    5e:2b:39:76:27:07:9d:5e:8b:b9:02:a4:29:cd:d4:
                    f2:48:3f:50:ae:7f:15:e6:92:44:2a:cf:a0:46:77:
                    f2:60:76:52:f5:e1:4b:a3:7b:f4:4a:10:c0:25:d2:
                    fd:e3:da:fe:62:32:48:ef:0e:7a:44:6a:ce:87:f3:
                    14:7c:74:c4:c6:c3:9e:b4:bb:80:7f:7d:26:33:9c:
                    f6:84:95:e1:b4:d1:59:31:9c:1d:a7:de:c0:63:01:
                    ec:6d:26:83:58:e5:0a:b2:35:2c:89:96:28:21:76:
                    50:96:2f:c3:29:fd:f4:c6:ae:e8:5e:c9:01:1d:01:
                    0b:7a:89:88:3c:88:4b:45:e4:df:73:da:ae:67:cf:
                    3b:b9:09:9f:2e:f7:1d:d1:56:70:57:7f:d1:1c:88:
                    4a:6b:11:44:93:c2:3a:d2:fd:08:d9:62:13:e7:fa:
                    00:f4:49:a6:af:5a:67:a6:60:35:e1:1a:c7:dd:af:
                    d0:f3:d2:05:80:65:a6:2c:34:5e:15:29:3b:25:92:
                    44:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:68:A4:22:DE:DE:99:40:C2:9B:C7:6A:E5:7F:10:3F:C9:B3:2C:35
            X509v3 Authority Key Identifier:
                keyid:75:71:C8:92:99:9B:B4:56:4B:CE:48:0C:92:1B:6F:F1:72:05:EC:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXHIkpmbtFZLzkgMkhtv8XIF7MY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:9b:a5:00:c5:e6:79:3e:6a:f4:bc:61:9b:27:e7:b3:f4:c8:
         80:3a:fe:9b:08:e3:b3:8c:8a:fb:f6:cc:fd:89:5a:02:89:11:
         72:69:20:46:f2:52:9d:c4:30:98:2e:92:f4:e2:cd:35:88:46:
         bb:e6:70:77:3a:c7:9a:77:f8:4a:a0:2c:28:a2:aa:ac:9f:80:
         f7:25:08:fd:4b:4a:d2:dc:13:07:48:92:99:cd:e1:96:e1:0f:
         a6:6f:fd:b5:3d:de:ef:96:83:1a:14:69:db:15:c6:6d:7d:56:
         bd:e2:27:60:27:70:88:2c:d3:05:ee:07:78:fc:2e:60:2a:b5:
         85:05:09:1b:30:99:68:d9:01:dd:be:85:82:14:f0:34:5c:bb:
         e1:7e:74:02:f2:91:9c:68:0d:8b:d0:9e:56:c2:e2:18:f4:03:
         de:ff:33:d7:ef:48:41:be:e3:08:76:d7:f2:5b:f7:c5:57:bc:
         5a:7f:06:e3:d5:5d:03:a3:d9:d1:6e:4e:ff:84:ac:d9:f8:16:
         28:60:90:44:a2:15:c1:a1:22:83:65:cf:c1:f4:66:cd:0d:8a:
         c9:8e:d3:d5:bb:df:b2:e8:12:5c:f4:98:21:2a:80:a1:e8:40:
         2c:23:1b:ee:e8:64:3d:09:fc:d0:30:7f:55:a7:df:aa:8e:1f:
         c3:c0:8c:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEY0Z3eFvn7MBeJjqtQ2ZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzFjODkyOTk5YmI0NTY0YmNlNDgwYzkyMWI2ZmYxNzIw
NWVjYzYwHhcNMjUwMjAyMDIwMDI3WhcNMjUwMjAzMDIwMDI3WjAzMTEwLwYDVQQD
Eyg0ZTY4YTQyMmRlZGU5OTQwYzI5YmM3NmFlNTdmMTAzZmM5YjMyYzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/W5hYb/aGV3NwY7sCabfAr9Aeq2
y/ZEXB5+XZU8hBghAOYbZNXv/KLVzdyLiU/G5SXw278xrjVLm9peKzl2JwedXou5
AqQpzdTySD9Qrn8V5pJEKs+gRnfyYHZS9eFLo3v0ShDAJdL949r+YjJI7w56RGrO
h/MUfHTExsOetLuAf30mM5z2hJXhtNFZMZwdp97AYwHsbSaDWOUKsjUsiZYoIXZQ
li/DKf30xq7oXskBHQELeomIPIhLReTfc9quZ887uQmfLvcd0VZwV3/RHIhKaxFE
k8I60v0I2WIT5/oA9Emmr1pnpmA14RrH3a/Q89IFgGWmLDReFSk7JZJEoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE5opCLe3plAwpvHauV/ED/Jsyw1MB8GA1UdIwQY
MBaAFHVxyJKZm7RWS85IDJIbb/FyBezGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhISWtwbWJ0RlpMemtnTWtodHY4WElGN01ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC84MThhYzUtOTNkZC00MGZkLWJmNmYt
ZTA0ZjhmY2MyY2ExLzEvZFhISWtwbWJ0RlpMemtnTWtodHY4WElGN01ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC84MThhYzUtOTNkZC00MGZkLWJmNmYtZTA0ZjhmY2MyY2Ex
LzEvZFhISWtwbWJ0RlpMemtnTWtodHY4WElGN01ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEpulAMXm
eT5q9Lxhmyfns/TIgDr+mwjjs4yK+/bM/YlaAokRcmkgRvJSncQwmC6S9OLNNYhG
u+ZwdzrHmnf4SqAsKKKqrJ+A9yUI/UtK0twTB0iSmc3hluEPpm/9tT3e75aDGhRp
2xXGbX1WveInYCdwiCzTBe4HePwuYCq1hQUJGzCZaNkB3b6FghTwNFy74X50AvKR
nGgNi9CeVsLiGPQD3v8z1+9IQb7jCHbX8lv3xVe8Wn8G49VdA6PZ0W5O/4Ss2fgW
KGCQRKIVwaEig2XPwfRmzQ2KyY7T1bvfsugSXPSYISqAoehALCMb7uhkPQn80DB/
Vaffqo4fw8CM2A==
-----END CERTIFICATE-----