Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          zwa2WgU7OEOMrIp22QCTzBy/kEuXed/ZFSbPQIqgpZI=
Subject key identifier:   E5:C4:EF:6B:AC:2F:9B:84:8A:EA:84:64:D6:11:A4:67:22:02:E2:9E
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       0196C539ECD038E2DEBC74BD943D63A77B5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          0522
Signing time:             Mon 12 May 2025 16:00:29 +0000
Manifest this update:     Mon 12 May 2025 16:00:29 +0000
Manifest next update:     Tue 13 May 2025 16:00:29 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: Gmi9Fl/R3wX+8UI2XR5Vsoz0evLkO1HVsY1WiQLDe74=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:39:ec:d0:38:e2:de:bc:74:bd:94:3d:63:a7:7b:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: May 12 16:00:29 2025 GMT
            Not After : May 13 16:00:29 2025 GMT
        Subject: CN=e5c4ef6bac2f9b848aea8464d611a4672202e29e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:05:69:65:03:ef:a0:ec:84:5d:b0:73:b2:29:
                    de:99:92:5c:59:46:5e:16:3e:0a:e7:68:5a:0e:26:
                    5f:aa:ee:c4:b2:19:09:fc:6c:07:85:15:e9:e1:10:
                    48:13:fc:5e:e0:52:e8:3c:eb:00:c4:6c:d3:a7:d5:
                    22:bd:cc:7d:a5:8c:26:b7:c9:44:6e:aa:c5:e7:75:
                    ac:99:be:29:8b:33:fa:b0:2a:0e:d1:cb:ff:9d:6f:
                    51:a4:93:9f:f7:51:e0:b4:6a:53:12:bb:54:4b:9c:
                    54:97:f4:ca:0a:47:bf:fb:d5:63:e2:ad:53:04:27:
                    62:d4:9a:75:95:25:c9:e6:f9:09:33:cd:47:c2:75:
                    c4:bc:36:f6:e9:19:ea:95:25:ef:d6:91:91:9e:19:
                    b3:d2:f0:9c:84:1f:99:bc:c5:5e:e0:d9:b0:ac:5b:
                    42:13:52:6d:e6:6c:c9:73:26:27:f9:67:ea:e3:26:
                    8f:09:56:b7:3d:cd:22:98:b5:45:98:33:bf:97:d4:
                    5e:26:6b:53:e9:01:ab:02:50:e3:5d:bb:a8:67:9d:
                    4c:bb:b1:72:39:64:7c:e0:ce:27:ea:46:cd:75:fc:
                    c4:51:09:1a:4f:25:87:f4:13:81:e8:a4:4d:85:8b:
                    fa:43:12:cf:14:df:dc:1d:fe:0a:59:49:16:49:de:
                    13:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:C4:EF:6B:AC:2F:9B:84:8A:EA:84:64:D6:11:A4:67:22:02:E2:9E
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:76:11:e2:67:6e:90:12:cd:b5:c8:49:ab:d1:3d:c9:f6:b2:
         eb:b0:1f:32:47:7d:f3:24:f8:f6:d5:98:72:a5:31:9c:6f:89:
         da:01:e0:e5:5f:66:f3:0d:f7:33:67:a6:19:41:eb:e1:94:35:
         f3:e7:34:4e:e6:c0:55:5d:f0:17:23:3a:92:8a:0c:65:e3:24:
         41:d0:78:db:db:f9:73:df:2f:95:2a:b8:60:c5:d5:80:f2:01:
         6a:d1:35:9a:f4:3a:25:85:68:e2:cd:b2:df:9b:44:08:f9:70:
         5e:d2:0a:6f:3b:fb:26:6c:3b:3e:21:f9:5b:65:cb:3d:4f:20:
         6d:cb:36:ed:22:e8:8c:e9:4c:b2:4f:9c:72:8c:a2:5e:59:58:
         e7:2c:22:e3:02:f7:75:b9:3b:67:0e:38:7b:99:75:68:f9:42:
         ec:7a:66:47:93:d1:19:40:aa:47:cb:73:94:a7:a6:c6:11:d5:
         96:85:a9:5c:7e:ed:87:17:a7:65:5d:4d:40:3f:31:7d:1a:f7:
         f8:c9:a0:1e:ec:60:0d:a7:dd:e5:26:b8:0b:55:8c:0a:fb:5c:
         87:f8:f6:c9:90:8a:87:4a:3c:6a:c7:b2:b2:38:cc:dc:87:9a:
         0a:e6:2d:35:06:9a:12:fa:50:6b:4a:e0:a1:c3:68:9a:b8:68:
         79:57:c1:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFOezQOOLevHS9lD1jp3taMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjUwNTEyMTYwMDI5WhcNMjUwNTEzMTYwMDI5WjAzMTEwLwYDVQQD
EyhlNWM0ZWY2YmFjMmY5Yjg0OGFlYTg0NjRkNjExYTQ2NzIyMDJlMjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwVpZQPvoOyEXbBzsinemZJcWUZe
Fj4K52haDiZfqu7EshkJ/GwHhRXp4RBIE/xe4FLoPOsAxGzTp9Uivcx9pYwmt8lE
bqrF53Wsmb4pizP6sCoO0cv/nW9RpJOf91HgtGpTErtUS5xUl/TKCke/+9Vj4q1T
BCdi1Jp1lSXJ5vkJM81HwnXEvDb26RnqlSXv1pGRnhmz0vCchB+ZvMVe4NmwrFtC
E1Jt5mzJcyYn+Wfq4yaPCVa3Pc0imLVFmDO/l9ReJmtT6QGrAlDjXbuoZ51Mu7Fy
OWR84M4n6kbNdfzEUQkaTyWH9BOB6KRNhYv6QxLPFN/cHf4KWUkWSd4TQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOXE72usL5uEiuqEZNYRpGciAuKeMB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgnYR4mdu
kBLNtchJq9E9yfay67AfMkd98yT49tWYcqUxnG+J2gHg5V9m8w33M2emGUHr4ZQ1
8+c0TubAVV3wFyM6kooMZeMkQdB429v5c98vlSq4YMXVgPIBatE1mvQ6JYVo4s2y
35tECPlwXtIKbzv7Jmw7PiH5W2XLPU8gbcs27SLojOlMsk+ccoyiXllY5ywi4wL3
dbk7Zw44e5l1aPlC7HpmR5PRGUCqR8tzlKemxhHVloWpXH7thxenZV1NQD8xfRr3
+MmgHuxgDafd5Sa4C1WMCvtch/j2yZCKh0o8aseysjjM3IeaCuYtNQaaEvpQa0rg
ocNomrhoeVfBoA==
-----END CERTIFICATE-----