Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
File:                     PDetizomkODPRy2ybo_isWgBkiQ.mft (raw, json)
Hash identifier:          dWmoIbgR46rfNLVXJpulYqkyNoJ8Hd6KtpN87WX8oeA=
Subject key identifier:   BA:58:56:B1:A6:8F:56:B8:76:C7:80:4B:89:AD:80:4F:56:2E:C1:7A
Authority key identifier: 3C:37:AD:8B:3A:26:90:E0:CF:47:2D:B2:6E:8F:E2:B1:68:01:92:24
Certificate issuer:       /CN=3c37ad8b3a2690e0cf472db26e8fe2b168019224
Certificate serial:       01976BBCC37BDC001FDD22C8655E30598544
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
Manifest number:          13AF
Signing time:             Sat 14 Jun 2025 00:00:22 +0000
Manifest this update:     Sat 14 Jun 2025 00:00:22 +0000
Manifest next update:     Sun 15 Jun 2025 00:00:22 +0000
Files and hashes:         1: PDetizomkODPRy2ybo_isWgBkiQ.crl (hash: AR4H52H+ihe1LE3W2HNrDNl9CxiyjOIM92tDsbwKZPI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 00:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:bc:c3:7b:dc:00:1f:dd:22:c8:65:5e:30:59:85:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c37ad8b3a2690e0cf472db26e8fe2b168019224
        Validity
            Not Before: Jun 14 00:00:22 2025 GMT
            Not After : Jun 15 00:00:22 2025 GMT
        Subject: CN=ba5856b1a68f56b876c7804b89ad804f562ec17a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:04:61:7d:a8:98:25:bf:e7:d2:fb:04:01:f3:
                    b3:a7:66:25:d2:de:41:b8:ac:f7:c0:72:b8:7e:4d:
                    ad:ff:92:75:68:0a:ad:73:df:54:58:d8:a2:7b:66:
                    a4:75:ac:e5:72:72:08:82:df:29:88:00:eb:7a:a2:
                    c5:26:e4:38:f7:2b:b3:33:ac:8f:c0:87:5e:28:9d:
                    a5:b8:98:b8:1a:a9:f7:10:0d:c2:b6:9b:92:b9:a6:
                    cc:ea:17:32:e8:20:ca:b0:9a:74:96:cf:40:1f:9d:
                    48:11:88:e5:e7:f4:b5:ad:e5:cf:fa:74:5a:95:e0:
                    a0:74:e7:7f:26:9a:2d:c5:ae:8e:72:1e:de:fa:a3:
                    5c:e7:1e:44:6d:b6:8e:06:87:d2:6f:1a:51:54:02:
                    de:c2:7f:0d:95:6a:67:98:24:06:f7:65:5c:de:d0:
                    63:1c:31:70:72:0c:17:26:32:06:d0:1e:c9:a7:e9:
                    cb:8f:f1:5e:aa:e6:2d:1e:5d:79:a0:d4:b7:35:20:
                    42:fd:27:1f:02:78:26:55:5b:0a:71:f7:07:d7:26:
                    74:9f:b7:c6:d3:4a:b1:7a:37:9f:69:21:90:97:f8:
                    48:48:24:46:77:e3:2e:42:ae:c4:40:e3:fa:5f:7b:
                    36:64:37:c6:74:ec:95:b7:35:15:c0:a4:6e:d2:56:
                    8e:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:58:56:B1:A6:8F:56:B8:76:C7:80:4B:89:AD:80:4F:56:2E:C1:7A
