Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/160aea-31e5-4b75-9bcb-2b3bc0c198ad/1/c5ojygLNDwflNvtppcC5vqDaYKU.mft
File:                     c5ojygLNDwflNvtppcC5vqDaYKU.mft (raw, json)
Hash identifier:          5WeLKI5KVinL2yR5F+u7HT9Ii3o+GeIZPzEFXw1MPZg=
Subject key identifier:   9D:29:74:CA:59:19:F0:65:70:99:7E:89:79:1B:34:71:F7:3B:45:BE
Authority key identifier: 73:9A:23:CA:02:CD:0F:07:E5:36:FB:69:A5:C0:B9:BE:A0:DA:60:A5
Certificate issuer:       /CN=739a23ca02cd0f07e536fb69a5c0b9bea0da60a5
Certificate serial:       0196579411F2C2CF1800A1074F5478926A97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c5ojygLNDwflNvtppcC5vqDaYKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/160aea-31e5-4b75-9bcb-2b3bc0c198ad/1/c5ojygLNDwflNvtppcC5vqDaYKU.mft
Manifest number:          07F2
Signing time:             Mon 21 Apr 2025 09:00:43 +0000
Manifest this update:     Mon 21 Apr 2025 09:00:43 +0000
Manifest next update:     Tue 22 Apr 2025 09:00:43 +0000
Files and hashes:         1: c5ojygLNDwflNvtppcC5vqDaYKU.crl (hash: ab5m3LsJsPRz95R/NnsK5TQNbsBnQjNGVj5AvtG1SOs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/160aea-31e5-4b75-9bcb-2b3bc0c198ad/1/c5ojygLNDwflNvtppcC5vqDaYKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/160aea-31e5-4b75-9bcb-2b3bc0c198ad/1/c5ojygLNDwflNvtppcC5vqDaYKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/c5ojygLNDwflNvtppcC5vqDaYKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:94:11:f2:c2:cf:18:00:a1:07:4f:54:78:92:6a:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=739a23ca02cd0f07e536fb69a5c0b9bea0da60a5
        Validity
            Not Before: Apr 21 09:00:43 2025 GMT
            Not After : Apr 22 09:00:43 2025 GMT
        Subject: CN=9d2974ca5919f06570997e89791b3471f73b45be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:48:27:14:0a:39:b8:14:5d:67:61:ac:13:14:
                    f6:fe:33:9d:ea:bf:34:a6:5c:0b:1f:f1:1c:de:0e:
                    cc:42:92:b1:2a:ec:83:ac:38:01:aa:00:48:6a:00:
                    fa:19:14:a4:cc:31:21:2d:53:52:c7:a8:e2:06:83:
                    32:2f:f1:aa:07:51:5c:b5:bb:56:3a:c7:b3:83:d2:
                    cf:44:82:3b:7f:56:30:b9:0e:39:c1:76:62:f0:45:
                    a8:ac:e1:a4:fa:80:c3:e3:45:89:d8:8e:f9:90:c3:
                    2a:2a:25:0b:41:96:11:c4:88:6b:e5:7d:59:17:fd:
                    a1:ca:bd:98:a3:87:73:92:b4:16:0b:ff:6b:92:41:
                    93:a4:2c:0b:82:72:0a:6e:df:d5:cc:af:c1:54:91:
                    01:ce:1e:c0:4c:98:1e:a5:92:4c:7f:19:46:56:f7:
                    ef:49:43:5e:5d:22:0b:2f:12:88:a9:a3:40:0a:a2:
                    df:ba:61:40:f5:16:4e:d6:0e:99:b9:e3:1e:02:9c:
                    b0:cc:ed:43:2d:6c:ff:d1:11:f2:35:b0:60:9d:34:
                    22:95:2b:62:b7:f6:90:6b:a9:c8:32:e0:14:98:ca:
                    db:6f:19:73:08:88:a8:c2:a8:d0:7f:71:fa:0a:e1:
                    4b:11:9b:59:d6:3d:a6:9a:c9:62:20:7c:d3:13:0e:
                    bf:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:29:74:CA:59:19:F0:65:70:99:7E:89:79:1B:34:71:F7:3B:45:BE
