Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft
File:                     dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft (raw, json)
Hash identifier:          NDEqv3GPFumklGrOv9E1jjKq8iLBV+qdxjXCbsIwM3U=
Subject key identifier:   A2:03:E4:36:4C:D0:CB:2F:64:06:69:BE:FA:00:BD:A3:F8:F1:70:84
Authority key identifier: 74:E4:3F:9E:5A:E3:F6:EA:FB:50:68:AE:88:F1:8C:29:E4:43:59:07
Certificate issuer:       /CN=74e43f9e5ae3f6eafb5068ae88f18c29e4435907
Certificate serial:       0196895C133D5790D33744C799E541B69ACF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft
Manifest number:          1515
Signing time:             Thu 01 May 2025 01:00:34 +0000
Manifest this update:     Thu 01 May 2025 01:00:34 +0000
Manifest next update:     Fri 02 May 2025 01:00:34 +0000
Files and hashes:         1: dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl (hash: wOXEhG3WeZtsvMGx3OUCvpIUcBH4uiAV18y2IzDV/34=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:89:5c:13:3d:57:90:d3:37:44:c7:99:e5:41:b6:9a:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74e43f9e5ae3f6eafb5068ae88f18c29e4435907
        Validity
            Not Before: May  1 01:00:34 2025 GMT
            Not After : May  2 01:00:34 2025 GMT
        Subject: CN=a203e4364cd0cb2f640669befa00bda3f8f17084
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:4b:6f:5f:ed:d8:d1:15:87:d9:61:23:ad:f7:
                    9a:44:e0:3e:06:9b:7a:6f:85:ca:21:f4:0f:38:79:
                    2e:cc:78:34:ed:e1:57:2b:0f:5c:f8:d0:5b:d1:65:
                    f8:8f:1f:ad:3f:2e:3e:d0:12:da:80:da:32:ed:36:
                    46:0b:c8:a4:d0:46:03:ee:3f:36:f3:e1:99:29:ba:
                    d0:81:48:38:83:c1:4c:b0:c6:cb:6b:1d:df:34:76:
                    47:04:1f:e1:86:a6:f4:c8:0a:99:bc:8b:fc:5f:40:
                    cf:84:04:10:4c:91:58:82:25:06:19:c2:bc:43:b2:
                    c0:2a:ce:87:74:c0:16:44:09:d9:59:61:42:7f:c0:
                    52:b7:1e:2b:f2:b0:f7:f2:c4:19:1d:70:5d:f8:26:
                    b0:ea:78:10:11:78:a9:e9:6f:b3:39:60:e7:d2:7a:
                    52:73:56:99:a4:c0:01:5c:b0:3b:61:11:d4:72:cc:
                    89:fa:b5:47:2c:bd:ae:85:91:f8:82:8f:6a:e1:01:
                    b7:51:30:6e:1e:08:13:cf:a0:fe:72:ad:64:f2:f4:
                    46:18:d8:dc:00:15:14:c5:d0:6c:e5:b9:4b:5d:f2:
                    54:0b:4f:88:f8:f9:c6:85:e2:a1:f8:4c:d3:c8:cc:
                    80:f1:d9:7a:6b:ff:14:80:4f:12:8d:17:25:4a:45:
                    32:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:03:E4:36:4C:D0:CB:2F:64:06:69:BE:FA:00:BD:A3:F8:F1:70:84
