Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/5f84a1-e8dc-4115-a645-e81720a3978d/1/0WLUzQwan_4krVFT0Zzpwx3LTH0.mft
File:                     0WLUzQwan_4krVFT0Zzpwx3LTH0.mft (raw, json)
Hash identifier:          Q0dle8fLzjXZSUtWQhJ8fITAv2kB1T1fy4ss8m9dcd8=
Subject key identifier:   DD:B3:3F:52:9E:63:82:8B:F3:3F:33:2B:D0:03:B3:B4:40:97:7E:74
Authority key identifier: D1:62:D4:CD:0C:1A:9F:FE:24:AD:51:53:D1:9C:E9:C3:1D:CB:4C:7D
Certificate issuer:       /CN=d162d4cd0c1a9ffe24ad5153d19ce9c31dcb4c7d
Certificate serial:       0196C2399B5A57A16785051EEA007AC7EEFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0WLUzQwan_4krVFT0Zzpwx3LTH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/5f84a1-e8dc-4115-a645-e81720a3978d/1/0WLUzQwan_4krVFT0Zzpwx3LTH0.mft
Manifest number:          1531
Signing time:             Mon 12 May 2025 02:01:17 +0000
Manifest this update:     Mon 12 May 2025 02:01:17 +0000
Manifest next update:     Tue 13 May 2025 02:01:17 +0000
Files and hashes:         1: 0WLUzQwan_4krVFT0Zzpwx3LTH0.crl (hash: OJ/2R5o62gQrWiSUXWqKMmzNJYa6/I56LT84M8pW4EM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/5f84a1-e8dc-4115-a645-e81720a3978d/1/0WLUzQwan_4krVFT0Zzpwx3LTH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/5f84a1-e8dc-4115-a645-e81720a3978d/1/0WLUzQwan_4krVFT0Zzpwx3LTH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0WLUzQwan_4krVFT0Zzpwx3LTH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c2:39:9b:5a:57:a1:67:85:05:1e:ea:00:7a:c7:ee:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d162d4cd0c1a9ffe24ad5153d19ce9c31dcb4c7d
        Validity
            Not Before: May 12 02:01:17 2025 GMT
            Not After : May 13 02:01:17 2025 GMT
        Subject: CN=ddb33f529e63828bf33f332bd003b3b440977e74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ba:f4:e8:17:24:83:79:b2:c4:c7:98:d1:94:
                    11:f0:96:f5:00:7a:a0:a9:c3:ff:92:09:3a:d7:19:
                    51:f6:2d:c4:a2:ea:42:2b:a5:37:d6:b0:6b:d1:e9:
                    12:4e:41:39:5f:2d:ac:07:fc:ca:4a:e4:a7:df:5a:
                    23:96:e4:aa:d8:ea:e8:b4:61:9b:d6:43:18:c8:c5:
                    8b:7d:33:07:73:5f:0f:2e:9c:e1:a7:9c:42:76:44:
                    e2:22:fd:ae:1f:6a:86:00:c2:35:76:46:5d:96:6b:
                    22:07:28:77:e1:79:3b:07:2c:81:3a:9a:b8:de:c1:
                    cc:df:66:fa:ed:33:81:77:2d:76:14:a6:87:56:a7:
                    82:dc:fe:aa:0e:06:54:a5:94:cf:28:29:65:a3:89:
                    da:5a:53:e5:cb:f5:5f:fb:66:61:f2:b4:fb:e8:f3:
                    95:71:7f:00:2b:99:2e:43:f3:e3:03:b4:4d:6f:b4:
                    02:52:33:c7:63:ce:ac:bc:4a:41:8b:20:30:ba:56:
                    59:d8:9a:4d:3d:0a:c9:be:67:c5:dd:94:ed:9d:0b:
                    45:cf:6e:6b:0c:ca:66:23:32:ff:79:99:bc:4f:8e:
                    3b:e7:48:77:d2:c4:0f:34:4d:39:75:de:9b:72:a2:
                    f4:b6:62:08:38:d4:63:04:19:ab:8f:ba:2e:6e:aa:
                    25:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:B3:3F:52:9E:63:82:8B:F3:3F:33:2B:D0:03:B3:B4:40:97:7E:74