            X509v3 Authority Key Identifier:
                keyid:73:9A:23:CA:02:CD:0F:07:E5:36:FB:69:A5:C0:B9:BE:A0:DA:60:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5ojygLNDwflNvtppcC5vqDaYKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/160aea-31e5-4b75-9bcb-2b3bc0c198ad/1/c5ojygLNDwflNvtppcC5vqDaYKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/160aea-31e5-4b75-9bcb-2b3bc0c198ad/1/c5ojygLNDwflNvtppcC5vqDaYKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:99:79:ca:14:b0:8c:6c:b8:0a:40:4a:8a:b3:8b:e7:ee:88:
         75:c9:aa:b4:c0:6b:dd:85:a3:fc:43:da:87:30:10:77:f1:93:
         da:14:b8:24:07:28:f8:fd:3a:f9:47:1e:72:80:ce:35:2a:01:
         22:e8:69:d3:09:c9:15:84:dc:3c:7b:61:bb:e6:49:96:a2:c4:
         a9:05:04:7d:e3:23:7b:20:12:8b:da:62:8a:cd:7a:7a:e3:37:
         2c:8f:0c:b8:07:98:16:f1:ec:0a:e4:47:b8:02:e2:9b:42:b9:
         89:57:de:3e:0e:38:c9:58:b2:01:b7:ca:0d:1d:45:eb:84:ff:
         d3:83:93:05:b3:6e:f0:e6:8d:57:80:e7:4b:ad:f5:7d:25:1d:
         bc:c8:90:23:6b:27:26:c8:a7:24:20:50:36:d9:ce:82:e7:99:
         cd:36:61:7a:69:6b:fe:8d:4a:d7:53:06:dd:89:02:d6:18:c1:
         b3:1a:9e:80:64:88:30:1f:a0:8b:cd:99:89:4f:c1:cc:08:25:
         f9:2a:97:db:e4:a4:f8:a9:2c:69:d3:e1:e6:cc:f5:98:2a:77:
         1d:c9:c2:ed:bf:cc:28:66:43:a2:f7:ad:ac:bd:74:c8:f6:cf:
         f6:b5:b6:7d:a7:63:21:a2:f8:40:60:aa:36:50:99:66:78:b6:
         f4:0d:25:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXlBHyws8YAKEHT1R4kmqXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczOWEyM2NhMDJjZDBmMDdlNTM2ZmI2OWE1YzBiOWJlYTBk
YTYwYTUwHhcNMjUwNDIxMDkwMDQzWhcNMjUwNDIyMDkwMDQzWjAzMTEwLwYDVQQD
Eyg5ZDI5NzRjYTU5MTlmMDY1NzA5OTdlODk3OTFiMzQ3MWY3M2I0NWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20gnFAo5uBRdZ2GsExT2/jOd6r80
plwLH/Ec3g7MQpKxKuyDrDgBqgBIagD6GRSkzDEhLVNSx6jiBoMyL/GqB1FctbtW
Osezg9LPRII7f1YwuQ45wXZi8EWorOGk+oDD40WJ2I75kMMqKiULQZYRxIhr5X1Z
F/2hyr2Yo4dzkrQWC/9rkkGTpCwLgnIKbt/VzK/BVJEBzh7ATJgepZJMfxlGVvfv
SUNeXSILLxKIqaNACqLfumFA9RZO1g6ZueMeApywzO1DLWz/0RHyNbBgnTQilSti
t/aQa6nIMuAUmMrbbxlzCIiowqjQf3H6CuFLEZtZ1j2mmsliIHzTEw6/fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ0pdMpZGfBlcJl+iXkbNHH3O0W+MB8GA1UdIwQY
MBaAFHOaI8oCzQ8H5Tb7aaXAub6g2mClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzVvanlnTE5Ed2ZsTnZ0cHBjQzV2cURhWUtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xNjBhZWEtMzFlNS00Yjc1LTliY2It
MmIzYmMwYzE5OGFkLzEvYzVvanlnTE5Ed2ZsTnZ0cHBjQzV2cURhWUtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xNjBhZWEtMzFlNS00Yjc1LTliY2ItMmIzYmMwYzE5OGFk
LzEvYzVvanlnTE5Ed2ZsTnZ0cHBjQzV2cURhWUtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi5l5yhSw
jGy4CkBKirOL5+6IdcmqtMBr3YWj/EPahzAQd/GT2hS4JAco+P06+UcecoDONSoB
Iuhp0wnJFYTcPHthu+ZJlqLEqQUEfeMjeyASi9piis16euM3LI8MuAeYFvHsCuRH
uALim0K5iVfePg44yViyAbfKDR1F64T/04OTBbNu8OaNV4DnS631fSUdvMiQI2sn
JsinJCBQNtnOgueZzTZhemlr/o1K11MG3YkC1hjBsxqegGSIMB+gi82ZiU/BzAgl
+SqX2+Sk+KksadPh5sz1mCp3HcnC7b/MKGZDovetrL10yPbP9rW2fadjIaL4QGCq
NlCZZni29A0lDg==
-----END CERTIFICATE-----