            X509v3 Authority Key Identifier:
                keyid:74:E4:3F:9E:5A:E3:F6:EA:FB:50:68:AE:88:F1:8C:29:E4:43:59:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:5c:fd:65:d6:cc:d1:30:f2:b6:f5:08:68:11:f9:8a:06:1c:
         16:b1:84:ec:92:8f:cc:bc:2d:87:da:f8:1f:5c:78:5f:99:e5:
         b5:4d:60:d7:d9:d9:46:19:30:19:7a:d9:a6:d8:b6:b5:74:8b:
         3f:45:90:da:47:e0:9b:46:69:0e:0c:be:26:90:56:ad:59:af:
         86:dd:02:fe:fc:b8:f2:a4:50:d1:c2:b4:49:75:32:21:0c:03:
         8e:32:46:94:e4:32:e6:bb:e1:21:97:1e:24:cc:30:fc:1c:ff:
         e7:8a:73:12:cc:32:38:93:a4:7a:0c:5f:4d:52:69:73:83:49:
         ab:ea:2d:76:9e:23:64:0c:46:08:6b:93:9b:2e:fa:01:ba:43:
         64:ae:ef:85:c4:db:64:8c:b7:ee:52:ed:56:62:0b:9a:5c:47:
         d6:de:0e:4d:dc:05:f2:a1:a1:7b:93:93:b9:eb:8b:a0:5c:05:
         8d:94:46:07:51:90:10:66:48:71:bb:6a:0e:a5:e3:0d:55:23:
         69:8c:0d:3d:69:82:d2:a9:2d:38:1f:92:ec:c5:97:d8:12:fb:
         be:64:39:8b:fc:56:de:b5:80:37:3f:50:eb:03:2e:33:97:90:
         48:35:f5:57:0a:11:89:fd:40:c0:4f:57:23:e9:bd:ee:69:9a:
         81:80:e6:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaJXBM9V5DTN0THmeVBtprPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTQzZjllNWFlM2Y2ZWFmYjUwNjhhZTg4ZjE4YzI5ZTQ0
MzU5MDcwHhcNMjUwNTAxMDEwMDM0WhcNMjUwNTAyMDEwMDM0WjAzMTEwLwYDVQQD
EyhhMjAzZTQzNjRjZDBjYjJmNjQwNjY5YmVmYTAwYmRhM2Y4ZjE3MDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEtvX+3Y0RWH2WEjrfeaROA+Bpt6
b4XKIfQPOHkuzHg07eFXKw9c+NBb0WX4jx+tPy4+0BLagNoy7TZGC8ik0EYD7j82
8+GZKbrQgUg4g8FMsMbLax3fNHZHBB/hhqb0yAqZvIv8X0DPhAQQTJFYgiUGGcK8
Q7LAKs6HdMAWRAnZWWFCf8BStx4r8rD38sQZHXBd+Caw6ngQEXip6W+zOWDn0npS
c1aZpMABXLA7YRHUcsyJ+rVHLL2uhZH4go9q4QG3UTBuHggTz6D+cq1k8vRGGNjc
ABUUxdBs5blLXfJUC0+I+PnGheKh+EzTyMyA8dl6a/8UgE8SjRclSkUyiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKID5DZM0MsvZAZpvvoAvaP48XCEMB8GA1UdIwQY
MBaAFHTkP55a4/bq+1BorojxjCnkQ1kHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kYTMzYWUtMTZjYy00YzlhLWJmOWMt
NzE3OTk4YWEzY2ZmLzEvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kYTMzYWUtMTZjYy00YzlhLWJmOWMtNzE3OTk4YWEzY2Zm
LzEvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVFz9ZdbM
0TDytvUIaBH5igYcFrGE7JKPzLwth9r4H1x4X5nltU1g19nZRhkwGXrZpti2tXSL
P0WQ2kfgm0ZpDgy+JpBWrVmvht0C/vy48qRQ0cK0SXUyIQwDjjJGlOQy5rvhIZce
JMww/Bz/54pzEswyOJOkegxfTVJpc4NJq+otdp4jZAxGCGuTmy76AbpDZK7vhcTb
ZIy37lLtVmILmlxH1t4OTdwF8qGhe5OTueuLoFwFjZRGB1GQEGZIcbtqDqXjDVUj
aYwNPWmC0qktOB+S7MWX2BL7vmQ5i/xW3rWANz9Q6wMuM5eQSDX1VwoRif1AwE9X
I+m97mmagYDm5Q==
-----END CERTIFICATE-----