Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/d5d9a0-e655-45da-9442-56591571d161/1/sQBtYOzMF8WGM3oONk176YAd6fE.mft
File:                     sQBtYOzMF8WGM3oONk176YAd6fE.mft (raw, json)
Hash identifier:          hQmNLPHkY+JUpN53xkHlxIJ6MJoOZUIxgnOGE7S/9U4=
Subject key identifier:   E1:30:CD:E6:EE:C3:5A:33:B9:33:DE:AF:85:D0:B1:6B:4F:4A:7B:3E
Authority key identifier: B1:00:6D:60:EC:CC:17:C5:86:33:7A:0E:36:4D:7B:E9:80:1D:E9:F1
Certificate issuer:       /CN=b1006d60eccc17c586337a0e364d7be9801de9f1
Certificate serial:       019657CBA5453910403D4620A466D424093F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sQBtYOzMF8WGM3oONk176YAd6fE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/d5d9a0-e655-45da-9442-56591571d161/1/sQBtYOzMF8WGM3oONk176YAd6fE.mft
Manifest number:          148D
Signing time:             Mon 21 Apr 2025 10:01:25 +0000
Manifest this update:     Mon 21 Apr 2025 10:01:25 +0000
Manifest next update:     Tue 22 Apr 2025 10:01:25 +0000
Files and hashes:         1: sQBtYOzMF8WGM3oONk176YAd6fE.crl (hash: +bZdFaVHH99f9sn6LyvH1VnWL8shfjqWHqJUQxpn6+E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/d5d9a0-e655-45da-9442-56591571d161/1/sQBtYOzMF8WGM3oONk176YAd6fE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/d5d9a0-e655-45da-9442-56591571d161/1/sQBtYOzMF8WGM3oONk176YAd6fE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sQBtYOzMF8WGM3oONk176YAd6fE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:cb:a5:45:39:10:40:3d:46:20:a4:66:d4:24:09:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1006d60eccc17c586337a0e364d7be9801de9f1
        Validity
            Not Before: Apr 21 10:01:25 2025 GMT
            Not After : Apr 22 10:01:25 2025 GMT
        Subject: CN=e130cde6eec35a33b933deaf85d0b16b4f4a7b3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:f2:af:c7:26:bc:98:ee:a5:a2:b6:19:ac:6b:
                    cb:c2:ea:29:2f:e1:e2:92:89:6a:a5:ce:ad:d6:71:
                    fb:94:12:37:56:81:20:b9:30:35:90:d6:f7:ef:30:
                    3d:46:a3:d4:b2:0a:63:37:ae:bb:dd:c5:b0:31:d1:
                    9b:0e:7a:58:da:80:25:63:62:bc:d6:a6:f7:f0:f8:
                    95:9f:c2:58:a1:a9:8f:94:95:cd:3a:a7:a9:1c:b5:
                    0a:39:8e:e6:53:1c:e4:a3:c3:11:0e:3f:81:0e:a3:
                    24:d8:8b:82:5c:5f:8f:ea:a8:00:63:cf:34:17:1e:
                    cb:b9:fd:59:37:4a:72:8e:aa:a4:0d:69:94:64:99:
                    47:6f:e4:69:fe:dc:6c:7d:a6:eb:9e:55:65:82:89:
                    c4:b5:fa:1a:34:2e:d5:b3:30:a9:cb:34:46:a0:fd:
                    32:4e:bb:35:5e:1b:48:61:54:69:c5:33:99:b9:58:
                    9c:8d:1b:d7:83:ef:d8:28:d9:29:d8:63:ab:cc:db:
                    3c:a9:a5:f0:43:b4:e2:ef:4e:3c:75:9c:7c:c3:b7:
                    b9:b8:fe:67:06:e6:c3:a9:2f:db:22:26:58:48:04:
                    3d:8e:00:fb:4d:26:7e:e2:5f:e3:4b:bb:d8:58:b5:
                    ba:6d:45:be:f6:05:fa:27:d7:62:e0:d4:df:f4:cb:
                    75:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:30:CD:E6:EE:C3:5A:33:B9:33:DE:AF:85:D0:B1:6B:4F:4A:7B:3E
