Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/79e61d-9afb-4d55-94a4-4e4a5065594a/1/DWisydbqg0IUE-TPWgc3-sMXNSo.mft
File:                     DWisydbqg0IUE-TPWgc3-sMXNSo.mft (raw, json)
Hash identifier:          ESOFnwrC36lKYCG8aDz3xqltVCNhyYGXEtM8iPu+8r4=
Subject key identifier:   6C:23:FE:2C:4E:AD:BB:35:83:DB:8C:D0:55:F1:D4:F1:3D:53:84:0B
Authority key identifier: 0D:68:AC:C9:D6:EA:83:42:14:13:E4:CF:5A:07:37:FA:C3:17:35:2A
Certificate issuer:       /CN=0d68acc9d6ea83421413e4cf5a0737fac317352a
Certificate serial:       0197B9A1B46987AFCE64418866BBCAC20522
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DWisydbqg0IUE-TPWgc3-sMXNSo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/79e61d-9afb-4d55-94a4-4e4a5065594a/1/DWisydbqg0IUE-TPWgc3-sMXNSo.mft
Manifest number:          02E8
Signing time:             Sun 29 Jun 2025 03:01:11 +0000
Manifest this update:     Sun 29 Jun 2025 03:01:11 +0000
Manifest next update:     Mon 30 Jun 2025 03:01:11 +0000
Files and hashes:         1: DWisydbqg0IUE-TPWgc3-sMXNSo.crl (hash: ZbbFTu+CQP/Cfhs0J7o8uP6aJAN3wTqAj/lYIpNr5VI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/79e61d-9afb-4d55-94a4-4e4a5065594a/1/DWisydbqg0IUE-TPWgc3-sMXNSo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/79e61d-9afb-4d55-94a4-4e4a5065594a/1/DWisydbqg0IUE-TPWgc3-sMXNSo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DWisydbqg0IUE-TPWgc3-sMXNSo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 00:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:a1:b4:69:87:af:ce:64:41:88:66:bb:ca:c2:05:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d68acc9d6ea83421413e4cf5a0737fac317352a
        Validity
            Not Before: Jun 29 03:01:11 2025 GMT
            Not After : Jun 30 03:01:11 2025 GMT
        Subject: CN=6c23fe2c4eadbb3583db8cd055f1d4f13d53840b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:c3:9d:f4:7a:fe:4f:aa:fd:1f:57:52:14:c7:
                    a1:5d:2d:0d:d5:77:8c:a7:d4:3d:7d:54:0e:8c:07:
                    48:82:32:c3:9d:d6:ed:e0:f5:10:84:8b:1c:eb:58:
                    9e:39:dc:1d:05:ff:1a:21:ec:cc:12:4b:60:eb:bb:
                    da:b1:67:e5:c9:0f:38:33:77:ac:4e:0d:4b:7e:1a:
                    e5:0e:49:07:c5:8e:ca:cd:f6:5a:11:99:b1:a7:f6:
                    fd:21:98:f3:1f:91:98:48:4f:1d:db:e6:4b:f2:10:
                    7e:02:55:42:f7:97:c8:03:2a:c2:5e:80:9c:9e:8c:
                    63:ed:7a:07:49:79:78:f7:e1:03:84:e1:58:07:e8:
                    df:62:45:54:e0:77:ce:52:d1:73:9a:6a:7e:d1:85:
                    05:20:7d:0d:64:86:d8:e4:16:1a:d2:61:87:41:37:
                    fd:2b:6a:47:6f:52:a4:d0:49:14:43:56:61:1d:8e:
                    d0:66:62:10:72:29:44:7d:2c:7e:30:a2:dd:db:5b:
                    68:e3:63:aa:85:05:e4:fa:50:db:0c:2b:9c:95:1f:
                    bb:fd:15:af:fb:4a:62:39:dd:a8:e4:76:07:65:59:
                    fd:45:05:6d:df:c6:40:f1:37:76:14:a8:07:44:23:
                    17:c4:59:a5:39:86:78:09:35:66:a9:1b:ef:55:ec:
                    9a:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:23:FE:2C:4E:AD:BB:35:83:DB:8C:D0:55:F1:D4:F1:3D:53:84:0B
