Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
File:                     DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft (raw, json)
Hash identifier:          JjwDPCizn4g2gsyGZ2i+QTH59toSVyqprv7clcwleg8=
Subject key identifier:   5B:16:F2:61:79:52:35:27:9D:8F:63:A5:18:52:2C:EE:5F:DC:2E:1D
Authority key identifier: 0D:DC:50:9B:4D:B3:52:03:AB:61:6F:47:81:F8:5D:D5:86:04:43:D8
Certificate issuer:       /CN=0ddc509b4db35203ab616f4781f85dd5860443d8
Certificate serial:       0197B6A07D178987FA03DA5A1AC8656DCB4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
Manifest number:          12ED
Signing time:             Sat 28 Jun 2025 13:01:00 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:00 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:00 +0000
Files and hashes:         1: DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl (hash: B24a/eNr0a1vhNKAxF5AzShyq1F4Udfcic6GsuslEGI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:7d:17:89:87:fa:03:da:5a:1a:c8:65:6d:cb:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ddc509b4db35203ab616f4781f85dd5860443d8
        Validity
            Not Before: Jun 28 13:01:00 2025 GMT
            Not After : Jun 29 13:01:00 2025 GMT
        Subject: CN=5b16f261795235279d8f63a518522cee5fdc2e1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:ad:30:cd:d3:53:2e:56:39:e9:2e:c6:c8:da:
                    c2:17:09:9f:5e:94:9b:89:e0:6f:09:cc:9a:5b:c7:
                    e7:39:e4:e8:2b:79:b7:5d:f3:71:25:95:96:7f:b3:
                    25:3c:b6:2f:72:c4:33:0b:b0:4f:80:8d:fb:43:51:
                    c7:a1:24:02:e5:57:bd:f5:b7:9b:04:be:67:bd:a5:
                    e8:05:6b:cc:73:8a:61:a9:e5:09:d0:86:14:66:1b:
                    cb:9a:51:ae:0c:95:ca:dd:a1:01:3b:65:59:85:37:
                    6f:bb:90:d4:47:9e:f8:16:a6:75:d1:a2:73:27:ea:
                    f5:a9:7f:73:fe:37:73:27:66:ee:4e:f0:97:8a:7b:
                    9e:27:1c:6b:90:49:60:d1:8b:32:35:5e:3a:8e:c0:
                    a0:20:8d:cf:18:b2:92:9b:72:c2:49:11:1e:19:b5:
                    58:7e:ac:9b:2a:f4:63:17:fd:be:a7:a3:73:2a:d3:
                    e1:8e:26:84:5a:c8:3a:9f:2c:e2:34:b0:1d:4a:d0:
                    74:5f:ca:cd:03:b0:3d:42:cb:d6:2c:7b:cb:a9:8a:
                    da:52:df:33:eb:f9:e6:24:03:69:95:b4:01:9e:b5:
                    47:ea:f6:59:b2:4a:1a:14:f1:27:61:e4:1e:58:58:
                    b9:1f:6a:69:04:c9:c5:5d:e6:61:1b:6d:58:7e:fd:
                    6d:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:16:F2:61:79:52:35:27:9D:8F:63:A5:18:52:2C:EE:5F:DC:2E:1D
