Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft
File:                     Dkbx623dT_7-GDgAMCvmNs_pZTc.mft (raw, json)
Hash identifier:          aki5zmpiI4jnehQ4Tj8TAOdDBBeQavmFFnCh4eEdAKQ=
Subject key identifier:   EE:5E:6C:AA:95:F9:45:0E:57:2D:DF:B0:C9:87:41:14:8C:0B:22:18
Authority key identifier: 0E:46:F1:EB:6D:DD:4F:FE:FE:18:38:00:30:2B:E6:36:CF:E9:65:37
Certificate issuer:       /CN=0e46f1eb6ddd4ffefe183800302be636cfe96537
Certificate serial:       01969E9A8DEADEAC05179E0F0EC8D6D7E580
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dkbx623dT_7-GDgAMCvmNs_pZTc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft
Manifest number:          1520
Signing time:             Mon 05 May 2025 04:00:51 +0000
Manifest this update:     Mon 05 May 2025 04:00:51 +0000
Manifest next update:     Tue 06 May 2025 04:00:51 +0000
Files and hashes:         1: Dkbx623dT_7-GDgAMCvmNs_pZTc.crl (hash: 5OYflk1hflhy1tW0KgnVr0N2TXcXSt/kWeVzkisudyQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dkbx623dT_7-GDgAMCvmNs_pZTc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 04:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9e:9a:8d:ea:de:ac:05:17:9e:0f:0e:c8:d6:d7:e5:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e46f1eb6ddd4ffefe183800302be636cfe96537
        Validity
            Not Before: May  5 04:00:51 2025 GMT
            Not After : May  6 04:00:51 2025 GMT
        Subject: CN=ee5e6caa95f9450e572ddfb0c98741148c0b2218
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:63:08:6c:df:74:6c:db:af:6a:1d:87:32:d3:
                    e0:78:16:f7:dd:74:38:6d:32:bc:ff:e1:19:6c:6e:
                    22:ba:b3:4e:51:f5:6f:bb:72:a7:3a:0c:4e:b4:fc:
                    97:a5:3d:64:14:47:d4:0a:69:29:08:fa:4e:b2:22:
                    e2:cd:7e:50:c2:c3:67:8b:a7:6a:54:f0:9e:db:b5:
                    c6:86:36:f5:29:9b:5c:54:c4:36:de:46:af:fc:31:
                    fe:a1:cf:33:df:16:19:ad:b8:d8:5b:6e:f9:e3:4c:
                    f2:57:5f:1e:cd:4d:21:ba:4f:25:3b:81:63:75:7c:
                    86:4d:8b:49:06:32:48:9e:bc:43:e1:9f:6d:c1:ba:
                    c8:67:ae:db:c1:0e:75:61:b6:9d:6f:b7:70:29:3d:
                    7a:e6:91:0c:3d:65:00:57:5c:d4:02:5f:b1:b7:bc:
                    cf:76:80:ad:87:15:04:99:2e:f2:98:2f:55:cf:e0:
                    e4:1f:0a:f5:10:08:75:c2:5f:40:0d:e8:32:11:97:
                    3e:1e:f1:d5:8d:1e:cc:fc:f6:64:fb:82:ec:8b:58:
                    71:31:81:d9:8a:5f:22:c6:32:fd:63:7b:c6:1b:65:
                    12:21:26:d4:56:e3:1a:33:f1:ec:2b:88:41:b1:16:
                    93:ca:7c:26:38:cc:d1:9a:b4:93:22:1d:e6:cb:74:
                    1a:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:5E:6C:AA:95:F9:45:0E:57:2D:DF:B0:C9:87:41:14:8C:0B:22:18
