Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft
File:                     D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft (raw, json)
Hash identifier:          0/aV/i9EgoxC1Pd/pjmpqSG5PYpthzGzXZ96LjKmP0g=
Subject key identifier:   E6:A2:03:0D:E9:6E:6C:35:B7:55:61:A4:51:89:66:24:31:03:CE:1D
Authority key identifier: 0F:49:C4:9A:75:CF:6E:24:8C:9B:51:C7:05:4D:B2:F8:D9:DC:ED:CB
Certificate issuer:       /CN=0f49c49a75cf6e248c9b51c7054db2f8d9dcedcb
Certificate serial:       019677FADA15D7C4401843A29D2C5511EDDB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft
Manifest number:          0A1B
Signing time:             Sun 27 Apr 2025 16:00:50 +0000
Manifest this update:     Sun 27 Apr 2025 16:00:50 +0000
Manifest next update:     Mon 28 Apr 2025 16:00:50 +0000
Files and hashes:         1: D0nEmnXPbiSMm1HHBU2y-Nnc7cs.crl (hash: pEEeZtFntkniWQUSfGyeeFdehLDphxt5JlMIfph2rUs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fa:da:15:d7:c4:40:18:43:a2:9d:2c:55:11:ed:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f49c49a75cf6e248c9b51c7054db2f8d9dcedcb
        Validity
            Not Before: Apr 27 16:00:50 2025 GMT
            Not After : Apr 28 16:00:50 2025 GMT
        Subject: CN=e6a2030de96e6c35b75561a4518966243103ce1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:28:2e:98:1c:3f:96:b7:aa:25:12:ab:95:7a:
                    ff:5d:c0:5d:56:0e:fd:53:62:2d:73:98:2d:3c:60:
                    c5:49:c6:c2:44:1a:3b:57:a2:98:8e:18:ba:5e:f1:
                    85:d3:66:6e:ee:10:6e:85:72:72:d2:10:41:01:9e:
                    ca:de:cf:ba:37:ae:0b:d1:3b:06:24:96:52:17:22:
                    9e:9f:66:58:04:8c:5c:3a:69:7a:8d:6c:7d:6a:b9:
                    2b:84:4f:e8:19:ec:e9:13:46:3f:c5:e9:70:d7:d3:
                    5c:28:bb:2c:38:b2:1c:fe:55:ba:c6:44:08:10:69:
                    bb:25:ad:23:30:80:f3:18:d2:1b:5e:f4:65:14:b6:
                    bf:5d:db:81:fb:73:bc:59:a1:82:85:17:04:0a:39:
                    d4:79:1b:86:2e:14:4f:20:fa:c3:3a:c1:32:2d:cb:
                    e8:45:10:48:2e:75:f8:bc:7a:0c:3f:0e:e0:aa:53:
                    72:f2:57:ad:9a:fb:55:06:d3:c3:76:1d:90:ee:3a:
                    65:72:65:f0:0c:1a:ca:e9:bd:49:f9:8a:c3:a5:5d:
                    07:07:d7:76:af:e3:b5:1c:d2:34:32:f6:d9:dc:a3:
                    d1:32:fc:1a:77:45:ba:a0:4d:8d:dd:29:cc:97:9f:
                    fd:ba:2f:d0:8d:3c:bc:ff:eb:22:6b:48:ce:47:11:
                    43:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:A2:03:0D:E9:6E:6C:35:B7:55:61:A4:51:89:66:24:31:03:CE:1D
            X509v3 Authority Key Identifier:
                keyid:0F:49:C4:9A:75:CF:6E:24:8C:9B:51:C7:05:4D:B2:F8:D9:DC:ED:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:8b:d0:9d:bd:53:b3:0f:7c:e7:da:a8:af:3d:e9:11:50:12:
         c3:0b:b1:b3:e9:93:2f:ac:8f:77:21:75:b1:7f:f2:27:08:bc:
         be:ec:41:50:9b:22:91:b7:b2:47:22:70:ab:a5:1a:4d:87:db:
         5b:aa:d2:0e:1c:4b:2c:fa:08:ee:b0:10:0e:c4:2d:f3:82:ce:
         46:0d:44:b8:ac:ff:ed:06:c7:f5:30:bb:56:c4:6c:93:b2:10:
         10:bb:6f:c9:72:4d:79:45:1a:cf:cf:e2:37:48:31:e0:c5:79:
         c6:02:2f:04:7f:58:dd:28:92:c8:8a:28:78:96:1b:2e:07:8f:
         2d:26:70:6a:75:ad:3d:3c:be:e4:d0:39:72:be:cc:2f:ff:54:
         b9:b5:e0:49:d1:a8:3c:92:f4:b7:87:7d:cf:16:ff:58:45:d1:
         7c:05:c7:e5:57:1f:49:e1:c6:f3:56:7c:47:45:ef:83:ef:12:
         3b:91:0f:9c:46:51:dc:37:1a:da:d4:98:11:36:bf:12:a2:17:
         96:f0:9e:40:3a:80:95:05:ee:c3:5c:25:58:ea:9c:ae:09:5c:
         ad:40:3e:ad:4d:fe:1e:1a:23:08:90:e0:22:61:50:5f:2c:f6:
         22:09:e3:cd:33:0b:f9:75:5f:d3:ba:3b:e8:33:1f:b3:31:9e:
         df:06:b1:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+toV18RAGEOinSxVEe3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNDljNDlhNzVjZjZlMjQ4YzliNTFjNzA1NGRiMmY4ZDlk
Y2VkY2IwHhcNMjUwNDI3MTYwMDUwWhcNMjUwNDI4MTYwMDUwWjAzMTEwLwYDVQQD
EyhlNmEyMDMwZGU5NmU2YzM1Yjc1NTYxYTQ1MTg5NjYyNDMxMDNjZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSgumBw/lreqJRKrlXr/XcBdVg79
U2Itc5gtPGDFScbCRBo7V6KYjhi6XvGF02Zu7hBuhXJy0hBBAZ7K3s+6N64L0TsG
JJZSFyKen2ZYBIxcOml6jWx9arkrhE/oGezpE0Y/xelw19NcKLssOLIc/lW6xkQI
EGm7Ja0jMIDzGNIbXvRlFLa/XduB+3O8WaGChRcECjnUeRuGLhRPIPrDOsEyLcvo
RRBILnX4vHoMPw7gqlNy8letmvtVBtPDdh2Q7jplcmXwDBrK6b1J+YrDpV0HB9d2
r+O1HNI0MvbZ3KPRMvwad0W6oE2N3SnMl5/9ui/QjTy8/+sia0jORxFDrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOaiAw3pbmw1t1VhpFGJZiQxA84dMB8GA1UdIwQY
MBaAFA9JxJp1z24kjJtRxwVNsvjZ3O3LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDBuRW1uWFBiaVNNbTFISEJVMnktTm5jN2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9jZWExNjEtY2I1Yy00ZTQxLWI4MzYt
ZDgwMDc3ZTEyYjVkLzEvRDBuRW1uWFBiaVNNbTFISEJVMnktTm5jN2NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9jZWExNjEtY2I1Yy00ZTQxLWI4MzYtZDgwMDc3ZTEyYjVk
LzEvRDBuRW1uWFBiaVNNbTFISEJVMnktTm5jN2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeYvQnb1T
sw9859qorz3pEVASwwuxs+mTL6yPdyF1sX/yJwi8vuxBUJsikbeyRyJwq6UaTYfb
W6rSDhxLLPoI7rAQDsQt84LORg1EuKz/7QbH9TC7VsRsk7IQELtvyXJNeUUaz8/i
N0gx4MV5xgIvBH9Y3SiSyIooeJYbLgePLSZwanWtPTy+5NA5cr7ML/9UubXgSdGo
PJL0t4d9zxb/WEXRfAXH5VcfSeHG81Z8R0Xvg+8SO5EPnEZR3Dca2tSYETa/EqIX
lvCeQDqAlQXuw1wlWOqcrglcrUA+rU3+HhojCJDgImFQXyz2IgnjzTML+XVf07o7
6DMfszGe3waxhw==
-----END CERTIFICATE-----