            X509v3 Authority Key Identifier:
                keyid:0D:DC:50:9B:4D:B3:52:03:AB:61:6F:47:81:F8:5D:D5:86:04:43:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:3a:6c:cd:c9:8d:d6:0f:57:9d:2b:d3:84:a7:ce:7c:7a:c3:
         91:6c:4f:e6:7c:ed:53:ed:1e:7d:2b:8b:6e:0d:ce:b2:bc:64:
         c5:fe:92:0b:4d:ee:20:b9:04:af:6f:7e:0c:7d:f4:45:fe:dc:
         f2:d6:6d:ac:f4:95:1c:ed:87:54:67:02:f9:0a:53:c5:27:87:
         00:61:3f:8d:c7:bd:13:7b:f2:70:80:f3:41:bb:4a:43:85:f0:
         ff:98:b6:ba:49:1c:c4:cf:b5:c7:41:56:1b:39:80:ed:1a:9d:
         fe:92:5b:62:fc:e2:b4:e3:94:1f:79:89:d7:da:c2:cd:1d:2e:
         2e:9f:36:6e:aa:06:3a:33:93:a1:72:5a:d8:d8:16:d4:e7:21:
         fc:bc:d3:60:ea:b9:54:4a:56:86:de:c8:bb:87:45:b3:8d:99:
         9c:dd:e3:4c:bd:ff:7a:95:49:2a:12:93:90:19:e5:5e:9b:73:
         4d:37:a8:41:1a:30:8d:47:be:17:8e:cb:64:3e:3d:b4:bf:6f:
         4f:3a:65:e8:84:27:e0:b2:9d:8b:98:83:f4:ea:76:06:0a:13:
         ce:16:6c:b3:9a:64:e4:97:d1:ba:f6:b8:ed:3c:83:77:7e:e1:
         a1:38:77:d0:44:be:ea:50:f9:84:f3:c6:08:aa:ba:50:07:c2:
         23:51:65:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oH0XiYf6A9paGshlbctNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZGM1MDliNGRiMzUyMDNhYjYxNmY0NzgxZjg1ZGQ1ODYw
NDQzZDgwHhcNMjUwNjI4MTMwMTAwWhcNMjUwNjI5MTMwMTAwWjAzMTEwLwYDVQQD
Eyg1YjE2ZjI2MTc5NTIzNTI3OWQ4ZjYzYTUxODUyMmNlZTVmZGMyZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApK0wzdNTLlY56S7GyNrCFwmfXpSb
ieBvCcyaW8fnOeToK3m3XfNxJZWWf7MlPLYvcsQzC7BPgI37Q1HHoSQC5Ve99beb
BL5nvaXoBWvMc4phqeUJ0IYUZhvLmlGuDJXK3aEBO2VZhTdvu5DUR574FqZ10aJz
J+r1qX9z/jdzJ2buTvCXinueJxxrkElg0YsyNV46jsCgII3PGLKSm3LCSREeGbVY
fqybKvRjF/2+p6NzKtPhjiaEWsg6nyziNLAdStB0X8rNA7A9QsvWLHvLqYraUt8z
6/nmJANplbQBnrVH6vZZskoaFPEnYeQeWFi5H2ppBMnFXeZhG21Yfv1txQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFsW8mF5UjUnnY9jpRhSLO5f3C4dMB8GA1UdIwQY
MBaAFA3cUJtNs1IDq2FvR4H4XdWGBEPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xOTE0ODEtZGJiNy00MDMyLTljNGYt
ODdlNTc1N2I5N2UzLzEvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xOTE0ODEtZGJiNy00MDMyLTljNGYtODdlNTc1N2I5N2Uz
LzEvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZDpszcmN
1g9XnSvThKfOfHrDkWxP5nztU+0efSuLbg3Osrxkxf6SC03uILkEr29+DH30Rf7c
8tZtrPSVHO2HVGcC+QpTxSeHAGE/jce9E3vycIDzQbtKQ4Xw/5i2ukkcxM+1x0FW
GzmA7Rqd/pJbYvzitOOUH3mJ19rCzR0uLp82bqoGOjOToXJa2NgW1Och/LzTYOq5
VEpWht7Iu4dFs42ZnN3jTL3/epVJKhKTkBnlXptzTTeoQRowjUe+F47LZD49tL9v
Tzpl6IQn4LKdi5iD9Op2BgoTzhZss5pk5JfRuva47TyDd37hoTh30ES+6lD5hPPG
CKq6UAfCI1Fl9A==
-----END CERTIFICATE-----