Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft
File:                     DAHrsNsEzE1pGCs47A30sIkiJ40.mft (raw, json)
Hash identifier:          xdZL4+t9AEpQWmsZb0HxtqL8w9wP+LYz9QOveoQSR2s=
Subject key identifier:   79:74:CE:EA:89:C6:E6:1F:E4:F7:62:20:4C:09:7F:98:B6:6A:19:49
Authority key identifier: 0C:01:EB:B0:DB:04:CC:4D:69:18:2B:38:EC:0D:F4:B0:89:22:27:8D
Certificate issuer:       /CN=0c01ebb0db04cc4d69182b38ec0df4b08922278d
Certificate serial:       0196A2772A543E0425E1A01F51E3600ABDE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DAHrsNsEzE1pGCs47A30sIkiJ40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft
Manifest number:          1521
Signing time:             Mon 05 May 2025 22:00:40 +0000
Manifest this update:     Mon 05 May 2025 22:00:40 +0000
Manifest next update:     Tue 06 May 2025 22:00:40 +0000
Files and hashes:         1: DAHrsNsEzE1pGCs47A30sIkiJ40.crl (hash: mXbV4WEJJPDOFaterlGNuGJqVU+a2wK2OQLTe6+DdZY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DAHrsNsEzE1pGCs47A30sIkiJ40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a2:77:2a:54:3e:04:25:e1:a0:1f:51:e3:60:0a:bd:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c01ebb0db04cc4d69182b38ec0df4b08922278d
        Validity
            Not Before: May  5 22:00:40 2025 GMT
            Not After : May  6 22:00:40 2025 GMT
        Subject: CN=7974ceea89c6e61fe4f762204c097f98b66a1949
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:e4:07:ce:e9:f6:64:8d:d0:16:4b:5f:db:3f:
                    ed:fb:7f:ae:46:ef:63:3b:6e:4a:7d:b1:e3:e3:ff:
                    e6:50:32:cb:d5:83:d8:d8:69:10:27:ea:61:c7:ec:
                    ea:f6:6e:c3:d9:b2:f0:72:0a:c7:b2:1e:eb:1b:08:
                    e5:cf:3c:31:8f:22:ba:89:62:16:cc:9e:49:d1:02:
                    57:62:f4:47:8b:b2:60:55:c8:68:b2:12:21:d9:94:
                    90:4d:a1:ec:79:7f:a1:b2:8a:0b:7b:6f:85:94:e9:
                    e1:ce:2b:bb:36:a2:b5:d3:ee:95:5f:c2:60:cb:97:
                    bd:dc:e4:bc:8e:4f:f8:dd:28:75:80:2f:15:dc:29:
                    5e:66:65:64:ad:c2:c5:63:f4:0b:1d:18:e5:76:5c:
                    63:ad:c7:8c:ff:39:f8:44:7a:36:3c:59:d1:24:e3:
                    3d:8b:e0:2d:f5:54:fd:65:90:ea:f0:06:c0:7e:59:
                    46:6e:7b:0f:6d:5b:df:9e:19:4a:c4:da:f5:a0:3b:
                    9f:55:c7:47:79:bc:38:0c:f7:92:8e:42:0e:38:bb:
                    ac:17:a3:7a:7e:63:3f:db:b1:0d:50:71:28:10:f7:
                    65:f3:e3:5c:84:c1:66:a0:9d:7a:d1:89:92:78:6c:
                    03:23:8e:9f:f3:36:51:3e:17:e1:5e:70:bd:b4:ad:
                    7b:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:74:CE:EA:89:C6:E6:1F:E4:F7:62:20:4C:09:7F:98:B6:6A:19:49
            X509v3 Authority Key Identifier:
