Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
File:                     mTFQMIBh3NrF2EZc-ITGejuxkVk.mft (raw, json)
Hash identifier:          NsBBS2vtfyVssiuSCdz8nNCU7zC0/V6MxFCpq6rsfUs=
Subject key identifier:   26:C3:22:77:1D:49:0B:BB:E7:3D:AD:F9:1F:FF:75:2B:BD:10:23:73
Authority key identifier: 99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59
Certificate issuer:       /CN=993150308061dcdac5d8465cf884c67a3bb19159
Certificate serial:       0196451FAA8BB5D23BF1E7CAAC04C9CE8B8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
Manifest number:          05EA
Signing time:             Thu 17 Apr 2025 19:00:25 +0000
Manifest this update:     Thu 17 Apr 2025 19:00:25 +0000
Manifest next update:     Fri 18 Apr 2025 19:00:25 +0000
Files and hashes:         1: mTFQMIBh3NrF2EZc-ITGejuxkVk.crl (hash: GuTfv9/56SkYsTWmklMq/Smn2vg3IPXeQ0cq9U89KS8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:45:1f:aa:8b:b5:d2:3b:f1:e7:ca:ac:04:c9:ce:8b:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=993150308061dcdac5d8465cf884c67a3bb19159
        Validity
            Not Before: Apr 17 19:00:25 2025 GMT
            Not After : Apr 18 19:00:25 2025 GMT
        Subject: CN=26c322771d490bbbe73dadf91fff752bbd102373
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:9b:b5:44:46:7d:e5:b9:b3:b5:93:9c:3e:30:
                    cc:3f:6e:ca:bd:86:46:ea:07:c6:8d:67:c7:e9:9d:
                    3e:29:97:55:c1:d4:87:b1:b9:5f:2a:65:be:c1:3d:
                    e0:0f:65:26:1e:fb:7d:38:7f:db:64:be:65:f8:9a:
                    f6:4a:d8:ea:47:2d:5b:0c:84:7f:90:c9:29:37:7d:
                    87:7f:87:02:9c:52:ed:6a:86:d1:cc:99:65:47:dc:
                    87:43:36:a0:a5:26:63:6f:9a:b2:fa:bf:63:70:b1:
                    6e:ba:c5:e2:79:4e:29:09:3c:b9:df:d7:95:fb:fe:
                    7e:98:95:bd:22:ac:90:06:ba:67:c2:f5:cb:c4:27:
                    c8:b6:d0:01:e6:11:ed:c2:cc:e0:6c:db:6d:6f:56:
                    e5:31:19:80:df:16:fa:64:10:a1:29:39:b5:d5:b6:
                    0e:64:e5:e7:89:61:09:b7:a1:87:14:55:2e:64:60:
                    f0:fc:94:c7:09:fd:36:88:1a:a4:02:17:20:7a:f4:
                    93:9f:14:e2:fc:75:ba:d6:7b:2c:95:9c:99:e1:8b:
                    30:b5:3c:a6:33:7f:1c:a7:a3:c7:29:c8:0c:1d:83:
                    16:4f:ad:d4:1a:6c:e9:76:b0:b1:b3:7a:cd:65:bf:
                    e9:22:77:d2:00:51:78:fe:50:cf:a4:8a:44:07:05:
                    62:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:C3:22:77:1D:49:0B:BB:E7:3D:AD:F9:1F:FF:75:2B:BD:10:23:73
            X509v3 Authority Key Identifier:
                keyid:99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:5d:f3:f4:6f:a3:39:49:89:49:d6:a9:e1:8c:2b:d8:d2:49:
         65:c0:74:3a:49:18:d6:42:1a:36:9f:95:55:4f:74:99:be:7d:
         c3:ab:fa:a4:30:53:7a:81:d5:b5:17:23:cf:25:84:b8:6e:f8:
         22:7d:92:ff:50:ca:c6:55:74:c2:42:31:07:37:b4:b9:0d:79:
         ad:56:5f:b8:36:a0:43:92:6f:f6:61:e5:3d:d2:cd:72:c3:da:
         10:10:de:bd:10:43:ce:46:95:30:e6:f3:3c:14:2f:0a:51:e5:
         00:08:2b:04:d0:ae:c7:89:72:c6:03:90:18:da:79:42:b5:9c:
         ab:4d:3f:40:88:07:9c:92:80:26:bf:2b:1f:69:a1:0c:5e:d6:
         35:33:f7:73:27:60:40:f0:47:6b:b2:dd:2f:14:d1:b2:75:8b:
         56:57:ab:56:13:c1:58:4b:eb:85:48:0f:6b:bd:6c:39:22:4d:
         07:a7:0f:ca:68:dd:71:d9:8d:d9:24:98:b5:f1:bb:c3:0d:26:
         27:0a:46:9b:d9:1a:8e:52:4c:80:ea:9a:e6:8b:6d:bc:9e:0d:
         ab:fa:60:98:18:32:a6:05:7f:57:b7:27:ab:c8:a9:1a:cd:5d:
         0a:bb:e9:eb:28:f3:d2:b0:d7:bb:44:0f:0a:e2:cd:47:ba:f1:
         da:48:f9:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZFH6qLtdI78efKrATJzouMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MzE1MDMwODA2MWRjZGFjNWQ4NDY1Y2Y4ODRjNjdhM2Ji
MTkxNTkwHhcNMjUwNDE3MTkwMDI1WhcNMjUwNDE4MTkwMDI1WjAzMTEwLwYDVQQD
EygyNmMzMjI3NzFkNDkwYmJiZTczZGFkZjkxZmZmNzUyYmJkMTAyMzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5u1REZ95bmztZOcPjDMP27KvYZG
6gfGjWfH6Z0+KZdVwdSHsblfKmW+wT3gD2UmHvt9OH/bZL5l+Jr2StjqRy1bDIR/
kMkpN32Hf4cCnFLtaobRzJllR9yHQzagpSZjb5qy+r9jcLFuusXieU4pCTy539eV
+/5+mJW9IqyQBrpnwvXLxCfIttAB5hHtwszgbNttb1blMRmA3xb6ZBChKTm11bYO
ZOXniWEJt6GHFFUuZGDw/JTHCf02iBqkAhcgevSTnxTi/HW61nsslZyZ4YswtTym
M38cp6PHKcgMHYMWT63UGmzpdrCxs3rNZb/pInfSAFF4/lDPpIpEBwViswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCbDIncdSQu75z2t+R//dSu9ECNzMB8GA1UdIwQY
MBaAFJkxUDCAYdzaxdhGXPiExno7sZFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMt
NTJiMjMwZWNhY2FlLzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMtNTJiMjMwZWNhY2Fl
LzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd13z9G+j
OUmJSdap4Ywr2NJJZcB0OkkY1kIaNp+VVU90mb59w6v6pDBTeoHVtRcjzyWEuG74
In2S/1DKxlV0wkIxBze0uQ15rVZfuDagQ5Jv9mHlPdLNcsPaEBDevRBDzkaVMObz
PBQvClHlAAgrBNCux4lyxgOQGNp5QrWcq00/QIgHnJKAJr8rH2mhDF7WNTP3cydg
QPBHa7LdLxTRsnWLVlerVhPBWEvrhUgPa71sOSJNB6cPymjdcdmN2SSYtfG7ww0m
JwpGm9kajlJMgOqa5ottvJ4Nq/pgmBgypgV/V7cnq8ipGs1dCrvp6yjz0rDXu0QP
CuLNR7rx2kj53Q==
-----END CERTIFICATE-----