Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft
File:                     DZxWoYyYei0aLnBEt-MbMhv3rBY.mft (raw, json)
Hash identifier:          CISPu60AYQ7aif64bHKMnT238bFPKYwyu2GE8pkmzfU=
Subject key identifier:   00:52:41:61:E0:62:50:CD:D6:F8:A0:73:12:3C:FB:82:7E:5B:2B:C1
Authority key identifier: 0D:9C:56:A1:8C:98:7A:2D:1A:2E:70:44:B7:E3:1B:32:1B:F7:AC:16
Certificate issuer:       /CN=0d9c56a18c987a2d1a2e7044b7e31b321bf7ac16
Certificate serial:       01968D38F6EEC54FBD351AA78AB339F8B32F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DZxWoYyYei0aLnBEt-MbMhv3rBY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft
Manifest number:          06AC
Signing time:             Thu 01 May 2025 19:00:42 +0000
Manifest this update:     Thu 01 May 2025 19:00:42 +0000
Manifest next update:     Fri 02 May 2025 19:00:42 +0000
Files and hashes:         1: DZxWoYyYei0aLnBEt-MbMhv3rBY.crl (hash: vPDzqwF9l/Bn6ENpWwvc/kEntNhe33trnbwMKpKDcio=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DZxWoYyYei0aLnBEt-MbMhv3rBY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8d:38:f6:ee:c5:4f:bd:35:1a:a7:8a:b3:39:f8:b3:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d9c56a18c987a2d1a2e7044b7e31b321bf7ac16
        Validity
            Not Before: May  1 19:00:42 2025 GMT
            Not After : May  2 19:00:42 2025 GMT
        Subject: CN=00524161e06250cdd6f8a073123cfb827e5b2bc1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:e4:84:fa:4d:ab:da:dc:fc:57:84:44:86:bf:
                    32:0c:c8:97:b4:6f:b3:a3:59:78:ef:14:a9:c4:f2:
                    c3:55:10:50:ca:4a:22:77:ff:88:ec:7b:07:4a:db:
                    ac:c7:95:ec:b3:ce:6a:7c:58:2c:52:38:b4:63:82:
                    e5:18:a5:ab:d2:22:7a:89:41:17:a3:2c:52:08:13:
                    b8:78:7f:52:8c:7c:60:35:fa:e9:4c:40:5a:ee:d2:
                    7b:02:ac:c7:16:ff:22:5c:99:4e:22:77:44:30:6a:
                    6e:b9:96:35:ef:c8:b3:b7:41:cd:f7:a8:ff:5d:11:
                    aa:35:ac:d2:f7:a9:ce:ae:6f:8b:e2:73:f9:5f:55:
                    0d:c8:39:cd:b5:3e:03:20:4c:27:78:6d:ed:a0:c1:
                    a0:43:b0:d2:d9:8c:29:1e:88:68:e6:ad:0f:73:75:
                    62:7d:9e:fe:16:77:9b:77:6d:f8:66:3b:53:f5:13:
                    90:40:43:78:6d:3c:55:ac:67:76:c6:ad:1b:05:ce:
                    db:a2:47:8d:ab:9b:d6:31:71:74:d3:e1:62:8f:66:
                    92:fc:a5:4f:da:93:c4:ed:28:7c:8c:62:c1:e6:76:
                    91:de:ca:34:d4:39:f3:0b:a0:68:38:99:f0:8b:47:
                    8b:f0:87:d9:8a:2f:48:0d:14:7a:d0:4b:a4:9d:6e:
                    b0:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:52:41:61:E0:62:50:CD:D6:F8:A0:73:12:3C:FB:82:7E:5B:2B:C1
            X509v3 Authority Key Identifier:
                keyid:0D:9C:56:A1:8C:98:7A:2D:1A:2E:70:44:B7:E3:1B:32:1B:F7:AC:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DZxWoYyYei0aLnBEt-MbMhv3rBY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:7b:86:0c:37:8a:d9:85:6f:b6:7c:4a:a5:0d:89:7f:42:54:
         f7:ab:12:e6:c4:da:10:e8:0c:f4:50:50:a8:13:70:04:52:6e:
         1f:18:5d:ed:31:df:17:a8:16:9f:19:53:b2:aa:ff:3f:1e:00:
         c0:38:ae:de:04:8f:0c:83:d0:af:b4:88:cc:51:35:b8:7c:6f:
         e6:59:a2:f3:05:eb:5b:f8:e5:fa:f4:86:7c:e0:d8:63:54:bc:
         4a:d3:ba:19:4f:0b:47:06:f6:3d:32:cc:b1:b6:9e:b9:5a:69:
         9b:82:83:fc:8b:55:09:ec:89:db:fc:c5:65:13:ee:76:d2:57:
         23:61:de:ac:81:fd:d8:78:5f:f6:af:67:d7:b0:b6:3b:ba:24:
         d2:5c:8b:93:40:65:d2:68:d4:1e:92:2b:55:5e:03:02:c2:1d:
         73:6e:91:ad:bb:52:23:4b:8d:b4:dd:7c:d2:0c:ba:e7:cb:11:
         36:c6:78:3f:0f:08:7a:ec:a1:86:ad:e7:1d:2c:43:5c:d9:6d:
         30:c0:d2:bd:ed:52:4d:cf:17:bd:2a:92:5e:dd:d2:06:b0:45:
         d7:ca:e0:e3:d4:af:a4:e4:f9:04:6a:4a:2b:0c:ae:12:1b:60:
         c5:48:d7:1d:96:99:74:aa:fb:bc:20:18:a2:eb:e2:5a:88:6b:
         e4:12:1e:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaNOPbuxU+9NRqnirM5+LMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOWM1NmExOGM5ODdhMmQxYTJlNzA0NGI3ZTMxYjMyMWJm
N2FjMTYwHhcNMjUwNTAxMTkwMDQyWhcNMjUwNTAyMTkwMDQyWjAzMTEwLwYDVQQD
EygwMDUyNDE2MWUwNjI1MGNkZDZmOGEwNzMxMjNjZmI4MjdlNWIyYmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOSE+k2r2tz8V4REhr8yDMiXtG+z
o1l47xSpxPLDVRBQykoid/+I7HsHStusx5Xss85qfFgsUji0Y4LlGKWr0iJ6iUEX
oyxSCBO4eH9SjHxgNfrpTEBa7tJ7AqzHFv8iXJlOIndEMGpuuZY178izt0HN96j/
XRGqNazS96nOrm+L4nP5X1UNyDnNtT4DIEwneG3toMGgQ7DS2YwpHoho5q0Pc3Vi
fZ7+Fnebd234ZjtT9ROQQEN4bTxVrGd2xq0bBc7bokeNq5vWMXF00+Fij2aS/KVP
2pPE7Sh8jGLB5naR3so01DnzC6BoOJnwi0eL8IfZii9IDRR60EuknW6wlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFABSQWHgYlDN1vigcxI8+4J+WyvBMB8GA1UdIwQY
MBaAFA2cVqGMmHotGi5wRLfjGzIb96wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFp4V29ZeVllaTBhTG5CRXQtTWJNaHYzckJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iZDFiOGYtZDA2NS00Y2M3LTlhMWYt
NDVhYjNmNTIwZjAwLzEvRFp4V29ZeVllaTBhTG5CRXQtTWJNaHYzckJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9iZDFiOGYtZDA2NS00Y2M3LTlhMWYtNDVhYjNmNTIwZjAw
LzEvRFp4V29ZeVllaTBhTG5CRXQtTWJNaHYzckJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeHuGDDeK
2YVvtnxKpQ2Jf0JU96sS5sTaEOgM9FBQqBNwBFJuHxhd7THfF6gWnxlTsqr/Px4A
wDiu3gSPDIPQr7SIzFE1uHxv5lmi8wXrW/jl+vSGfODYY1S8StO6GU8LRwb2PTLM
sbaeuVppm4KD/ItVCeyJ2/zFZRPudtJXI2HerIH92Hhf9q9n17C2O7ok0lyLk0Bl
0mjUHpIrVV4DAsIdc26RrbtSI0uNtN180gy658sRNsZ4Pw8Ieuyhhq3nHSxDXNlt
MMDSve1STc8XvSqSXt3SBrBF18rg49SvpOT5BGpKKwyuEhtgxUjXHZaZdKr7vCAY
ouviWohr5BIeqg==
-----END CERTIFICATE-----