Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.mft
File:                     DdgdNYjH4QqJmw0EgVZubZSNrdA.mft (raw, json)
Hash identifier:          8Ycithso9Mws5PvQeM51otI3fI2wR8Q/yZS4f/Jowb4=
Subject key identifier:   B4:84:09:85:32:80:5C:3B:A1:B8:CD:C1:FC:C1:25:7D:33:42:06:C0
Authority key identifier: 0D:D8:1D:35:88:C7:E1:0A:89:9B:0D:04:81:56:6E:6D:94:8D:AD:D0
Certificate issuer:       /CN=0dd81d3588c7e10a899b0d0481566e6d948dadd0
Certificate serial:       0196BCDBCF85699F9886784F44ECA3418467
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DdgdNYjH4QqJmw0EgVZubZSNrdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.mft
Manifest number:          1530
Signing time:             Sun 11 May 2025 01:00:44 +0000
Manifest this update:     Sun 11 May 2025 01:00:44 +0000
Manifest next update:     Mon 12 May 2025 01:00:44 +0000
Files and hashes:         1: DdgdNYjH4QqJmw0EgVZubZSNrdA.crl (hash: CFjlZTEb09mz7S1qr8vtKhAP/NgfdLZYL53vK4vyc5w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DdgdNYjH4QqJmw0EgVZubZSNrdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bc:db:cf:85:69:9f:98:86:78:4f:44:ec:a3:41:84:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0dd81d3588c7e10a899b0d0481566e6d948dadd0
        Validity
            Not Before: May 11 01:00:44 2025 GMT
            Not After : May 12 01:00:44 2025 GMT
        Subject: CN=b484098532805c3ba1b8cdc1fcc1257d334206c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:65:44:16:69:e6:4b:68:a9:d3:f1:25:b5:d5:
                    7c:15:6d:94:ab:4b:b9:19:e4:99:8d:41:a3:6a:4b:
                    1a:1c:c0:74:29:f0:40:bf:99:91:29:2b:5b:4f:3f:
                    8b:da:33:24:ee:c1:8e:c5:f6:f2:1a:81:1b:04:fc:
                    7c:62:da:9d:a9:1c:83:c9:50:ab:5c:a8:c9:7e:8b:
                    72:9f:03:93:cf:a2:f1:ae:64:6f:69:97:d5:d9:40:
                    36:a8:2f:d2:c0:94:99:a7:33:32:34:77:70:33:e5:
                    a2:c5:08:79:69:7d:d9:65:0a:66:97:31:b9:9f:9e:
                    55:4e:ab:e7:0d:92:06:67:78:46:4d:50:c1:e8:ee:
                    27:1d:b6:99:88:d9:df:c2:d7:84:ec:73:71:df:41:
                    d9:2e:ad:17:81:2c:fc:4e:a8:41:d6:16:25:e4:cc:
                    ef:e9:9b:38:99:8e:e9:d1:eb:0b:66:bd:94:1b:ce:
                    7a:8d:9c:78:58:eb:5e:15:87:ee:0f:9b:ef:2f:65:
                    b3:5d:d7:04:fe:d4:54:ce:18:35:17:47:db:64:30:
                    bf:9a:fd:ed:0d:2a:de:ff:fd:78:dd:ab:2b:9e:f9:
                    e0:ce:07:61:ed:51:1a:47:72:06:85:88:84:59:18:
                    5a:c8:bd:84:77:9c:7a:2c:37:5d:32:e2:8e:bc:67:
                    39:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:84:09:85:32:80:5C:3B:A1:B8:CD:C1:FC:C1:25:7D:33:42:06:C0
            X509v3 Authority Key Identifier:
                keyid:0D:D8:1D:35:88:C7:E1:0A:89:9B:0D:04:81:56:6E:6D:94:8D:AD:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdgdNYjH4QqJmw0EgVZubZSNrdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:04:16:6c:f9:5d:02:6d:70:bd:9a:d6:19:5c:f8:f3:83:04:
         a9:3a:19:0e:be:e6:95:8e:a1:6f:74:91:7f:52:64:05:ec:44:
         4e:13:88:08:be:a0:50:f7:15:f2:15:0f:65:3a:6b:69:fc:67:
         2e:e8:a2:c1:8a:ae:53:2f:0e:3d:ac:67:35:f4:1b:00:bc:7f:
         3a:d6:24:4a:08:d8:70:1a:33:4b:5b:f5:4f:87:af:21:31:9c:
         31:27:27:7d:f6:b7:0f:aa:89:54:8a:4b:a0:9b:a4:08:34:10:
         1f:fd:80:f6:f9:6c:d5:5b:e5:ef:a7:e9:db:ad:54:c0:74:92:
         37:32:61:eb:db:cf:4b:5e:18:46:a6:21:90:f4:f9:18:e9:ec:
         e1:a2:e5:7a:4b:e4:0d:ef:df:03:f4:5c:4b:55:d3:1a:c7:4c:
         ea:84:ac:d0:43:a6:4f:34:51:dc:05:05:24:92:0b:de:f0:83:
         c8:3c:2f:3e:08:18:12:2e:e4:53:79:22:2e:d7:91:9c:1e:be:
         7b:eb:06:c1:d2:68:1a:82:cc:87:8d:0a:7a:bf:fe:f8:fd:2a:
         e1:66:bb:c9:50:99:bf:d4:b4:84:44:20:e8:c3:8b:c6:e3:e5:
         ff:8d:09:38:a2:5e:5b:8b:3a:78:ae:9e:d6:eb:b4:de:d8:bf:
         b8:4a:96:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa828+FaZ+YhnhPROyjQYRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZDgxZDM1ODhjN2UxMGE4OTliMGQwNDgxNTY2ZTZkOTQ4
ZGFkZDAwHhcNMjUwNTExMDEwMDQ0WhcNMjUwNTEyMDEwMDQ0WjAzMTEwLwYDVQQD
EyhiNDg0MDk4NTMyODA1YzNiYTFiOGNkYzFmY2MxMjU3ZDMzNDIwNmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWVEFmnmS2ip0/EltdV8FW2Uq0u5
GeSZjUGjaksaHMB0KfBAv5mRKStbTz+L2jMk7sGOxfbyGoEbBPx8YtqdqRyDyVCr
XKjJfotynwOTz6LxrmRvaZfV2UA2qC/SwJSZpzMyNHdwM+WixQh5aX3ZZQpmlzG5
n55VTqvnDZIGZ3hGTVDB6O4nHbaZiNnfwteE7HNx30HZLq0XgSz8TqhB1hYl5Mzv
6Zs4mY7p0esLZr2UG856jZx4WOteFYfuD5vvL2WzXdcE/tRUzhg1F0fbZDC/mv3t
DSre//143asrnvngzgdh7VEaR3IGhYiEWRhayL2Ed5x6LDddMuKOvGc5RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSECYUygFw7objNwfzBJX0zQgbAMB8GA1UdIwQY
MBaAFA3YHTWIx+EKiZsNBIFWbm2Uja3QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGRnZE5Zakg0UXFKbXcwRWdWWnViWlNOcmRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lODZmNWYtMTE1ZS00ZTkyLWFjMzkt
Yzc2YjhkYjVhZDE0LzEvRGRnZE5Zakg0UXFKbXcwRWdWWnViWlNOcmRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lODZmNWYtMTE1ZS00ZTkyLWFjMzktYzc2YjhkYjVhZDE0
LzEvRGRnZE5Zakg0UXFKbXcwRWdWWnViWlNOcmRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaQQWbPld
Am1wvZrWGVz484MEqToZDr7mlY6hb3SRf1JkBexEThOICL6gUPcV8hUPZTprafxn
LuiiwYquUy8OPaxnNfQbALx/OtYkSgjYcBozS1v1T4evITGcMScnffa3D6qJVIpL
oJukCDQQH/2A9vls1Vvl76fp261UwHSSNzJh69vPS14YRqYhkPT5GOns4aLlekvk
De/fA/RcS1XTGsdM6oSs0EOmTzRR3AUFJJIL3vCDyDwvPggYEi7kU3kiLteRnB6+
e+sGwdJoGoLMh40Ker/++P0q4Wa7yVCZv9S0hEQg6MOLxuPl/40JOKJeW4s6eK6e
1uu03ti/uEqW6w==
-----END CERTIFICATE-----