Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
File:                     a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json)
Hash identifier:          UXIXSB8DPc83APkx2WtQPEf+8ySUGolcbAy0PngXzjc=
Subject key identifier:   87:42:49:65:F8:28:D5:EF:7E:FB:49:8D:BB:89:2F:7A:2C:3C:94:22
Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61
Certificate issuer:       /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
Certificate serial:       01964CD91E3D7062D9ED6F4B50236BDE82B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
Manifest number:          08B9
Signing time:             Sat 19 Apr 2025 07:00:19 +0000
Manifest this update:     Sat 19 Apr 2025 07:00:19 +0000
Manifest next update:     Sun 20 Apr 2025 07:00:19 +0000
Files and hashes:         1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: W61d/wF/EGE2rrXFdJSptntuAQU+AMXfvMqZaCUS8iA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:d9:1e:3d:70:62:d9:ed:6f:4b:50:23:6b:de:82:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
        Validity
            Not Before: Apr 19 07:00:19 2025 GMT
            Not After : Apr 20 07:00:19 2025 GMT
        Subject: CN=87424965f828d5ef7efb498dbb892f7a2c3c9422
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:cc:5f:af:f5:4a:76:c6:f8:69:bd:02:22:29:
                    8f:99:ad:5c:9e:d4:48:7b:46:02:bc:89:48:e5:97:
                    70:32:38:94:e4:b4:5a:40:b3:81:4f:a8:d5:04:70:
                    3a:17:8f:c2:96:bc:9f:7d:49:3d:0e:d1:01:14:5d:
                    25:04:fd:a9:b2:e8:e7:01:32:b9:f0:34:83:53:3f:
                    2b:5c:1a:48:6e:df:cd:27:38:10:2b:e2:06:46:1f:
                    b7:93:d7:6e:77:aa:6c:77:40:55:44:b1:75:14:aa:
                    a6:a4:43:c0:9e:a5:09:dc:55:66:45:4d:16:e1:11:
                    d2:45:de:31:43:17:f6:14:0f:67:6a:c6:c0:6b:a5:
                    29:1d:d3:df:7f:5f:3d:13:7e:4e:f2:c1:7c:c1:e5:
                    4e:d4:36:3f:d3:3a:48:83:4c:a4:fd:32:0a:04:40:
                    58:d4:ad:4f:0d:e7:a4:a4:d6:90:91:55:ab:02:44:
                    4d:8b:8b:49:e6:cc:43:a7:fc:8d:04:a7:95:f9:b7:
                    bb:0c:f6:0a:1c:0d:55:e6:48:73:2c:36:4a:e2:8d:
                    29:ad:73:ae:64:aa:b5:a3:13:2d:b8:2f:58:b1:71:
                    47:7a:71:74:0d:55:82:40:39:0b:8e:db:48:12:8f:
                    a7:dc:36:87:1c:f5:c0:3b:02:3f:56:a0:ed:a8:79:
                    dc:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:42:49:65:F8:28:D5:EF:7E:FB:49:8D:BB:89:2F:7A:2C:3C:94:22
            X509v3 Authority Key Identifier:
                keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:87:57:d6:7d:91:fc:d4:d7:71:1d:32:23:4d:6e:6f:06:65:
         28:09:6d:bd:84:7d:8a:fb:10:37:19:b9:6b:85:b0:82:11:af:
         d0:de:80:98:ba:7c:fb:e4:fd:a1:3d:85:b3:77:29:5a:e9:f0:
         36:1d:4f:9c:3b:06:4f:78:92:b4:78:8e:8a:bc:05:87:f9:4c:
         ed:db:7f:cd:c2:ad:92:ac:47:0b:e4:66:d8:8b:77:61:93:6c:
         92:7a:21:76:65:53:aa:7c:90:4f:e5:8a:fb:c9:ad:4f:a3:12:
         ff:c2:79:9a:0c:e5:5e:43:85:a8:9c:77:e7:fd:e4:3b:fb:3e:
         ee:85:4d:32:43:26:06:41:b2:09:22:04:ea:93:64:55:6d:9c:
         a6:f0:5a:36:bc:3c:eb:aa:38:d9:27:f7:8e:bf:a5:31:a5:e4:
         7b:5a:2f:3a:6f:41:45:a2:d5:c2:48:e7:35:df:f9:fe:6e:3d:
         1e:5e:29:6d:71:9e:b5:95:ad:82:38:c0:b1:25:7b:c5:e2:db:
         29:c2:9a:aa:88:d0:81:6d:83:59:d8:e7:5a:2e:df:63:c9:d0:
         96:77:8f:c1:55:5e:c0:80:7c:eb:cb:22:d8:4d:e3:6e:8a:5a:
         a4:fd:e0:32:aa:6d:cf:96:d4:2b:55:52:5c:d2:57:7c:2e:d0:
         69:12:b3:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZM2R49cGLZ7W9LUCNr3oK3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj
ZmFkNjEwHhcNMjUwNDE5MDcwMDE5WhcNMjUwNDIwMDcwMDE5WjAzMTEwLwYDVQQD
Eyg4NzQyNDk2NWY4MjhkNWVmN2VmYjQ5OGRiYjg5MmY3YTJjM2M5NDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcxfr/VKdsb4ab0CIimPma1cntRI
e0YCvIlI5ZdwMjiU5LRaQLOBT6jVBHA6F4/ClryffUk9DtEBFF0lBP2psujnATK5
8DSDUz8rXBpIbt/NJzgQK+IGRh+3k9dud6psd0BVRLF1FKqmpEPAnqUJ3FVmRU0W
4RHSRd4xQxf2FA9nasbAa6UpHdPff189E35O8sF8weVO1DY/0zpIg0yk/TIKBEBY
1K1PDeekpNaQkVWrAkRNi4tJ5sxDp/yNBKeV+be7DPYKHA1V5khzLDZK4o0prXOu
ZKq1oxMtuC9YsXFHenF0DVWCQDkLjttIEo+n3DaHHPXAOwI/VqDtqHncSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIdCSWX4KNXvfvtJjbuJL3osPJQiMB8GA1UdIwQY
MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt
MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5
LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALodX1n2R
/NTXcR0yI01ubwZlKAltvYR9ivsQNxm5a4WwghGv0N6AmLp8++T9oT2Fs3cpWunw
Nh1PnDsGT3iStHiOirwFh/lM7dt/zcKtkqxHC+Rm2It3YZNsknohdmVTqnyQT+WK
+8mtT6MS/8J5mgzlXkOFqJx35/3kO/s+7oVNMkMmBkGyCSIE6pNkVW2cpvBaNrw8
66o42Sf3jr+lMaXke1ovOm9BRaLVwkjnNd/5/m49Hl4pbXGetZWtgjjAsSV7xeLb
KcKaqojQgW2DWdjnWi7fY8nQlnePwVVewIB868si2E3jbopapP3gMqptz5bUK1VS
XNJXfC7QaRKzig==
-----END CERTIFICATE-----