Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
File:                     0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft (raw, json)
Hash identifier:          cACRNmKfpOepWKwu7xh23UUUBXnPlQlZ3FE2R4HhE2E=
Subject key identifier:   71:DA:98:3C:0B:3F:CC:EF:59:D2:B7:16:B1:90:EF:60:04:79:FC:05
Authority key identifier: D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95
Certificate issuer:       /CN=d170d4dde23a92166a67bb13f60bc70b667d8695
Certificate serial:       01968DA6E89BF532E91FFD951CB005A54E89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
Manifest number:          1252
Signing time:             Thu 01 May 2025 21:00:47 +0000
Manifest this update:     Thu 01 May 2025 21:00:47 +0000
Manifest next update:     Fri 02 May 2025 21:00:47 +0000
Files and hashes:         1: 0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl (hash: NwTpC3puaqikLiXKZk07AkTgJEUSv4SH1lhaqiJt0e4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8d:a6:e8:9b:f5:32:e9:1f:fd:95:1c:b0:05:a5:4e:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d170d4dde23a92166a67bb13f60bc70b667d8695
        Validity
            Not Before: May  1 21:00:47 2025 GMT
            Not After : May  2 21:00:47 2025 GMT
        Subject: CN=71da983c0b3fccef59d2b716b190ef600479fc05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f0:a6:4d:e4:1d:2e:a3:94:9d:11:35:d9:47:
                    17:bb:4b:b5:d0:0a:3c:6c:84:60:02:bc:aa:53:7b:
                    49:ee:cc:50:9d:8d:13:1c:72:a8:2d:4d:fc:3d:e0:
                    88:d3:7f:6e:fc:c3:18:be:cf:bb:ff:6f:bc:7b:9e:
                    49:67:50:8d:32:be:39:eb:b8:17:34:b0:8f:d6:3d:
                    bc:68:1d:cd:1a:5a:4e:a1:97:34:7c:0b:23:16:8b:
                    a4:a0:2e:9f:22:fe:56:0c:95:9f:08:d3:20:02:0d:
                    d7:76:c3:b4:ca:b1:ca:f7:1d:11:c9:c1:60:a3:49:
                    6a:07:c6:15:5e:28:90:2c:1c:c0:a4:ff:6f:d1:9f:
                    24:39:3f:5a:57:3e:3c:f0:98:7d:22:90:83:d8:4d:
                    be:67:65:41:dd:fe:1a:5a:b1:82:19:a5:06:9d:ac:
                    74:ca:d2:e0:34:e0:3e:de:29:7a:20:3f:22:1b:f9:
                    b7:b8:48:34:29:db:d9:c9:c6:49:be:44:8d:3b:34:
                    2d:00:48:0d:b2:2d:00:18:4e:17:5b:0c:dc:1d:dc:
                    b6:d3:9e:e1:08:32:21:2f:3e:1c:0a:b5:3d:21:50:
                    84:5c:9d:b0:e2:04:fd:42:b5:13:0c:e2:1b:c7:64:
                    ae:ee:80:1b:70:94:e8:46:de:fa:ec:0d:8a:09:3c:
                    d3:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:DA:98:3C:0B:3F:CC:EF:59:D2:B7:16:B1:90:EF:60:04:79:FC:05
            X509v3 Authority Key Identifier:
                keyid:D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:e8:57:a2:ab:da:43:94:b3:fe:db:7b:61:36:cc:6b:da:1e:
         71:ee:bc:b9:0c:75:f5:66:ed:e8:39:52:0f:56:3d:5a:e6:05:
         1e:c9:05:1d:94:f7:e6:f1:5c:da:56:63:31:6e:7c:ea:fc:a3:
         b3:dc:26:93:86:4b:3d:df:2a:91:8b:4a:48:1b:b9:36:d9:a8:
         b3:2e:f1:16:24:ac:d2:9f:3d:ab:07:e2:ba:9e:32:7b:7a:e8:
         1b:72:54:12:e3:4e:99:64:38:3c:0d:a7:f9:a2:ad:77:27:6c:
         7e:f5:ec:90:6e:f5:7b:fc:d9:f8:ba:ea:7d:2e:5a:07:d9:81:
         d5:a8:7d:c9:8b:ec:1f:ea:e7:36:4b:5e:70:82:8c:07:bb:6f:
         dc:ee:fe:52:53:32:84:65:83:a1:b3:6c:90:d5:d6:6d:44:79:
         27:9a:ee:46:b9:7b:cc:06:9f:c2:52:84:c9:d5:44:26:82:1c:
         36:15:bd:b7:cf:5b:0f:9d:81:ec:b1:10:b1:6c:dc:75:5c:6d:
         c5:57:dc:f1:83:92:a6:04:04:7b:13:5a:d8:25:cf:31:7b:d7:
         52:d0:45:ad:85:47:b8:9b:84:f9:38:2a:15:09:57:4d:26:1c:
         5e:44:17:e9:80:4f:37:70:2f:b8:89:5d:8e:84:38:3f:30:58:
         a5:4a:fd:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaNpuib9TLpH/2VHLAFpU6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNzBkNGRkZTIzYTkyMTY2YTY3YmIxM2Y2MGJjNzBiNjY3
ZDg2OTUwHhcNMjUwNTAxMjEwMDQ3WhcNMjUwNTAyMjEwMDQ3WjAzMTEwLwYDVQQD
Eyg3MWRhOTgzYzBiM2ZjY2VmNTlkMmI3MTZiMTkwZWY2MDA0NzlmYzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPCmTeQdLqOUnRE12UcXu0u10Ao8
bIRgAryqU3tJ7sxQnY0THHKoLU38PeCI039u/MMYvs+7/2+8e55JZ1CNMr4567gX
NLCP1j28aB3NGlpOoZc0fAsjFoukoC6fIv5WDJWfCNMgAg3XdsO0yrHK9x0RycFg
o0lqB8YVXiiQLBzApP9v0Z8kOT9aVz488Jh9IpCD2E2+Z2VB3f4aWrGCGaUGnax0
ytLgNOA+3il6ID8iG/m3uEg0KdvZycZJvkSNOzQtAEgNsi0AGE4XWwzcHdy2057h
CDIhLz4cCrU9IVCEXJ2w4gT9QrUTDOIbx2Su7oAbcJToRt767A2KCTzTBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHHamDwLP8zvWdK3FrGQ72AEefwFMB8GA1UdIwQY
MBaAFNFw1N3iOpIWame7E/YLxwtmfYaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQt
N2E1NzE0ZjhlNmRhLzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQtN2E1NzE0ZjhlNmRh
LzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApehXoqva
Q5Sz/tt7YTbMa9oece68uQx19Wbt6DlSD1Y9WuYFHskFHZT35vFc2lZjMW586vyj
s9wmk4ZLPd8qkYtKSBu5Ntmosy7xFiSs0p89qwfiup4ye3roG3JUEuNOmWQ4PA2n
+aKtdydsfvXskG71e/zZ+LrqfS5aB9mB1ah9yYvsH+rnNktecIKMB7tv3O7+UlMy
hGWDobNskNXWbUR5J5ruRrl7zAafwlKEydVEJoIcNhW9t89bD52B7LEQsWzcdVxt
xVfc8YOSpgQEexNa2CXPMXvXUtBFrYVHuJuE+TgqFQlXTSYcXkQX6YBPN3AvuIld
joQ4PzBYpUr9Mw==
-----END CERTIFICATE-----