Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft
File:                     DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft (raw, json)
Hash identifier:          ZFneq5b8r2x2b4KNWVginBa45fxcj46SOajZstYG2B4=
Subject key identifier:   69:F7:A4:D0:34:73:74:0F:23:77:36:6A:15:48:37:DE:7D:81:DA:38
Authority key identifier: 0C:87:4A:5F:52:73:4E:26:0E:7B:FA:4D:45:11:4A:DD:92:77:E3:53
Certificate issuer:       /CN=0c874a5f52734e260e7bfa4d45114add9277e353
Certificate serial:       0196A65486F890757BCC31948732CC3793B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DIdKX1JzTiYOe_pNRRFK3ZJ341M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft
Manifest number:          0714
Signing time:             Tue 06 May 2025 16:01:19 +0000
Manifest this update:     Tue 06 May 2025 16:01:19 +0000
Manifest next update:     Wed 07 May 2025 16:01:19 +0000
Files and hashes:         1: DIdKX1JzTiYOe_pNRRFK3ZJ341M.crl (hash: RLA5Gsja4p5xES3len34+Lw2mNABqI1upg9iLHxg2sQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DIdKX1JzTiYOe_pNRRFK3ZJ341M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 14:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a6:54:86:f8:90:75:7b:cc:31:94:87:32:cc:37:93:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c874a5f52734e260e7bfa4d45114add9277e353
        Validity
            Not Before: May  6 16:01:19 2025 GMT
            Not After : May  7 16:01:19 2025 GMT
        Subject: CN=69f7a4d03473740f2377366a154837de7d81da38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:cb:11:09:8f:72:a0:fb:3d:5c:ed:04:9b:42:
                    e5:b3:55:20:e7:33:dd:7f:49:e2:a6:68:ab:91:08:
                    d1:3e:72:23:01:1e:8b:7f:3c:dd:ee:5f:11:eb:0a:
                    06:cb:2f:cc:ca:25:12:8d:7d:59:d8:78:35:ea:03:
                    e1:36:78:bd:e7:a4:4f:30:13:7d:e7:60:9c:8d:3a:
                    74:b1:13:92:08:06:d1:2f:2d:cc:76:5e:45:9c:b1:
                    88:54:4c:b4:2f:ef:c7:92:d1:b5:3d:6f:5a:5b:45:
                    44:d9:4d:6a:39:d7:36:79:d3:0c:51:78:b7:ee:28:
                    c8:3b:aa:b1:43:6f:2f:e6:ad:4e:d4:15:2b:8b:b2:
                    56:a1:0e:85:d5:bc:4d:2a:f8:1d:2e:8e:5b:76:35:
                    d7:21:81:fc:7a:3d:53:45:3e:81:24:8a:6f:69:ab:
                    8c:0c:48:f4:d4:50:35:fa:e0:2e:69:08:4a:8e:d6:
                    22:66:5f:4a:11:a3:6f:83:75:b6:67:89:cc:c5:ac:
                    25:fb:05:75:83:e5:95:0d:52:56:bd:ff:61:91:f4:
                    fc:59:bf:6e:d3:ba:90:2b:f9:86:f5:fc:16:3c:4a:
                    dc:32:3e:a4:9b:0f:09:10:de:32:a9:04:f0:f1:50:
                    a9:47:29:51:03:07:56:cd:f6:65:a3:d6:57:b1:3f:
                    ec:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:F7:A4:D0:34:73:74:0F:23:77:36:6A:15:48:37:DE:7D:81:DA:38
