Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/627557-78a8-4b4e-a3b8-9a818ddd1558/1/EDjXopVKMtKv0WuIs2OzkGgc1ZM.mft
File:                     EDjXopVKMtKv0WuIs2OzkGgc1ZM.mft (raw, json)
Hash identifier:          Ujk/gnleKFr7s362BYMfFB2gakOkH/dj3oMIqK5gF1c=
Subject key identifier:   29:25:5B:06:B7:6C:0D:81:B8:98:B7:36:9E:22:29:43:8E:43:E9:FA
Authority key identifier: 10:38:D7:A2:95:4A:32:D2:AF:D1:6B:88:B3:63:B3:90:68:1C:D5:93
Certificate issuer:       /CN=1038d7a2954a32d2afd16b88b363b390681cd593
Certificate serial:       019677FB5F87FBD580AE35F8FE5349589ACF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EDjXopVKMtKv0WuIs2OzkGgc1ZM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/627557-78a8-4b4e-a3b8-9a818ddd1558/1/EDjXopVKMtKv0WuIs2OzkGgc1ZM.mft
Manifest number:          0DE3
Signing time:             Sun 27 Apr 2025 16:01:24 +0000
Manifest this update:     Sun 27 Apr 2025 16:01:24 +0000
Manifest next update:     Mon 28 Apr 2025 16:01:24 +0000
Files and hashes:         1: EDjXopVKMtKv0WuIs2OzkGgc1ZM.crl (hash: UlZ+4FlGuFdrYUvHl8/r/RXGC3qM7e48Msl5GH41sR8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/627557-78a8-4b4e-a3b8-9a818ddd1558/1/EDjXopVKMtKv0WuIs2OzkGgc1ZM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/627557-78a8-4b4e-a3b8-9a818ddd1558/1/EDjXopVKMtKv0WuIs2OzkGgc1ZM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EDjXopVKMtKv0WuIs2OzkGgc1ZM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fb:5f:87:fb:d5:80:ae:35:f8:fe:53:49:58:9a:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1038d7a2954a32d2afd16b88b363b390681cd593
        Validity
            Not Before: Apr 27 16:01:24 2025 GMT
            Not After : Apr 28 16:01:24 2025 GMT
        Subject: CN=29255b06b76c0d81b898b7369e2229438e43e9fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:c8:43:ce:b4:38:eb:a8:d8:dd:26:b2:8f:d5:
                    d3:66:41:13:c7:45:87:7e:0b:4b:7b:3d:02:e2:40:
                    78:d3:2f:42:86:91:02:b1:f0:5d:81:9e:09:85:96:
                    79:da:57:7b:7c:05:02:cc:d9:59:20:7a:3d:de:fc:
                    f4:b8:ce:bb:82:04:4c:61:b2:68:6e:01:0e:02:b8:
                    e0:ce:6f:78:ef:37:b8:4b:da:28:b9:b8:f5:67:9a:
                    ef:e5:08:4f:6d:da:eb:58:44:e3:96:bb:9b:63:bf:
                    67:17:c2:5c:8f:ec:c6:ca:d2:7b:d9:7f:a0:64:b3:
                    ca:78:68:56:24:3e:7f:35:5b:a4:6f:50:c1:73:b4:
                    09:38:64:94:95:06:24:ce:60:bb:5d:8a:97:bb:bb:
                    c4:aa:e1:5f:f3:7c:62:16:45:0a:e8:dd:f1:8b:75:
                    1a:d3:03:94:8d:e8:88:e3:8f:94:90:6a:52:c2:80:
                    c6:fa:d2:23:f3:d3:fa:56:8f:7d:4f:44:6a:b1:53:
                    6a:7e:61:cd:05:53:41:8c:91:59:0c:9c:47:71:7c:
                    22:5a:5c:1a:24:bb:9e:a8:ae:20:d9:03:25:bd:e3:
                    1a:9a:8a:e5:23:47:99:75:fb:34:67:52:fa:26:a1:
                    9a:35:09:09:97:95:13:dc:17:83:b2:46:5e:c6:fe:
                    2c:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:25:5B:06:B7:6C:0D:81:B8:98:B7:36:9E:22:29:43:8E:43:E9:FA