                keyid:0C:01:EB:B0:DB:04:CC:4D:69:18:2B:38:EC:0D:F4:B0:89:22:27:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DAHrsNsEzE1pGCs47A30sIkiJ40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:a2:64:f5:52:ec:a5:93:01:1f:d5:96:cd:30:98:cd:9b:6d:
         ca:bf:f9:e2:43:99:ec:96:c6:fe:17:1c:92:7d:7b:6e:21:7e:
         fb:3f:c1:c4:5c:ce:8a:5c:c0:10:8f:51:9f:f3:b0:c6:29:49:
         43:66:40:77:52:a2:af:82:cc:04:d3:88:59:40:a2:23:a9:3d:
         03:07:85:13:4f:f9:a1:1f:85:e9:61:d2:32:d6:ee:3b:71:8c:
         4b:c5:bc:f2:2d:88:bb:fe:16:87:31:8d:39:d7:79:83:ae:4c:
         83:c0:94:0c:24:1e:65:fe:57:07:a6:46:58:59:aa:1a:58:c1:
         58:3e:ab:91:c0:db:14:61:0b:04:a6:22:5a:0a:7d:4c:0d:78:
         e6:0b:ec:83:35:52:bf:8f:20:a7:89:63:81:71:b2:59:2a:32:
         fe:18:c3:2b:90:2e:5e:23:a0:0f:f8:34:c3:d1:a3:f7:0f:c4:
         a5:f6:37:56:dc:4b:0c:11:10:31:ab:c1:c7:94:77:87:c9:b4:
         b8:18:d4:09:9a:2b:fe:41:5a:87:20:61:f4:1a:7f:27:aa:37:
         37:b7:4b:13:30:36:43:93:ef:5f:bc:44:2a:d1:a9:80:22:41:
         e3:4c:a2:5d:fa:ae:ed:e0:d5:68:cc:f4:67:b5:c3:23:ac:6c:
         6c:f7:7b:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaidypUPgQl4aAfUeNgCr3jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMDFlYmIwZGIwNGNjNGQ2OTE4MmIzOGVjMGRmNGIwODky
MjI3OGQwHhcNMjUwNTA1MjIwMDQwWhcNMjUwNTA2MjIwMDQwWjAzMTEwLwYDVQQD
Eyg3OTc0Y2VlYTg5YzZlNjFmZTRmNzYyMjA0YzA5N2Y5OGI2NmExOTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+QHzun2ZI3QFktf2z/t+3+uRu9j
O25KfbHj4//mUDLL1YPY2GkQJ+phx+zq9m7D2bLwcgrHsh7rGwjlzzwxjyK6iWIW
zJ5J0QJXYvRHi7JgVchoshIh2ZSQTaHseX+hsooLe2+FlOnhziu7NqK10+6VX8Jg
y5e93OS8jk/43Sh1gC8V3CleZmVkrcLFY/QLHRjldlxjrceM/zn4RHo2PFnRJOM9
i+At9VT9ZZDq8AbAfllGbnsPbVvfnhlKxNr1oDufVcdHebw4DPeSjkIOOLusF6N6
fmM/27ENUHEoEPdl8+NchMFmoJ160YmSeGwDI46f8zZRPhfhXnC9tK17QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHl0zuqJxuYf5PdiIEwJf5i2ahlJMB8GA1UdIwQY
MBaAFAwB67DbBMxNaRgrOOwN9LCJIieNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREFIcnNOc0V6RTFwR0NzNDdBMzBzSWtpSjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9lOTg2ODQtMzAyYy00YmE4LWFiN2Yt
YTEwMzg3NGU3YzRmLzEvREFIcnNOc0V6RTFwR0NzNDdBMzBzSWtpSjQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9lOTg2ODQtMzAyYy00YmE4LWFiN2YtYTEwMzg3NGU3YzRm
LzEvREFIcnNOc0V6RTFwR0NzNDdBMzBzSWtpSjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ6Jk9VLs
pZMBH9WWzTCYzZttyr/54kOZ7JbG/hcckn17biF++z/BxFzOilzAEI9Rn/OwxilJ
Q2ZAd1Kir4LMBNOIWUCiI6k9AweFE0/5oR+F6WHSMtbuO3GMS8W88i2Iu/4WhzGN
Odd5g65Mg8CUDCQeZf5XB6ZGWFmqGljBWD6rkcDbFGELBKYiWgp9TA145gvsgzVS
v48gp4ljgXGyWSoy/hjDK5AuXiOgD/g0w9Gj9w/EpfY3VtxLDBEQMavBx5R3h8m0
uBjUCZor/kFahyBh9Bp/J6o3N7dLEzA2Q5PvX7xEKtGpgCJB40yiXfqu7eDVaMz0
Z7XDI6xsbPd7yw==
-----END CERTIFICATE-----