Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
File:                     EST0oQ141Lq7esUlnCG3Pv5XetA.mft (raw, json)
Hash identifier:          p8qa/7xi9XH1PtCbdUhAVB6y/iM3GKMNoZ1O8kogmAE=
Subject key identifier:   67:79:B9:87:8E:F4:99:54:54:5D:0B:E1:A6:D9:64:8E:AF:EB:61:A9
Authority key identifier: 11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0
Certificate issuer:       /CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
Certificate serial:       0196526DA82D64AF1B5BC545E9A7945A41E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
Manifest number:          01BB
Signing time:             Sun 20 Apr 2025 09:00:40 +0000
Manifest this update:     Sun 20 Apr 2025 09:00:40 +0000
Manifest next update:     Mon 21 Apr 2025 09:00:40 +0000
Files and hashes:         1: EST0oQ141Lq7esUlnCG3Pv5XetA.crl (hash: K0xNZEX0m0P+lqTXDOQQj/PHKMPEYyI3P1NbEJ0P98g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 09:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:6d:a8:2d:64:af:1b:5b:c5:45:e9:a7:94:5a:41:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
        Validity
            Not Before: Apr 20 09:00:40 2025 GMT
            Not After : Apr 21 09:00:40 2025 GMT
        Subject: CN=6779b9878ef49954545d0be1a6d9648eafeb61a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:a7:5b:5b:dd:d6:8c:98:2f:a0:2b:a4:68:28:
                    0b:61:b6:1e:92:6a:01:5f:fe:83:41:a9:f3:b2:40:
                    b8:95:79:8a:b7:97:77:54:f5:e9:ea:75:07:64:f3:
                    fb:e1:f1:d9:74:b3:f4:65:d9:48:90:d3:bb:5b:e3:
                    8e:3b:0c:ee:56:c8:ce:a1:d6:e3:a9:f0:02:04:51:
                    34:09:2b:0f:d3:31:c3:86:9a:a3:8a:45:ec:4f:6d:
                    ba:64:eb:58:51:63:f7:0c:95:71:a8:e3:3f:71:ca:
                    19:71:0d:70:56:53:17:d4:b6:92:df:f2:1d:02:ff:
                    f9:9c:33:65:cf:b4:65:b2:75:b9:cb:9d:d5:f6:5f:
                    1e:8f:ec:d1:99:1c:d3:c2:30:97:a5:be:35:9a:5c:
                    28:36:b6:e4:21:1a:1f:30:50:c6:2d:f1:7a:cd:99:
                    71:f5:de:2c:de:f9:33:b8:d3:24:66:9e:13:e4:90:
                    00:13:b0:16:37:e7:df:19:e6:86:38:21:a6:52:96:
                    50:f9:27:71:66:ed:e2:cd:d6:3d:38:66:b9:de:40:
                    80:21:e5:05:e5:f3:ea:5f:32:91:bb:e7:bb:76:af:
                    dd:0c:5e:58:77:a1:45:f4:72:0d:0f:37:ec:63:56:
                    c8:8c:5e:db:f9:00:48:4e:4c:d0:82:50:d3:dd:57:
                    f6:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:79:B9:87:8E:F4:99:54:54:5D:0B:E1:A6:D9:64:8E:AF:EB:61:A9
            X509v3 Authority Key Identifier:
                keyid:11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:84:1c:13:e7:c5:68:26:8c:98:24:f3:26:63:56:85:f1:1b:
         96:a7:9c:8b:a8:6d:1a:02:1e:30:80:3e:3a:c0:eb:ff:e4:5c:
         66:f0:39:5b:5f:50:89:ff:76:0a:f8:be:be:21:b7:61:49:01:
         d2:51:e2:91:be:75:a4:48:1c:54:97:e0:6e:df:c6:76:76:52:
         4a:7b:b9:48:3e:59:0c:f3:dc:51:0f:65:26:62:46:a2:5a:1b:
         1d:77:c6:0e:20:94:e1:fc:bb:bb:3b:a1:8e:8e:9e:62:8b:f7:
         24:00:db:67:06:81:8c:89:1a:4f:cd:1a:e7:f0:ac:ae:8a:7f:
         53:6e:72:c9:f0:f6:ef:fc:ee:90:20:78:a1:80:b1:17:f7:9c:
         bb:5a:19:fb:68:79:e5:1d:a6:98:6d:c0:1c:95:fc:a8:7c:c2:
         a3:79:64:b1:2b:c1:a2:9a:51:20:07:cc:fd:e3:fb:1a:b2:95:
         82:67:72:67:15:3d:e6:37:0b:58:86:04:fb:65:e1:66:b4:76:
         f0:3b:a5:da:7e:4a:a1:d4:8e:79:32:da:5a:1c:06:3e:3a:d8:
         73:25:a2:3a:33:5b:f9:a3:0a:62:e3:36:d6:f9:d4:2d:61:94:
         37:1b:93:e5:67:7b:64:fe:ab:c8:b8:02:32:d5:bc:29:9d:67:
         d2:6d:84:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSbagtZK8bW8VF6aeUWkHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjRmNGExMGQ3OGQ0YmFiYjdhYzUyNTljMjFiNzNlZmU1
NzdhZDAwHhcNMjUwNDIwMDkwMDQwWhcNMjUwNDIxMDkwMDQwWjAzMTEwLwYDVQQD
Eyg2Nzc5Yjk4NzhlZjQ5OTU0NTQ1ZDBiZTFhNmQ5NjQ4ZWFmZWI2MWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxadbW93WjJgvoCukaCgLYbYekmoB
X/6DQanzskC4lXmKt5d3VPXp6nUHZPP74fHZdLP0ZdlIkNO7W+OOOwzuVsjOodbj
qfACBFE0CSsP0zHDhpqjikXsT226ZOtYUWP3DJVxqOM/ccoZcQ1wVlMX1LaS3/Id
Av/5nDNlz7RlsnW5y53V9l8ej+zRmRzTwjCXpb41mlwoNrbkIRofMFDGLfF6zZlx
9d4s3vkzuNMkZp4T5JAAE7AWN+ffGeaGOCGmUpZQ+SdxZu3izdY9OGa53kCAIeUF
5fPqXzKRu+e7dq/dDF5Yd6FF9HINDzfsY1bIjF7b+QBITkzQglDT3Vf2nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGd5uYeO9JlUVF0L4abZZI6v62GpMB8GA1UdIwQY
MBaAFBEk9KENeNS6u3rFJZwhtz7+V3rQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5Zjgt
M2RjMzA2Y2VhNTkxLzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5ZjgtM2RjMzA2Y2VhNTkx
LzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkIQcE+fF
aCaMmCTzJmNWhfEblqeci6htGgIeMIA+OsDr/+RcZvA5W19Qif92Cvi+viG3YUkB
0lHikb51pEgcVJfgbt/GdnZSSnu5SD5ZDPPcUQ9lJmJGolobHXfGDiCU4fy7uzuh
jo6eYov3JADbZwaBjIkaT80a5/Csrop/U25yyfD27/zukCB4oYCxF/ecu1oZ+2h5
5R2mmG3AHJX8qHzCo3lksSvBoppRIAfM/eP7GrKVgmdyZxU95jcLWIYE+2XhZrR2
8Dul2n5KodSOeTLaWhwGPjrYcyWiOjNb+aMKYuM21vnULWGUNxuT5Wd7ZP6ryLgC
MtW8KZ1n0m2Ejw==
-----END CERTIFICATE-----