            X509v3 Authority Key Identifier:
                keyid:0D:68:AC:C9:D6:EA:83:42:14:13:E4:CF:5A:07:37:FA:C3:17:35:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DWisydbqg0IUE-TPWgc3-sMXNSo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/79e61d-9afb-4d55-94a4-4e4a5065594a/1/DWisydbqg0IUE-TPWgc3-sMXNSo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/79e61d-9afb-4d55-94a4-4e4a5065594a/1/DWisydbqg0IUE-TPWgc3-sMXNSo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:2f:7d:f4:a0:33:ce:63:9c:cd:da:3b:2e:6c:7d:67:50:54:
         ca:f1:ed:93:3a:75:c9:1f:16:a6:f8:77:7a:6a:74:44:09:e4:
         bb:23:99:16:c6:18:f6:c0:fe:83:03:bb:18:d0:24:c5:cc:53:
         80:9f:ba:96:35:f2:07:39:8f:61:d6:00:5a:f5:68:3c:02:6e:
         73:70:f0:28:6e:0a:1a:ec:76:ff:8b:6b:b8:fd:8c:00:70:ec:
         82:ac:28:56:4f:1b:80:1c:e1:69:2d:ea:00:cb:46:11:a4:a0:
         49:ae:72:16:d0:68:c8:ff:ae:f6:d6:6b:dc:de:56:1e:c0:0f:
         e0:e5:d5:ee:da:81:db:2c:b4:8a:f3:1f:10:d6:69:f8:eb:ac:
         cb:56:e5:96:08:2a:c4:db:ce:fa:50:0d:57:7a:b9:4e:49:03:
         37:b4:b7:58:4a:d9:18:3c:7b:6b:6a:10:7a:5c:5a:fa:5b:40:
         4a:4c:b7:6b:1c:ee:74:e9:fa:a7:dd:69:7e:58:39:b4:43:40:
         f5:31:d9:80:0f:d8:79:f6:42:72:ae:4d:10:46:03:6b:0d:c1:
         da:62:a7:47:d6:91:fa:5c:d4:18:80:11:d3:a4:ef:98:9f:39:
         6c:a2:c5:d9:71:12:48:1e:fe:5c:36:a0:d9:c0:bf:04:ec:4e:
         45:74:15:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe5obRph6/OZEGIZrvKwgUiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNjhhY2M5ZDZlYTgzNDIxNDEzZTRjZjVhMDczN2ZhYzMx
NzM1MmEwHhcNMjUwNjI5MDMwMTExWhcNMjUwNjMwMDMwMTExWjAzMTEwLwYDVQQD
Eyg2YzIzZmUyYzRlYWRiYjM1ODNkYjhjZDA1NWYxZDRmMTNkNTM4NDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3cOd9Hr+T6r9H1dSFMehXS0N1XeM
p9Q9fVQOjAdIgjLDndbt4PUQhIsc61ieOdwdBf8aIezMEktg67vasWflyQ84M3es
Tg1LfhrlDkkHxY7KzfZaEZmxp/b9IZjzH5GYSE8d2+ZL8hB+AlVC95fIAyrCXoCc
noxj7XoHSXl49+EDhOFYB+jfYkVU4HfOUtFzmmp+0YUFIH0NZIbY5BYa0mGHQTf9
K2pHb1Kk0EkUQ1ZhHY7QZmIQcilEfSx+MKLd21to42OqhQXk+lDbDCuclR+7/RWv
+0piOd2o5HYHZVn9RQVt38ZA8Td2FKgHRCMXxFmlOYZ4CTVmqRvvVeyaywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGwj/ixOrbs1g9uM0FXx1PE9U4QLMB8GA1UdIwQY
MBaAFA1orMnW6oNCFBPkz1oHN/rDFzUqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFdpc3lkYnFnMElVRS1UUFdnYzMtc01YTlNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS83OWU2MWQtOWFmYi00ZDU1LTk0YTQt
NGU0YTUwNjU1OTRhLzEvRFdpc3lkYnFnMElVRS1UUFdnYzMtc01YTlNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS83OWU2MWQtOWFmYi00ZDU1LTk0YTQtNGU0YTUwNjU1OTRh
LzEvRFdpc3lkYnFnMElVRS1UUFdnYzMtc01YTlNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANC999KAz
zmOczdo7Lmx9Z1BUyvHtkzp1yR8Wpvh3emp0RAnkuyOZFsYY9sD+gwO7GNAkxcxT
gJ+6ljXyBzmPYdYAWvVoPAJuc3DwKG4KGux2/4truP2MAHDsgqwoVk8bgBzhaS3q
AMtGEaSgSa5yFtBoyP+u9tZr3N5WHsAP4OXV7tqB2yy0ivMfENZp+Ousy1bllggq
xNvO+lANV3q5TkkDN7S3WErZGDx7a2oQelxa+ltASky3axzudOn6p91pflg5tENA
9THZgA/YefZCcq5NEEYDaw3B2mKnR9aR+lzUGIAR06TvmJ85bKLF2XESSB7+XDag
2cC/BOxORXQVRg==
-----END CERTIFICATE-----