            X509v3 Authority Key Identifier:
                keyid:0E:46:F1:EB:6D:DD:4F:FE:FE:18:38:00:30:2B:E6:36:CF:E9:65:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dkbx623dT_7-GDgAMCvmNs_pZTc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:b5:ff:db:84:e1:7f:66:74:79:a7:fc:a8:c2:e5:ed:03:dd:
         46:59:14:cd:d4:b9:6c:e8:03:58:a8:3d:be:b6:72:0d:00:3d:
         c5:1c:f1:38:65:27:99:9e:b4:2c:71:92:76:d8:24:70:21:27:
         69:e8:cd:ed:55:5f:7e:99:0b:ea:8e:80:79:ca:ea:9d:87:bd:
         75:78:89:d8:fa:19:a6:1c:f9:f6:04:ba:08:30:b3:06:37:f0:
         13:6c:04:09:cd:4d:7d:71:d0:2b:83:19:17:c0:ed:2f:63:27:
         f6:b7:0d:8c:3d:2d:38:13:98:44:c3:76:9d:2f:52:21:b8:c8:
         8b:d7:b1:d9:0c:c6:2d:f3:75:f8:b4:d2:f2:df:a0:2c:72:f9:
         43:a4:11:9f:45:88:4f:bd:fb:a8:f7:17:65:fd:ba:da:c3:9a:
         f1:83:ae:02:eb:d9:52:5c:13:55:56:5c:aa:66:da:a8:d2:97:
         01:3e:dd:d4:f5:be:3e:45:fa:34:fb:fb:c1:e4:41:1f:d5:07:
         24:48:3d:d8:da:c3:f6:34:c7:36:df:62:8e:27:e5:74:02:8a:
         95:b8:f2:7f:d3:bc:c7:82:6b:17:b4:1d:3c:2a:02:12:0a:11:
         ef:5b:93:aa:2c:47:a5:61:d7:51:c4:38:2e:4d:35:1c:9d:1d:
         93:2b:1f:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaemo3q3qwFF54PDsjW1+WAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNDZmMWViNmRkZDRmZmVmZTE4MzgwMDMwMmJlNjM2Y2Zl
OTY1MzcwHhcNMjUwNTA1MDQwMDUxWhcNMjUwNTA2MDQwMDUxWjAzMTEwLwYDVQQD
EyhlZTVlNmNhYTk1Zjk0NTBlNTcyZGRmYjBjOTg3NDExNDhjMGIyMjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimMIbN90bNuvah2HMtPgeBb33XQ4
bTK8/+EZbG4iurNOUfVvu3KnOgxOtPyXpT1kFEfUCmkpCPpOsiLizX5QwsNni6dq
VPCe27XGhjb1KZtcVMQ23kav/DH+oc8z3xYZrbjYW27540zyV18ezU0huk8lO4Fj
dXyGTYtJBjJInrxD4Z9twbrIZ67bwQ51Ybadb7dwKT165pEMPWUAV1zUAl+xt7zP
doCthxUEmS7ymC9Vz+DkHwr1EAh1wl9ADegyEZc+HvHVjR7M/PZk+4Lsi1hxMYHZ
il8ixjL9Y3vGG2USISbUVuMaM/HsK4hBsRaTynwmOMzRmrSTIh3my3QaJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO5ebKqV+UUOVy3fsMmHQRSMCyIYMB8GA1UdIwQY
MBaAFA5G8ett3U/+/hg4ADAr5jbP6WU3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGtieDYyM2RUXzctR0RnQU1Ddm1Oc19wWlRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi81NThhZmUtNDlmZS00MzhlLWJkMzct
ZjRmY2VkMzViMzUyLzEvRGtieDYyM2RUXzctR0RnQU1Ddm1Oc19wWlRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi81NThhZmUtNDlmZS00MzhlLWJkMzctZjRmY2VkMzViMzUy
LzEvRGtieDYyM2RUXzctR0RnQU1Ddm1Oc19wWlRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj7X/24Th
f2Z0eaf8qMLl7QPdRlkUzdS5bOgDWKg9vrZyDQA9xRzxOGUnmZ60LHGSdtgkcCEn
aejN7VVffpkL6o6AecrqnYe9dXiJ2PoZphz59gS6CDCzBjfwE2wECc1NfXHQK4MZ
F8DtL2Mn9rcNjD0tOBOYRMN2nS9SIbjIi9ex2QzGLfN1+LTS8t+gLHL5Q6QRn0WI
T737qPcXZf262sOa8YOuAuvZUlwTVVZcqmbaqNKXAT7d1PW+PkX6NPv7weRBH9UH
JEg92NrD9jTHNt9ijifldAKKlbjyf9O8x4JrF7QdPCoCEgoR71uTqixHpWHXUcQ4
Lk01HJ0dkysfbg==
-----END CERTIFICATE-----