Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft
File:                     Dkbx623dT_7-GDgAMCvmNs_pZTc.mft (raw, json)
Hash identifier:          2/sJ4HSuVbgpAJ+0qzfZZpjFb0aWBZ6lPccZltyDErA=
Subject key identifier:   9C:75:7E:80:80:79:06:D7:42:89:58:51:57:55:FB:20:F5:DB:9B:57
Authority key identifier: 0E:46:F1:EB:6D:DD:4F:FE:FE:18:38:00:30:2B:E6:36:CF:E9:65:37
Certificate issuer:       /CN=0e46f1eb6ddd4ffefe183800302be636cfe96537
Certificate serial:       0197BA7ED07E41D49E46D3032BC29A0679C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dkbx623dT_7-GDgAMCvmNs_pZTc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft
Manifest number:          15B3
Signing time:             Sun 29 Jun 2025 07:02:42 +0000
Manifest this update:     Sun 29 Jun 2025 07:02:42 +0000
Manifest next update:     Mon 30 Jun 2025 07:02:42 +0000
Files and hashes:         1: Dkbx623dT_7-GDgAMCvmNs_pZTc.crl (hash: S/m+9RbdOSM1NGvblvnPQw+ke/E6NzklceVw4IGUaJ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dkbx623dT_7-GDgAMCvmNs_pZTc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:7e:d0:7e:41:d4:9e:46:d3:03:2b:c2:9a:06:79:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e46f1eb6ddd4ffefe183800302be636cfe96537
        Validity
            Not Before: Jun 29 07:02:42 2025 GMT
            Not After : Jun 30 07:02:42 2025 GMT
        Subject: CN=9c757e80807906d7428958515755fb20f5db9b57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:ab:07:9a:79:19:02:91:c4:a4:98:03:0e:aa:
                    4f:d5:0d:52:8f:39:d7:f2:9e:5e:d6:4b:73:87:fb:
                    dc:d2:83:aa:a8:2c:76:8d:08:3d:f9:75:51:a8:09:
                    32:7a:4f:92:8b:db:79:bf:e9:93:45:e8:5b:e4:45:
                    41:cf:95:5f:45:2e:b2:72:a6:f1:80:80:06:0e:6f:
                    b1:4f:e3:d1:e6:b1:bd:c0:7b:06:51:1b:ad:cf:2f:
                    7e:ff:90:14:19:ea:f6:80:f0:d2:75:0c:44:ee:09:
                    27:53:c1:88:6d:be:aa:19:05:38:15:39:ff:19:6e:
                    54:43:43:9d:f9:51:57:f1:e0:a0:3c:4f:b7:be:a7:
                    d8:19:86:ca:ab:7a:2c:46:94:60:02:2a:b2:29:be:
                    08:62:71:aa:0d:2d:45:39:53:14:84:04:bf:18:90:
                    55:37:8b:02:25:f6:fd:2e:59:28:a6:07:1f:5c:ba:
                    07:b8:e5:8f:78:26:2f:56:85:3c:1a:4c:bb:7b:0a:
                    8c:7f:ce:d5:36:40:bb:88:67:20:41:ad:d7:cf:2e:
                    91:6a:f1:86:73:24:6b:4b:dc:37:da:d0:4a:d5:ed:
                    2c:2d:66:25:71:a2:3a:d4:fd:0c:fb:3a:48:d2:86:
                    d1:37:08:57:18:29:7b:44:03:2e:52:85:9b:9d:50:
                    ca:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:75:7E:80:80:79:06:D7:42:89:58:51:57:55:FB:20:F5:DB:9B:57
            X509v3 Authority Key Identifier:
