Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft
File:                     dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft (raw, json)
Hash identifier:          5N+OKm9e0sChtTkvkoKYgNWnKlyA6RNEy10NZ5tQKIk=
Subject key identifier:   24:6C:32:EC:21:B8:BF:27:6E:CC:06:82:EA:71:6D:22:6B:B4:3D:8B
Authority key identifier: 74:22:F9:85:CB:34:A0:3C:7C:55:81:64:2C:6D:6E:B4:32:C8:3E:94
Certificate issuer:       /CN=7422f985cb34a03c7c5581642c6d6eb432c83e94
Certificate serial:       01976DAB862CCF6CA68D02FBA25AE505BB72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCL5hcs0oDx8VYFkLG1utDLIPpQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft
Manifest number:          0D66
Signing time:             Sat 14 Jun 2025 09:00:46 +0000
Manifest this update:     Sat 14 Jun 2025 09:00:46 +0000
Manifest next update:     Sun 15 Jun 2025 09:00:46 +0000
Files and hashes:         1: dCL5hcs0oDx8VYFkLG1utDLIPpQ.crl (hash: sNNS+lmuLWrepZJsgNtfY/R7OrqP5Q+g5atBFP135sI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dCL5hcs0oDx8VYFkLG1utDLIPpQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:ab:86:2c:cf:6c:a6:8d:02:fb:a2:5a:e5:05:bb:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7422f985cb34a03c7c5581642c6d6eb432c83e94
        Validity
            Not Before: Jun 14 09:00:46 2025 GMT
            Not After : Jun 15 09:00:46 2025 GMT
        Subject: CN=246c32ec21b8bf276ecc0682ea716d226bb43d8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:cd:90:6a:3b:f7:0b:de:fb:77:da:5a:46:bc:
                    25:07:5e:9b:bc:2f:49:87:da:62:5a:e7:3d:a7:d7:
                    eb:2e:30:fa:73:0e:22:9a:fd:ab:32:74:79:b5:c3:
                    34:0b:11:af:16:8e:d6:17:4f:df:25:93:ee:fb:30:
                    45:92:fc:7e:d1:35:c4:34:8c:22:43:65:78:0b:65:
                    18:ef:59:ce:e9:aa:99:1f:f9:47:e0:4e:50:12:73:
                    ba:c5:f8:95:e9:b0:f2:f5:81:41:7a:17:ce:35:1a:
                    ab:05:a6:6f:65:3c:dc:fb:90:5b:be:64:c4:70:89:
                    6c:4e:21:28:10:ba:69:8c:cf:f5:57:21:26:18:41:
                    01:18:36:eb:8a:d0:21:d7:6b:f0:05:6a:84:7e:58:
                    4d:e0:26:03:f6:e4:cc:cc:70:78:f8:66:c1:79:cf:
                    dc:cd:d9:3c:64:39:60:6f:5f:08:57:26:24:8b:b2:
                    9c:26:d4:10:45:8f:77:85:61:d0:b4:7a:b9:f3:78:
                    96:50:ac:f4:b3:b8:43:50:f1:1d:6e:78:f3:42:51:
                    46:72:61:1b:93:aa:a6:c6:fa:de:f4:91:c6:72:68:
                    90:26:70:34:0d:25:9f:10:0b:13:41:7f:d0:b9:c2:
                    be:ad:ca:cb:18:2c:17:5b:23:b1:d7:12:b7:16:db:
                    f9:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:6C:32:EC:21:B8:BF:27:6E:CC:06:82:EA:71:6D:22:6B:B4:3D:8B
            X509v3 Authority Key Identifier:
                keyid:74:22:F9:85:CB:34:A0:3C:7C:55:81:64:2C:6D:6E:B4:32:C8:3E:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCL5hcs0oDx8VYFkLG1utDLIPpQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:7d:91:d1:4e:74:7d:4a:0e:00:97:ee:be:f6:98:ec:89:85:
         1e:aa:7b:fb:e6:9a:bd:60:6d:6a:1f:96:c7:ff:a6:f5:89:e7:
         3e:a5:ea:28:0e:ac:92:8c:50:f3:3f:e0:69:1d:e0:e6:04:48:
         e0:0f:c0:af:a3:ec:1b:2b:9b:5d:4b:62:06:23:d8:ec:e4:d3:
         ca:5b:44:1c:90:a4:70:13:76:79:14:de:af:fb:5f:b1:28:a4:
         c3:5b:43:fd:31:60:eb:a7:f7:a6:74:e4:e1:6f:d1:55:50:7f:
         36:fc:9a:9c:31:e4:c9:9e:9e:cb:91:0b:73:68:5f:ca:0f:e1:
         a3:0c:98:e3:74:a1:a4:75:ae:7b:ff:5d:6c:94:8d:a9:90:4e:
         14:d3:fe:a0:ea:b5:ff:b3:90:25:de:61:c6:c1:ce:02:df:49:
         30:47:98:3e:44:c7:4b:9a:dd:5a:87:f1:30:68:ac:e6:31:cc:
         c5:e9:66:0d:a6:10:1d:d0:01:ac:1e:39:23:4e:05:29:f2:d5:
         38:3f:7c:be:89:ab:c0:4b:ce:b2:44:f9:db:c7:d6:32:2b:cc:
         38:2b:c5:0b:34:60:fe:26:0e:4a:ff:bc:89:89:19:07:2e:27:
         e4:2c:d2:78:89:2c:26:51:75:b1:bb:80:1b:bd:af:ab:30:11:
         cd:5e:6e:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtq4Ysz2ymjQL7olrlBbtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjJmOTg1Y2IzNGEwM2M3YzU1ODE2NDJjNmQ2ZWI0MzJj
ODNlOTQwHhcNMjUwNjE0MDkwMDQ2WhcNMjUwNjE1MDkwMDQ2WjAzMTEwLwYDVQQD
EygyNDZjMzJlYzIxYjhiZjI3NmVjYzA2ODJlYTcxNmQyMjZiYjQzZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+s2Qajv3C977d9paRrwlB16bvC9J
h9piWuc9p9frLjD6cw4imv2rMnR5tcM0CxGvFo7WF0/fJZPu+zBFkvx+0TXENIwi
Q2V4C2UY71nO6aqZH/lH4E5QEnO6xfiV6bDy9YFBehfONRqrBaZvZTzc+5BbvmTE
cIlsTiEoELppjM/1VyEmGEEBGDbritAh12vwBWqEflhN4CYD9uTMzHB4+GbBec/c
zdk8ZDlgb18IVyYki7KcJtQQRY93hWHQtHq583iWUKz0s7hDUPEdbnjzQlFGcmEb
k6qmxvre9JHGcmiQJnA0DSWfEAsTQX/QucK+rcrLGCwXWyOx1xK3Ftv5zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCRsMuwhuL8nbswGgupxbSJrtD2LMB8GA1UdIwQY
MBaAFHQi+YXLNKA8fFWBZCxtbrQyyD6UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENMNWhjczBvRHg4VllGa0xHMXV0RExJUHBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9jNDllYzItMzdkYS00MWE5LTk2ZmIt
NTE0MWZhMzkwODBhLzEvZENMNWhjczBvRHg4VllGa0xHMXV0RExJUHBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9jNDllYzItMzdkYS00MWE5LTk2ZmItNTE0MWZhMzkwODBh
LzEvZENMNWhjczBvRHg4VllGa0xHMXV0RExJUHBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbX2R0U50
fUoOAJfuvvaY7ImFHqp7++aavWBtah+Wx/+m9YnnPqXqKA6skoxQ8z/gaR3g5gRI
4A/Ar6PsGyubXUtiBiPY7OTTyltEHJCkcBN2eRTer/tfsSikw1tD/TFg66f3pnTk
4W/RVVB/NvyanDHkyZ6ey5ELc2hfyg/howyY43ShpHWue/9dbJSNqZBOFNP+oOq1
/7OQJd5hxsHOAt9JMEeYPkTHS5rdWofxMGis5jHMxelmDaYQHdABrB45I04FKfLV
OD98vomrwEvOskT528fWMivMOCvFCzRg/iYOSv+8iYkZBy4n5CzSeIksJlF1sbuA
G72vqzARzV5u/w==
-----END CERTIFICATE-----