Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
File:                     WrJabDkrjmejrSH2D9MxHWt_Hlw.mft (raw, json)
Hash identifier:          hTIrt3PL+0drcvpyXwxcsvAhMbLyOFqKxLsQaUiwcoY=
Subject key identifier:   34:1E:63:9F:BF:44:FC:60:0A:2E:23:8B:73:0A:27:1A:E4:C7:0B:CD
Authority key identifier: 5A:B2:5A:6C:39:2B:8E:67:A3:AD:21:F6:0F:D3:31:1D:6B:7F:1E:5C
Certificate issuer:       /CN=5ab25a6c392b8e67a3ad21f60fd3311d6b7f1e5c
Certificate serial:       019675D54081A87BB011AC76C82EBB3F964E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
Manifest number:          0DAA
Signing time:             Sun 27 Apr 2025 06:00:32 +0000
Manifest this update:     Sun 27 Apr 2025 06:00:32 +0000
Manifest next update:     Mon 28 Apr 2025 06:00:32 +0000
Files and hashes:         1: WrJabDkrjmejrSH2D9MxHWt_Hlw.crl (hash: uRBdLMUbUjK1vSC7e4dq2YgwiWCjThaEcH8c2W6Vo+E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:75:d5:40:81:a8:7b:b0:11:ac:76:c8:2e:bb:3f:96:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ab25a6c392b8e67a3ad21f60fd3311d6b7f1e5c
        Validity
            Not Before: Apr 27 06:00:32 2025 GMT
            Not After : Apr 28 06:00:32 2025 GMT
        Subject: CN=341e639fbf44fc600a2e238b730a271ae4c70bcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:38:6b:69:9a:b7:e0:a0:3a:29:ce:25:8d:73:
                    de:b7:c0:d1:2e:c2:2a:44:cc:6c:11:fc:86:59:79:
                    07:68:7e:9a:03:0b:16:8d:0c:84:6a:c4:4c:da:f9:
                    42:be:92:37:0d:aa:81:eb:4c:45:48:16:b2:0c:90:
                    12:7b:0e:ef:9a:f1:55:ba:58:8e:ab:69:8b:81:e3:
                    0e:11:7a:a5:0b:5a:a2:7b:ee:61:96:63:b4:b1:73:
                    7a:de:6d:03:82:6a:55:28:4a:5f:cc:2c:ec:82:b4:
                    3d:a2:15:43:07:92:31:26:6e:5b:27:94:18:4b:24:
                    99:c1:5a:3f:8c:97:3a:b3:14:c3:13:0c:f4:d5:75:
                    a3:33:cf:52:20:b6:0d:e0:ac:b1:8a:c1:5e:47:70:
                    b8:8b:2e:e5:c1:77:4c:72:29:f7:4b:79:b6:12:2b:
                    43:f2:86:5c:28:8b:d6:5d:78:6e:1b:ac:75:37:61:
                    17:d7:82:81:75:dc:e7:39:fa:1a:72:47:cc:f4:57:
                    7a:36:93:d4:4a:38:79:b4:e2:b8:61:09:c0:aa:44:
                    10:82:ce:ec:c7:35:55:0f:75:4f:03:08:58:ba:68:
                    02:d2:e2:d3:d3:15:77:1e:b4:23:bd:57:b1:b6:6a:
                    2a:7b:5f:9e:b6:a7:1b:d6:f8:0d:00:95:da:98:8c:
                    66:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:1E:63:9F:BF:44:FC:60:0A:2E:23:8B:73:0A:27:1A:E4:C7:0B:CD
