Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
File:                     0sAfMj0dJYn5qbRi_nDzawn6xjI.mft (raw, json)
Hash identifier:          XdRIGhe95mX/XE5ZwTzU6CUAWpYcZ6gefGRkXOYQ0Ak=
Subject key identifier:   B5:18:69:EF:51:3E:72:87:6F:60:07:C2:FF:62:E9:04:8D:E9:59:BB
Authority key identifier: D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32
Certificate issuer:       /CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
Certificate serial:       01969228528CE3DAB99D13FFED898A870796
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
Manifest number:          054A
Signing time:             Fri 02 May 2025 18:00:38 +0000
Manifest this update:     Fri 02 May 2025 18:00:38 +0000
Manifest next update:     Sat 03 May 2025 18:00:38 +0000
Files and hashes:         1: 0sAfMj0dJYn5qbRi_nDzawn6xjI.crl (hash: rBEG2qnakMLchttuUDaYto3gFyGaYbqLdiyr2k53Bi0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 18:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:92:28:52:8c:e3:da:b9:9d:13:ff:ed:89:8a:87:07:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
        Validity
            Not Before: May  2 18:00:38 2025 GMT
            Not After : May  3 18:00:38 2025 GMT
        Subject: CN=b51869ef513e72876f6007c2ff62e9048de959bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:82:72:2e:6d:11:f6:f8:ea:a1:34:82:70:6b:
                    93:6f:b4:a9:d6:fa:d5:7b:0d:0d:ef:55:5d:15:d0:
                    61:2a:b3:43:bb:f4:0e:71:68:b1:9a:b3:73:e3:6c:
                    74:50:ce:b3:e5:bd:05:a2:2d:da:de:c3:82:fa:ee:
                    6a:59:44:2a:ad:ec:32:27:f7:c5:02:40:98:52:39:
                    c7:67:8b:43:65:e2:f2:b0:f0:78:6e:ed:5e:69:c0:
                    79:1a:a3:3a:fd:45:16:ad:9d:75:8d:03:46:e5:84:
                    cc:a0:f1:31:ca:94:56:f7:14:00:5d:f2:e8:25:18:
                    49:31:37:2b:47:25:21:76:9a:3e:0f:ed:fa:47:50:
                    9f:c2:50:b0:11:5e:a8:42:44:62:4c:e4:c6:e0:eb:
                    07:43:55:f9:a8:73:63:b2:3d:ee:a2:59:73:61:3d:
                    9f:ae:2f:19:86:b4:33:c4:2e:5b:c8:05:ce:f5:2a:
                    bd:7e:e3:cc:a0:df:1b:12:29:28:d5:d0:b4:57:bd:
                    0a:c8:2a:2e:7a:1c:e5:56:10:3c:ef:ec:43:f4:fc:
                    62:bb:0e:fe:df:1a:fb:6e:d7:80:83:12:15:4e:9f:
                    c5:a8:c2:8d:42:75:d5:3a:dc:87:e7:e6:cd:ca:59:
                    6e:8f:71:22:9c:e4:2e:22:fd:ab:25:b2:58:3e:b6:
                    64:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:18:69:EF:51:3E:72:87:6F:60:07:C2:FF:62:E9:04:8D:E9:59:BB
            X509v3 Authority Key Identifier:
                keyid:D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:09:c9:28:4a:80:06:c1:70:e2:14:50:5f:05:20:6d:bd:21:
         e7:b3:be:2b:28:4a:6b:7e:72:9c:82:8b:8a:1b:06:e8:4a:13:
         2a:12:2e:42:2d:47:25:d1:97:76:1a:1e:22:57:ff:b3:8f:b9:
         64:46:ae:d7:af:4b:8b:af:de:0d:4d:98:85:d2:b0:02:5a:ce:
         68:8e:fe:e2:af:15:7c:ff:9d:45:d1:2e:4e:ee:ba:2d:10:5d:
         a7:c4:67:f5:3d:d0:8d:53:65:7e:18:27:95:95:b5:db:57:69:
         13:7f:d1:70:25:5e:89:1c:e5:35:be:5e:9a:a3:48:14:07:7f:
         ed:c5:38:55:78:2e:89:a9:11:02:cf:23:5e:5e:9b:00:e9:73:
         91:27:89:7b:b5:12:57:43:36:78:41:f5:30:74:c7:9d:3f:f7:
         bb:b7:57:cd:b7:c3:92:d1:9b:14:ba:54:2b:5a:93:b4:c1:9e:
         80:79:a5:f9:3b:3f:0b:ec:28:1d:6d:26:a3:16:c9:80:d7:3d:
         80:a8:2f:c3:35:b4:b8:fd:01:32:f8:f7:85:ad:c4:f0:90:81:
         eb:75:7f:59:4a:87:dc:ce:00:46:22:3a:fd:ac:53:1e:2c:6c:
         ab:5c:c8:d7:68:23:d6:04:26:05:bd:b0:49:aa:5f:31:aa:15:
         31:b5:01:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaSKFKM49q5nRP/7YmKhweWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzAxZjMyM2QxZDI1ODlmOWE5YjQ2MmZlNzBmMzZiMDlm
YWM2MzIwHhcNMjUwNTAyMTgwMDM4WhcNMjUwNTAzMTgwMDM4WjAzMTEwLwYDVQQD
EyhiNTE4NjllZjUxM2U3Mjg3NmY2MDA3YzJmZjYyZTkwNDhkZTk1OWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIJyLm0R9vjqoTSCcGuTb7Sp1vrV
ew0N71VdFdBhKrNDu/QOcWixmrNz42x0UM6z5b0Foi3a3sOC+u5qWUQqrewyJ/fF
AkCYUjnHZ4tDZeLysPB4bu1eacB5GqM6/UUWrZ11jQNG5YTMoPExypRW9xQAXfLo
JRhJMTcrRyUhdpo+D+36R1CfwlCwEV6oQkRiTOTG4OsHQ1X5qHNjsj3uollzYT2f
ri8ZhrQzxC5byAXO9Sq9fuPMoN8bEiko1dC0V70KyCouehzlVhA87+xD9Pxiuw7+
3xr7bteAgxIVTp/FqMKNQnXVOtyH5+bNylluj3EinOQuIv2rJbJYPrZknQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLUYae9RPnKHb2AHwv9i6QSN6Vm7MB8GA1UdIwQY
MBaAFNLAHzI9HSWJ+am0Yv5w82sJ+sYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDIt
NjViZDQyMjRjZGI5LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDItNjViZDQyMjRjZGI5
LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABQnJKEqA
BsFw4hRQXwUgbb0h57O+KyhKa35ynIKLihsG6EoTKhIuQi1HJdGXdhoeIlf/s4+5
ZEau169Li6/eDU2YhdKwAlrOaI7+4q8VfP+dRdEuTu66LRBdp8Rn9T3QjVNlfhgn
lZW121dpE3/RcCVeiRzlNb5emqNIFAd/7cU4VXguiakRAs8jXl6bAOlzkSeJe7US
V0M2eEH1MHTHnT/3u7dXzbfDktGbFLpUK1qTtMGegHml+Ts/C+woHW0moxbJgNc9
gKgvwzW0uP0BMvj3ha3E8JCB63V/WUqH3M4ARiI6/axTHixsq1zI12gj1gQmBb2w
SapfMaoVMbUB1A==
-----END CERTIFICATE-----