Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.mft
File:                     obeZgyScHV-GGfE1xtbn43379WI.mft (raw, json)
Hash identifier:          ADki3BJZIZQpaAsamoVkD5u3nW3AyvbivdF+crmh33w=
Subject key identifier:   DD:50:86:3C:D4:AD:57:72:C2:20:6B:07:5D:D7:D7:BE:65:B6:73:28
Authority key identifier: A1:B7:99:83:24:9C:1D:5F:86:19:F1:35:C6:D6:E7:E3:7D:FB:F5:62
Certificate issuer:       /CN=a1b79983249c1d5f8619f135c6d6e7e37dfbf562
Certificate serial:       0196C53ACA316206CBF3CF363795961F7C3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/obeZgyScHV-GGfE1xtbn43379WI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.mft
Manifest number:          0D3C
Signing time:             Mon 12 May 2025 16:01:26 +0000
Manifest this update:     Mon 12 May 2025 16:01:26 +0000
Manifest next update:     Tue 13 May 2025 16:01:26 +0000
Files and hashes:         1: obeZgyScHV-GGfE1xtbn43379WI.crl (hash: P6ogDhPSDsXtl1pHNSx1s4kaIox7N4o9EDWNuAdKJAw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/obeZgyScHV-GGfE1xtbn43379WI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:3a:ca:31:62:06:cb:f3:cf:36:37:95:96:1f:7c:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1b79983249c1d5f8619f135c6d6e7e37dfbf562
        Validity
            Not Before: May 12 16:01:26 2025 GMT
            Not After : May 13 16:01:26 2025 GMT
        Subject: CN=dd50863cd4ad5772c2206b075dd7d7be65b67328
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:88:f2:c9:e3:fd:a3:df:3b:9e:37:04:94:66:
                    da:d4:b3:7e:d4:50:e6:6c:e6:ab:73:b1:14:a9:bb:
                    af:5e:7d:70:3a:9b:48:a0:ce:b1:64:d2:6e:9f:ef:
                    47:24:3f:77:7f:c7:23:f3:a9:01:bf:28:ef:c8:d5:
                    08:34:60:63:fa:d3:32:23:51:05:89:52:7d:73:17:
                    09:66:0d:c8:d1:26:c6:4e:6b:42:c2:d2:43:35:6f:
                    57:e2:aa:b6:09:fe:67:26:a7:fd:44:54:76:3c:fe:
                    27:db:98:4f:d1:0a:a1:1c:63:f6:0f:86:ac:10:e5:
                    0d:1a:19:5f:27:e4:a5:a0:c1:27:f7:a3:46:04:1f:
                    74:9c:c8:8d:78:8f:91:33:f2:64:a2:a5:16:53:c9:
                    17:16:00:d0:43:73:b6:36:ee:6a:4a:21:6c:25:08:
                    9f:ed:af:ff:89:86:aa:a6:14:c9:db:88:27:16:3f:
                    e3:37:81:02:c4:ae:88:69:44:e0:c1:42:b4:26:76:
                    19:89:7d:8b:78:92:5d:5c:64:80:a1:f5:13:8b:2b:
                    87:fb:95:03:d2:4a:b4:0b:0a:15:e4:78:59:73:e1:
                    f6:14:f9:a9:03:25:79:2a:06:f1:4b:2b:d2:5e:21:
                    ac:ba:84:58:5a:92:e6:a4:34:71:df:2f:8c:9a:72:
                    91:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:50:86:3C:D4:AD:57:72:C2:20:6B:07:5D:D7:D7:BE:65:B6:73:28
            X509v3 Authority Key Identifier:
                keyid:A1:B7:99:83:24:9C:1D:5F:86:19:F1:35:C6:D6:E7:E3:7D:FB:F5:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obeZgyScHV-GGfE1xtbn43379WI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:99:6a:3f:62:11:bd:0a:25:e1:9c:37:51:52:37:5a:0c:b3:
         56:06:0e:ec:7e:e0:67:55:ca:44:8b:49:f8:26:c3:1f:ef:5a:
         7c:33:de:09:6a:77:09:27:8f:34:71:17:da:43:1f:96:19:22:
         95:a0:a6:67:8f:00:0f:52:15:00:e6:88:a5:b1:fd:b1:9f:b3:
         01:53:2e:32:56:31:bd:5e:d7:80:53:98:f5:26:a0:6a:7a:fc:
         74:83:2f:37:70:0d:80:29:be:96:12:67:84:f5:46:cc:5b:3b:
         ba:74:fe:82:b3:65:70:1d:a0:ab:17:b4:24:c4:9c:94:f8:a7:
         32:2a:92:c1:27:e5:bf:5f:ff:81:d2:eb:d3:41:d5:9f:aa:c7:
         ad:b4:ed:37:db:01:2d:62:d3:0b:7b:dd:4f:6f:f3:75:8e:fd:
         4e:69:44:0d:eb:8e:0a:f2:29:85:c0:40:de:bf:2b:68:c7:e7:
         b8:bb:d3:7d:95:aa:c2:19:fa:4d:05:57:74:fd:11:b7:12:ed:
         87:66:24:35:85:61:ae:70:ef:70:35:65:0f:b1:42:33:8f:53:
         61:68:9c:78:c2:37:29:d2:7f:e3:ae:c3:47:db:27:f0:ee:9b:
         c8:09:c3:f0:98:49:a9:b8:7a:5b:fa:69:a3:5e:c9:e4:4c:40:
         9d:10:62:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFOsoxYgbL8882N5WWH3w8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjc5OTgzMjQ5YzFkNWY4NjE5ZjEzNWM2ZDZlN2UzN2Rm
YmY1NjIwHhcNMjUwNTEyMTYwMTI2WhcNMjUwNTEzMTYwMTI2WjAzMTEwLwYDVQQD
EyhkZDUwODYzY2Q0YWQ1NzcyYzIyMDZiMDc1ZGQ3ZDdiZTY1YjY3MzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYjyyeP9o987njcElGba1LN+1FDm
bOarc7EUqbuvXn1wOptIoM6xZNJun+9HJD93f8cj86kBvyjvyNUINGBj+tMyI1EF
iVJ9cxcJZg3I0SbGTmtCwtJDNW9X4qq2Cf5nJqf9RFR2PP4n25hP0QqhHGP2D4as
EOUNGhlfJ+SloMEn96NGBB90nMiNeI+RM/JkoqUWU8kXFgDQQ3O2Nu5qSiFsJQif
7a//iYaqphTJ24gnFj/jN4ECxK6IaUTgwUK0JnYZiX2LeJJdXGSAofUTiyuH+5UD
0kq0CwoV5HhZc+H2FPmpAyV5KgbxSyvSXiGsuoRYWpLmpDRx3y+MmnKRrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN1QhjzUrVdywiBrB13X175ltnMoMB8GA1UdIwQY
MBaAFKG3mYMknB1fhhnxNcbW5+N9+/ViMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JlWmd5U2NIVi1HR2ZFMXh0Ym40MzM3OVdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xMjJkODktOGU0My00MGMzLTljZWYt
YjMzOTE2YjlmODM5LzEvb2JlWmd5U2NIVi1HR2ZFMXh0Ym40MzM3OVdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xMjJkODktOGU0My00MGMzLTljZWYtYjMzOTE2YjlmODM5
LzEvb2JlWmd5U2NIVi1HR2ZFMXh0Ym40MzM3OVdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOplqP2IR
vQol4Zw3UVI3WgyzVgYO7H7gZ1XKRItJ+CbDH+9afDPeCWp3CSePNHEX2kMflhki
laCmZ48AD1IVAOaIpbH9sZ+zAVMuMlYxvV7XgFOY9Saganr8dIMvN3ANgCm+lhJn
hPVGzFs7unT+grNlcB2gqxe0JMSclPinMiqSwSflv1//gdLr00HVn6rHrbTtN9sB
LWLTC3vdT2/zdY79TmlEDeuOCvIphcBA3r8raMfnuLvTfZWqwhn6TQVXdP0RtxLt
h2YkNYVhrnDvcDVlD7FCM49TYWiceMI3KdJ/467DR9sn8O6byAnD8JhJqbh6W/pp
o17J5ExAnRBiFQ==
-----END CERTIFICATE-----