Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          SaFPIDhQYFeD8oMgZaMYeWmd88ji7RTyq1BcdUwuClg=
Subject key identifier:   37:61:B7:28:28:C1:3C:C2:45:9D:3A:39:47:00:23:FA:12:2F:5F:CD
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       0196AA311F673419A4F23598CF9B07432DA1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          10B9
Signing time:             Wed 07 May 2025 10:01:08 +0000
Manifest this update:     Wed 07 May 2025 10:01:08 +0000
Manifest next update:     Thu 08 May 2025 10:01:08 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: tZiCBOzUXVEk240pW26sUHpSPPWYOE+0xX8kbocOqg8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 10:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:aa:31:1f:67:34:19:a4:f2:35:98:cf:9b:07:43:2d:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: May  7 10:01:08 2025 GMT
            Not After : May  8 10:01:08 2025 GMT
        Subject: CN=3761b72828c13cc2459d3a39470023fa122f5fcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:90:4b:2e:90:44:9b:fe:54:95:91:ff:fd:c1:
                    92:a4:84:42:13:59:6e:0c:e6:cf:dc:58:6e:e8:50:
                    b2:ff:8d:14:8e:70:41:c3:81:3d:34:20:9e:5b:23:
                    cc:38:d9:23:71:dc:7a:69:90:1c:47:92:27:e1:e9:
                    a5:e2:c4:b8:82:13:4c:dc:50:49:10:d5:62:a8:1a:
                    e3:e2:d9:1d:05:d0:33:08:dc:8a:a3:4d:fe:4f:0c:
                    be:27:cc:0f:74:62:52:dd:da:e6:8a:15:7b:2b:56:
                    3b:e5:30:ab:55:f4:9b:7d:1b:bd:a8:b0:8d:3d:7f:
                    30:cf:be:12:40:65:0a:2e:9b:21:90:9b:99:c6:e0:
                    fd:66:62:ba:3a:1e:fc:97:f2:63:b1:08:cb:41:9b:
                    41:48:27:15:71:97:61:3f:94:46:8b:62:84:a9:98:
                    2c:64:04:8e:85:f0:32:d3:12:c9:20:d2:25:0b:67:
                    c3:bb:80:e6:3a:1c:9c:62:09:54:89:a9:67:38:6c:
                    3b:99:74:26:c2:7c:90:a1:82:c5:3f:2f:1f:ec:32:
                    09:9e:74:47:9c:8a:c7:b9:d4:89:5b:9c:21:7f:bb:
                    48:c3:99:76:98:51:08:c5:49:55:dc:ac:7c:63:28:
                    73:81:fe:5d:3c:54:77:2f:88:c5:ef:b6:e1:63:39:
                    aa:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:61:B7:28:28:C1:3C:C2:45:9D:3A:39:47:00:23:FA:12:2F:5F:CD
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:ee:f3:56:d3:c1:49:27:9f:11:45:f0:0b:66:8a:53:c6:43:
         75:2b:31:e0:f6:25:f7:ce:0f:89:0b:3c:5f:b0:3b:22:36:63:
         be:e2:af:73:67:c2:b2:bd:83:e3:6a:92:b5:d2:bb:69:78:8e:
         66:bd:f4:68:b8:6c:75:de:a6:eb:8f:40:ac:03:a8:b9:06:93:
         09:05:e2:c5:b6:24:ee:65:21:03:c7:cb:e3:35:f5:4c:e7:18:
         19:48:e7:a4:57:00:32:86:0b:e0:10:74:a6:29:1c:a0:28:76:
         c0:1c:92:d9:90:79:7e:7c:b9:e7:6a:5f:90:2b:82:6f:9d:7b:
         d5:c9:03:39:9a:74:1c:a1:20:86:b5:b3:ef:b4:76:16:37:90:
         4f:ad:7f:cc:61:65:e4:a4:a3:4d:50:a7:3c:45:a3:d1:50:14:
         c5:45:5f:85:26:38:e0:5a:0a:22:9a:fa:f0:a0:29:93:26:29:
         97:4d:40:9e:32:88:1a:8e:bf:25:a9:35:33:28:a2:43:fe:45:
         c0:07:f6:30:fe:d7:38:92:6a:65:69:58:35:15:0a:b8:c6:f7:
         5e:72:62:07:50:4f:42:a5:95:37:8a:86:3a:ca:1b:4d:23:cb:
         f1:d7:91:f4:2e:be:61:be:11:d4:ca:ca:0d:8b:dd:31:d4:e7:
         dc:27:63:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaqMR9nNBmk8jWYz5sHQy2hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjUwNTA3MTAwMTA4WhcNMjUwNTA4MTAwMTA4WjAzMTEwLwYDVQQD
EygzNzYxYjcyODI4YzEzY2MyNDU5ZDNhMzk0NzAwMjNmYTEyMmY1ZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6pBLLpBEm/5UlZH//cGSpIRCE1lu
DObP3Fhu6FCy/40UjnBBw4E9NCCeWyPMONkjcdx6aZAcR5In4eml4sS4ghNM3FBJ
ENViqBrj4tkdBdAzCNyKo03+Twy+J8wPdGJS3drmihV7K1Y75TCrVfSbfRu9qLCN
PX8wz74SQGUKLpshkJuZxuD9ZmK6Oh78l/JjsQjLQZtBSCcVcZdhP5RGi2KEqZgs
ZASOhfAy0xLJINIlC2fDu4DmOhycYglUialnOGw7mXQmwnyQoYLFPy8f7DIJnnRH
nIrHudSJW5whf7tIw5l2mFEIxUlV3Kx8Yyhzgf5dPFR3L4jF77bhYzmqQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDdhtygowTzCRZ06OUcAI/oSL1/NMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYu7zVtPB
SSefEUXwC2aKU8ZDdSsx4PYl984PiQs8X7A7IjZjvuKvc2fCsr2D42qStdK7aXiO
Zr30aLhsdd6m649ArAOouQaTCQXixbYk7mUhA8fL4zX1TOcYGUjnpFcAMoYL4BB0
pikcoCh2wByS2ZB5fny552pfkCuCb5171ckDOZp0HKEghrWz77R2FjeQT61/zGFl
5KSjTVCnPEWj0VAUxUVfhSY44FoKIpr68KApkyYpl01AnjKIGo6/Jak1MyiiQ/5F
wAf2MP7XOJJqZWlYNRUKuMb3XnJiB1BPQqWVN4qGOsobTSPL8deR9C6+Yb4R1MrK
DYvdMdTn3CdjEA==
-----END CERTIFICATE-----