Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
File:                     DwQeIIaCRVpnlCzipkhYygcEfos.mft (raw, json)
Hash identifier:          5Yls8g0sT3cZ+xERWuRgqhVXxUFYadfyVuD/QA+UzNo=
Subject key identifier:   38:4B:31:AD:9D:29:DF:EC:E3:D2:14:3B:71:BC:41:55:2E:D3:5C:2F
Authority key identifier: 0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B
Certificate issuer:       /CN=0f041e208682455a67942ce2a64858ca07047e8b
Certificate serial:       01967755809368A74835DD75810852ABD3CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
Manifest number:          150E
Signing time:             Sun 27 Apr 2025 13:00:14 +0000
Manifest this update:     Sun 27 Apr 2025 13:00:14 +0000
Manifest next update:     Mon 28 Apr 2025 13:00:14 +0000
Files and hashes:         1: DwQeIIaCRVpnlCzipkhYygcEfos.crl (hash: 400wb7jy1XnpJVxsUXNyCHEZEtG5DajSJUJKitHnKDs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 13:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:55:80:93:68:a7:48:35:dd:75:81:08:52:ab:d3:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f041e208682455a67942ce2a64858ca07047e8b
        Validity
            Not Before: Apr 27 13:00:14 2025 GMT
            Not After : Apr 28 13:00:14 2025 GMT
        Subject: CN=384b31ad9d29dfece3d2143b71bc41552ed35c2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:86:2e:26:b2:d3:60:15:67:b1:fe:f7:28:05:
                    f6:25:18:8b:97:8d:4a:1a:0a:fe:00:52:53:09:af:
                    cc:d3:d0:55:2f:d8:a1:d2:c0:92:43:21:9d:f6:86:
                    49:a7:39:3c:bf:79:a3:33:7c:82:c7:6f:1e:76:53:
                    4f:7e:7a:86:30:de:35:16:bb:a4:b7:4d:e5:96:3e:
                    de:ad:a9:9d:52:d5:19:7d:89:5b:06:1e:64:71:cd:
                    da:a7:8a:04:a9:ba:27:a5:af:cf:38:d1:cd:65:7b:
                    bb:9b:c5:5f:90:7c:63:fa:4c:4d:ae:b0:c8:2d:36:
                    80:07:e2:b9:f2:ef:f0:43:88:2b:83:2f:c3:0e:5b:
                    55:50:4e:65:bc:6d:e6:fa:1a:46:52:61:43:aa:88:
                    de:32:e4:36:94:ad:91:42:4b:d7:4a:01:87:ce:9d:
                    65:c2:e9:0f:ee:df:0a:d9:18:87:2c:8a:54:5b:1d:
                    79:00:42:a7:23:5b:45:87:a8:2c:b7:26:d6:55:37:
                    3b:07:26:04:4f:14:f7:e1:04:cb:15:7e:e9:1d:7e:
                    e2:dc:13:7c:d2:97:36:cf:7e:f0:d4:7d:76:e6:b9:
                    57:9c:3a:2f:e0:d4:95:8d:0d:47:2b:1f:6c:82:8d:
                    19:e0:67:e1:08:83:80:a0:30:4b:f7:c7:ef:44:a3:
                    7f:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:4B:31:AD:9D:29:DF:EC:E3:D2:14:3B:71:BC:41:55:2E:D3:5C:2F
            X509v3 Authority Key Identifier:
                keyid:0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:eb:84:5b:9e:87:d0:92:42:ff:ce:19:05:2d:26:08:0f:fe:
         c4:0b:02:05:6a:27:9c:2d:29:94:f5:9f:1d:b0:bb:5d:87:3d:
         5c:f7:9a:3e:f6:5b:87:4a:db:d0:c6:35:60:f1:0a:c7:7a:a6:
         ce:11:17:f3:f1:95:82:92:71:0b:2a:45:60:de:8e:72:97:7e:
         79:9f:47:da:ef:d3:90:60:ca:85:b1:df:d0:2f:98:8a:2e:a6:
         43:7d:db:fb:1a:52:97:8f:3a:5e:31:d2:37:8f:9e:60:6c:bd:
         ee:05:d5:f3:6b:0c:69:ed:b0:87:d7:0c:03:51:ee:4a:4e:2f:
         e1:1e:84:0f:b9:9d:22:7a:bc:9d:e0:a6:50:86:42:51:76:90:
         5e:fe:d2:1e:21:19:2d:2c:3a:dd:07:ff:6b:f2:d0:23:e0:72:
         8e:9c:01:1c:9b:f4:9f:04:b5:d3:29:20:37:2d:9c:2f:f4:39:
         8f:69:fc:3c:ea:c5:7b:70:75:65:b2:c7:44:f8:c4:44:9b:6e:
         e3:d1:0f:b4:8a:ad:77:f3:0c:d5:20:44:f7:35:9f:a0:aa:b6:
         aa:de:3e:bc:5f:ca:e3:80:8b:ff:70:e4:b5:d1:3b:50:bc:77:
         71:00:c2:9a:93:7a:c2:63:df:63:6d:c0:d2:9c:d0:3f:54:70:
         6d:05:60:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3VYCTaKdINd11gQhSq9PPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDQxZTIwODY4MjQ1NWE2Nzk0MmNlMmE2NDg1OGNhMDcw
NDdlOGIwHhcNMjUwNDI3MTMwMDE0WhcNMjUwNDI4MTMwMDE0WjAzMTEwLwYDVQQD
EygzODRiMzFhZDlkMjlkZmVjZTNkMjE0M2I3MWJjNDE1NTJlZDM1YzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYYuJrLTYBVnsf73KAX2JRiLl41K
Ggr+AFJTCa/M09BVL9ih0sCSQyGd9oZJpzk8v3mjM3yCx28edlNPfnqGMN41Fruk
t03llj7eramdUtUZfYlbBh5kcc3ap4oEqbonpa/PONHNZXu7m8VfkHxj+kxNrrDI
LTaAB+K58u/wQ4grgy/DDltVUE5lvG3m+hpGUmFDqojeMuQ2lK2RQkvXSgGHzp1l
wukP7t8K2RiHLIpUWx15AEKnI1tFh6gstybWVTc7ByYETxT34QTLFX7pHX7i3BN8
0pc2z37w1H125rlXnDov4NSVjQ1HKx9sgo0Z4GfhCIOAoDBL98fvRKN/LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDhLMa2dKd/s49IUO3G8QVUu01wvMB8GA1UdIwQY
MBaAFA8EHiCGgkVaZ5Qs4qZIWMoHBH6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAt
N2ZmZGZlZTU3ZjUyLzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAtN2ZmZGZlZTU3ZjUy
LzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADuuEW56H
0JJC/84ZBS0mCA/+xAsCBWonnC0plPWfHbC7XYc9XPeaPvZbh0rb0MY1YPEKx3qm
zhEX8/GVgpJxCypFYN6Ocpd+eZ9H2u/TkGDKhbHf0C+Yii6mQ33b+xpSl486XjHS
N4+eYGy97gXV82sMae2wh9cMA1HuSk4v4R6ED7mdInq8neCmUIZCUXaQXv7SHiEZ
LSw63Qf/a/LQI+ByjpwBHJv0nwS10ykgNy2cL/Q5j2n8POrFe3B1ZbLHRPjERJtu
49EPtIqtd/MM1SBE9zWfoKq2qt4+vF/K44CL/3DktdE7ULx3cQDCmpN6wmPfY23A
0pzQP1RwbQVgKA==
-----END CERTIFICATE-----