Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          00h85ZwbL2oc1+sGl28PwLa52Ot+Wa+UkzmZDbO5eJo=
Subject key identifier:   BE:77:26:8D:55:D5:F8:98:D2:FC:5A:CB:36:C4:57:17:F4:09:17:A8
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       0196857F28740796080A4B9BCC1237019390
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          0501
Signing time:             Wed 30 Apr 2025 07:00:25 +0000
Manifest this update:     Wed 30 Apr 2025 07:00:25 +0000
Manifest next update:     Thu 01 May 2025 07:00:25 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: Oq+OcQaA++bpcded8acPAUxlSwo5ClK68+cbLQYhplA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 07:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:85:7f:28:74:07:96:08:0a:4b:9b:cc:12:37:01:93:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: Apr 30 07:00:25 2025 GMT
            Not After : May  1 07:00:25 2025 GMT
        Subject: CN=be77268d55d5f898d2fc5acb36c45717f40917a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:57:0d:7b:29:09:08:d6:7b:7e:a5:97:40:ef:
                    ef:97:c5:7a:29:4f:35:1d:38:13:3b:1d:f7:5a:fc:
                    7c:a1:a7:32:cf:9d:09:b8:e4:43:0a:c6:fd:5c:84:
                    23:62:50:f5:a7:89:d9:01:b6:1b:a5:a9:1a:c7:52:
                    75:9d:04:aa:14:61:cb:b2:92:58:ae:70:ed:9d:17:
                    7f:4b:b3:ea:10:9f:5f:9d:ae:9e:2a:79:c5:87:92:
                    1e:a5:e1:7a:7b:72:ef:1f:71:fb:76:92:9a:6f:01:
                    85:0a:af:7c:5a:58:a9:e5:43:1f:70:46:17:51:4e:
                    95:fb:e1:a9:67:34:94:9d:9f:b3:1c:05:69:d2:94:
                    11:3d:a5:14:42:9e:dc:33:03:f7:8f:30:ef:6d:33:
                    16:40:cc:96:6e:62:e2:06:83:27:f2:f0:5b:f1:7a:
                    e6:c9:06:db:0a:e0:ec:0f:7a:11:3b:9f:fa:7c:56:
                    85:5e:07:67:c2:cd:1b:12:d3:84:59:66:3e:d0:b7:
                    48:30:0b:be:9a:23:d2:55:0b:77:46:ff:2f:d8:4c:
                    e1:ae:2c:20:a7:6c:00:fa:0e:11:ec:1c:1e:d3:22:
                    5a:e0:52:10:8f:3c:f1:72:29:5d:06:bf:54:c1:ab:
                    17:b0:f4:a4:93:63:3b:58:09:9a:7f:76:29:ca:f9:
                    33:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:77:26:8D:55:D5:F8:98:D2:FC:5A:CB:36:C4:57:17:F4:09:17:A8
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:ef:96:fc:8c:1d:60:55:b1:85:f1:56:d8:1e:f2:91:b2:c1:
         f0:9c:e7:33:dd:c6:ee:f6:99:b4:e3:31:86:16:6f:5d:31:8c:
         d7:4b:86:b2:76:97:df:3f:da:bc:7f:15:1d:99:e6:3e:fe:4d:
         e6:e9:d3:68:e6:c5:06:f1:d4:82:2a:e1:4b:9e:d6:29:f2:3b:
         cd:69:ca:d1:3b:d2:4c:5a:69:85:14:94:d2:97:38:8a:1d:ad:
         5e:9f:23:d7:3d:ff:52:a1:18:01:06:22:5e:81:0a:11:53:b3:
         a9:6c:04:c8:34:6c:a2:a9:09:db:fe:1c:53:62:06:35:57:c9:
         82:da:e2:de:0d:98:6f:42:2c:e6:80:1a:3f:fc:52:e7:03:a4:
         e7:9f:34:23:fd:1c:76:23:af:93:76:0c:4d:95:01:ab:65:58:
         cd:c7:e5:ea:d2:30:7f:6b:cc:ab:82:2a:86:97:93:24:71:1a:
         4f:0d:f6:cc:bc:9d:77:55:2e:f9:41:b4:1f:09:3f:5e:ae:20:
         44:59:a9:3c:ae:6c:16:4b:4a:19:1e:18:b5:8a:01:85:58:48:
         8f:6e:4a:9f:00:82:ca:ae:3c:4a:6f:7e:b2:69:46:02:5d:f3:
         15:90:35:63:b3:fe:51:d8:e3:94:74:c7:3f:b6:c4:fc:55:f3:
         c8:b9:b2:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaFfyh0B5YICkubzBI3AZOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjUwNDMwMDcwMDI1WhcNMjUwNTAxMDcwMDI1WjAzMTEwLwYDVQQD
EyhiZTc3MjY4ZDU1ZDVmODk4ZDJmYzVhY2IzNmM0NTcxN2Y0MDkxN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lcNeykJCNZ7fqWXQO/vl8V6KU81
HTgTOx33Wvx8oacyz50JuORDCsb9XIQjYlD1p4nZAbYbpakax1J1nQSqFGHLspJY
rnDtnRd/S7PqEJ9fna6eKnnFh5IepeF6e3LvH3H7dpKabwGFCq98Wlip5UMfcEYX
UU6V++GpZzSUnZ+zHAVp0pQRPaUUQp7cMwP3jzDvbTMWQMyWbmLiBoMn8vBb8Xrm
yQbbCuDsD3oRO5/6fFaFXgdnws0bEtOEWWY+0LdIMAu+miPSVQt3Rv8v2Ezhriwg
p2wA+g4R7Bwe0yJa4FIQjzzxcildBr9UwasXsPSkk2M7WAmaf3YpyvkzGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL53Jo1V1fiY0vxayzbEVxf0CReoMB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu++W/Iwd
YFWxhfFW2B7ykbLB8JznM93G7vaZtOMxhhZvXTGM10uGsnaX3z/avH8VHZnmPv5N
5unTaObFBvHUgirhS57WKfI7zWnK0TvSTFpphRSU0pc4ih2tXp8j1z3/UqEYAQYi
XoEKEVOzqWwEyDRsoqkJ2/4cU2IGNVfJgtri3g2Yb0Is5oAaP/xS5wOk5580I/0c
diOvk3YMTZUBq2VYzcfl6tIwf2vMq4IqhpeTJHEaTw32zLydd1Uu+UG0Hwk/Xq4g
RFmpPK5sFktKGR4YtYoBhVhIj25KnwCCyq48Sm9+smlGAl3zFZA1Y7P+UdjjlHTH
P7bE/FXzyLmytg==
-----END CERTIFICATE-----