Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ea59ec-3e58-4437-adf2-6f022a0e5ad9/1/mHq6b3RFXE-jq-I6qCMGfs_DPEg.mft
File:                     mHq6b3RFXE-jq-I6qCMGfs_DPEg.mft (raw, json)
Hash identifier:          Mb+MQp1roGs5YHdkOpRndFqS8cCKFAe3ORc99IgBlXM=
Subject key identifier:   D2:4F:81:BD:32:DF:4E:5E:23:A8:E4:2B:D7:1B:08:B1:EE:AE:92:65
Authority key identifier: 98:7A:BA:6F:74:45:5C:4F:A3:AB:E2:3A:A8:23:06:7E:CF:C3:3C:48
Certificate issuer:       /CN=987aba6f74455c4fa3abe23aa823067ecfc33c48
Certificate serial:       0196789F70D2DFF8A194588A68C1A568E7AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mHq6b3RFXE-jq-I6qCMGfs_DPEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/ea59ec-3e58-4437-adf2-6f022a0e5ad9/1/mHq6b3RFXE-jq-I6qCMGfs_DPEg.mft
Manifest number:          C1
Signing time:             Sun 27 Apr 2025 19:00:37 +0000
Manifest this update:     Sun 27 Apr 2025 19:00:37 +0000
Manifest next update:     Mon 28 Apr 2025 19:00:37 +0000
Files and hashes:         1: mHq6b3RFXE-jq-I6qCMGfs_DPEg.crl (hash: NyENXRDaQZsRGwMYvUhi4uUOGyOGseJQxDcyNUmF7RQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/ea59ec-3e58-4437-adf2-6f022a0e5ad9/1/mHq6b3RFXE-jq-I6qCMGfs_DPEg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/ea59ec-3e58-4437-adf2-6f022a0e5ad9/1/mHq6b3RFXE-jq-I6qCMGfs_DPEg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mHq6b3RFXE-jq-I6qCMGfs_DPEg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:9f:70:d2:df:f8:a1:94:58:8a:68:c1:a5:68:e7:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=987aba6f74455c4fa3abe23aa823067ecfc33c48
        Validity
            Not Before: Apr 27 19:00:37 2025 GMT
            Not After : Apr 28 19:00:37 2025 GMT
        Subject: CN=d24f81bd32df4e5e23a8e42bd71b08b1eeae9265
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:bc:da:6b:72:37:8f:b6:e2:0f:f5:00:c8:f4:
                    3b:0b:32:b3:a9:dc:04:6c:92:38:c7:69:75:34:c2:
                    68:f5:5b:7a:28:c1:89:37:dc:72:dd:84:ed:8c:2f:
                    ed:1c:8b:f7:da:97:2f:b5:d8:2b:48:28:25:3b:08:
                    9a:2d:fb:af:4a:fd:b8:a1:82:d8:81:26:d9:68:90:
                    b3:b8:c9:77:2c:83:95:ea:99:ef:87:e7:9f:ba:18:
                    6d:e6:71:7a:9b:f3:b0:70:0a:6f:15:e7:69:35:cb:
                    82:75:6e:ab:7d:3e:8f:82:13:0e:55:1f:be:d2:df:
                    42:65:d3:a3:e4:60:25:1f:f9:1c:06:a1:12:b2:42:
                    12:c5:8e:e6:22:9a:07:71:8b:08:24:7f:21:3b:ee:
                    d4:c1:de:42:97:20:c5:01:47:d9:a9:d1:eb:f7:49:
                    1a:7a:f4:f7:a7:f4:cf:7e:36:4c:7f:c4:a6:84:f5:
                    37:4d:ba:8e:5c:10:a1:8a:e9:15:4a:a6:89:99:34:
                    55:93:cc:f9:0b:f4:75:16:2e:99:b8:be:73:9b:ea:
                    13:73:82:c8:41:d5:e8:b4:a7:d2:79:9f:5c:32:24:
                    d3:10:2a:19:6d:4f:2a:60:2c:fa:25:c0:37:46:02:
                    e7:31:3c:88:c5:41:54:ae:f5:98:c2:a9:fa:78:16:
                    25:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:4F:81:BD:32:DF:4E:5E:23:A8:E4:2B:D7:1B:08:B1:EE:AE:92:65
