Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/79e61d-9afb-4d55-94a4-4e4a5065594a/1/DWisydbqg0IUE-TPWgc3-sMXNSo.mft
File:                     DWisydbqg0IUE-TPWgc3-sMXNSo.mft (raw, json)
Hash identifier:          AlEmKFcxriHtUESbwD54D75haUOK+FEeZtECN46JnwA=
Subject key identifier:   98:55:54:CC:BB:4B:87:74:39:5D:81:3F:4C:1F:09:9A:6E:5E:95:AC
Authority key identifier: 0D:68:AC:C9:D6:EA:83:42:14:13:E4:CF:5A:07:37:FA:C3:17:35:2A
Certificate issuer:       /CN=0d68acc9d6ea83421413e4cf5a0737fac317352a
Certificate serial:       0196BAB681412912FDD10D42D47B1854EF1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DWisydbqg0IUE-TPWgc3-sMXNSo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/79e61d-9afb-4d55-94a4-4e4a5065594a/1/DWisydbqg0IUE-TPWgc3-sMXNSo.mft
Manifest number:          0264
Signing time:             Sat 10 May 2025 15:00:44 +0000
Manifest this update:     Sat 10 May 2025 15:00:44 +0000
Manifest next update:     Sun 11 May 2025 15:00:44 +0000
Files and hashes:         1: DWisydbqg0IUE-TPWgc3-sMXNSo.crl (hash: zV38Rt2kicpQHg8OmbNDJKQa/KeigqbPLOdEoI15vjU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/79e61d-9afb-4d55-94a4-4e4a5065594a/1/DWisydbqg0IUE-TPWgc3-sMXNSo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/79e61d-9afb-4d55-94a4-4e4a5065594a/1/DWisydbqg0IUE-TPWgc3-sMXNSo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DWisydbqg0IUE-TPWgc3-sMXNSo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ba:b6:81:41:29:12:fd:d1:0d:42:d4:7b:18:54:ef:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d68acc9d6ea83421413e4cf5a0737fac317352a
        Validity
            Not Before: May 10 15:00:44 2025 GMT
            Not After : May 11 15:00:44 2025 GMT
        Subject: CN=985554ccbb4b8774395d813f4c1f099a6e5e95ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:b1:92:26:02:92:5f:27:cc:df:99:03:3f:1d:
                    ad:fe:df:e5:50:6a:16:02:19:e3:60:81:46:61:b8:
                    fa:bb:bf:4b:b8:89:91:44:21:76:e9:1f:33:6c:01:
                    2d:61:8f:2f:b3:c0:61:82:fa:06:50:16:62:89:ea:
                    d4:3c:9b:d3:19:f3:00:57:93:9f:f4:26:65:17:62:
                    e9:b5:f9:73:58:7a:f9:6d:dc:d8:41:7f:55:cd:5c:
                    89:f8:5d:53:6e:8b:b5:dd:71:4b:53:56:6a:c1:db:
                    08:d0:02:11:ee:54:b2:ab:b4:96:81:06:8b:75:2c:
                    f6:f2:18:c7:e8:38:11:03:ff:c9:05:8b:7b:03:3c:
                    2e:b1:fe:1c:73:9b:6f:74:42:5f:9a:53:84:84:ea:
                    a7:e1:9c:c7:91:b8:d0:65:c6:43:2a:a2:5f:7e:9a:
                    43:be:b5:1a:16:b3:6d:7e:b2:c5:c9:bc:d4:00:70:
                    cd:ad:e6:77:bb:69:c1:94:cb:4a:5d:29:75:5f:0d:
                    76:c9:a0:44:a2:e5:c9:4e:c1:94:1b:99:2e:8b:2d:
                    51:2f:79:86:ff:23:06:45:9b:d4:ba:3b:15:82:b5:
                    85:2f:4d:48:95:3e:99:5e:1a:34:b1:ae:19:3f:05:
                    1a:a3:3d:9c:6d:4c:18:fb:29:12:2b:25:96:14:60:
                    c4:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:55:54:CC:BB:4B:87:74:39:5D:81:3F:4C:1F:09:9A:6E:5E:95:AC
