Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
File:                     RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft (raw, json)
Hash identifier:          jYO+DK7uxm5awVsLVgelxKqB3yfEsUSSnJNLB5i040U=
Subject key identifier:   13:0D:CF:8D:95:D1:6D:8B:E8:D6:9E:C7:A2:08:D7:D7:1E:E6:B9:95
Authority key identifier: 44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C
Certificate issuer:       /CN=44f5ceb34bb77228982ecf41a400fab1046d966c
Certificate serial:       0196BFA5AFBC51B50C1E3AE927CFE63194D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
Manifest number:          0DB5
Signing time:             Sun 11 May 2025 14:00:28 +0000
Manifest this update:     Sun 11 May 2025 14:00:28 +0000
Manifest next update:     Mon 12 May 2025 14:00:28 +0000
Files and hashes:         1: RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl (hash: Y43S+hWyXinawJc9iuD1Q+6vL5wydk6Q/wZ/Xw+XdXM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 14:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:a5:af:bc:51:b5:0c:1e:3a:e9:27:cf:e6:31:94:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44f5ceb34bb77228982ecf41a400fab1046d966c
        Validity
            Not Before: May 11 14:00:28 2025 GMT
            Not After : May 12 14:00:28 2025 GMT
        Subject: CN=130dcf8d95d16d8be8d69ec7a208d7d71ee6b995
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ad:88:1a:3a:46:c6:16:0c:21:bb:96:00:22:
                    e3:da:27:19:93:e8:52:ad:0b:58:ff:9f:08:ca:be:
                    66:e5:b6:e0:58:eb:53:ae:b7:c6:54:ba:d8:c6:5b:
                    ef:69:72:8a:d9:8a:3a:68:b6:b8:17:e7:48:04:50:
                    59:78:4a:ad:af:24:28:c5:b0:83:d1:e3:fa:9c:ba:
                    1b:06:96:20:b0:96:f7:ff:41:51:66:e5:a4:c8:bc:
                    17:1e:45:5e:75:42:82:65:6d:01:12:6f:a0:f3:68:
                    73:2b:a0:d2:ca:a1:d0:94:f5:cc:50:37:1b:1d:11:
                    2e:7b:7c:d2:77:7f:a6:ee:c3:62:a6:ed:27:1e:93:
                    da:53:77:c9:94:e7:2b:b1:e4:bf:22:f8:ae:25:73:
                    59:04:6c:e9:8f:63:e8:8a:01:81:66:3b:3e:59:5c:
                    d6:6b:a1:da:0f:6e:4b:c9:a9:ad:1b:53:03:fb:28:
                    fc:32:88:15:99:6c:ed:d2:28:8c:01:dd:82:00:8c:
                    d0:fa:c8:65:90:5f:7a:4e:98:bf:6f:23:ee:e2:6e:
                    c8:95:3e:6e:82:d6:15:52:19:6a:a1:d4:a0:52:56:
                    56:ab:bc:e8:b9:ae:26:89:a2:9c:c8:5e:18:53:68:
                    c6:a5:85:f4:cc:31:8f:06:e8:5c:ac:77:0d:4d:82:
                    54:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:0D:CF:8D:95:D1:6D:8B:E8:D6:9E:C7:A2:08:D7:D7:1E:E6:B9:95
            X509v3 Authority Key Identifier:
                keyid:44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:cc:79:e4:aa:44:57:a9:1b:df:a8:c1:b0:6c:5e:12:4f:f6:
         7c:6a:51:b3:93:dc:a9:09:fe:f8:0b:01:59:23:3b:23:44:26:
         32:a4:e2:01:d1:28:4f:84:1e:b8:97:22:f1:cc:5b:f5:aa:c0:
         85:94:7b:1d:bf:a6:ec:df:42:62:37:9c:c2:1c:1a:78:92:2f:
         f8:48:e2:68:c4:8d:31:ae:b0:40:5a:64:46:53:94:6f:9d:e0:
         c7:44:59:16:9e:3e:e0:b6:0c:bb:36:3a:e2:91:7c:5a:52:18:
         85:82:f6:97:31:d4:31:41:ad:f0:d8:a2:2b:f6:28:a2:5d:cd:
         86:8f:4a:23:f5:ed:5d:37:a8:f6:3b:d8:3b:46:06:35:c9:d4:
         67:b1:d2:d0:ed:62:ad:74:a4:43:aa:d8:4b:91:89:46:7c:07:
         f9:e4:b8:f5:cf:9d:af:da:3a:65:9d:8b:a6:61:7e:1c:72:8a:
         6a:80:81:8a:93:97:ec:ee:85:04:15:19:45:0c:5a:15:09:a5:
         8a:a2:90:90:68:01:f9:26:50:5e:64:fa:5f:be:66:d1:c3:1f:
         0c:f9:f9:2d:e4:3b:bd:09:f9:37:59:e2:10:8d:10:13:21:85:
         a8:7a:44:03:62:73:d0:8b:01:83:c6:86:e5:32:2f:f4:17:32:
         6a:23:e0:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/pa+8UbUMHjrpJ8/mMZTXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjVjZWIzNGJiNzcyMjg5ODJlY2Y0MWE0MDBmYWIxMDQ2
ZDk2NmMwHhcNMjUwNTExMTQwMDI4WhcNMjUwNTEyMTQwMDI4WjAzMTEwLwYDVQQD
EygxMzBkY2Y4ZDk1ZDE2ZDhiZThkNjllYzdhMjA4ZDdkNzFlZTZiOTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtK2IGjpGxhYMIbuWACLj2icZk+hS
rQtY/58Iyr5m5bbgWOtTrrfGVLrYxlvvaXKK2Yo6aLa4F+dIBFBZeEqtryQoxbCD
0eP6nLobBpYgsJb3/0FRZuWkyLwXHkVedUKCZW0BEm+g82hzK6DSyqHQlPXMUDcb
HREue3zSd3+m7sNipu0nHpPaU3fJlOcrseS/IviuJXNZBGzpj2PoigGBZjs+WVzW
a6HaD25LyamtG1MD+yj8MogVmWzt0iiMAd2CAIzQ+shlkF96Tpi/byPu4m7IlT5u
gtYVUhlqodSgUlZWq7zoua4miaKcyF4YU2jGpYX0zDGPBuhcrHcNTYJUAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBMNz42V0W2L6Naex6II19ce5rmVMB8GA1UdIwQY
MBaAFET1zrNLt3IomC7PQaQA+rEEbZZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMt
MTQ0OGFhZjkyZTI2LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMtMTQ0OGFhZjkyZTI2
LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe8x55KpE
V6kb36jBsGxeEk/2fGpRs5PcqQn++AsBWSM7I0QmMqTiAdEoT4QeuJci8cxb9arA
hZR7Hb+m7N9CYjecwhwaeJIv+EjiaMSNMa6wQFpkRlOUb53gx0RZFp4+4LYMuzY6
4pF8WlIYhYL2lzHUMUGt8NiiK/Yool3Nho9KI/XtXTeo9jvYO0YGNcnUZ7HS0O1i
rXSkQ6rYS5GJRnwH+eS49c+dr9o6ZZ2LpmF+HHKKaoCBipOX7O6FBBUZRQxaFQml
iqKQkGgB+SZQXmT6X75m0cMfDPn5LeQ7vQn5N1niEI0QEyGFqHpEA2Jz0IsBg8aG
5TIv9BcyaiPgHA==
-----END CERTIFICATE-----