Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
File:                     9aKrEck1CB9eSaaFyDl49vc9TaE.mft (raw, json)
Hash identifier:          ctq9ExV400iiJ/LSGRgV+l8+TCtqv1N+QlTBBzahcu0=
Subject key identifier:   C6:EE:E4:F6:73:1A:A5:C6:1C:7F:11:3D:28:6D:2E:02:CB:70:AD:E6
Authority key identifier: F5:A2:AB:11:C9:35:08:1F:5E:49:A6:85:C8:39:78:F6:F7:3D:4D:A1
Certificate issuer:       /CN=f5a2ab11c935081f5e49a685c83978f6f73d4da1
Certificate serial:       019652DB3571B6135A2F4009C466C0EF4D8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
Manifest number:          024A
Signing time:             Sun 20 Apr 2025 11:00:19 +0000
Manifest this update:     Sun 20 Apr 2025 11:00:19 +0000
Manifest next update:     Mon 21 Apr 2025 11:00:19 +0000
Files and hashes:         1: 9aKrEck1CB9eSaaFyDl49vc9TaE.crl (hash: Ooo1NElXbS77LjLhVeZmPSj6qXqbYxODaQSsqvbcNHg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 11:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:db:35:71:b6:13:5a:2f:40:09:c4:66:c0:ef:4d:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a2ab11c935081f5e49a685c83978f6f73d4da1
        Validity
            Not Before: Apr 20 11:00:19 2025 GMT
            Not After : Apr 21 11:00:19 2025 GMT
        Subject: CN=c6eee4f6731aa5c61c7f113d286d2e02cb70ade6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:ff:32:46:82:bf:1a:22:ed:37:6c:91:da:5d:
                    d0:bb:1c:0c:c0:65:41:68:1c:98:d4:88:d0:3d:7d:
                    2e:fe:f5:31:91:7d:b3:14:b0:e9:06:87:a7:7e:39:
                    0e:eb:8c:6c:d4:bb:b2:93:2f:06:75:ae:b5:a2:29:
                    33:a5:d1:30:96:9e:4d:6a:cf:21:85:e2:f4:1f:bb:
                    59:61:42:95:de:10:f5:18:77:e3:90:d5:c0:5d:b1:
                    af:16:c6:c3:fb:2c:9b:b5:00:43:a4:d7:f3:94:40:
                    60:6c:63:2b:ea:03:4a:a4:2e:74:12:cd:90:4d:b7:
                    d3:6a:b3:b5:2a:e4:86:69:52:68:16:44:cc:8f:b6:
                    64:aa:69:7c:24:d5:b9:b2:2a:07:f2:c5:82:27:04:
                    3c:36:60:62:e8:2c:6e:d9:19:cb:78:19:01:e6:e7:
                    f0:10:e8:16:00:d0:5d:18:53:ee:a6:93:3b:82:b3:
                    46:56:18:d9:59:af:08:49:15:ad:33:74:06:7a:b6:
                    fd:b3:7b:4a:4c:25:01:77:bf:38:14:ec:27:be:4c:
                    a5:c2:4d:9f:7b:af:07:75:b1:af:5b:f9:0e:6c:85:
                    b9:a6:f1:d1:89:fe:3f:59:7e:8e:d6:af:7a:10:29:
                    54:e5:0c:3c:ef:ea:58:d2:13:7c:81:e1:26:9b:b1:
                    de:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:EE:E4:F6:73:1A:A5:C6:1C:7F:11:3D:28:6D:2E:02:CB:70:AD:E6
