Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/e0a25c-d527-4c75-a1bb-3ef640f937c4/1/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.mft
File:                     Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.mft (raw, json)
Hash identifier:          Lq/BsEsx1KMrZ2h5WiKaFAfVugXoVsJiVt7d7qIynYk=
Subject key identifier:   64:7E:79:32:6C:2D:B6:C6:45:C9:7A:9E:5C:DB:EC:18:E8:CC:F8:8E
Authority key identifier: 0E:87:E5:D3:3A:9B:28:BE:7F:1A:F8:BC:9C:13:8B:15:80:90:F1:89
Certificate issuer:       /CN=0e87e5d33a9b28be7f1af8bc9c138b158090f189
Certificate serial:       0196778D1655A4281F236DC16ACCA092744B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/e0a25c-d527-4c75-a1bb-3ef640f937c4/1/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.mft
Manifest number:          037C
Signing time:             Sun 27 Apr 2025 14:00:57 +0000
Manifest this update:     Sun 27 Apr 2025 14:00:57 +0000
Manifest next update:     Mon 28 Apr 2025 14:00:57 +0000
Files and hashes:         1: Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.crl (hash: uAG9sOHQO29UnQ5FOZb2ZRYFX80kxx2wWSTh63EF2BQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/e0a25c-d527-4c75-a1bb-3ef640f937c4/1/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/e0a25c-d527-4c75-a1bb-3ef640f937c4/1/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:8d:16:55:a4:28:1f:23:6d:c1:6a:cc:a0:92:74:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e87e5d33a9b28be7f1af8bc9c138b158090f189
        Validity
            Not Before: Apr 27 14:00:57 2025 GMT
            Not After : Apr 28 14:00:57 2025 GMT
        Subject: CN=647e79326c2db6c645c97a9e5cdbec18e8ccf88e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f0:3f:9e:c1:7b:2e:11:e0:51:8c:f5:e5:17:
                    76:75:76:f7:ac:ac:ae:3e:86:26:53:35:4a:b2:17:
                    5a:5d:6e:4f:c3:2d:61:94:f0:4b:ce:fe:c5:5b:37:
                    c4:78:04:ac:a7:cd:3b:5a:d7:dd:45:08:c6:d8:f0:
                    e6:06:e3:31:d9:18:29:4c:ec:5b:65:7e:98:9e:47:
                    23:b3:a2:a9:45:f7:9f:4a:cd:6d:ed:6e:02:5a:41:
                    e5:3a:05:a2:d5:6f:f2:a2:5f:ca:c5:d9:48:85:2d:
                    50:f4:ec:90:8a:28:22:23:bf:5c:97:f1:b5:41:34:
                    05:30:3a:17:80:c0:97:39:e7:65:f5:2c:44:75:32:
                    71:90:6a:f1:52:b0:82:84:e2:f7:b0:e1:27:a4:c8:
                    8e:a5:59:8f:b9:f7:f4:a8:e6:85:ab:0f:ca:03:88:
                    ba:64:4a:10:c4:5d:2e:ad:94:1c:57:db:95:59:1b:
                    00:06:96:b5:4c:31:2d:94:82:d0:9f:d2:96:d7:ee:
                    14:57:e3:c5:27:f8:48:de:fe:99:94:e0:c9:18:d2:
                    06:8a:2c:58:6b:d6:b0:ba:20:cc:1d:30:61:24:0c:
                    df:dc:38:58:c4:97:ca:e8:3b:a4:85:4c:ed:00:7d:
                    7a:7b:3f:f9:76:27:f5:b8:33:b4:31:b5:c1:d8:79:
                    02:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:7E:79:32:6C:2D:B6:C6:45:C9:7A:9E:5C:DB:EC:18:E8:CC:F8:8E
