Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
File:                     PDetizomkODPRy2ybo_isWgBkiQ.mft (raw, json)
Hash identifier:          M7LR81DSkxf1O0WXKt/kc9CvkKs6dbfCi2RY7X5G0is=
Subject key identifier:   5B:E6:0C:30:FE:70:61:8B:49:7A:3A:77:39:2B:B4:AA:5B:F4:52:60
Authority key identifier: 3C:37:AD:8B:3A:26:90:E0:CF:47:2D:B2:6E:8F:E2:B1:68:01:92:24
Certificate issuer:       /CN=3c37ad8b3a2690e0cf472db26e8fe2b168019224
Certificate serial:       019881D5930E4C310C6069954E308649359F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
Manifest number:          143F
Signing time:             Thu 07 Aug 2025 00:01:54 +0000
Manifest this update:     Thu 07 Aug 2025 00:01:54 +0000
Manifest next update:     Fri 08 Aug 2025 00:01:54 +0000
Files and hashes:         1: PDetizomkODPRy2ybo_isWgBkiQ.crl (hash: bUZz3a0/WV7tt1Dwz2zT5MG51HKylyVdlG0YRC3SvKA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:d5:93:0e:4c:31:0c:60:69:95:4e:30:86:49:35:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c37ad8b3a2690e0cf472db26e8fe2b168019224
        Validity
            Not Before: Aug  7 00:01:54 2025 GMT
            Not After : Aug  8 00:01:54 2025 GMT
        Subject: CN=5be60c30fe70618b497a3a77392bb4aa5bf45260
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:f8:e0:85:40:72:f5:98:c0:f7:2b:50:1a:1b:
                    a0:38:bc:63:fc:bc:4e:fa:c2:9d:83:2b:47:ab:f4:
                    96:f4:1a:6e:25:35:22:29:ef:f5:7a:c9:9f:d4:c3:
                    a8:57:b4:f2:39:4f:d4:02:f0:5a:8e:5f:a1:c8:9a:
                    e5:2b:48:ae:9a:6f:d9:76:bc:2c:60:81:1f:a0:ab:
                    d7:d5:95:77:93:4b:33:cf:b5:29:6f:8a:38:fe:86:
                    03:66:df:0f:0d:43:4b:0e:89:66:7f:71:f6:d9:19:
                    04:5f:5f:8f:3a:17:28:59:be:2f:55:11:50:e0:39:
                    85:78:87:9b:e0:8b:51:31:48:e7:5e:ee:6a:42:7b:
                    6d:d2:88:d5:bf:11:51:87:4d:97:6e:ce:51:1a:50:
                    b6:17:51:1f:4c:65:da:10:cb:c9:4a:5a:db:d5:bc:
                    73:53:f3:df:ed:64:8a:83:c8:85:05:a4:7d:f4:64:
                    e8:4c:1e:61:9d:86:1b:15:59:09:ec:9d:39:f6:9d:
                    f4:16:30:1f:d4:6f:22:e0:4f:71:48:62:e9:9d:28:
                    58:fd:28:89:36:1c:3a:de:4d:47:eb:28:1b:95:97:
                    0b:a1:75:a2:07:14:a6:0c:ca:fd:f6:15:4b:bb:7c:
                    8a:bf:e2:5d:26:0f:1f:7c:fd:6d:3d:58:47:2b:a2:
                    1e:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:E6:0C:30:FE:70:61:8B:49:7A:3A:77:39:2B:B4:AA:5B:F4:52:60