                keyid:0E:46:F1:EB:6D:DD:4F:FE:FE:18:38:00:30:2B:E6:36:CF:E9:65:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dkbx623dT_7-GDgAMCvmNs_pZTc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:82:7f:75:80:f5:fa:02:83:3a:95:65:21:df:a5:71:e7:08:
         6a:be:8c:fd:38:f8:6e:ce:38:70:d8:d7:20:41:e1:81:a3:25:
         c3:03:96:e1:b2:d5:3a:36:a4:7e:69:a9:70:de:b7:50:66:ae:
         08:9e:b4:fb:6a:c5:06:64:77:c5:26:44:0a:d7:e3:b0:bf:c1:
         94:4c:f2:fb:34:38:b8:12:42:c2:ac:79:c4:3f:ec:10:17:40:
         98:9b:86:86:65:b7:ef:0a:c3:b0:04:3c:ed:b1:46:c1:bf:1f:
         b3:2d:d7:9c:f1:10:ae:71:3e:be:11:32:d8:91:0d:3f:dc:f3:
         d8:5b:34:3e:b4:b8:a1:2f:4c:43:1d:fd:77:d0:9d:c3:c8:f8:
         b3:30:36:ff:8f:c4:62:fb:39:75:2e:37:a5:ce:93:44:4b:da:
         45:a5:f3:a8:fa:dd:a3:4d:95:84:af:56:5f:5e:d3:86:42:7d:
         79:f9:55:91:7d:47:5c:3b:1c:fc:f8:33:c7:e6:99:8c:86:03:
         75:c2:92:f1:be:f4:17:b7:b3:d5:08:f9:4e:f7:98:62:47:0d:
         7e:4e:90:f0:23:5c:b5:5a:0b:d1:13:49:db:b9:47:59:d2:10:
         86:bd:e3:c8:23:6f:46:5b:e7:05:20:20:de:c5:b4:01:80:78:
         ef:83:4a:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6ftB+QdSeRtMDK8KaBnnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNDZmMWViNmRkZDRmZmVmZTE4MzgwMDMwMmJlNjM2Y2Zl
OTY1MzcwHhcNMjUwNjI5MDcwMjQyWhcNMjUwNjMwMDcwMjQyWjAzMTEwLwYDVQQD
Eyg5Yzc1N2U4MDgwNzkwNmQ3NDI4OTU4NTE1NzU1ZmIyMGY1ZGI5YjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqsHmnkZApHEpJgDDqpP1Q1SjznX
8p5e1ktzh/vc0oOqqCx2jQg9+XVRqAkyek+Si9t5v+mTRehb5EVBz5VfRS6ycqbx
gIAGDm+xT+PR5rG9wHsGURutzy9+/5AUGer2gPDSdQxE7gknU8GIbb6qGQU4FTn/
GW5UQ0Od+VFX8eCgPE+3vqfYGYbKq3osRpRgAiqyKb4IYnGqDS1FOVMUhAS/GJBV
N4sCJfb9LlkopgcfXLoHuOWPeCYvVoU8Gky7ewqMf87VNkC7iGcgQa3Xzy6RavGG
cyRrS9w32tBK1e0sLWYlcaI61P0M+zpI0obRNwhXGCl7RAMuUoWbnVDKXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJx1foCAeQbXQolYUVdV+yD125tXMB8GA1UdIwQY
MBaAFA5G8ett3U/+/hg4ADAr5jbP6WU3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGtieDYyM2RUXzctR0RnQU1Ddm1Oc19wWlRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi81NThhZmUtNDlmZS00MzhlLWJkMzct
ZjRmY2VkMzViMzUyLzEvRGtieDYyM2RUXzctR0RnQU1Ddm1Oc19wWlRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi81NThhZmUtNDlmZS00MzhlLWJkMzctZjRmY2VkMzViMzUy
LzEvRGtieDYyM2RUXzctR0RnQU1Ddm1Oc19wWlRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT4J/dYD1
+gKDOpVlId+lcecIar6M/Tj4bs44cNjXIEHhgaMlwwOW4bLVOjakfmmpcN63UGau
CJ60+2rFBmR3xSZECtfjsL/BlEzy+zQ4uBJCwqx5xD/sEBdAmJuGhmW37wrDsAQ8
7bFGwb8fsy3XnPEQrnE+vhEy2JENP9zz2Fs0PrS4oS9MQx39d9Cdw8j4szA2/4/E
Yvs5dS43pc6TREvaRaXzqPrdo02VhK9WX17ThkJ9eflVkX1HXDsc/Pgzx+aZjIYD
dcKS8b70F7ez1Qj5TveYYkcNfk6Q8CNctVoL0RNJ27lHWdIQhr3jyCNvRlvnBSAg
3sW0AYB474NKMA==
-----END CERTIFICATE-----