            X509v3 Authority Key Identifier:
                keyid:98:7A:BA:6F:74:45:5C:4F:A3:AB:E2:3A:A8:23:06:7E:CF:C3:3C:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mHq6b3RFXE-jq-I6qCMGfs_DPEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ea59ec-3e58-4437-adf2-6f022a0e5ad9/1/mHq6b3RFXE-jq-I6qCMGfs_DPEg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ea59ec-3e58-4437-adf2-6f022a0e5ad9/1/mHq6b3RFXE-jq-I6qCMGfs_DPEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         da:69:8e:28:bf:84:05:b8:a8:53:c8:fa:ab:8a:09:fd:f3:a3:
         9b:a1:37:d6:94:f3:71:a4:e3:f4:38:37:64:33:4a:c6:90:57:
         0a:41:de:c1:4f:04:6d:98:b5:50:e2:53:91:fd:df:dc:28:05:
         e6:1c:bc:68:c0:aa:16:84:31:d3:c4:84:75:f5:e6:0f:ea:5a:
         29:7c:45:2b:8a:1e:ea:03:47:2f:29:8a:a3:7b:de:f0:45:7b:
         b2:62:82:64:16:7d:a2:82:c2:59:f5:59:77:74:97:6a:f2:aa:
         6e:e1:4c:f0:cd:93:1e:10:23:b2:52:c8:dd:43:4a:a1:ff:3a:
         5b:4e:30:08:df:b4:ee:d1:ce:91:3b:78:b7:7e:ba:98:74:5f:
         96:0f:db:ed:a5:7a:92:18:5b:3c:6b:0d:3f:46:9f:6d:b1:83:
         06:bc:e7:c8:2e:d5:bb:23:11:b1:5e:71:7c:2d:13:b3:fd:70:
         a1:51:c5:0e:e6:7a:57:e9:81:58:f5:91:2f:a6:c9:3f:8b:b1:
         6c:74:3c:7b:02:88:b2:d3:4c:60:5b:54:c6:4f:50:79:5b:6a:
         a3:bf:0e:6d:a8:80:03:cc:4d:a3:9f:37:41:dd:4f:64:f9:f4:
         33:84:c9:8d:49:bb:63:3b:26:80:3e:8d:e7:0c:94:d7:32:b7:
         cf:b5:93:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ4n3DS3/ihlFiKaMGlaOerMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4N2FiYTZmNzQ0NTVjNGZhM2FiZTIzYWE4MjMwNjdlY2Zj
MzNjNDgwHhcNMjUwNDI3MTkwMDM3WhcNMjUwNDI4MTkwMDM3WjAzMTEwLwYDVQQD
EyhkMjRmODFiZDMyZGY0ZTVlMjNhOGU0MmJkNzFiMDhiMWVlYWU5MjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLzaa3I3j7biD/UAyPQ7CzKzqdwE
bJI4x2l1NMJo9Vt6KMGJN9xy3YTtjC/tHIv32pcvtdgrSCglOwiaLfuvSv24oYLY
gSbZaJCzuMl3LIOV6pnvh+efuhht5nF6m/OwcApvFedpNcuCdW6rfT6PghMOVR++
0t9CZdOj5GAlH/kcBqESskISxY7mIpoHcYsIJH8hO+7Uwd5ClyDFAUfZqdHr90ka
evT3p/TPfjZMf8SmhPU3TbqOXBChiukVSqaJmTRVk8z5C/R1Fi6ZuL5zm+oTc4LI
QdXotKfSeZ9cMiTTECoZbU8qYCz6JcA3RgLnMTyIxUFUrvWYwqn6eBYlcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNJPgb0y305eI6jkK9cbCLHurpJlMB8GA1UdIwQY
MBaAFJh6um90RVxPo6viOqgjBn7PwzxIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUhxNmIzUkZYRS1qcS1JNnFDTUdmc19EUEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9lYTU5ZWMtM2U1OC00NDM3LWFkZjIt
NmYwMjJhMGU1YWQ5LzEvbUhxNmIzUkZYRS1qcS1JNnFDTUdmc19EUEVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9lYTU5ZWMtM2U1OC00NDM3LWFkZjItNmYwMjJhMGU1YWQ5
LzEvbUhxNmIzUkZYRS1qcS1JNnFDTUdmc19EUEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2mmOKL+E
BbioU8j6q4oJ/fOjm6E31pTzcaTj9Dg3ZDNKxpBXCkHewU8EbZi1UOJTkf3f3CgF
5hy8aMCqFoQx08SEdfXmD+paKXxFK4oe6gNHLymKo3ve8EV7smKCZBZ9ooLCWfVZ
d3SXavKqbuFM8M2THhAjslLI3UNKof86W04wCN+07tHOkTt4t366mHRflg/b7aV6
khhbPGsNP0afbbGDBrznyC7VuyMRsV5xfC0Ts/1woVHFDuZ6V+mBWPWRL6bJP4ux
bHQ8ewKIstNMYFtUxk9QeVtqo78ObaiAA8xNo583Qd1PZPn0M4TJjUm7YzsmgD6N
5wyU1zK3z7WTMg==
-----END CERTIFICATE-----