Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
File:                     A1mTnOHGqpvru2WA4VbuvYcd87I.mft (raw, json)
Hash identifier:          OtHC3tyxYXV3QaO463g6EOL86TRx8JFgDvjQ15J5wBE=
Subject key identifier:   6C:E4:A6:1C:02:16:12:71:D9:0B:0A:CD:E9:6C:04:84:82:B4:7D:0C
Authority key identifier: 03:59:93:9C:E1:C6:AA:9B:EB:BB:65:80:E1:56:EE:BD:87:1D:F3:B2
Certificate issuer:       /CN=0359939ce1c6aa9bebbb6580e156eebd871df3b2
Certificate serial:       019655A5C950AC916A534021A5D6564F7D5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
Manifest number:          0355
Signing time:             Mon 21 Apr 2025 00:00:50 +0000
Manifest this update:     Mon 21 Apr 2025 00:00:50 +0000
Manifest next update:     Tue 22 Apr 2025 00:00:50 +0000
Files and hashes:         1: A1mTnOHGqpvru2WA4VbuvYcd87I.crl (hash: X6U/laSXkNhl28l1SEho7qDRTJS1H+ySdPHCbeSaqYY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 00:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:a5:c9:50:ac:91:6a:53:40:21:a5:d6:56:4f:7d:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0359939ce1c6aa9bebbb6580e156eebd871df3b2
        Validity
            Not Before: Apr 21 00:00:50 2025 GMT
            Not After : Apr 22 00:00:50 2025 GMT
        Subject: CN=6ce4a61c02161271d90b0acde96c048482b47d0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:06:c3:9b:47:3f:47:8c:f6:67:5e:b1:97:1a:
                    5b:bc:34:ac:ed:ea:27:fb:16:27:03:7e:f0:ab:77:
                    4f:1e:0d:d2:60:f0:6b:40:75:83:59:5c:ba:52:40:
                    15:24:92:70:c5:76:68:bd:9a:1f:d3:76:08:7a:63:
                    97:4e:9c:09:3a:2d:c0:1c:57:45:19:c0:c3:d9:11:
                    c9:f6:54:43:b3:f4:de:fb:ef:09:2e:3c:6a:ec:68:
                    70:01:8b:03:cf:cf:51:6d:ec:ee:58:13:a1:4a:e3:
                    7f:10:24:f9:27:b2:08:5c:e4:3d:98:31:ac:8d:73:
                    a5:9b:f4:53:ae:9d:a8:0f:10:c7:be:59:3b:11:8d:
                    35:4b:2c:53:75:7e:d5:7d:b4:f8:23:83:98:9f:f2:
                    09:2f:74:18:f3:01:ed:1c:ea:97:ad:4b:39:44:0c:
                    e6:6c:56:71:32:54:c2:84:b3:52:5d:fb:b7:f4:91:
                    aa:15:7c:c3:3f:5f:01:8d:be:ea:60:f8:c4:36:46:
                    91:5b:ea:55:8a:4c:d9:cd:8a:92:71:b9:e9:0d:54:
                    59:c1:d7:5a:a9:8c:e6:88:74:1f:ad:7d:42:92:dd:
                    3d:b3:56:ca:81:a9:13:a6:0c:e1:dd:7c:59:bc:09:
                    27:37:12:31:b1:6c:a5:02:13:33:c7:a7:4f:1d:11:
                    c1:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:E4:A6:1C:02:16:12:71:D9:0B:0A:CD:E9:6C:04:84:82:B4:7D:0C
