Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
File:                     DcHMqlhPs5FOeS_VOQ47otMDM4w.mft (raw, json)
Hash identifier:          5uiUJ9olMiEPwjt4kDSliFOM6YDuQQ7W7BE/cKV5sMI=
Subject key identifier:   AF:45:9D:53:2F:41:05:C1:88:5C:B4:CA:B9:A9:FF:70:19:0C:CE:BC
Authority key identifier: 0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C
Certificate issuer:       /CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
Certificate serial:       0196A5AF3A0FFE673A0A7F39F8871ADD819A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
Manifest number:          0EED
Signing time:             Tue 06 May 2025 13:00:46 +0000
Manifest this update:     Tue 06 May 2025 13:00:46 +0000
Manifest next update:     Wed 07 May 2025 13:00:46 +0000
Files and hashes:         1: DcHMqlhPs5FOeS_VOQ47otMDM4w.crl (hash: p0AqAvRHXlZEo+pJc1bqjzOhB8IuPmmK+TG/0fE+frI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 13:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a5:af:3a:0f:fe:67:3a:0a:7f:39:f8:87:1a:dd:81:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
        Validity
            Not Before: May  6 13:00:46 2025 GMT
            Not After : May  7 13:00:46 2025 GMT
        Subject: CN=af459d532f4105c1885cb4cab9a9ff70190ccebc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:0e:ff:c7:43:b4:75:a4:e8:b8:33:8a:4a:5e:
                    9b:e1:d3:df:cb:d1:6c:ff:77:2e:02:0f:86:da:1e:
                    1d:6d:10:df:e5:d1:e7:15:5b:d0:20:20:c7:b9:44:
                    97:06:3c:13:1a:0a:b2:58:6d:ff:43:e2:a8:33:a9:
                    f6:35:89:7d:14:bb:5f:fe:0d:c8:b5:27:d8:61:85:
                    b5:6b:db:c1:3a:ea:17:81:4a:34:0c:2b:5e:ff:e8:
                    96:ec:b2:ab:8e:f3:87:da:5e:e5:16:bc:ca:fe:5c:
                    45:fb:35:78:57:65:68:3d:4d:7a:46:86:0e:bf:bb:
                    28:0b:46:b5:f7:1f:cf:90:61:34:ac:ff:41:bd:d8:
                    8e:b0:de:de:af:19:39:c1:79:15:3e:ff:50:c7:a8:
                    23:0a:d4:de:10:35:1e:67:07:f2:6d:e1:67:98:2d:
                    61:25:44:50:8e:68:54:1e:61:33:26:51:1a:a6:b0:
                    a5:1a:4c:b6:1a:84:75:c8:4e:9c:e0:e1:e8:82:33:
                    fb:36:8a:20:41:b2:45:32:55:d2:9d:50:9b:f8:52:
                    d8:35:58:a0:8e:19:79:77:ee:c8:58:47:ea:6b:34:
                    f7:23:d8:09:0b:b4:19:13:8e:7e:c4:55:07:30:d9:
                    ce:bd:23:82:fe:e1:3b:e4:23:76:64:bf:6e:ab:ef:
                    ec:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:45:9D:53:2F:41:05:C1:88:5C:B4:CA:B9:A9:FF:70:19:0C:CE:BC
            X509v3 Authority Key Identifier:
                keyid:0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:5e:8e:db:58:7a:b4:76:72:31:3a:35:f4:fd:aa:7a:28:31:
         e5:9c:c2:17:7f:ce:a1:69:d9:c8:1c:fb:29:f7:ed:8d:ab:8c:
         4b:4a:88:c7:e6:d6:e4:6b:dd:4e:40:f3:69:9b:cf:f6:bb:0d:
         8b:8f:fb:cd:39:ea:be:76:9f:fc:2d:9d:3a:9f:cb:56:fc:d2:
         e2:23:73:03:6c:42:fd:be:f5:99:82:c3:3a:7e:3b:9b:9c:74:
         9d:e0:bf:68:44:12:3d:25:98:ec:88:32:21:0f:2b:8b:f2:e4:
         1b:d2:c3:e3:6b:60:34:a6:12:af:d5:83:fa:b8:b6:c2:e8:f4:
         87:ed:c7:03:a2:d2:48:79:81:42:53:c3:1b:28:4a:16:cf:99:
         ca:e7:ec:31:30:40:03:ea:b2:ad:51:03:01:c1:13:f5:73:42:
         5d:0c:2c:ff:69:44:d4:7a:b4:84:bb:22:53:64:7f:26:9c:70:
         0f:d1:4d:93:e9:9b:c3:6d:ed:cb:68:62:12:e3:4a:ef:83:d8:
         64:f6:ef:9d:66:8a:55:36:17:06:9d:36:66:f1:f2:3b:de:83:
         fd:e2:a8:8d:7c:34:33:8f:8e:ae:cd:42:95:f3:6c:e0:82:15:
         25:05:5b:54:5b:b1:2a:85:dd:ee:cf:a7:9d:07:b4:49:55:e8:
         ea:32:d2:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZalrzoP/mc6Cn85+Ica3YGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYzFjY2FhNTg0ZmIzOTE0ZTc5MmZkNTM5MGUzYmEyZDMw
MzMzOGMwHhcNMjUwNTA2MTMwMDQ2WhcNMjUwNTA3MTMwMDQ2WjAzMTEwLwYDVQQD
EyhhZjQ1OWQ1MzJmNDEwNWMxODg1Y2I0Y2FiOWE5ZmY3MDE5MGNjZWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxg7/x0O0daTouDOKSl6b4dPfy9Fs
/3cuAg+G2h4dbRDf5dHnFVvQICDHuUSXBjwTGgqyWG3/Q+KoM6n2NYl9FLtf/g3I
tSfYYYW1a9vBOuoXgUo0DCte/+iW7LKrjvOH2l7lFrzK/lxF+zV4V2VoPU16RoYO
v7soC0a19x/PkGE0rP9BvdiOsN7erxk5wXkVPv9Qx6gjCtTeEDUeZwfybeFnmC1h
JURQjmhUHmEzJlEaprClGky2GoR1yE6c4OHogjP7NoogQbJFMlXSnVCb+FLYNVig
jhl5d+7IWEfqazT3I9gJC7QZE45+xFUHMNnOvSOC/uE75CN2ZL9uq+/slQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK9FnVMvQQXBiFy0yrmp/3AZDM68MB8GA1UdIwQY
MBaAFA3BzKpYT7ORTnkv1TkOO6LTAzOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUt
YmY4NWNkMjU0MjdlLzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUtYmY4NWNkMjU0Mjdl
LzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP16O21h6
tHZyMTo19P2qeigx5ZzCF3/OoWnZyBz7KfftjauMS0qIx+bW5GvdTkDzaZvP9rsN
i4/7zTnqvnaf/C2dOp/LVvzS4iNzA2xC/b71mYLDOn47m5x0neC/aEQSPSWY7Igy
IQ8ri/LkG9LD42tgNKYSr9WD+ri2wuj0h+3HA6LSSHmBQlPDGyhKFs+ZyufsMTBA
A+qyrVEDAcET9XNCXQws/2lE1Hq0hLsiU2R/JpxwD9FNk+mbw23ty2hiEuNK74PY
ZPbvnWaKVTYXBp02ZvHyO96D/eKojXw0M4+Ors1ClfNs4IIVJQVbVFuxKoXd7s+n
nQe0SVXo6jLSLA==
-----END CERTIFICATE-----