            X509v3 Authority Key Identifier:
                keyid:0C:87:4A:5F:52:73:4E:26:0E:7B:FA:4D:45:11:4A:DD:92:77:E3:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DIdKX1JzTiYOe_pNRRFK3ZJ341M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:80:c0:48:6c:9f:c2:84:f5:e0:14:5f:d2:46:7e:5e:f6:e8:
         6a:7a:3b:a4:be:e6:c7:bf:1f:8c:d4:ba:4b:08:ba:ee:f4:da:
         0d:f2:7f:18:27:13:c3:eb:f4:b0:20:7f:93:11:79:17:f8:9b:
         5d:4f:07:99:57:c3:cd:24:70:c4:87:91:8c:88:56:fa:a2:b4:
         e6:8b:97:21:70:68:c6:92:61:71:b9:67:cd:4a:d5:fa:c1:a3:
         15:bc:74:6c:1d:47:01:46:ab:ea:15:a9:9a:55:3f:bf:a3:35:
         42:ab:d3:c3:bd:55:1c:9c:eb:95:67:e8:2c:4d:f2:6d:8d:f0:
         35:2c:45:a7:8d:18:83:4b:f8:ec:3e:74:97:d0:35:96:0e:51:
         c2:fc:a9:f4:1b:a7:0f:2a:15:7d:26:ea:52:11:6d:10:1a:53:
         74:5b:b7:fa:c7:56:41:b3:5e:32:1e:42:34:00:68:65:4a:20:
         d5:4c:2f:24:26:be:a5:c2:fd:6d:2a:c2:7e:0d:0d:08:60:1f:
         9a:8a:3f:c2:2d:60:ff:1b:04:a4:c2:cb:f9:89:94:31:e6:7a:
         58:0e:a8:5b:91:97:37:28:a9:8e:68:3c:f0:f1:5d:0b:0c:b0:
         f1:1d:92:c9:83:a5:7b:96:61:fa:24:f0:99:e3:d8:ec:07:6a:
         c4:db:b9:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZamVIb4kHV7zDGUhzLMN5O2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjODc0YTVmNTI3MzRlMjYwZTdiZmE0ZDQ1MTE0YWRkOTI3
N2UzNTMwHhcNMjUwNTA2MTYwMTE5WhcNMjUwNTA3MTYwMTE5WjAzMTEwLwYDVQQD
Eyg2OWY3YTRkMDM0NzM3NDBmMjM3NzM2NmExNTQ4MzdkZTdkODFkYTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtssRCY9yoPs9XO0Em0Lls1Ug5zPd
f0nipmirkQjRPnIjAR6Lfzzd7l8R6woGyy/MyiUSjX1Z2Hg16gPhNni956RPMBN9
52CcjTp0sROSCAbRLy3Mdl5FnLGIVEy0L+/HktG1PW9aW0VE2U1qOdc2edMMUXi3
7ijIO6qxQ28v5q1O1BUri7JWoQ6F1bxNKvgdLo5bdjXXIYH8ej1TRT6BJIpvaauM
DEj01FA1+uAuaQhKjtYiZl9KEaNvg3W2Z4nMxawl+wV1g+WVDVJWvf9hkfT8Wb9u
07qQK/mG9fwWPErcMj6kmw8JEN4yqQTw8VCpRylRAwdWzfZlo9ZXsT/s2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGn3pNA0c3QPI3c2ahVIN959gdo4MB8GA1UdIwQY
MBaAFAyHSl9Sc04mDnv6TUURSt2Sd+NTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRElkS1gxSnpUaVlPZV9wTlJSRkszWkozNDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC81M2I0ODktYWI0OC00OWZlLTlkMDEt
YTBlMzdmMjVhNTE1LzEvRElkS1gxSnpUaVlPZV9wTlJSRkszWkozNDFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC81M2I0ODktYWI0OC00OWZlLTlkMDEtYTBlMzdmMjVhNTE1
LzEvRElkS1gxSnpUaVlPZV9wTlJSRkszWkozNDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADoDASGyf
woT14BRf0kZ+Xvboano7pL7mx78fjNS6Swi67vTaDfJ/GCcTw+v0sCB/kxF5F/ib
XU8HmVfDzSRwxIeRjIhW+qK05ouXIXBoxpJhcblnzUrV+sGjFbx0bB1HAUar6hWp
mlU/v6M1QqvTw71VHJzrlWfoLE3ybY3wNSxFp40Yg0v47D50l9A1lg5Rwvyp9Bun
DyoVfSbqUhFtEBpTdFu3+sdWQbNeMh5CNABoZUog1UwvJCa+pcL9bSrCfg0NCGAf
moo/wi1g/xsEpMLL+YmUMeZ6WA6oW5GXNyipjmg88PFdCwyw8R2SyYOle5Zh+iTw
mePY7AdqxNu5tQ==
-----END CERTIFICATE-----