            X509v3 Authority Key Identifier:
                keyid:0D:68:AC:C9:D6:EA:83:42:14:13:E4:CF:5A:07:37:FA:C3:17:35:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DWisydbqg0IUE-TPWgc3-sMXNSo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/79e61d-9afb-4d55-94a4-4e4a5065594a/1/DWisydbqg0IUE-TPWgc3-sMXNSo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/79e61d-9afb-4d55-94a4-4e4a5065594a/1/DWisydbqg0IUE-TPWgc3-sMXNSo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:04:41:81:35:97:0d:4d:8f:d5:4a:57:c1:2b:5e:da:75:29:
         6c:32:61:b0:7a:ef:b0:1f:5c:79:a1:53:71:71:ec:45:23:9f:
         04:1e:a4:5c:94:e8:14:55:8a:f5:ad:81:7c:53:cc:d8:4d:95:
         39:9e:1c:3a:3c:37:ec:42:7d:69:ce:82:65:15:19:81:a3:7e:
         2c:11:66:40:e6:76:2b:e4:aa:93:52:83:36:2f:79:c9:8b:c1:
         6d:2c:1b:df:a2:be:b8:fc:e0:4c:b8:77:b6:0c:25:17:29:27:
         39:8a:2b:aa:11:22:6f:79:84:cc:cd:50:66:d2:67:b6:dd:f4:
         db:07:b6:10:05:6c:35:fc:ee:3a:01:44:c1:fa:74:21:b9:55:
         ce:13:f1:a2:d5:da:ae:89:6b:b8:ee:66:32:5e:96:78:e4:8c:
         c1:76:28:11:70:a8:83:ce:a8:e3:76:e0:46:a3:0e:2a:ef:4b:
         71:42:89:87:6f:a3:c8:00:5b:54:73:21:a2:fc:fa:40:5c:17:
         2b:5d:f3:9b:f7:90:d9:0a:19:4d:c0:46:bf:5b:f6:fc:f9:1e:
         58:fb:81:90:4f:06:b9:cc:7d:66:23:51:5c:2e:b8:24:2b:ef:
         06:90:65:09:22:37:ff:0d:ee:3e:44:51:df:15:12:a8:5e:32:
         b0:47:d3:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa6toFBKRL90Q1C1HsYVO8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNjhhY2M5ZDZlYTgzNDIxNDEzZTRjZjVhMDczN2ZhYzMx
NzM1MmEwHhcNMjUwNTEwMTUwMDQ0WhcNMjUwNTExMTUwMDQ0WjAzMTEwLwYDVQQD
Eyg5ODU1NTRjY2JiNGI4Nzc0Mzk1ZDgxM2Y0YzFmMDk5YTZlNWU5NWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7GSJgKSXyfM35kDPx2t/t/lUGoW
AhnjYIFGYbj6u79LuImRRCF26R8zbAEtYY8vs8BhgvoGUBZiierUPJvTGfMAV5Of
9CZlF2LptflzWHr5bdzYQX9VzVyJ+F1Tbou13XFLU1ZqwdsI0AIR7lSyq7SWgQaL
dSz28hjH6DgRA//JBYt7Azwusf4cc5tvdEJfmlOEhOqn4ZzHkbjQZcZDKqJffppD
vrUaFrNtfrLFybzUAHDNreZ3u2nBlMtKXSl1Xw12yaBEouXJTsGUG5kuiy1RL3mG
/yMGRZvUujsVgrWFL01IlT6ZXho0sa4ZPwUaoz2cbUwY+ykSKyWWFGDExwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJhVVMy7S4d0OV2BP0wfCZpuXpWsMB8GA1UdIwQY
MBaAFA1orMnW6oNCFBPkz1oHN/rDFzUqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFdpc3lkYnFnMElVRS1UUFdnYzMtc01YTlNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS83OWU2MWQtOWFmYi00ZDU1LTk0YTQt
NGU0YTUwNjU1OTRhLzEvRFdpc3lkYnFnMElVRS1UUFdnYzMtc01YTlNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS83OWU2MWQtOWFmYi00ZDU1LTk0YTQtNGU0YTUwNjU1OTRh
LzEvRFdpc3lkYnFnMElVRS1UUFdnYzMtc01YTlNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKgRBgTWX
DU2P1UpXwSte2nUpbDJhsHrvsB9ceaFTcXHsRSOfBB6kXJToFFWK9a2BfFPM2E2V
OZ4cOjw37EJ9ac6CZRUZgaN+LBFmQOZ2K+Sqk1KDNi95yYvBbSwb36K+uPzgTLh3
tgwlFyknOYorqhEib3mEzM1QZtJntt302we2EAVsNfzuOgFEwfp0IblVzhPxotXa
rolruO5mMl6WeOSMwXYoEXCog86o43bgRqMOKu9LcUKJh2+jyABbVHMhovz6QFwX
K13zm/eQ2QoZTcBGv1v2/PkeWPuBkE8Gucx9ZiNRXC64JCvvBpBlCSI3/w3uPkRR
3xUSqF4ysEfT4A==
-----END CERTIFICATE-----