            X509v3 Authority Key Identifier:
                keyid:0E:87:E5:D3:3A:9B:28:BE:7F:1A:F8:BC:9C:13:8B:15:80:90:F1:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/e0a25c-d527-4c75-a1bb-3ef640f937c4/1/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/e0a25c-d527-4c75-a1bb-3ef640f937c4/1/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:b6:2c:65:29:36:b3:70:a8:b6:90:ce:34:b0:42:2a:19:90:
         e2:81:7d:39:4e:c7:7b:5a:3a:a7:30:fa:3e:1c:90:dd:8e:26:
         44:d0:07:22:96:eb:20:66:9a:8f:df:85:69:58:66:4d:4a:49:
         1b:ee:19:b3:f5:00:16:82:a2:6b:30:c0:7f:54:94:57:da:0c:
         bc:49:68:c4:6e:1a:52:dc:6f:87:ad:6f:f4:4c:19:29:ae:3c:
         a2:e0:15:b5:8b:d5:d6:03:46:49:bc:06:1b:d6:8c:6a:28:06:
         71:87:09:58:59:35:1b:fd:61:d6:1c:b7:ac:9a:e7:ae:d1:d3:
         d8:0c:6b:2d:f2:56:5e:96:25:ae:31:fc:01:47:48:8a:19:d6:
         97:53:cd:ac:c5:57:19:80:34:2a:da:af:86:12:09:cc:26:51:
         58:69:16:70:66:fe:60:c5:8a:65:7b:d4:9a:b1:d9:9a:68:ad:
         ed:59:30:45:f0:2b:60:3d:18:1e:eb:e2:97:fb:d5:10:cc:ca:
         83:50:c1:1a:c3:b4:f3:ea:88:43:94:6d:f6:b0:33:9b:75:43:
         64:cb:a1:76:bd:60:34:09:aa:2e:08:bb:b5:cd:45:dc:26:4d:
         5a:68:e8:53:e8:15:d7:c5:3c:f2:53:58:2f:a6:df:62:32:55:
         95:8d:14:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3jRZVpCgfI23BasygknRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODdlNWQzM2E5YjI4YmU3ZjFhZjhiYzljMTM4YjE1ODA5
MGYxODkwHhcNMjUwNDI3MTQwMDU3WhcNMjUwNDI4MTQwMDU3WjAzMTEwLwYDVQQD
Eyg2NDdlNzkzMjZjMmRiNmM2NDVjOTdhOWU1Y2RiZWMxOGU4Y2NmODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvA/nsF7LhHgUYz15Rd2dXb3rKyu
PoYmUzVKshdaXW5Pwy1hlPBLzv7FWzfEeASsp807WtfdRQjG2PDmBuMx2RgpTOxb
ZX6Ynkcjs6KpRfefSs1t7W4CWkHlOgWi1W/yol/KxdlIhS1Q9OyQiigiI79cl/G1
QTQFMDoXgMCXOedl9SxEdTJxkGrxUrCChOL3sOEnpMiOpVmPuff0qOaFqw/KA4i6
ZEoQxF0urZQcV9uVWRsABpa1TDEtlILQn9KW1+4UV+PFJ/hI3v6ZlODJGNIGiixY
a9awuiDMHTBhJAzf3DhYxJfK6DukhUztAH16ez/5dif1uDO0MbXB2HkCmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGR+eTJsLbbGRcl6nlzb7BjozPiOMB8GA1UdIwQY
MBaAFA6H5dM6myi+fxr4vJwTixWAkPGJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9mbDB6cWJLTDVfR3ZpOG5CT0xGWUNROFlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9lMGEyNWMtZDUyNy00Yzc1LWExYmIt
M2VmNjQwZjkzN2M0LzEvRG9mbDB6cWJLTDVfR3ZpOG5CT0xGWUNROFlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9lMGEyNWMtZDUyNy00Yzc1LWExYmItM2VmNjQwZjkzN2M0
LzEvRG9mbDB6cWJLTDVfR3ZpOG5CT0xGWUNROFlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcrYsZSk2
s3CotpDONLBCKhmQ4oF9OU7He1o6pzD6PhyQ3Y4mRNAHIpbrIGaaj9+FaVhmTUpJ
G+4Zs/UAFoKiazDAf1SUV9oMvEloxG4aUtxvh61v9EwZKa48ouAVtYvV1gNGSbwG
G9aMaigGcYcJWFk1G/1h1hy3rJrnrtHT2AxrLfJWXpYlrjH8AUdIihnWl1PNrMVX
GYA0KtqvhhIJzCZRWGkWcGb+YMWKZXvUmrHZmmit7VkwRfArYD0YHuvil/vVEMzK
g1DBGsO08+qIQ5Rt9rAzm3VDZMuhdr1gNAmqLgi7tc1F3CZNWmjoU+gV18U88lNY
L6bfYjJVlY0Unw==
-----END CERTIFICATE-----