            X509v3 Authority Key Identifier:
                keyid:10:38:D7:A2:95:4A:32:D2:AF:D1:6B:88:B3:63:B3:90:68:1C:D5:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EDjXopVKMtKv0WuIs2OzkGgc1ZM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/627557-78a8-4b4e-a3b8-9a818ddd1558/1/EDjXopVKMtKv0WuIs2OzkGgc1ZM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/627557-78a8-4b4e-a3b8-9a818ddd1558/1/EDjXopVKMtKv0WuIs2OzkGgc1ZM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:7c:31:5b:c0:d2:4c:b4:2a:e5:25:ac:3c:46:64:0c:b0:5a:
         5d:23:7f:7d:3b:36:57:45:71:11:38:82:64:96:c7:45:57:dc:
         ae:21:b0:35:f9:63:48:04:d6:dc:e1:8f:12:26:ae:6a:5c:9b:
         07:63:63:57:87:11:b7:f2:46:b6:97:f6:65:3d:8e:d6:8d:4f:
         64:83:85:15:29:37:50:ab:b5:30:aa:d4:49:30:a5:f6:6c:ba:
         50:d3:86:3d:39:f3:a1:22:98:53:fd:74:2d:a3:d6:a1:00:66:
         87:11:4e:20:0d:4a:8f:c4:64:86:61:62:79:ec:26:28:ee:02:
         09:08:d2:d0:85:aa:3b:09:e0:27:03:f7:93:b2:e8:09:8b:aa:
         5a:b3:61:79:5e:6d:f6:ea:c8:ab:c3:28:0f:8e:37:0a:2a:14:
         fe:58:6c:0b:df:9b:f5:07:60:8b:ce:62:60:82:22:2e:4b:21:
         65:01:43:df:20:a2:4a:14:4a:e4:11:a3:61:ef:16:e0:9d:71:
         32:f7:1f:07:9e:3c:60:19:cc:5b:c9:2b:e5:a4:ce:c6:1a:1b:
         62:bf:35:ec:ae:53:53:17:0d:d1:45:ca:07:f3:4d:22:19:dd:
         9a:b7:a2:db:24:1d:64:f1:52:90:ba:7d:50:e1:55:dd:a9:d1:
         9e:02:e4:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+1+H+9WArjX4/lNJWJrPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMzhkN2EyOTU0YTMyZDJhZmQxNmI4OGIzNjNiMzkwNjgx
Y2Q1OTMwHhcNMjUwNDI3MTYwMTI0WhcNMjUwNDI4MTYwMTI0WjAzMTEwLwYDVQQD
EygyOTI1NWIwNmI3NmMwZDgxYjg5OGI3MzY5ZTIyMjk0MzhlNDNlOWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMhDzrQ466jY3Sayj9XTZkETx0WH
fgtLez0C4kB40y9ChpECsfBdgZ4JhZZ52ld7fAUCzNlZIHo93vz0uM67ggRMYbJo
bgEOArjgzm947ze4S9ooubj1Z5rv5QhPbdrrWETjlrubY79nF8Jcj+zGytJ72X+g
ZLPKeGhWJD5/NVukb1DBc7QJOGSUlQYkzmC7XYqXu7vEquFf83xiFkUK6N3xi3Ua
0wOUjeiI44+UkGpSwoDG+tIj89P6Vo99T0RqsVNqfmHNBVNBjJFZDJxHcXwiWlwa
JLueqK4g2QMlveMamorlI0eZdfs0Z1L6JqGaNQkJl5UT3BeDskZexv4s1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCklWwa3bA2BuJi3Np4iKUOOQ+n6MB8GA1UdIwQY
MBaAFBA416KVSjLSr9FriLNjs5BoHNWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRURqWG9wVktNdEt2MFd1SXMyT3prR2djMVpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82Mjc1NTctNzhhOC00YjRlLWEzYjgt
OWE4MThkZGQxNTU4LzEvRURqWG9wVktNdEt2MFd1SXMyT3prR2djMVpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82Mjc1NTctNzhhOC00YjRlLWEzYjgtOWE4MThkZGQxNTU4
LzEvRURqWG9wVktNdEt2MFd1SXMyT3prR2djMVpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlXwxW8DS
TLQq5SWsPEZkDLBaXSN/fTs2V0VxETiCZJbHRVfcriGwNfljSATW3OGPEiaualyb
B2NjV4cRt/JGtpf2ZT2O1o1PZIOFFSk3UKu1MKrUSTCl9my6UNOGPTnzoSKYU/10
LaPWoQBmhxFOIA1Kj8RkhmFieewmKO4CCQjS0IWqOwngJwP3k7LoCYuqWrNheV5t
9urIq8MoD443CioU/lhsC9+b9Qdgi85iYIIiLkshZQFD3yCiShRK5BGjYe8W4J1x
MvcfB548YBnMW8kr5aTOxhobYr817K5TUxcN0UXKB/NNIhndmrei2yQdZPFSkLp9
UOFV3anRngLkHQ==
-----END CERTIFICATE-----