Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/4c8208-ba30-4716-a6c8-84f3524626bd/1/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.mft
File:                     DlbJ5Y2Wrx5BMNciQiEZKywTKlw.mft (raw, json)
Hash identifier:          nHv3q1ENztcrbfrzMOQMeC65E6o/11AJkfMQ2E0k4oI=
Subject key identifier:   08:52:9D:01:56:64:CC:08:19:3A:56:61:18:CD:55:3B:C3:89:40:82
Authority key identifier: 0E:56:C9:E5:8D:96:AF:1E:41:30:D7:22:42:21:19:2B:2C:13:2A:5C
Certificate issuer:       /CN=0e56c9e58d96af1e4130d7224221192b2c132a5c
Certificate serial:       0196C728A9332D2DBD2C7DF268A11E529FC9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/4c8208-ba30-4716-a6c8-84f3524626bd/1/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.mft
Manifest number:          14CA
Signing time:             Tue 13 May 2025 01:00:52 +0000
Manifest this update:     Tue 13 May 2025 01:00:52 +0000
Manifest next update:     Wed 14 May 2025 01:00:52 +0000
Files and hashes:         1: DlbJ5Y2Wrx5BMNciQiEZKywTKlw.crl (hash: kGvKeUG1UB7wZHVzswbVQF9aSD7zI/+TAwiu6H6g7to=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/4c8208-ba30-4716-a6c8-84f3524626bd/1/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/4c8208-ba30-4716-a6c8-84f3524626bd/1/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 01:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c7:28:a9:33:2d:2d:bd:2c:7d:f2:68:a1:1e:52:9f:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e56c9e58d96af1e4130d7224221192b2c132a5c
        Validity
            Not Before: May 13 01:00:52 2025 GMT
            Not After : May 14 01:00:52 2025 GMT
        Subject: CN=08529d015664cc08193a566118cd553bc3894082
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:64:ef:e2:21:24:d4:65:60:80:32:45:47:f6:
                    63:47:1b:84:6e:2c:75:7f:43:e7:f8:2d:5d:20:01:
                    c4:8e:f5:47:27:0f:ab:3d:c0:22:21:68:1e:77:30:
                    23:e0:91:45:a3:ee:62:49:0a:29:fe:05:0d:4c:1f:
                    db:df:c3:4d:c3:eb:17:2d:f3:15:7a:9f:1e:90:75:
                    74:d3:ab:1e:be:08:53:11:7a:f2:cf:27:82:91:ba:
                    79:63:25:96:3f:aa:1e:a0:1d:7e:02:ad:26:e4:35:
                    a2:65:c2:7a:8d:f3:1f:f2:05:66:a4:24:dd:f4:b9:
                    6c:16:26:f5:16:88:cd:ed:84:d0:9b:72:2a:82:a5:
                    58:f1:0b:67:98:a7:6d:a9:00:3a:b9:7a:08:37:4f:
                    fa:c2:8a:76:91:d0:cd:62:d5:00:2e:ec:69:e6:1b:
                    b9:fb:02:fb:e0:4c:87:23:9d:0b:8e:98:da:87:a0:
                    42:da:35:89:f5:0b:1d:f7:f4:cc:53:0d:6a:02:9a:
                    43:59:58:26:c3:92:28:58:65:62:97:76:ef:dc:1d:
                    3b:e1:50:5b:33:e5:5a:a1:25:55:3b:f9:a2:da:7e:
                    93:c4:ca:83:71:bf:21:93:ea:2b:6e:fc:66:3e:2e:
                    dd:68:de:59:f8:d3:aa:ec:5d:0e:ea:f3:6a:d6:ca:
                    37:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:52:9D:01:56:64:CC:08:19:3A:56:61:18:CD:55:3B:C3:89:40:82
