Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
File:                     DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft (raw, json)
Hash identifier:          FBnPhM2FcaN216xscW3UHzH2PYz395WeVoxD5EmTwDE=
Subject key identifier:   FD:9D:7B:A5:57:DD:41:87:95:3C:2F:60:FC:73:86:58:E4:FF:3A:89
Authority key identifier: 0D:DC:50:9B:4D:B3:52:03:AB:61:6F:47:81:F8:5D:D5:86:04:43:D8
Certificate issuer:       /CN=0ddc509b4db35203ab616f4781f85dd5860443d8
Certificate serial:       0196C728D0ADB36DE588D980190F226F85FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
Manifest number:          1271
Signing time:             Tue 13 May 2025 01:01:02 +0000
Manifest this update:     Tue 13 May 2025 01:01:02 +0000
Manifest next update:     Wed 14 May 2025 01:01:02 +0000
Files and hashes:         1: DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl (hash: SgcL9JXnr7cRBbjTGfTNS73Y8TTiBhh5mbxoqL0YKH8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c7:28:d0:ad:b3:6d:e5:88:d9:80:19:0f:22:6f:85:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ddc509b4db35203ab616f4781f85dd5860443d8
        Validity
            Not Before: May 13 01:01:02 2025 GMT
            Not After : May 14 01:01:02 2025 GMT
        Subject: CN=fd9d7ba557dd4187953c2f60fc738658e4ff3a89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:f5:cd:c0:21:4d:25:a5:70:64:eb:30:d2:80:
                    87:44:2d:87:02:2f:59:91:2a:b2:76:12:36:29:9d:
                    51:2e:39:5c:7a:eb:10:b4:0e:7c:67:ff:03:94:bc:
                    28:2d:1c:df:5d:29:a6:f6:15:e0:ac:3e:92:e5:0c:
                    f6:5e:79:da:5a:bb:14:2e:e8:47:8d:62:92:a7:d9:
                    c9:1e:5a:8a:a9:09:b3:41:8e:e7:15:53:89:de:23:
                    c5:fb:f6:d5:25:40:84:97:97:d8:a4:18:76:1f:95:
                    10:36:11:a6:69:0b:47:32:56:fc:37:ad:2f:3f:ad:
                    72:fc:7b:1f:32:36:18:33:64:e3:50:27:72:4b:e6:
                    98:13:50:c5:01:80:09:c5:97:0d:04:4c:e9:d8:a5:
                    21:15:9a:25:d1:1a:cc:61:61:5d:ab:6a:9d:95:c6:
                    3c:8d:f5:5c:9e:48:d2:93:56:fd:2b:b6:94:f7:73:
                    ee:9b:fc:ed:c3:4f:fa:5d:fd:03:35:16:8a:60:d1:
                    d3:02:c0:d7:78:79:07:7e:b4:4b:fe:c7:6a:87:0e:
                    1d:65:a9:00:5d:23:71:69:5a:88:67:b5:12:24:9b:
                    dd:12:41:39:04:e3:61:cc:22:e8:68:e1:3f:d7:5d:
                    23:52:07:5c:7b:65:8c:bc:ad:c6:94:1a:cf:e6:79:
                    67:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:9D:7B:A5:57:DD:41:87:95:3C:2F:60:FC:73:86:58:E4:FF:3A:89
