Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
File:                     DY05iX3-Ia7thQlskKRzlvyknUE.mft (raw, json)
Hash identifier:          tfar18UOWJKDuC8ntkC4U8P45fwHmYpFlL2TE1pi+NQ=
Subject key identifier:   D5:21:D7:E5:0C:10:2A:29:44:8C:54:78:27:63:B1:7F:90:B1:87:5B
Authority key identifier: 0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41
Certificate issuer:       /CN=0d8d39897dfe21aeed85096c90a47396fca49d41
Certificate serial:       0197B6A16FD47C52A22339A626EB9E4B2198
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
Manifest number:          1543
Signing time:             Sat 28 Jun 2025 13:02:02 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:02 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:02 +0000
Files and hashes:         1: DY05iX3-Ia7thQlskKRzlvyknUE.crl (hash: YjsPHbeVO+h6soo14q6FRm/iyl6lEY2XCHNFCrkH8o0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:6f:d4:7c:52:a2:23:39:a6:26:eb:9e:4b:21:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d8d39897dfe21aeed85096c90a47396fca49d41
        Validity
            Not Before: Jun 28 13:02:02 2025 GMT
            Not After : Jun 29 13:02:02 2025 GMT
        Subject: CN=d521d7e50c102a29448c54782763b17f90b1875b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:0c:26:31:a0:ef:ac:ae:f4:b5:cd:37:7a:68:
                    a0:2a:2d:67:f0:fb:5b:d5:6c:17:95:b2:0d:1a:3e:
                    50:ff:12:7f:ae:f3:49:03:39:92:f8:99:97:5c:22:
                    b9:b8:5d:9a:a8:29:27:73:da:e5:0b:04:36:88:a2:
                    9b:42:00:80:5c:f0:40:1d:60:ac:a6:a7:31:b8:2a:
                    33:c2:2f:fd:61:41:38:bc:d6:da:37:30:77:17:cf:
                    d2:e2:36:c1:60:1c:ae:8e:8f:19:d5:75:0f:84:ab:
                    26:18:af:db:6f:c0:0d:f2:ec:4d:a6:7a:12:1d:64:
                    df:e4:d3:6a:4f:47:c9:58:86:ea:7a:8c:d3:a2:73:
                    b7:95:b2:38:2c:51:53:6b:bb:b5:93:24:6a:3d:d2:
                    86:80:a2:bd:73:1f:88:84:1d:c5:a7:59:f3:a8:75:
                    48:3c:e2:47:fd:82:41:31:fc:af:a0:54:4c:5a:0c:
                    8d:c4:52:ad:03:aa:d5:42:8e:4d:59:8a:fa:29:b5:
                    0e:b5:c1:d3:4e:0e:8c:89:2c:d9:2b:4d:b9:b2:ea:
                    ba:3f:ab:88:54:9c:0e:89:a6:a1:1f:8f:18:65:89:
                    bb:90:8a:bc:fc:24:af:47:09:07:18:2f:87:f1:5c:
                    f0:f5:6c:ff:f2:2c:d6:3f:56:85:eb:70:41:0a:c2:
                    95:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:21:D7:E5:0C:10:2A:29:44:8C:54:78:27:63:B1:7F:90:B1:87:5B
            X509v3 Authority Key Identifier:
                keyid:0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:70:38:dd:5e:45:0c:b1:50:90:9a:57:20:b3:fa:ef:4a:9b:
         c7:1a:b2:14:dd:1d:d9:4c:f5:14:41:11:19:da:31:70:fa:44:
         2f:3e:d0:6e:7a:85:b0:4f:08:64:7b:eb:01:90:f7:f6:4e:22:
         a8:da:1d:b3:5b:5a:e7:52:6b:52:8f:a9:6f:22:59:ef:1b:da:
         52:24:76:51:33:98:64:4c:55:20:86:fa:0e:29:85:1f:81:8a:
         1b:15:36:b2:e8:4f:00:b9:df:14:fb:ba:cb:7c:17:23:b8:66:
         e0:5b:3c:43:be:1b:5a:92:76:f0:15:27:c8:fc:cd:fe:7a:28:
         ee:e7:b1:e0:62:c3:08:10:eb:77:6d:fa:54:65:5f:b5:4a:e9:
         cf:8c:d3:88:63:ba:f1:d0:69:01:4c:82:2e:4c:6c:4d:3e:54:
         d1:77:01:d4:6a:00:6c:0b:28:31:8f:97:84:62:75:aa:bd:c1:
         34:fa:64:d2:91:9d:2d:47:45:25:1f:d0:6f:7f:8d:03:1c:7f:
         4d:2d:47:b2:48:30:91:ef:59:22:32:3c:23:2e:77:8f:9f:44:
         51:92:4b:c1:7d:2e:48:10:8d:23:c3:2a:65:55:0b:a8:09:ac:
         84:a7:ea:f6:45:52:a1:aa:c3:0b:52:2f:3b:f1:63:68:76:f7:
         b5:9c:cd:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oW/UfFKiIzmmJuueSyGYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGQzOTg5N2RmZTIxYWVlZDg1MDk2YzkwYTQ3Mzk2ZmNh
NDlkNDEwHhcNMjUwNjI4MTMwMjAyWhcNMjUwNjI5MTMwMjAyWjAzMTEwLwYDVQQD
EyhkNTIxZDdlNTBjMTAyYTI5NDQ4YzU0NzgyNzYzYjE3ZjkwYjE4NzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQwmMaDvrK70tc03emigKi1n8Ptb
1WwXlbINGj5Q/xJ/rvNJAzmS+JmXXCK5uF2aqCknc9rlCwQ2iKKbQgCAXPBAHWCs
pqcxuCozwi/9YUE4vNbaNzB3F8/S4jbBYByujo8Z1XUPhKsmGK/bb8AN8uxNpnoS
HWTf5NNqT0fJWIbqeozTonO3lbI4LFFTa7u1kyRqPdKGgKK9cx+IhB3Fp1nzqHVI
POJH/YJBMfyvoFRMWgyNxFKtA6rVQo5NWYr6KbUOtcHTTg6MiSzZK025suq6P6uI
VJwOiaahH48YZYm7kIq8/CSvRwkHGC+H8Vzw9Wz/8izWP1aF63BBCsKVKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNUh1+UMECopRIxUeCdjsX+QsYdbMB8GA1UdIwQY
MBaAFA2NOYl9/iGu7YUJbJCkc5b8pJ1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAt
YmU4MjMxMDk4NTVlLzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAtYmU4MjMxMDk4NTVl
LzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP3A43V5F
DLFQkJpXILP670qbxxqyFN0d2Uz1FEERGdoxcPpELz7QbnqFsE8IZHvrAZD39k4i
qNods1ta51JrUo+pbyJZ7xvaUiR2UTOYZExVIIb6DimFH4GKGxU2suhPALnfFPu6
y3wXI7hm4Fs8Q74bWpJ28BUnyPzN/noo7uex4GLDCBDrd236VGVftUrpz4zTiGO6
8dBpAUyCLkxsTT5U0XcB1GoAbAsoMY+XhGJ1qr3BNPpk0pGdLUdFJR/Qb3+NAxx/
TS1Hskgwke9ZIjI8Iy53j59EUZJLwX0uSBCNI8MqZVULqAmshKfq9kVSoarDC1Iv
O/FjaHb3tZzNbg==
-----END CERTIFICATE-----