Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
File:                     DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json)
Hash identifier:          ESmIiBXg4Hwxgl10fXOszUp0+rQmgydbnqKsiFsazeQ=
Subject key identifier:   27:DB:97:21:10:68:77:27:1C:E0:78:3D:89:E4:C8:93:52:5C:55:9F
Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90
Certificate issuer:       /CN=0e85fd3c9f9558b218022ff409fc554faee79090
Certificate serial:       0196BC36E678F7770D1CA20E21FF033DD3DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
Manifest number:          1530
Signing time:             Sat 10 May 2025 22:00:36 +0000
Manifest this update:     Sat 10 May 2025 22:00:36 +0000
Manifest next update:     Sun 11 May 2025 22:00:36 +0000
Files and hashes:         1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: JlxTu3/NH9OMr2twfEGS3C/yJwIQwPdJ6ILzAZxtIFo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bc:36:e6:78:f7:77:0d:1c:a2:0e:21:ff:03:3d:d3:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090
        Validity
            Not Before: May 10 22:00:36 2025 GMT
            Not After : May 11 22:00:36 2025 GMT
        Subject: CN=27db9721106877271ce0783d89e4c893525c559f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:85:d0:b9:4e:e9:bd:92:bb:0a:26:75:78:f1:
                    b7:01:4f:c1:b8:62:53:49:26:4d:3a:43:22:a0:6b:
                    ef:db:e6:ed:37:91:d4:32:3f:cb:21:6d:6d:cf:60:
                    52:aa:93:2e:ba:00:b5:89:6e:d0:6c:e2:d3:d2:fd:
                    89:c1:e8:74:3e:dc:1c:64:7f:56:1b:a0:cb:9a:c4:
                    b0:c3:30:3f:16:49:45:09:e9:41:3b:61:88:8c:c4:
                    eb:0d:3a:f8:e9:29:33:77:53:90:a3:3f:bb:63:d2:
                    3e:8a:91:68:66:4d:da:dc:dc:be:7f:9e:24:8f:22:
                    09:4d:32:a5:03:35:46:85:8e:dc:ef:cb:99:60:38:
                    10:ec:43:9e:9e:b5:01:e9:8c:12:cb:59:78:1f:39:
                    e0:14:f1:ed:2f:11:82:1b:76:bd:07:1a:40:3c:d6:
                    86:02:8b:4d:31:dd:05:07:9a:33:e4:42:c8:ad:80:
                    83:8e:9b:ea:78:98:26:c7:58:e4:11:a2:cb:c3:0a:
                    82:8d:74:74:84:6e:39:70:11:63:25:e1:7b:71:24:
                    c2:d5:c5:42:49:bd:bc:bc:63:c2:57:8a:c6:7e:7c:
                    5f:49:7a:66:18:3d:5d:cb:ff:e0:f6:5d:bd:12:cf:
                    bd:d7:0d:68:fb:24:16:32:33:cd:4a:7b:33:0b:44:
                    32:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:DB:97:21:10:68:77:27:1C:E0:78:3D:89:E4:C8:93:52:5C:55:9F
            X509v3 Authority Key Identifier:
                keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:bb:6a:7b:82:36:2a:a7:d4:d8:cf:86:ed:f0:a9:10:cd:e4:
         18:ff:57:9d:7f:fc:5c:80:d2:c1:db:17:7e:2b:a3:44:a2:f2:
         cd:6b:bc:bb:1d:c2:04:22:ca:1a:bf:bb:87:ba:3a:12:1a:fe:
         89:b1:20:96:4f:07:11:62:57:3c:17:d8:8a:a9:ab:04:ea:78:
         ac:ea:4d:57:74:30:75:17:75:6f:57:ab:f5:8f:f5:92:a8:53:
         4c:dd:d7:ea:fe:3c:c0:a8:99:ed:d3:75:0b:29:23:23:e9:97:
         9b:00:00:17:a7:cf:d2:36:3b:8c:46:55:70:69:f7:13:a6:d4:
         7c:2d:96:1f:3a:28:d5:74:52:b0:d2:e6:e3:d1:0b:9e:a3:f2:
         81:16:86:16:ed:d4:7b:e4:83:3f:b2:e5:24:d7:3a:68:8c:72:
         d2:5b:c7:b9:18:75:12:57:18:41:c9:3e:3c:8e:8d:98:11:7f:
         9b:06:b4:44:fa:7f:c0:16:f6:4b:23:88:2d:eb:a7:44:0b:7a:
         50:ed:cf:68:c5:f9:33:11:66:cc:5c:c5:40:5d:80:85:90:29:
         76:1b:51:80:3d:12:7e:26:4e:2a:a4:03:0d:f6:2f:c7:b7:7c:
         04:b4:9c:bf:0e:a2:58:61:d3:6b:c6:f4:cc:aa:0b:0b:ca:d0:
         6e:7b:6a:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa8NuZ493cNHKIOIf8DPdPfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl
NzkwOTAwHhcNMjUwNTEwMjIwMDM2WhcNMjUwNTExMjIwMDM2WjAzMTEwLwYDVQQD
EygyN2RiOTcyMTEwNjg3NzI3MWNlMDc4M2Q4OWU0Yzg5MzUyNWM1NTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4XQuU7pvZK7CiZ1ePG3AU/BuGJT
SSZNOkMioGvv2+btN5HUMj/LIW1tz2BSqpMuugC1iW7QbOLT0v2Jweh0PtwcZH9W
G6DLmsSwwzA/FklFCelBO2GIjMTrDTr46Skzd1OQoz+7Y9I+ipFoZk3a3Ny+f54k
jyIJTTKlAzVGhY7c78uZYDgQ7EOenrUB6YwSy1l4HzngFPHtLxGCG3a9BxpAPNaG
AotNMd0FB5oz5ELIrYCDjpvqeJgmx1jkEaLLwwqCjXR0hG45cBFjJeF7cSTC1cVC
Sb28vGPCV4rGfnxfSXpmGD1dy//g9l29Es+91w1o+yQWMjPNSnszC0QyEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCfblyEQaHcnHOB4PYnkyJNSXFWfMB8GA1UdIwQY
MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt
MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli
LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbbtqe4I2
KqfU2M+G7fCpEM3kGP9XnX/8XIDSwdsXfiujRKLyzWu8ux3CBCLKGr+7h7o6Ehr+
ibEglk8HEWJXPBfYiqmrBOp4rOpNV3QwdRd1b1er9Y/1kqhTTN3X6v48wKiZ7dN1
CykjI+mXmwAAF6fP0jY7jEZVcGn3E6bUfC2WHzoo1XRSsNLm49ELnqPygRaGFu3U
e+SDP7LlJNc6aIxy0lvHuRh1ElcYQck+PI6NmBF/mwa0RPp/wBb2SyOILeunRAt6
UO3PaMX5MxFmzFzFQF2AhZApdhtRgD0SfiZOKqQDDfYvx7d8BLScvw6iWGHTa8b0
zKoLC8rQbntqTw==
-----END CERTIFICATE-----