            X509v3 Authority Key Identifier:
                keyid:F5:A2:AB:11:C9:35:08:1F:5E:49:A6:85:C8:39:78:F6:F7:3D:4D:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:95:df:da:e4:e4:ce:c9:c8:b6:37:7b:a6:b3:ce:f2:e1:4d:
         5a:71:5a:b7:c6:6e:48:75:ed:8b:98:85:07:4e:2d:70:c5:b0:
         95:03:50:14:db:77:cc:2f:b8:36:90:0b:64:60:cd:28:15:ca:
         b2:d2:8b:61:2f:12:84:4a:0d:62:5e:ed:a8:36:ea:2d:52:3d:
         30:a0:a3:3c:27:8e:25:f2:cb:60:7e:bd:dc:97:a4:31:23:29:
         6b:44:53:e1:9b:64:fa:d8:2c:6d:d0:c0:31:ed:0d:22:20:39:
         15:46:93:d0:24:eb:a2:b2:9f:66:d8:a7:f5:9e:7d:e1:09:f0:
         e2:c6:d5:52:a1:b0:5c:f9:73:c5:08:75:48:d5:81:96:04:08:
         ad:7e:51:21:44:fd:99:e2:f4:cc:79:58:93:1c:2f:5d:9d:1d:
         d9:39:01:c8:3d:8c:0e:71:a0:3d:85:92:56:78:07:93:6a:41:
         c7:01:c5:a7:2c:33:83:48:40:c2:33:16:53:31:83:6f:9c:4e:
         4a:e8:93:66:55:a9:a5:a9:1c:1f:26:55:6f:e3:44:16:8c:82:
         e0:34:b1:49:b3:fb:be:4b:8f:4e:04:ef:d4:26:82:c1:12:e4:
         88:9c:50:3c:34:a2:56:cd:0a:4d:47:78:26:f0:ec:a8:98:d3:
         4b:6c:ce:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZS2zVxthNaL0AJxGbA702KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YTJhYjExYzkzNTA4MWY1ZTQ5YTY4NWM4Mzk3OGY2Zjcz
ZDRkYTEwHhcNMjUwNDIwMTEwMDE5WhcNMjUwNDIxMTEwMDE5WjAzMTEwLwYDVQQD
EyhjNmVlZTRmNjczMWFhNWM2MWM3ZjExM2QyODZkMmUwMmNiNzBhZGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv8yRoK/GiLtN2yR2l3QuxwMwGVB
aByY1IjQPX0u/vUxkX2zFLDpBoenfjkO64xs1Luyky8Gda61oikzpdEwlp5Nas8h
heL0H7tZYUKV3hD1GHfjkNXAXbGvFsbD+yybtQBDpNfzlEBgbGMr6gNKpC50Es2Q
TbfTarO1KuSGaVJoFkTMj7Zkqml8JNW5sioH8sWCJwQ8NmBi6Cxu2RnLeBkB5ufw
EOgWANBdGFPuppM7grNGVhjZWa8ISRWtM3QGerb9s3tKTCUBd784FOwnvkylwk2f
e68HdbGvW/kObIW5pvHRif4/WX6O1q96EClU5Qw87+pY0hN8geEmm7HeqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMbu5PZzGqXGHH8RPShtLgLLcK3mMB8GA1UdIwQY
MBaAFPWiqxHJNQgfXkmmhcg5ePb3PU2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9kNzhiYjQtNTY4YS00NTQ1LWIyMTAt
NTNhYjg2NTk1ZmMwLzEvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9kNzhiYjQtNTY4YS00NTQ1LWIyMTAtNTNhYjg2NTk1ZmMw
LzEvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAppXf2uTk
zsnItjd7prPO8uFNWnFat8ZuSHXti5iFB04tcMWwlQNQFNt3zC+4NpALZGDNKBXK
stKLYS8ShEoNYl7tqDbqLVI9MKCjPCeOJfLLYH693JekMSMpa0RT4Ztk+tgsbdDA
Me0NIiA5FUaT0CTrorKfZtin9Z594Qnw4sbVUqGwXPlzxQh1SNWBlgQIrX5RIUT9
meL0zHlYkxwvXZ0d2TkByD2MDnGgPYWSVngHk2pBxwHFpywzg0hAwjMWUzGDb5xO
SuiTZlWppakcHyZVb+NEFoyC4DSxSbP7vkuPTgTv1CaCwRLkiJxQPDSiVs0KTUd4
JvDsqJjTS2zOkw==
-----END CERTIFICATE-----