Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft
File:                     DAHrsNsEzE1pGCs47A30sIkiJ40.mft (raw, json)
Hash identifier:          5eGJtjYe1/aeiZPFDnywOnEiwhUsOt/PpqLaEhWRA2c=
Subject key identifier:   F2:56:59:12:8F:E8:4A:D8:C2:4A:33:16:D2:82:45:C8:9B:D9:30:BD
Authority key identifier: 0C:01:EB:B0:DB:04:CC:4D:69:18:2B:38:EC:0D:F4:B0:89:22:27:8D
Certificate issuer:       /CN=0c01ebb0db04cc4d69182b38ec0df4b08922278d
Certificate serial:       0197B6A08B7854CFBA4021431CD82BACA447
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DAHrsNsEzE1pGCs47A30sIkiJ40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft
Manifest number:          15B0
Signing time:             Sat 28 Jun 2025 13:01:04 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:04 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:04 +0000
Files and hashes:         1: DAHrsNsEzE1pGCs47A30sIkiJ40.crl (hash: 97DoDqXiT2p/XEhWEo7pVlKEbeHfHiIcUfKQakAgiCk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DAHrsNsEzE1pGCs47A30sIkiJ40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:8b:78:54:cf:ba:40:21:43:1c:d8:2b:ac:a4:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c01ebb0db04cc4d69182b38ec0df4b08922278d
        Validity
            Not Before: Jun 28 13:01:04 2025 GMT
            Not After : Jun 29 13:01:04 2025 GMT
        Subject: CN=f25659128fe84ad8c24a3316d28245c89bd930bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:69:83:b4:32:83:7d:13:ff:1a:af:63:d7:32:
                    d3:14:bf:29:f4:97:d2:5d:99:91:fc:ce:fa:c1:aa:
                    23:62:7a:57:b6:85:23:7f:3a:de:01:6c:34:1c:42:
                    cb:9d:1e:0a:72:55:cb:2e:e8:99:57:dc:66:82:6b:
                    9a:ba:bf:79:a7:5f:36:32:c3:31:a2:a3:67:11:84:
                    3d:38:10:cc:c0:db:73:23:51:b3:6b:d9:cf:69:13:
                    68:4f:86:65:39:00:c7:68:05:0e:91:83:33:aa:4a:
                    09:22:a4:b9:e8:e7:4e:0f:35:05:6f:71:09:0d:11:
                    7c:46:32:2d:94:50:1b:8c:4f:90:ad:32:5c:59:48:
                    e9:a4:e8:72:7d:19:5a:63:93:89:66:c4:18:b9:c8:
                    a4:75:0e:d2:7f:61:81:92:b2:4b:56:58:a0:f2:47:
                    13:e4:d4:b8:c8:9f:51:e3:63:3e:fc:2e:03:c1:d7:
                    19:a8:38:60:d2:1d:2d:61:b7:13:3c:5c:5c:93:fa:
                    d0:b3:db:55:c8:47:a4:1c:67:96:77:d7:c7:97:e8:
                    79:9a:de:9f:1d:34:a1:cd:4f:b7:e8:4b:ef:13:08:
                    cf:e8:55:2b:49:e5:e0:84:74:2f:09:0d:00:16:dd:
                    35:74:94:d6:e1:0c:35:7d:51:c2:59:bd:58:cd:4c:
                    a0:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:56:59:12:8F:E8:4A:D8:C2:4A:33:16:D2:82:45:C8:9B:D9:30:BD
            X509v3 Authority Key Identifier:
                keyid:0C:01:EB:B0:DB:04:CC:4D:69:18:2B:38:EC:0D:F4:B0:89:22:27:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DAHrsNsEzE1pGCs47A30sIkiJ40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:a1:b9:ce:57:4c:98:ca:9f:f2:08:5c:79:08:2f:8b:4d:7a:
         cd:94:f7:43:f8:b6:63:5f:ed:6c:b4:16:ee:b2:74:3e:96:9c:
         91:83:00:d6:d0:ad:61:46:84:18:81:92:af:8c:06:17:46:96:
         55:d6:73:6d:9a:84:ba:23:30:d5:8f:e4:45:21:3d:11:48:29:
         7d:fa:2b:84:4d:c7:46:c8:31:dc:74:9c:1e:b2:43:ca:c6:a7:
         e9:94:c6:03:ea:80:f3:fd:23:ed:39:db:7f:93:a6:ed:61:01:
         6f:ee:6e:81:de:15:20:e4:db:15:2e:7d:44:00:01:f1:05:2f:
         f3:bc:b4:9c:32:95:47:d7:92:54:22:8f:82:7a:d0:04:90:fc:
         8e:4a:ba:84:17:72:84:76:f5:39:18:84:2a:3e:67:1b:b1:5a:
         77:20:2a:81:36:30:a3:c3:24:ae:99:bc:72:2e:5b:60:06:cd:
         35:32:9b:4e:f7:4f:8a:08:1e:6b:8c:76:a4:33:db:17:69:25:
         e4:ba:57:e7:55:8d:b6:70:73:00:54:0d:87:60:6c:6b:7a:bb:
         59:c7:29:93:ed:f2:23:e9:40:ac:37:76:98:71:b7:59:75:94:
         81:f8:99:15:32:b9:5d:51:d6:18:09:e6:e6:fe:86:51:29:ac:
         39:ea:b7:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oIt4VM+6QCFDHNgrrKRHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMDFlYmIwZGIwNGNjNGQ2OTE4MmIzOGVjMGRmNGIwODky
MjI3OGQwHhcNMjUwNjI4MTMwMTA0WhcNMjUwNjI5MTMwMTA0WjAzMTEwLwYDVQQD
EyhmMjU2NTkxMjhmZTg0YWQ4YzI0YTMzMTZkMjgyNDVjODliZDkzMGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GmDtDKDfRP/Gq9j1zLTFL8p9JfS
XZmR/M76waojYnpXtoUjfzreAWw0HELLnR4KclXLLuiZV9xmgmuaur95p182MsMx
oqNnEYQ9OBDMwNtzI1Gza9nPaRNoT4ZlOQDHaAUOkYMzqkoJIqS56OdODzUFb3EJ
DRF8RjItlFAbjE+QrTJcWUjppOhyfRlaY5OJZsQYucikdQ7Sf2GBkrJLVlig8kcT
5NS4yJ9R42M+/C4DwdcZqDhg0h0tYbcTPFxck/rQs9tVyEekHGeWd9fHl+h5mt6f
HTShzU+36EvvEwjP6FUrSeXghHQvCQ0AFt01dJTW4Qw1fVHCWb1YzUygJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPJWWRKP6ErYwkozFtKCRcib2TC9MB8GA1UdIwQY
MBaAFAwB67DbBMxNaRgrOOwN9LCJIieNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREFIcnNOc0V6RTFwR0NzNDdBMzBzSWtpSjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9lOTg2ODQtMzAyYy00YmE4LWFiN2Yt
YTEwMzg3NGU3YzRmLzEvREFIcnNOc0V6RTFwR0NzNDdBMzBzSWtpSjQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9lOTg2ODQtMzAyYy00YmE4LWFiN2YtYTEwMzg3NGU3YzRm
LzEvREFIcnNOc0V6RTFwR0NzNDdBMzBzSWtpSjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVKG5zldM
mMqf8ghceQgvi016zZT3Q/i2Y1/tbLQW7rJ0PpackYMA1tCtYUaEGIGSr4wGF0aW
VdZzbZqEuiMw1Y/kRSE9EUgpfforhE3HRsgx3HScHrJDysan6ZTGA+qA8/0j7Tnb
f5Om7WEBb+5ugd4VIOTbFS59RAAB8QUv87y0nDKVR9eSVCKPgnrQBJD8jkq6hBdy
hHb1ORiEKj5nG7FadyAqgTYwo8Mkrpm8ci5bYAbNNTKbTvdPiggea4x2pDPbF2kl
5LpX51WNtnBzAFQNh2Bsa3q7Wccpk+3yI+lArDd2mHG3WXWUgfiZFTK5XVHWGAnm
5v6GUSmsOeq3sA==
-----END CERTIFICATE-----