Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          PzWUEsNxuNThVHqF3bmKA3n0uJIv+9/cDEpBN5qZxGg=
Subject key identifier:   12:1B:0A:5B:86:58:44:01:82:C6:5C:94:18:CB:B9:6F:11:8F:FE:F9
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       0196876DEF9D78AFA392B533DF133CFD230D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          10A7
Signing time:             Wed 30 Apr 2025 16:00:50 +0000
Manifest this update:     Wed 30 Apr 2025 16:00:50 +0000
Manifest next update:     Thu 01 May 2025 16:00:50 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: k7vXwYzOABijj6j3p/AnoKbmx/oCOJ+jSwDWkKQuAcs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 13:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:87:6d:ef:9d:78:af:a3:92:b5:33:df:13:3c:fd:23:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: Apr 30 16:00:50 2025 GMT
            Not After : May  1 16:00:50 2025 GMT
        Subject: CN=121b0a5b8658440182c65c9418cbb96f118ffef9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:f4:f7:90:78:d7:26:f3:e5:86:67:61:80:4f:
                    ea:5b:9b:9c:f6:8b:87:c8:c4:04:f1:b5:14:a2:79:
                    59:bc:0b:e9:3c:b9:c5:a1:2f:18:d7:f7:76:06:63:
                    8a:df:04:d6:35:09:5d:54:51:34:a0:5f:6f:77:71:
                    9d:21:6c:f0:31:8a:05:d5:88:0d:fd:da:72:6a:5d:
                    12:dd:cf:af:2b:27:7e:f6:9f:c6:1c:af:0c:11:f8:
                    3e:a2:fa:17:77:10:4e:fc:fe:77:50:f7:2d:2c:c2:
                    18:5a:4e:b5:94:95:d1:87:45:60:66:2a:d7:b6:06:
                    22:ec:5c:0b:a2:fa:f1:4e:6f:1d:a7:9f:0d:3a:63:
                    10:e8:45:8d:8c:2b:e2:91:83:01:55:98:fc:ac:43:
                    c5:4e:be:22:15:4e:a2:9c:d0:dc:57:54:2a:53:c6:
                    f5:e3:43:0a:2c:28:84:c3:49:cd:32:e0:c0:e0:65:
                    ea:0b:e6:b5:80:00:f0:88:9d:69:77:9e:b0:55:bd:
                    cb:3f:a3:7c:6c:18:0f:9f:f6:5e:ca:94:ac:9b:2f:
                    a4:a1:80:9d:0f:10:28:d5:a4:c2:33:27:fc:a9:a7:
                    27:a9:d7:be:a3:81:ee:3f:f2:cb:17:85:84:d0:f4:
                    0b:e4:c0:a9:d3:e0:d3:d9:a9:da:68:0e:74:99:a6:
                    58:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:1B:0A:5B:86:58:44:01:82:C6:5C:94:18:CB:B9:6F:11:8F:FE:F9
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:aa:da:a9:ca:03:36:41:8e:b1:79:fb:6a:f6:83:1a:5e:b4:
         2a:c3:62:89:56:ad:53:2c:31:e7:8b:97:f5:54:4c:8f:cf:39:
         ef:ec:03:46:11:99:c4:de:40:67:47:8c:97:fe:81:05:1e:f4:
         de:2f:c6:a3:f4:4d:50:79:2b:61:f8:b0:90:31:3b:d1:22:40:
         3b:86:bc:84:04:b4:62:7e:67:9e:4f:82:26:45:de:0d:e8:85:
         b4:f9:c1:de:29:d7:41:b4:a3:19:fb:14:dc:b5:c3:b6:00:ac:
         2f:23:6a:f3:41:c3:81:b2:a8:56:c7:0e:c5:df:46:3c:79:70:
         ac:2f:27:cd:c8:44:00:fc:82:39:ee:ed:ad:41:8f:b4:a5:4c:
         69:45:a9:91:7a:45:19:f6:5f:3c:4a:cd:d3:d0:6e:23:0a:90:
         c1:95:3b:50:d3:41:4f:12:39:08:c1:91:81:53:2a:29:20:85:
         a1:56:de:77:18:6a:4a:41:24:d1:85:22:27:30:ec:3d:bf:a9:
         71:3d:49:b8:07:13:2a:99:d8:f4:16:59:99:eb:ce:a6:60:eb:
         7b:f8:5a:14:95:8c:30:bb:10:2e:c2:b5:7c:ee:fb:2e:c5:01:
         89:c4:98:36:e8:59:03:66:fc:35:29:af:4a:71:68:0a:f1:e0:
         29:83:16:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaHbe+deK+jkrUz3xM8/SMNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjUwNDMwMTYwMDUwWhcNMjUwNTAxMTYwMDUwWjAzMTEwLwYDVQQD
EygxMjFiMGE1Yjg2NTg0NDAxODJjNjVjOTQxOGNiYjk2ZjExOGZmZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfT3kHjXJvPlhmdhgE/qW5uc9ouH
yMQE8bUUonlZvAvpPLnFoS8Y1/d2BmOK3wTWNQldVFE0oF9vd3GdIWzwMYoF1YgN
/dpyal0S3c+vKyd+9p/GHK8MEfg+ovoXdxBO/P53UPctLMIYWk61lJXRh0VgZirX
tgYi7FwLovrxTm8dp58NOmMQ6EWNjCvikYMBVZj8rEPFTr4iFU6inNDcV1QqU8b1
40MKLCiEw0nNMuDA4GXqC+a1gADwiJ1pd56wVb3LP6N8bBgPn/ZeypSsmy+koYCd
DxAo1aTCMyf8qacnqde+o4HuP/LLF4WE0PQL5MCp0+DT2anaaA50maZY6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBIbCluGWEQBgsZclBjLuW8Rj/75MB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs6raqcoD
NkGOsXn7avaDGl60KsNiiVatUywx54uX9VRMj8857+wDRhGZxN5AZ0eMl/6BBR70
3i/Go/RNUHkrYfiwkDE70SJAO4a8hAS0Yn5nnk+CJkXeDeiFtPnB3inXQbSjGfsU
3LXDtgCsLyNq80HDgbKoVscOxd9GPHlwrC8nzchEAPyCOe7trUGPtKVMaUWpkXpF
GfZfPErN09BuIwqQwZU7UNNBTxI5CMGRgVMqKSCFoVbedxhqSkEk0YUiJzDsPb+p
cT1JuAcTKpnY9BZZmevOpmDre/haFJWMMLsQLsK1fO77LsUBicSYNuhZA2b8NSmv
SnFoCvHgKYMWcw==
-----END CERTIFICATE-----