            X509v3 Authority Key Identifier:
                keyid:03:59:93:9C:E1:C6:AA:9B:EB:BB:65:80:E1:56:EE:BD:87:1D:F3:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:91:4c:0a:38:95:75:f4:17:ae:a6:13:f6:ac:32:fc:ed:f9:
         cd:e0:6b:2a:64:24:a4:6b:46:8d:55:6b:86:cc:c9:38:da:a8:
         4b:f8:dc:6f:5b:32:e8:5d:71:1c:fa:ef:98:23:3d:8a:a7:36:
         b2:33:e4:42:1a:21:59:4e:38:47:28:53:55:d3:cc:95:25:de:
         4c:9b:11:5b:43:28:4a:82:75:26:40:fb:00:f9:72:ba:b8:52:
         f1:d7:34:be:6b:83:f0:d9:7f:c1:0c:69:d5:9b:1a:d9:b2:f3:
         2a:3a:12:c3:1b:35:2e:4a:17:38:32:3e:39:3e:8a:08:a8:11:
         d8:c2:8a:e1:33:12:ed:90:d1:f1:2f:18:6e:5e:d1:74:ac:c9:
         f1:4f:0a:80:94:1d:64:e7:0d:ab:04:61:2d:e1:b7:5d:c9:ef:
         59:50:73:53:d3:b0:6f:52:b6:b1:8d:cd:7b:7c:88:27:0d:38:
         8d:41:06:2c:18:48:45:6e:88:ba:cd:ae:9b:15:dc:d5:1a:ae:
         4e:c8:f8:24:41:e4:5b:41:a2:09:ea:7c:b5:f9:43:fe:f2:91:
         1d:c0:d9:8f:f0:07:b1:29:53:84:59:a1:3e:fe:3e:3b:b0:c6:
         c9:36:86:43:da:a0:6a:5c:fe:bf:6d:b5:96:f1:33:f2:69:61:
         4e:fb:1b:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpclQrJFqU0AhpdZWT31cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNTk5MzljZTFjNmFhOWJlYmJiNjU4MGUxNTZlZWJkODcx
ZGYzYjIwHhcNMjUwNDIxMDAwMDUwWhcNMjUwNDIyMDAwMDUwWjAzMTEwLwYDVQQD
Eyg2Y2U0YTYxYzAyMTYxMjcxZDkwYjBhY2RlOTZjMDQ4NDgyYjQ3ZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwbDm0c/R4z2Z16xlxpbvDSs7eon
+xYnA37wq3dPHg3SYPBrQHWDWVy6UkAVJJJwxXZovZof03YIemOXTpwJOi3AHFdF
GcDD2RHJ9lRDs/Te++8JLjxq7GhwAYsDz89RbezuWBOhSuN/ECT5J7IIXOQ9mDGs
jXOlm/RTrp2oDxDHvlk7EY01SyxTdX7VfbT4I4OYn/IJL3QY8wHtHOqXrUs5RAzm
bFZxMlTChLNSXfu39JGqFXzDP18Bjb7qYPjENkaRW+pVikzZzYqScbnpDVRZwdda
qYzmiHQfrX1Ckt09s1bKgakTpgzh3XxZvAknNxIxsWylAhMzx6dPHRHBDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGzkphwCFhJx2QsKzelsBISCtH0MMB8GA1UdIwQY
MBaAFANZk5zhxqqb67tlgOFW7r2HHfOyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS82NWJiNGMtYjI4MS00Yjg0LTgxYzAt
YTk2MmMyYjdiMTUzLzEvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS82NWJiNGMtYjI4MS00Yjg0LTgxYzAtYTk2MmMyYjdiMTUz
LzEvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKZFMCjiV
dfQXrqYT9qwy/O35zeBrKmQkpGtGjVVrhszJONqoS/jcb1sy6F1xHPrvmCM9iqc2
sjPkQhohWU44RyhTVdPMlSXeTJsRW0MoSoJ1JkD7APlyurhS8dc0vmuD8Nl/wQxp
1Zsa2bLzKjoSwxs1LkoXODI+OT6KCKgR2MKK4TMS7ZDR8S8Ybl7RdKzJ8U8KgJQd
ZOcNqwRhLeG3XcnvWVBzU9Owb1K2sY3Ne3yIJw04jUEGLBhIRW6Ius2umxXc1Rqu
Tsj4JEHkW0GiCep8tflD/vKRHcDZj/AHsSlThFmhPv4+O7DGyTaGQ9qgalz+v221
lvEz8mlhTvsbXg==
-----END CERTIFICATE-----