Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
File:                     DUlCfYpEd823aAhhqexQ3HMhaYI.mft (raw, json)
Hash identifier:          /J7RjFBtLxbBKPK3vLRRp7j7LRm+rBmL5+CiLedcS54=
Subject key identifier:   45:83:E6:96:6E:F7:10:B3:17:14:28:8E:EE:6B:C4:D3:AE:FE:A2:71
Authority key identifier: 0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82
Certificate issuer:       /CN=0d49427d8a4477cdb7680861a9ec50dc73216982
Certificate serial:       019677FB057EF891C5EA35E42BF78F267137
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
Manifest number:          059C
Signing time:             Sun 27 Apr 2025 16:01:01 +0000
Manifest this update:     Sun 27 Apr 2025 16:01:01 +0000
Manifest next update:     Mon 28 Apr 2025 16:01:01 +0000
Files and hashes:         1: DUlCfYpEd823aAhhqexQ3HMhaYI.crl (hash: Sy17zBLpF7LWQGzkKi/Z3/oRrFVAn7Ohf7wu7X0LLM8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fb:05:7e:f8:91:c5:ea:35:e4:2b:f7:8f:26:71:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d49427d8a4477cdb7680861a9ec50dc73216982
        Validity
            Not Before: Apr 27 16:01:01 2025 GMT
            Not After : Apr 28 16:01:01 2025 GMT
        Subject: CN=4583e6966ef710b31714288eee6bc4d3aefea271
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fd:c7:f9:b6:07:96:fc:09:3f:3b:d3:70:8a:a6:
                    f3:79:4f:af:f8:d3:a7:88:3b:79:1a:f5:ff:e9:0b:
                    33:2b:23:e9:40:11:9a:f7:f1:69:ed:72:d4:97:5e:
                    42:6e:a3:49:c3:e8:a7:dc:ce:66:86:84:5c:4e:7d:
                    24:fa:2d:97:e4:83:1b:77:db:8d:4e:82:c0:94:e9:
                    a0:27:89:4c:6d:21:a0:40:8b:c9:c7:74:92:6c:e5:
                    af:fe:c8:8a:38:4a:5c:9a:60:66:65:68:7e:3a:38:
                    c8:3e:90:05:fc:fa:76:61:e1:6b:d4:cf:d1:54:11:
                    87:82:d2:d2:e5:f7:ca:10:50:5f:80:cf:b7:71:ea:
                    a4:60:5e:92:a6:a2:f2:d3:20:4e:20:61:d4:3f:a0:
                    b4:57:5b:b4:61:7d:47:26:19:d6:7a:17:d3:a4:6d:
                    7b:88:3f:7c:b7:b9:71:d2:2f:3a:d4:0c:ca:b0:e3:
                    6b:6c:a2:35:03:1b:a0:49:5b:51:93:b2:23:db:39:
                    86:93:a6:66:5a:6a:00:08:ce:5e:34:73:19:67:7b:
                    09:61:ea:6f:d8:e9:7e:bb:8d:26:5c:d7:ee:ef:3d:
                    01:7b:e8:e2:3c:07:a2:e3:96:99:31:07:14:2a:7e:
                    4b:63:46:f2:a3:8d:f9:95:0b:85:9c:4b:17:41:2b:
                    a3:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:83:E6:96:6E:F7:10:B3:17:14:28:8E:EE:6B:C4:D3:AE:FE:A2:71
            X509v3 Authority Key Identifier:
                keyid:0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:8a:34:8b:a8:10:7a:12:94:6a:8b:e1:43:8c:c6:12:90:d7:
         ef:b1:2f:57:fb:da:3a:9e:0a:6d:6f:00:6c:2e:ce:1d:a7:9d:
         db:b5:5f:0e:fc:ed:83:b6:27:0c:c5:80:52:83:0c:19:a2:8b:
         38:43:93:32:b7:67:a9:e4:4c:14:f5:fa:68:89:f4:6f:54:77:
         14:9f:c8:61:c7:d4:cc:2f:df:84:d1:fe:f1:d4:c7:90:ad:fa:
         70:67:95:1d:a7:0c:da:36:e0:49:9f:d0:25:62:ad:f9:7b:7a:
         4f:d5:13:cc:2b:e1:aa:03:1a:eb:4a:33:3e:78:fe:f5:bb:ab:
         7f:74:1f:55:5b:b9:0a:8d:83:e7:c8:21:5d:1d:0f:d1:bc:6c:
         1d:af:d6:76:e0:05:d8:3b:18:1f:4c:08:3c:a0:9b:68:9f:5c:
         00:77:d1:e7:35:6e:0c:2b:04:fc:f0:1b:fb:09:81:9d:dc:4e:
         5f:93:32:f6:70:87:b0:cf:df:d2:fe:3c:4f:f9:7e:b5:61:55:
         99:4e:41:d7:a4:bb:b6:42:af:70:a3:80:41:b5:1f:93:4e:21:
         fe:6a:61:d3:72:6e:8f:37:2d:ae:37:59:b7:bd:36:ab:34:e9:
         d5:cd:fc:84:f6:2f:a9:fd:9d:bb:c0:25:27:44:dc:8d:0c:fa:
         e9:ea:42:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+wV++JHF6jXkK/ePJnE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDk0MjdkOGE0NDc3Y2RiNzY4MDg2MWE5ZWM1MGRjNzMy
MTY5ODIwHhcNMjUwNDI3MTYwMTAxWhcNMjUwNDI4MTYwMTAxWjAzMTEwLwYDVQQD
Eyg0NTgzZTY5NjZlZjcxMGIzMTcxNDI4OGVlZTZiYzRkM2FlZmVhMjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/cf5tgeW/Ak/O9NwiqbzeU+v+NOn
iDt5GvX/6QszKyPpQBGa9/Fp7XLUl15CbqNJw+in3M5mhoRcTn0k+i2X5IMbd9uN
ToLAlOmgJ4lMbSGgQIvJx3SSbOWv/siKOEpcmmBmZWh+OjjIPpAF/Pp2YeFr1M/R
VBGHgtLS5ffKEFBfgM+3ceqkYF6SpqLy0yBOIGHUP6C0V1u0YX1HJhnWehfTpG17
iD98t7lx0i861AzKsONrbKI1AxugSVtRk7Ij2zmGk6ZmWmoACM5eNHMZZ3sJYepv
2Ol+u40mXNfu7z0Be+jiPAei45aZMQcUKn5LY0byo435lQuFnEsXQSujJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWD5pZu9xCzFxQoju5rxNOu/qJxMB8GA1UdIwQY
MBaAFA1JQn2KRHfNt2gIYansUNxzIWmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQt
N2E0MDU3MzE0MTY3LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQtN2E0MDU3MzE0MTY3
LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdIo0i6gQ
ehKUaovhQ4zGEpDX77EvV/vaOp4KbW8AbC7OHaed27VfDvztg7YnDMWAUoMMGaKL
OEOTMrdnqeRMFPX6aIn0b1R3FJ/IYcfUzC/fhNH+8dTHkK36cGeVHacM2jbgSZ/Q
JWKt+Xt6T9UTzCvhqgMa60ozPnj+9burf3QfVVu5Co2D58ghXR0P0bxsHa/WduAF
2DsYH0wIPKCbaJ9cAHfR5zVuDCsE/PAb+wmBndxOX5My9nCHsM/f0v48T/l+tWFV
mU5B16S7tkKvcKOAQbUfk04h/mph03JujzctrjdZt702qzTp1c38hPYvqf2du8Al
J0TcjQz66epCDw==
-----END CERTIFICATE-----