            X509v3 Authority Key Identifier:
                keyid:B1:00:6D:60:EC:CC:17:C5:86:33:7A:0E:36:4D:7B:E9:80:1D:E9:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sQBtYOzMF8WGM3oONk176YAd6fE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/d5d9a0-e655-45da-9442-56591571d161/1/sQBtYOzMF8WGM3oONk176YAd6fE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/d5d9a0-e655-45da-9442-56591571d161/1/sQBtYOzMF8WGM3oONk176YAd6fE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:49:a5:e2:71:42:72:f5:67:63:00:a4:d7:60:85:b1:0e:d1:
         7b:42:bf:0c:75:f0:94:9b:93:f5:93:dc:26:b3:0a:b4:37:42:
         17:5e:4d:56:59:66:aa:5a:d0:a2:e9:94:cf:0d:7b:d5:a9:f1:
         10:0c:c5:9d:48:fa:d0:48:83:79:b6:51:bd:a3:41:f9:91:49:
         a5:f9:7d:a0:90:69:e5:c1:7b:8c:d3:00:9b:5a:21:9e:10:ac:
         39:5b:ce:c5:a3:e2:4c:48:aa:7a:d3:29:ec:1e:11:c1:23:f4:
         b7:4d:2a:2e:78:ea:63:4e:2c:57:a0:a2:04:83:7e:a6:50:6d:
         3e:84:ae:d3:48:33:2a:23:bc:b4:75:b3:cb:9f:a3:48:35:0c:
         da:62:d6:67:7f:9c:77:dc:54:62:f1:9f:e5:55:3a:d3:38:d2:
         a7:91:b1:59:ce:59:ac:d0:86:05:77:77:1d:2a:1d:a9:b1:e7:
         79:d8:25:14:3a:dc:09:50:da:bd:1e:d5:86:6d:de:89:ed:45:
         49:a2:59:e9:cf:90:f7:64:45:e6:ca:bb:04:0f:b0:80:22:f0:
         75:10:b4:41:5e:d6:be:c6:bc:7c:62:27:b4:e9:8a:da:47:fb:
         c2:40:53:7c:b0:bc:73:a6:ca:f2:a6:6f:6c:b7:b5:d5:57:ba:
         c5:11:fa:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXy6VFORBAPUYgpGbUJAk/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMDA2ZDYwZWNjYzE3YzU4NjMzN2EwZTM2NGQ3YmU5ODAx
ZGU5ZjEwHhcNMjUwNDIxMTAwMTI1WhcNMjUwNDIyMTAwMTI1WjAzMTEwLwYDVQQD
EyhlMTMwY2RlNmVlYzM1YTMzYjkzM2RlYWY4NWQwYjE2YjRmNGE3YjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvKvxya8mO6lorYZrGvLwuopL+Hi
kolqpc6t1nH7lBI3VoEguTA1kNb37zA9RqPUsgpjN6673cWwMdGbDnpY2oAlY2K8
1qb38PiVn8JYoamPlJXNOqepHLUKOY7mUxzko8MRDj+BDqMk2IuCXF+P6qgAY880
Fx7Luf1ZN0pyjqqkDWmUZJlHb+Rp/txsfabrnlVlgonEtfoaNC7VszCpyzRGoP0y
Trs1XhtIYVRpxTOZuVicjRvXg+/YKNkp2GOrzNs8qaXwQ7Ti7048dZx8w7e5uP5n
BubDqS/bIiZYSAQ9jgD7TSZ+4l/jS7vYWLW6bUW+9gX6J9di4NTf9Mt1WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOEwzebuw1ozuTPer4XQsWtPSns+MB8GA1UdIwQY
MBaAFLEAbWDszBfFhjN6DjZNe+mAHenxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1FCdFlPek1GOFdHTTNvT05rMTc2WUFkNmZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9kNWQ5YTAtZTY1NS00NWRhLTk0NDIt
NTY1OTE1NzFkMTYxLzEvc1FCdFlPek1GOFdHTTNvT05rMTc2WUFkNmZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9kNWQ5YTAtZTY1NS00NWRhLTk0NDItNTY1OTE1NzFkMTYx
LzEvc1FCdFlPek1GOFdHTTNvT05rMTc2WUFkNmZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMkml4nFC
cvVnYwCk12CFsQ7Re0K/DHXwlJuT9ZPcJrMKtDdCF15NVllmqlrQoumUzw171anx
EAzFnUj60EiDebZRvaNB+ZFJpfl9oJBp5cF7jNMAm1ohnhCsOVvOxaPiTEiqetMp
7B4RwSP0t00qLnjqY04sV6CiBIN+plBtPoSu00gzKiO8tHWzy5+jSDUM2mLWZ3+c
d9xUYvGf5VU60zjSp5GxWc5ZrNCGBXd3HSodqbHnedglFDrcCVDavR7Vhm3eie1F
SaJZ6c+Q92RF5sq7BA+wgCLwdRC0QV7Wvsa8fGIntOmK2kf7wkBTfLC8c6bK8qZv
bLe11Ve6xRH6iA==
-----END CERTIFICATE-----