            X509v3 Authority Key Identifier:
                keyid:0D:DC:50:9B:4D:B3:52:03:AB:61:6F:47:81:F8:5D:D5:86:04:43:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:37:85:7b:d7:25:f0:7d:87:38:59:cc:15:a6:c3:a1:c7:1d:
         58:92:2d:98:f2:62:b5:eb:36:7c:95:d9:97:4c:d4:c5:41:95:
         5c:17:65:77:6f:bf:41:49:0b:10:03:b1:fc:18:06:b0:7f:37:
         f6:70:2c:de:7a:da:f5:87:65:74:47:17:32:bc:16:8a:31:e1:
         4f:13:28:6b:fe:c8:c7:33:be:18:3e:77:38:8d:25:6c:0a:61:
         fb:55:f6:03:22:e7:38:c7:ac:e9:39:9a:d5:04:37:65:bf:e5:
         dd:b7:80:36:f7:3f:86:cf:d3:99:39:19:a1:3f:4e:8e:3c:de:
         81:73:a6:e8:26:d4:3f:39:2e:cb:1f:61:38:af:1b:5f:84:b5:
         52:7a:f9:7f:fd:1b:98:1a:bb:65:31:88:b8:06:99:79:93:10:
         37:80:3b:d7:95:09:18:e0:21:7b:9f:d1:43:01:3a:26:b6:30:
         27:37:c1:3b:79:f3:b1:5d:69:31:31:66:ef:1c:ce:0f:ca:4f:
         c6:ca:f8:be:01:77:80:a6:e9:b8:6e:95:0d:14:a4:f3:4a:d2:
         1f:52:7f:16:e4:f6:0d:8d:94:e1:5d:c1:b0:8d:7a:7e:c6:ad:
         1c:a7:ba:e2:fb:d6:0f:6d:e0:f5:40:10:56:43:39:5f:09:47:
         42:0a:da:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbHKNCts23liNmAGQ8ib4X6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZGM1MDliNGRiMzUyMDNhYjYxNmY0NzgxZjg1ZGQ1ODYw
NDQzZDgwHhcNMjUwNTEzMDEwMTAyWhcNMjUwNTE0MDEwMTAyWjAzMTEwLwYDVQQD
EyhmZDlkN2JhNTU3ZGQ0MTg3OTUzYzJmNjBmYzczODY1OGU0ZmYzYTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fXNwCFNJaVwZOsw0oCHRC2HAi9Z
kSqydhI2KZ1RLjlceusQtA58Z/8DlLwoLRzfXSmm9hXgrD6S5Qz2XnnaWrsULuhH
jWKSp9nJHlqKqQmzQY7nFVOJ3iPF+/bVJUCEl5fYpBh2H5UQNhGmaQtHMlb8N60v
P61y/HsfMjYYM2TjUCdyS+aYE1DFAYAJxZcNBEzp2KUhFZol0RrMYWFdq2qdlcY8
jfVcnkjSk1b9K7aU93Pum/ztw0/6Xf0DNRaKYNHTAsDXeHkHfrRL/sdqhw4dZakA
XSNxaVqIZ7USJJvdEkE5BONhzCLoaOE/110jUgdce2WMvK3GlBrP5nlngwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP2de6VX3UGHlTwvYPxzhljk/zqJMB8GA1UdIwQY
MBaAFA3cUJtNs1IDq2FvR4H4XdWGBEPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xOTE0ODEtZGJiNy00MDMyLTljNGYt
ODdlNTc1N2I5N2UzLzEvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xOTE0ODEtZGJiNy00MDMyLTljNGYtODdlNTc1N2I5N2Uz
LzEvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKTeFe9cl
8H2HOFnMFabDoccdWJItmPJites2fJXZl0zUxUGVXBdld2+/QUkLEAOx/BgGsH83
9nAs3nra9YdldEcXMrwWijHhTxMoa/7IxzO+GD53OI0lbAph+1X2AyLnOMes6Tma
1QQ3Zb/l3beANvc/hs/TmTkZoT9OjjzegXOm6CbUPzkuyx9hOK8bX4S1Unr5f/0b
mBq7ZTGIuAaZeZMQN4A715UJGOAhe5/RQwE6JrYwJzfBO3nzsV1pMTFm7xzOD8pP
xsr4vgF3gKbpuG6VDRSk80rSH1J/FuT2DY2U4V3BsI16fsatHKe64vvWD23g9UAQ
VkM5XwlHQgra9A==
-----END CERTIFICATE-----