            X509v3 Authority Key Identifier:
                keyid:3C:37:AD:8B:3A:26:90:E0:CF:47:2D:B2:6E:8F:E2:B1:68:01:92:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:c2:9f:ea:42:24:dc:00:38:fe:82:df:ed:7a:74:fd:3b:fb:
         1d:ff:f4:a4:7f:25:a3:7b:c0:be:94:4d:85:d7:11:f4:90:19:
         61:f1:ec:f7:31:4c:35:d6:63:a6:65:07:6d:01:fd:74:09:cd:
         ba:49:98:2f:c0:b6:27:6b:c6:f9:4b:a6:e8:66:d0:0a:f6:c7:
         7a:f1:67:a3:7d:be:61:25:03:d9:08:0d:7c:b5:b0:37:14:12:
         75:04:c3:26:f0:7c:5d:73:55:8d:43:81:a4:82:91:e4:03:41:
         8d:88:07:20:33:d0:75:a5:f8:a8:ce:ac:25:83:2f:d8:15:0d:
         bf:9b:27:fa:fb:e1:61:10:b5:8f:96:f1:b2:4c:00:2d:06:1f:
         ec:82:79:5f:d3:9e:82:67:1a:05:35:ae:ba:81:63:b6:1a:aa:
         69:b4:b7:3f:fb:18:a2:67:7b:41:e3:ac:27:40:27:9f:62:a1:
         96:ea:72:bf:dd:34:b6:77:31:6f:6e:59:f0:71:c6:5a:c9:0a:
         8c:97:b7:32:dd:b0:eb:32:75:29:76:49:64:ec:1a:96:e4:0f:
         34:11:d4:e8:68:98:92:3d:75:74:d8:30:5d:0e:04:78:22:76:
         a4:c7:59:9b:1e:0b:3b:57:ab:3a:32:8a:60:54:73:86:9c:08:
         a0:99:db:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrvMN73AAf3SLIZV4wWYVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMzdhZDhiM2EyNjkwZTBjZjQ3MmRiMjZlOGZlMmIxNjgw
MTkyMjQwHhcNMjUwNjE0MDAwMDIyWhcNMjUwNjE1MDAwMDIyWjAzMTEwLwYDVQQD
EyhiYTU4NTZiMWE2OGY1NmI4NzZjNzgwNGI4OWFkODA0ZjU2MmVjMTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwRhfaiYJb/n0vsEAfOzp2Yl0t5B
uKz3wHK4fk2t/5J1aAqtc99UWNiie2akdazlcnIIgt8piADreqLFJuQ49yuzM6yP
wIdeKJ2luJi4Gqn3EA3CtpuSuabM6hcy6CDKsJp0ls9AH51IEYjl5/S1reXP+nRa
leCgdOd/Jpotxa6Och7e+qNc5x5EbbaOBofSbxpRVALewn8NlWpnmCQG92Vc3tBj
HDFwcgwXJjIG0B7Jp+nLj/FequYtHl15oNS3NSBC/ScfAngmVVsKcfcH1yZ0n7fG
00qxejefaSGQl/hISCRGd+MuQq7EQOP6X3s2ZDfGdOyVtzUVwKRu0laODQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLpYVrGmj1a4dseAS4mtgE9WLsF6MB8GA1UdIwQY
MBaAFDw3rYs6JpDgz0ctsm6P4rFoAZIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi81NWNiZWYtNThlYy00MDE0LTg2Njct
MmUyYjU2YjQxNWMxLzEvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi81NWNiZWYtNThlYy00MDE0LTg2NjctMmUyYjU2YjQxNWMx
LzEvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXsKf6kIk
3AA4/oLf7Xp0/Tv7Hf/0pH8lo3vAvpRNhdcR9JAZYfHs9zFMNdZjpmUHbQH9dAnN
ukmYL8C2J2vG+Uum6GbQCvbHevFno32+YSUD2QgNfLWwNxQSdQTDJvB8XXNVjUOB
pIKR5ANBjYgHIDPQdaX4qM6sJYMv2BUNv5sn+vvhYRC1j5bxskwALQYf7IJ5X9Oe
gmcaBTWuuoFjthqqabS3P/sYomd7QeOsJ0Ann2Khlupyv900tncxb25Z8HHGWskK
jJe3Mt2w6zJ1KXZJZOwaluQPNBHU6GiYkj11dNgwXQ4EeCJ2pMdZmx4LO1erOjKK
YFRzhpwIoJnbwg==
-----END CERTIFICATE-----