            X509v3 Authority Key Identifier:
                keyid:5A:B2:5A:6C:39:2B:8E:67:A3:AD:21:F6:0F:D3:31:1D:6B:7F:1E:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:8d:70:28:7e:d1:b6:82:dd:ff:e8:e8:49:8b:79:5b:45:3d:
         3e:1b:ed:ae:6f:59:ad:5a:6f:00:9c:b3:64:87:9c:7e:09:1b:
         b7:87:1d:ee:45:e0:da:b9:6f:d4:0e:36:85:8e:1d:bd:bd:e7:
         ea:3e:74:ad:7d:a4:0b:73:61:51:ee:58:9f:24:88:e2:54:a5:
         21:d9:37:02:96:3b:85:dc:46:0d:98:6c:c2:84:ef:1c:cb:a5:
         4a:a2:d5:96:1c:51:d9:29:26:6f:a5:95:6a:cc:f9:c4:6a:f8:
         ef:bf:04:ea:96:07:5e:95:d6:ed:70:5f:f9:8e:d9:63:93:64:
         6a:93:3c:bd:bd:10:18:ae:22:c3:76:59:f6:1e:c3:4f:6f:40:
         2e:df:55:b9:7d:3e:59:a1:37:7e:59:af:dd:47:2e:bf:0e:e2:
         0d:49:4e:3d:c6:12:63:91:d8:03:3b:2f:9b:34:2e:fe:21:14:
         4b:41:08:3b:2a:e8:22:cf:fc:dd:51:00:f8:59:de:c2:52:9a:
         32:c1:d0:56:04:1c:cf:d5:30:5e:1f:67:3a:c1:b1:5f:e4:f5:
         d8:f7:49:b9:76:a8:76:30:0a:c6:77:7e:e8:e3:e7:37:2c:90:
         2a:16:cf:76:3d:07:72:ce:a5:39:47:9f:e4:7a:46:38:5d:cc:
         25:c3:09:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ11UCBqHuwEax2yC67P5ZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYjI1YTZjMzkyYjhlNjdhM2FkMjFmNjBmZDMzMTFkNmI3
ZjFlNWMwHhcNMjUwNDI3MDYwMDMyWhcNMjUwNDI4MDYwMDMyWjAzMTEwLwYDVQQD
EygzNDFlNjM5ZmJmNDRmYzYwMGEyZTIzOGI3MzBhMjcxYWU0YzcwYmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zhraZq34KA6Kc4ljXPet8DRLsIq
RMxsEfyGWXkHaH6aAwsWjQyEasRM2vlCvpI3DaqB60xFSBayDJASew7vmvFVuliO
q2mLgeMOEXqlC1qie+5hlmO0sXN63m0DgmpVKEpfzCzsgrQ9ohVDB5IxJm5bJ5QY
SySZwVo/jJc6sxTDEwz01XWjM89SILYN4KyxisFeR3C4iy7lwXdMcin3S3m2EitD
8oZcKIvWXXhuG6x1N2EX14KBddznOfoackfM9Fd6NpPUSjh5tOK4YQnAqkQQgs7s
xzVVD3VPAwhYumgC0uLT0xV3HrQjvVextmoqe1+etqcb1vgNAJXamIxmrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDQeY5+/RPxgCi4ji3MKJxrkxwvNMB8GA1UdIwQY
MBaAFFqyWmw5K45no60h9g/TMR1rfx5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84MWY3NmYtZDg3OC00NGExLTgyYzct
MmNjYjVmMGM1ZjZiLzEvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84MWY3NmYtZDg3OC00NGExLTgyYzctMmNjYjVmMGM1ZjZi
LzEvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfY1wKH7R
toLd/+joSYt5W0U9Phvtrm9ZrVpvAJyzZIecfgkbt4cd7kXg2rlv1A42hY4dvb3n
6j50rX2kC3NhUe5YnySI4lSlIdk3ApY7hdxGDZhswoTvHMulSqLVlhxR2Skmb6WV
asz5xGr4778E6pYHXpXW7XBf+Y7ZY5NkapM8vb0QGK4iw3ZZ9h7DT29ALt9VuX0+
WaE3flmv3Ucuvw7iDUlOPcYSY5HYAzsvmzQu/iEUS0EIOyroIs/83VEA+FnewlKa
MsHQVgQcz9UwXh9nOsGxX+T12PdJuXaodjAKxnd+6OPnNyyQKhbPdj0Hcs6lOUef
5HpGOF3MJcMJLQ==
-----END CERTIFICATE-----