            X509v3 Authority Key Identifier:
                keyid:0E:56:C9:E5:8D:96:AF:1E:41:30:D7:22:42:21:19:2B:2C:13:2A:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4c8208-ba30-4716-a6c8-84f3524626bd/1/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4c8208-ba30-4716-a6c8-84f3524626bd/1/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:cc:3b:92:54:9e:76:89:df:43:7e:23:8e:da:48:33:9a:dc:
         1c:92:01:1e:bf:fc:79:94:56:88:20:1f:32:68:dd:9a:18:26:
         38:51:88:c4:94:90:ff:30:6f:50:77:79:0f:f8:38:89:ac:fd:
         8d:48:35:50:06:d9:f0:45:70:21:bb:e0:56:a4:ff:a3:c5:f5:
         95:c8:78:0d:c7:5c:a1:11:4b:50:a4:25:e4:6e:ae:4e:db:79:
         ea:62:80:91:ab:2b:ac:c4:b4:b6:4a:6d:f5:1f:d1:c8:a2:9b:
         39:f8:f4:a7:f5:ed:85:74:d2:b6:7f:55:a6:2c:bd:61:81:e3:
         66:a1:df:4b:2f:28:ba:a2:df:fb:7a:8b:34:0c:01:7e:b4:10:
         02:89:13:50:bd:aa:16:3e:7f:a6:19:1b:fb:66:16:79:44:1e:
         5a:11:b9:9a:0c:25:8b:d6:2b:a5:c2:94:25:ef:85:ad:ec:ae:
         49:22:63:48:72:52:f7:68:8b:f7:05:2c:0a:7c:d3:2e:93:6b:
         d8:c2:6d:c7:cd:78:f9:06:23:6b:96:96:99:13:3b:87:c7:38:
         dd:ba:41:81:03:db:4c:32:c2:05:34:aa:e7:ed:34:bb:c0:f6:
         38:34:e1:07:b6:1a:2e:51:9a:cd:ae:20:39:0c:2f:f1:aa:9c:
         6c:92:88:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbHKKkzLS29LH3yaKEeUp/JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNTZjOWU1OGQ5NmFmMWU0MTMwZDcyMjQyMjExOTJiMmMx
MzJhNWMwHhcNMjUwNTEzMDEwMDUyWhcNMjUwNTE0MDEwMDUyWjAzMTEwLwYDVQQD
EygwODUyOWQwMTU2NjRjYzA4MTkzYTU2NjExOGNkNTUzYmMzODk0MDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmTv4iEk1GVggDJFR/ZjRxuEbix1
f0Pn+C1dIAHEjvVHJw+rPcAiIWgedzAj4JFFo+5iSQop/gUNTB/b38NNw+sXLfMV
ep8ekHV006sevghTEXryzyeCkbp5YyWWP6oeoB1+Aq0m5DWiZcJ6jfMf8gVmpCTd
9LlsFib1FojN7YTQm3IqgqVY8QtnmKdtqQA6uXoIN0/6wop2kdDNYtUALuxp5hu5
+wL74EyHI50Ljpjah6BC2jWJ9Qsd9/TMUw1qAppDWVgmw5IoWGVil3bv3B074VBb
M+VaoSVVO/mi2n6TxMqDcb8hk+orbvxmPi7daN5Z+NOq7F0O6vNq1so3qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAhSnQFWZMwIGTpWYRjNVTvDiUCCMB8GA1UdIwQY
MBaAFA5WyeWNlq8eQTDXIkIhGSssEypcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGxiSjVZMldyeDVCTU5jaVFpRVpLeXdUS2x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC80YzgyMDgtYmEzMC00NzE2LWE2Yzgt
ODRmMzUyNDYyNmJkLzEvRGxiSjVZMldyeDVCTU5jaVFpRVpLeXdUS2x3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC80YzgyMDgtYmEzMC00NzE2LWE2YzgtODRmMzUyNDYyNmJk
LzEvRGxiSjVZMldyeDVCTU5jaVFpRVpLeXdUS2x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT8w7klSe
donfQ34jjtpIM5rcHJIBHr/8eZRWiCAfMmjdmhgmOFGIxJSQ/zBvUHd5D/g4iaz9
jUg1UAbZ8EVwIbvgVqT/o8X1lch4DcdcoRFLUKQl5G6uTtt56mKAkasrrMS0tkpt
9R/RyKKbOfj0p/XthXTStn9Vpiy9YYHjZqHfSy8ouqLf+3qLNAwBfrQQAokTUL2q
Fj5/phkb+2YWeUQeWhG5mgwli9YrpcKUJe+FreyuSSJjSHJS92iL9wUsCnzTLpNr
2MJtx814+QYja5aWmRM7h8c43bpBgQPbTDLCBTSq5+00u8D2ODThB7YaLlGaza4g
OQwv8aqcbJKIAQ==
-----END CERTIFICATE-----