Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
File:                     DUlCfYpEd823aAhhqexQ3HMhaYI.mft (raw, json)
Hash identifier:          n+LuNPdZEOKn7IJd34uCtvOYquwNwkwh5rJEgAy0kvY=
Subject key identifier:   14:C9:D3:A8:CD:AB:DA:89:F6:50:E1:FE:0E:A3:A5:06:DF:B2:8D:FB
Authority key identifier: 0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82
Certificate issuer:       /CN=0d49427d8a4477cdb7680861a9ec50dc73216982
Certificate serial:       0197B6A09D83115D3DC2DFE8A2D6918E3918
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
Manifest number:          0641
Signing time:             Sat 28 Jun 2025 13:01:08 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:08 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:08 +0000
Files and hashes:         1: DUlCfYpEd823aAhhqexQ3HMhaYI.crl (hash: CI8FpPkg7TblW+yhbOABPycAqgHIrUafnX6ODTlEp6Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:9d:83:11:5d:3d:c2:df:e8:a2:d6:91:8e:39:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d49427d8a4477cdb7680861a9ec50dc73216982
        Validity
            Not Before: Jun 28 13:01:08 2025 GMT
            Not After : Jun 29 13:01:08 2025 GMT
        Subject: CN=14c9d3a8cdabda89f650e1fe0ea3a506dfb28dfb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:16:f9:b5:5c:d5:33:33:28:38:a6:39:43:a7:
                    dd:cb:df:4e:3f:68:f1:b6:1f:3f:88:2a:58:48:b0:
                    d3:eb:c0:7c:4f:28:c2:c6:3b:57:37:60:c2:ea:c6:
                    99:3f:29:9e:e2:eb:37:bb:d0:7f:d0:d6:03:a2:73:
                    1c:62:b4:e6:9b:a2:09:cd:5d:50:ab:85:6d:0b:5c:
                    c8:48:33:9e:a8:c7:69:eb:5a:cb:fa:05:8d:34:68:
                    1f:d4:d4:c5:de:94:e2:3a:2a:24:6a:89:f8:0e:13:
                    6a:2e:3e:eb:30:43:17:19:02:11:45:70:8f:29:9b:
                    4e:bf:34:70:25:b6:22:51:36:d6:63:98:2a:57:bb:
                    3e:3c:a8:7e:a6:63:ed:8a:8f:8e:49:8a:21:c2:9f:
                    01:98:6b:b4:62:03:f1:85:9a:dd:7d:84:6f:d7:57:
                    ac:a0:e5:7a:31:46:5b:81:0e:04:67:f7:1e:31:d6:
                    09:ec:ac:ed:41:04:a6:ba:2c:71:f3:05:38:d8:48:
                    8a:70:44:6f:ac:a1:74:7c:7f:3f:7c:08:b1:c2:25:
                    a1:4c:f7:79:ee:cc:04:ca:94:87:58:db:c3:1f:77:
                    2d:c9:64:8c:48:6b:0a:20:53:db:33:f2:32:8d:53:
                    20:7b:27:d7:09:68:14:22:62:cb:71:91:25:98:eb:
                    48:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:C9:D3:A8:CD:AB:DA:89:F6:50:E1:FE:0E:A3:A5:06:DF:B2:8D:FB
            X509v3 Authority Key Identifier:
                keyid:0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:04:07:72:ee:53:5b:88:8d:f1:05:15:69:d8:9b:ec:46:16:
         64:b9:6c:7c:a5:21:51:38:ea:b5:1c:6d:44:12:c8:64:ba:92:
         27:ce:3a:2d:e9:2a:c2:91:aa:ba:78:f5:96:29:32:dd:22:b6:
         80:63:b9:7a:26:30:27:cb:46:87:bb:aa:75:0c:4a:47:cf:4c:
         fd:f2:f4:eb:61:b1:be:1b:56:c2:57:ff:0a:e8:4b:47:78:d0:
         ad:f7:82:d8:62:6e:7c:da:c9:92:31:02:28:48:a2:bd:55:92:
         34:a5:e4:05:20:fe:ef:de:18:67:90:2e:61:81:57:80:64:f1:
         97:63:2d:d7:f1:47:3a:cb:b4:60:d3:06:7e:66:c1:fa:2a:f2:
         fd:c3:fa:28:ab:13:34:13:40:a3:56:87:e1:4a:07:49:b8:c8:
         e5:d4:09:14:07:6c:a0:5a:e1:48:88:fb:33:0c:94:af:72:c9:
         84:38:15:a9:eb:fb:2f:9c:be:26:92:ab:25:05:ba:2f:3f:19:
         0d:2d:e3:20:96:6b:7f:91:7d:46:34:cf:1d:f6:d3:85:6a:8b:
         f9:1f:ff:77:dd:a0:49:1b:33:05:3f:87:ac:34:e3:ab:aa:cc:
         b7:74:da:d0:65:01:48:43:ae:4a:39:a1:58:ee:e6:1d:3a:91:
         03:d1:3b:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oJ2DEV09wt/ootaRjjkYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDk0MjdkOGE0NDc3Y2RiNzY4MDg2MWE5ZWM1MGRjNzMy
MTY5ODIwHhcNMjUwNjI4MTMwMTA4WhcNMjUwNjI5MTMwMTA4WjAzMTEwLwYDVQQD
EygxNGM5ZDNhOGNkYWJkYTg5ZjY1MGUxZmUwZWEzYTUwNmRmYjI4ZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxb5tVzVMzMoOKY5Q6fdy99OP2jx
th8/iCpYSLDT68B8TyjCxjtXN2DC6saZPyme4us3u9B/0NYDonMcYrTmm6IJzV1Q
q4VtC1zISDOeqMdp61rL+gWNNGgf1NTF3pTiOiokaon4DhNqLj7rMEMXGQIRRXCP
KZtOvzRwJbYiUTbWY5gqV7s+PKh+pmPtio+OSYohwp8BmGu0YgPxhZrdfYRv11es
oOV6MUZbgQ4EZ/ceMdYJ7KztQQSmuixx8wU42EiKcERvrKF0fH8/fAixwiWhTPd5
7swEypSHWNvDH3ctyWSMSGsKIFPbM/IyjVMgeyfXCWgUImLLcZElmOtICwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBTJ06jNq9qJ9lDh/g6jpQbfso37MB8GA1UdIwQY
MBaAFA1JQn2KRHfNt2gIYansUNxzIWmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQt
N2E0MDU3MzE0MTY3LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQtN2E0MDU3MzE0MTY3
LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmAQHcu5T
W4iN8QUVadib7EYWZLlsfKUhUTjqtRxtRBLIZLqSJ846LekqwpGqunj1liky3SK2
gGO5eiYwJ8tGh7uqdQxKR89M/fL062GxvhtWwlf/CuhLR3jQrfeC2GJufNrJkjEC
KEiivVWSNKXkBSD+794YZ5AuYYFXgGTxl2Mt1/FHOsu0YNMGfmbB+iry/cP6KKsT
NBNAo1aH4UoHSbjI5dQJFAdsoFrhSIj7MwyUr3LJhDgVqev7L5y+JpKrJQW6Lz8Z
DS3jIJZrf5F9RjTPHfbThWqL+R//d92gSRszBT+HrDTjq6rMt3Ta0GUBSEOuSjmh
WO7mHTqRA9E7cg==
-----END CERTIFICATE-----