Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
File:                     DY05iX3-Ia7thQlskKRzlvyknUE.mft (raw, json)
Hash identifier:          CLv8AcAh4RMGRZLEK375V8bXwrPdOObss6M4TbPLBOg=
Subject key identifier:   B4:52:76:F4:A9:30:06:0E:6C:F5:05:BC:40:A8:13:26:DC:87:84:52
Authority key identifier: 0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41
Certificate issuer:       /CN=0d8d39897dfe21aeed85096c90a47396fca49d41
Certificate serial:       0196BB91E55879EE76B80B8074BFDC75AF09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
Manifest number:          14C1
Signing time:             Sat 10 May 2025 19:00:22 +0000
Manifest this update:     Sat 10 May 2025 19:00:22 +0000
Manifest next update:     Sun 11 May 2025 19:00:22 +0000
Files and hashes:         1: DY05iX3-Ia7thQlskKRzlvyknUE.crl (hash: caknCTuuV735PhciS+8utE3wzNy14r3c4jEwqTiOxyo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 19:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:91:e5:58:79:ee:76:b8:0b:80:74:bf:dc:75:af:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d8d39897dfe21aeed85096c90a47396fca49d41
        Validity
            Not Before: May 10 19:00:22 2025 GMT
            Not After : May 11 19:00:22 2025 GMT
        Subject: CN=b45276f4a930060e6cf505bc40a81326dc878452
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:27:5d:d6:b4:d5:d5:0f:0f:f1:11:27:af:a0:
                    01:12:eb:0a:b3:79:5e:30:56:38:44:d0:25:7b:e5:
                    ec:bc:c4:d3:00:7d:db:31:62:05:ee:11:d2:75:99:
                    fd:f3:77:6f:55:7d:71:83:87:83:7d:d9:ca:e9:e2:
                    ec:45:d6:ce:e2:61:67:b6:f3:9c:66:2e:94:ac:36:
                    9e:ca:94:e9:f1:e9:25:bf:6a:8f:02:09:8b:84:4c:
                    a4:03:37:ff:a2:64:0d:00:99:67:00:3a:39:76:9d:
                    b3:a1:72:b7:71:05:6d:e5:b1:b7:34:57:7c:f7:fc:
                    f6:96:3b:94:8b:75:b0:d7:99:af:77:e3:ec:ae:e6:
                    6a:86:0a:ba:da:a0:98:17:37:4b:37:a5:d5:cd:4c:
                    74:f4:34:82:28:53:18:af:74:eb:c8:09:86:df:1f:
                    ad:1d:ab:9f:3e:b4:86:1f:54:10:6e:e9:d9:c5:9e:
                    9c:1a:0a:62:e1:e6:71:e6:7d:68:fa:bf:fd:36:7d:
                    70:82:47:83:af:51:44:d3:45:9e:1c:0a:76:b9:a6:
                    0c:02:bf:8b:38:4e:55:6a:b9:02:17:53:68:cb:5e:
                    b9:ec:7b:07:2b:b7:ea:0b:b2:61:0e:9e:2e:57:7f:
                    21:32:13:19:a1:dc:ec:3b:48:c2:db:f0:23:3e:b4:
                    96:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:52:76:F4:A9:30:06:0E:6C:F5:05:BC:40:A8:13:26:DC:87:84:52
            X509v3 Authority Key Identifier:
                keyid:0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:91:9f:98:7d:b4:dc:a0:9f:ee:d0:d4:4b:3b:2f:00:57:2a:
         a6:09:9d:f6:65:3c:9d:80:a0:6b:1f:2b:33:13:94:3d:f8:0b:
         7a:ad:61:d1:89:50:8a:37:7a:6e:32:8b:47:9b:f6:b7:3d:1b:
         9d:85:9e:0b:27:0f:dd:ad:aa:b4:8b:a0:a5:cb:69:0d:5a:a1:
         bd:98:43:1e:b4:ed:8b:51:da:60:7c:37:b4:ae:77:0b:9c:89:
         af:4a:69:7a:fe:05:82:1d:f5:d0:b9:02:b0:3d:c2:ba:7a:cc:
         59:a4:70:b8:09:e5:ea:c0:b2:58:b4:f4:ae:66:78:37:82:2a:
         f0:b3:27:e1:01:b7:af:f9:cc:ed:b1:ef:12:17:5f:64:0d:6c:
         6b:08:da:21:d5:43:58:4d:71:1b:05:7c:75:95:0a:7e:93:d6:
         dc:0e:cb:25:c0:6e:ca:11:03:c9:2c:6f:69:61:28:d3:91:55:
         8b:e8:07:84:d6:f4:48:6e:cf:82:c1:44:10:06:49:40:5f:94:
         2f:3e:c2:dd:97:fe:6b:cf:6a:d4:3f:52:b9:39:83:b9:fe:5b:
         c2:9a:73:a9:76:99:d2:3b:e3:60:34:79:10:28:7f:44:53:06:
         80:f6:b5:ee:c5:94:38:30:89:cf:87:4d:c5:94:45:0f:d6:fd:
         29:00:81:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7keVYee52uAuAdL/cda8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGQzOTg5N2RmZTIxYWVlZDg1MDk2YzkwYTQ3Mzk2ZmNh
NDlkNDEwHhcNMjUwNTEwMTkwMDIyWhcNMjUwNTExMTkwMDIyWjAzMTEwLwYDVQQD
EyhiNDUyNzZmNGE5MzAwNjBlNmNmNTA1YmM0MGE4MTMyNmRjODc4NDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Cdd1rTV1Q8P8REnr6ABEusKs3le
MFY4RNAle+XsvMTTAH3bMWIF7hHSdZn983dvVX1xg4eDfdnK6eLsRdbO4mFntvOc
Zi6UrDaeypTp8eklv2qPAgmLhEykAzf/omQNAJlnADo5dp2zoXK3cQVt5bG3NFd8
9/z2ljuUi3Ww15mvd+PsruZqhgq62qCYFzdLN6XVzUx09DSCKFMYr3TryAmG3x+t
HaufPrSGH1QQbunZxZ6cGgpi4eZx5n1o+r/9Nn1wgkeDr1FE00WeHAp2uaYMAr+L
OE5VarkCF1Noy1657HsHK7fqC7JhDp4uV38hMhMZodzsO0jC2/AjPrSWiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLRSdvSpMAYObPUFvECoEybch4RSMB8GA1UdIwQY
MBaAFA2NOYl9/iGu7YUJbJCkc5b8pJ1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAt
YmU4MjMxMDk4NTVlLzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAtYmU4MjMxMDk4NTVl
LzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPZGfmH20
3KCf7tDUSzsvAFcqpgmd9mU8nYCgax8rMxOUPfgLeq1h0YlQijd6bjKLR5v2tz0b
nYWeCycP3a2qtIugpctpDVqhvZhDHrTti1HaYHw3tK53C5yJr0ppev4Fgh310LkC
sD3CunrMWaRwuAnl6sCyWLT0rmZ4N4Iq8LMn4QG3r/nM7bHvEhdfZA1sawjaIdVD
WE1xGwV8dZUKfpPW3A7LJcBuyhEDySxvaWEo05FVi+gHhNb0SG7PgsFEEAZJQF+U
Lz7C3Zf+a89q1D9SuTmDuf5bwppzqXaZ0jvjYDR5ECh/RFMGgPa17sWUODCJz4dN
xZRFD9b9KQCBeg==
-----END CERTIFICATE-----