            X509v3 Authority Key Identifier:
                keyid:3C:37:AD:8B:3A:26:90:E0:CF:47:2D:B2:6E:8F:E2:B1:68:01:92:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:c0:67:88:f7:63:63:16:da:51:0e:b2:e5:b6:c5:54:aa:15:
         a5:b7:10:da:cc:2a:18:13:f0:0c:3e:81:52:93:9a:e7:c0:0f:
         56:17:6f:bb:0c:04:b9:b7:f6:bf:27:4f:a2:15:a7:17:7f:24:
         ab:a7:ef:7c:9e:07:49:1a:f7:7c:32:de:c2:06:5c:7d:10:33:
         10:f4:34:ac:14:29:4e:f9:9f:54:6c:36:13:44:63:20:22:00:
         ea:70:b5:8b:be:d2:94:f0:e9:f9:f8:eb:ce:0f:f0:ea:c2:2d:
         66:6e:8e:d3:48:4f:00:76:3f:9d:00:c7:bb:63:ec:a1:7e:da:
         27:bf:6b:ba:13:b4:6d:d1:c0:90:a0:c4:e9:b1:4c:6e:92:a1:
         5b:ee:64:39:e0:a7:eb:39:aa:4b:8b:e3:97:73:6a:c8:80:4c:
         22:fa:3c:8f:bb:86:7b:97:2e:f6:d9:d7:c3:6b:3b:d1:25:08:
         64:3a:53:ca:ff:c8:5a:97:e9:4d:e0:36:fe:81:a2:25:c6:48:
         43:c5:70:9e:d8:b7:ca:db:bb:31:4a:db:3e:8b:f9:36:fa:6e:
         e4:05:dc:54:b5:78:3d:3a:a5:3f:ff:b9:24:f1:51:62:59:cb:
         dd:dd:88:49:38:39:69:7a:d9:f5:2b:28:33:92:fb:df:c3:0d:
         bd:cc:53:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiB1ZMOTDEMYGmVTjCGSTWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMzdhZDhiM2EyNjkwZTBjZjQ3MmRiMjZlOGZlMmIxNjgw
MTkyMjQwHhcNMjUwODA3MDAwMTU0WhcNMjUwODA4MDAwMTU0WjAzMTEwLwYDVQQD
Eyg1YmU2MGMzMGZlNzA2MThiNDk3YTNhNzczOTJiYjRhYTViZjQ1MjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PjghUBy9ZjA9ytQGhugOLxj/LxO
+sKdgytHq/SW9BpuJTUiKe/1esmf1MOoV7TyOU/UAvBajl+hyJrlK0iumm/Zdrws
YIEfoKvX1ZV3k0szz7Upb4o4/oYDZt8PDUNLDolmf3H22RkEX1+POhcoWb4vVRFQ
4DmFeIeb4ItRMUjnXu5qQntt0ojVvxFRh02Xbs5RGlC2F1EfTGXaEMvJSlrb1bxz
U/Pf7WSKg8iFBaR99GToTB5hnYYbFVkJ7J059p30FjAf1G8i4E9xSGLpnShY/SiJ
Nhw63k1H6ygblZcLoXWiBxSmDMr99hVLu3yKv+JdJg8ffP1tPVhHK6IeUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvmDDD+cGGLSXo6dzkrtKpb9FJgMB8GA1UdIwQY
MBaAFDw3rYs6JpDgz0ctsm6P4rFoAZIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi81NWNiZWYtNThlYy00MDE0LTg2Njct
MmUyYjU2YjQxNWMxLzEvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi81NWNiZWYtNThlYy00MDE0LTg2NjctMmUyYjU2YjQxNWMx
LzEvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA8BniPdj
YxbaUQ6y5bbFVKoVpbcQ2swqGBPwDD6BUpOa58APVhdvuwwEubf2vydPohWnF38k
q6fvfJ4HSRr3fDLewgZcfRAzEPQ0rBQpTvmfVGw2E0RjICIA6nC1i77SlPDp+fjr
zg/w6sItZm6O00hPAHY/nQDHu2PsoX7aJ79ruhO0bdHAkKDE6bFMbpKhW+5kOeCn
6zmqS4vjl3NqyIBMIvo8j7uGe5cu9tnXw2s70SUIZDpTyv/IWpfpTeA2/oGiJcZI
Q8Vwnti3ytu7MUrbPov5Nvpu5AXcVLV4PTqlP/+5JPFRYlnL3d2ISTg5aXrZ9Sso
M5L738MNvcxTzA==
-----END CERTIFICATE-----