            X509v3 Authority Key Identifier:
                keyid:D1:62:D4:CD:0C:1A:9F:FE:24:AD:51:53:D1:9C:E9:C3:1D:CB:4C:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0WLUzQwan_4krVFT0Zzpwx3LTH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5f84a1-e8dc-4115-a645-e81720a3978d/1/0WLUzQwan_4krVFT0Zzpwx3LTH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5f84a1-e8dc-4115-a645-e81720a3978d/1/0WLUzQwan_4krVFT0Zzpwx3LTH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:6d:6f:9a:fa:97:c2:87:d6:5d:ae:ed:a5:c6:2e:f7:da:02:
         99:25:60:87:7a:b3:ba:e4:26:1c:3e:8e:3a:49:68:fd:35:67:
         62:8a:35:3f:25:f1:21:56:70:66:20:5c:1a:df:64:00:98:18:
         c2:20:1c:f7:93:a8:d5:72:39:6d:6f:63:cd:cf:3c:e9:15:3f:
         77:22:e8:60:c1:6d:c4:30:14:a6:cc:21:43:4d:bd:ad:d7:de:
         fa:e2:1a:ad:17:dc:7a:ab:fb:1f:38:55:5b:0c:94:d1:0c:7d:
         ee:8d:bf:a1:63:bc:76:82:de:e8:d8:3e:70:79:78:c4:ce:81:
         ef:16:5d:25:a1:82:8b:4b:84:95:e1:9f:ff:62:43:46:f2:72:
         a0:ab:3b:bd:c6:f2:69:20:c3:42:e9:66:71:24:1e:e5:28:b0:
         34:05:f4:5a:c5:34:fe:91:b1:a3:20:a9:e4:44:61:7d:2a:3f:
         3a:20:e5:ae:5a:c7:ef:99:6a:1e:21:87:db:7f:93:3e:6d:b1:
         a0:13:35:95:ce:d9:0f:c1:84:28:3e:4b:23:85:1f:20:d4:6d:
         f2:a3:61:4b:d0:32:ad:d4:38:e4:78:49:74:0d:7e:39:00:f8:
         39:8c:9b:d9:5d:cf:5f:e5:03:81:14:1b:5a:64:ca:fc:09:92:
         d6:01:6c:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbCOZtaV6FnhQUe6gB6x+77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNjJkNGNkMGMxYTlmZmUyNGFkNTE1M2QxOWNlOWMzMWRj
YjRjN2QwHhcNMjUwNTEyMDIwMTE3WhcNMjUwNTEzMDIwMTE3WjAzMTEwLwYDVQQD
EyhkZGIzM2Y1MjllNjM4MjhiZjMzZjMzMmJkMDAzYjNiNDQwOTc3ZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrr06Bckg3myxMeY0ZQR8Jb1AHqg
qcP/kgk61xlR9i3EoupCK6U31rBr0ekSTkE5Xy2sB/zKSuSn31ojluSq2OrotGGb
1kMYyMWLfTMHc18PLpzhp5xCdkTiIv2uH2qGAMI1dkZdlmsiByh34Xk7ByyBOpq4
3sHM32b67TOBdy12FKaHVqeC3P6qDgZUpZTPKCllo4naWlPly/Vf+2Zh8rT76POV
cX8AK5kuQ/PjA7RNb7QCUjPHY86svEpBiyAwulZZ2JpNPQrJvmfF3ZTtnQtFz25r
DMpmIzL/eZm8T44750h30sQPNE05dd6bcqL0tmIIONRjBBmrj7oubqolfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN2zP1KeY4KL8z8zK9ADs7RAl350MB8GA1UdIwQY
MBaAFNFi1M0MGp/+JK1RU9Gc6cMdy0x9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFdMVXpRd2FuXzRrclZGVDBaenB3eDNMVEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi81Zjg0YTEtZThkYy00MTE1LWE2NDUt
ZTgxNzIwYTM5NzhkLzEvMFdMVXpRd2FuXzRrclZGVDBaenB3eDNMVEgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi81Zjg0YTEtZThkYy00MTE1LWE2NDUtZTgxNzIwYTM5Nzhk
LzEvMFdMVXpRd2FuXzRrclZGVDBaenB3eDNMVEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARW1vmvqX
wofWXa7tpcYu99oCmSVgh3qzuuQmHD6OOklo/TVnYoo1PyXxIVZwZiBcGt9kAJgY
wiAc95Oo1XI5bW9jzc886RU/dyLoYMFtxDAUpswhQ029rdfe+uIarRfceqv7HzhV
WwyU0Qx97o2/oWO8doLe6Ng+cHl4xM6B7xZdJaGCi0uEleGf/2JDRvJyoKs7vcby
aSDDQulmcSQe5SiwNAX0WsU0/pGxoyCp5ERhfSo/OiDlrlrH75lqHiGH23+TPm2x
oBM1lc7ZD8GEKD5LI4UfINRt8qNhS9AyrdQ45HhJdA1+OQD4OYyb2V3PX+UDgRQb
WmTK/AmS1gFs6w==
-----END CERTIFICATE-----