Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
File:                     0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft (raw, json)
Hash identifier:          IqY1P3f8wYYsdTU9WJnSsz4vgReroVjh/uN1guMH4gw=
Subject key identifier:   CE:A4:34:0D:C2:24:94:09:A9:20:1E:5B:96:C5:83:1D:EC:93:A6:DA
Authority key identifier: D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0
Certificate issuer:       /CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
Certificate serial:       0196C5A7B409BA4A47768D69C2CAA172A248
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
Manifest number:          0BE2
Signing time:             Mon 12 May 2025 18:00:24 +0000
Manifest this update:     Mon 12 May 2025 18:00:24 +0000
Manifest next update:     Tue 13 May 2025 18:00:24 +0000
Files and hashes:         1: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl (hash: j/gKXjT2RnSWiyn/YrB/h+reQqxptzmVjWkdpDzN4OE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 18:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:a7:b4:09:ba:4a:47:76:8d:69:c2:ca:a1:72:a2:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
        Validity
            Not Before: May 12 18:00:24 2025 GMT
            Not After : May 13 18:00:24 2025 GMT
        Subject: CN=cea4340dc2249409a9201e5b96c5831dec93a6da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:00:19:77:06:b5:25:0f:1e:0e:c0:90:dc:13:
                    27:5f:75:7d:f3:eb:9b:dc:1d:72:a9:87:86:e8:3a:
                    aa:6b:e3:52:b6:6e:02:37:e8:e5:75:21:f4:d4:cc:
                    e0:6d:37:99:b1:9c:07:ad:65:b8:bc:d1:3a:ed:8a:
                    27:3d:41:8e:99:67:d3:e0:67:fc:3c:d4:97:68:47:
                    cb:36:e4:b9:e2:d3:80:04:7e:98:2a:3a:a1:0a:03:
                    f7:4d:42:77:a2:25:3d:d1:69:d5:b9:af:bc:43:f1:
                    5e:b5:d0:25:39:1f:6c:b5:ea:f4:d7:44:62:78:8d:
                    9b:70:41:92:e1:dd:3a:e8:8c:2c:6f:90:75:d9:9a:
                    fc:2c:38:9e:eb:bf:06:21:47:b8:8d:8a:70:bb:91:
                    2a:2d:1e:9e:51:03:22:67:25:7f:d8:f8:1f:e1:ff:
                    62:04:53:00:09:40:64:4a:d4:2d:f5:57:ad:e5:41:
                    b4:fd:22:40:1d:b1:6d:99:a1:21:21:86:2d:49:be:
                    9f:f5:38:77:36:1e:e8:3f:7b:4e:e9:01:e7:39:9b:
                    03:0c:ec:38:0d:cd:bd:f9:75:6d:be:6c:0c:55:59:
                    f2:73:b6:ce:72:27:40:08:e1:ad:93:7f:1c:1e:1b:
                    a9:60:bf:36:bf:18:61:21:a9:57:9f:bc:0b:4e:a7:
                    9d:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:A4:34:0D:C2:24:94:09:A9:20:1E:5B:96:C5:83:1D:EC:93:A6:DA
            X509v3 Authority Key Identifier:
                keyid:D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:40:69:26:d4:16:91:f1:ca:9c:ae:10:b1:4a:20:f6:d3:e9:
         c1:9c:53:18:ee:5e:12:26:45:4c:e3:4d:d5:fd:3a:c7:15:84:
         58:09:71:9b:42:38:43:ad:1e:9b:ad:13:54:7d:a3:be:bc:2a:
         09:a6:69:a7:96:da:80:b3:31:08:3a:da:09:b8:db:81:ec:6b:
         20:ac:ab:63:9c:c1:5c:b9:eb:5f:13:3a:e8:55:2a:5c:37:90:
         bd:a7:4d:36:5d:ed:0f:d0:f0:5c:e4:20:db:af:1b:b6:31:d0:
         05:27:fe:d8:0d:ba:c6:74:1f:fe:ef:b8:49:71:00:71:d9:e3:
         d2:b4:15:78:5d:25:64:33:b8:6d:0b:51:f5:27:d3:70:ac:28:
         63:b2:d9:1a:eb:45:73:84:15:a0:14:e4:a3:db:98:b6:b8:e8:
         d4:24:b3:56:5e:a1:59:14:d6:9f:8a:8b:0e:a7:14:7d:23:17:
         78:07:ce:5c:30:76:ad:fa:17:0f:68:ad:e6:3a:8e:9d:57:89:
         27:d4:b1:c3:7c:49:60:fd:13:d4:0c:f5:13:78:fd:f2:59:10:
         0a:6f:74:4d:4f:a2:4d:07:c6:fc:ae:82:9c:7c:ac:da:db:00:
         5a:5c:72:12:d2:63:76:8c:35:f6:fe:9a:57:3e:a3:33:df:e6:
         e3:81:8c:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFp7QJukpHdo1pwsqhcqJIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGI0YTdkMWU2YWJmZmJjZGE3OGJmYzMzMTI1MGRkMTZi
ZTNkZTAwHhcNMjUwNTEyMTgwMDI0WhcNMjUwNTEzMTgwMDI0WjAzMTEwLwYDVQQD
EyhjZWE0MzQwZGMyMjQ5NDA5YTkyMDFlNWI5NmM1ODMxZGVjOTNhNmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAAZdwa1JQ8eDsCQ3BMnX3V98+ub
3B1yqYeG6Dqqa+NStm4CN+jldSH01MzgbTeZsZwHrWW4vNE67YonPUGOmWfT4Gf8
PNSXaEfLNuS54tOABH6YKjqhCgP3TUJ3oiU90WnVua+8Q/FetdAlOR9ster010Ri
eI2bcEGS4d066Iwsb5B12Zr8LDie678GIUe4jYpwu5EqLR6eUQMiZyV/2Pgf4f9i
BFMACUBkStQt9Vet5UG0/SJAHbFtmaEhIYYtSb6f9Th3Nh7oP3tO6QHnOZsDDOw4
Dc29+XVtvmwMVVnyc7bOcidACOGtk38cHhupYL82vxhhIalXn7wLTqedoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM6kNA3CJJQJqSAeW5bFgx3sk6baMB8GA1UdIwQY
MBaAFNHbSn0ear/7zaeL/DMSUN0Wvj3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjIt
Y2M3OGFmNGU4MDE2LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjItY2M3OGFmNGU4MDE2
LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXEBpJtQW
kfHKnK4QsUog9tPpwZxTGO5eEiZFTONN1f06xxWEWAlxm0I4Q60em60TVH2jvrwq
CaZpp5bagLMxCDraCbjbgexrIKyrY5zBXLnrXxM66FUqXDeQvadNNl3tD9DwXOQg
268btjHQBSf+2A26xnQf/u+4SXEAcdnj0rQVeF0lZDO4bQtR9SfTcKwoY7LZGutF
c4QVoBTko9uYtrjo1CSzVl6hWRTWn4qLDqcUfSMXeAfOXDB2rfoXD2it5jqOnVeJ
J9Sxw3xJYP0T1Az1E3j98lkQCm90TU+iTQfG/K6CnHys2tsAWlxyEtJjdow19v6a
Vz6jM9/m44GMWA==
-----END CERTIFICATE-----