Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
File:                     9aKrEck1CB9eSaaFyDl49vc9TaE.mft (raw, json)
Hash identifier:          xxt4ee512j89Yhyi6sonoMrvN0KQYrgz6LzqdbOjiI4=
Subject key identifier:   10:BA:68:0B:C5:BA:CA:80:5D:FD:9C:4C:45:8B:D6:80:0E:31:07:75
Authority key identifier: F5:A2:AB:11:C9:35:08:1F:5E:49:A6:85:C8:39:78:F6:F7:3D:4D:A1
Certificate issuer:       /CN=f5a2ab11c935081f5e49a685c83978f6f73d4da1
Certificate serial:       01974A0CD33E923B9BEB2C458D574C6875AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
Manifest number:          02CA
Signing time:             Sat 07 Jun 2025 11:00:43 +0000
Manifest this update:     Sat 07 Jun 2025 11:00:43 +0000
Manifest next update:     Sun 08 Jun 2025 11:00:43 +0000
Files and hashes:         1: 9aKrEck1CB9eSaaFyDl49vc9TaE.crl (hash: R5D8YNj87q+lEsHLBbUVa0VTnNFN4HvpefH63e5pNUU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:0c:d3:3e:92:3b:9b:eb:2c:45:8d:57:4c:68:75:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a2ab11c935081f5e49a685c83978f6f73d4da1
        Validity
            Not Before: Jun  7 11:00:43 2025 GMT
            Not After : Jun  8 11:00:43 2025 GMT
        Subject: CN=10ba680bc5baca805dfd9c4c458bd6800e310775
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:80:e1:9d:45:56:a4:68:0c:7a:4f:ae:4f:ab:
                    ad:ed:67:81:8d:0b:3c:be:6c:a6:8e:3c:92:c1:e8:
                    32:69:fc:1a:e6:0b:71:3c:6f:fe:7c:60:a5:15:f0:
                    55:88:db:1f:32:d3:2c:c6:35:45:a8:d2:c1:fb:81:
                    81:65:f8:92:97:27:2f:4a:8d:63:50:6b:9f:c7:a3:
                    e1:be:eb:28:8f:8c:a0:20:65:b0:3b:5c:5f:a3:f2:
                    03:58:ba:a0:fa:b6:83:25:64:3f:2d:61:51:04:aa:
                    4b:b3:91:22:e1:a5:0d:34:19:7a:4c:a2:8b:ef:0c:
                    b7:d4:49:76:4f:c1:26:da:53:d8:da:5a:04:84:13:
                    3d:ff:fb:c7:a2:d5:e3:e3:ac:91:3c:62:cc:32:f7:
                    a8:6a:10:cd:fd:70:89:66:24:e1:6e:4e:8f:af:a0:
                    05:8f:fc:e4:7e:8e:34:5a:4c:24:b8:b5:63:b0:21:
                    d5:a5:b3:fa:4b:d3:89:bb:01:df:5f:8a:86:b9:9a:
                    b8:cc:c2:c8:3f:2c:eb:24:c0:0f:35:8e:9b:15:7c:
                    8d:8a:9c:ab:eb:c3:e6:b4:9a:4a:f2:49:dc:b6:fb:
                    2c:cd:87:c8:22:00:2a:4f:48:01:2f:ac:71:20:b5:
                    fc:09:ac:66:45:e5:f6:86:1a:43:07:8b:06:ce:18:
                    07:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:BA:68:0B:C5:BA:CA:80:5D:FD:9C:4C:45:8B:D6:80:0E:31:07:75
            X509v3 Authority Key Identifier:
                keyid:F5:A2:AB:11:C9:35:08:1F:5E:49:A6:85:C8:39:78:F6:F7:3D:4D:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:ea:3d:04:ed:d8:f8:66:e4:a5:a5:83:3e:fa:d4:d3:5e:9b:
         22:84:e3:bc:c7:e2:f8:28:81:97:e6:2f:c1:10:83:15:4b:b6:
         43:96:ba:1c:ef:83:67:c6:a0:bb:2f:af:8b:86:d5:48:90:bf:
         c7:ea:f7:76:53:d4:2e:9f:6f:51:a5:20:a5:bb:cc:5f:de:05:
         81:2c:07:dd:7e:3e:5a:e1:5d:e5:62:8d:71:67:9d:33:04:22:
         0c:7f:cf:14:ee:c3:10:17:39:fa:32:37:33:cb:1f:49:7b:37:
         fc:dd:79:a5:92:d1:bc:bc:17:a9:6f:fb:a0:0b:e0:03:1a:4a:
         1a:7c:ed:83:1c:49:5f:3a:0a:80:27:98:84:b6:6f:f7:72:c0:
         99:b5:8f:3e:ce:09:f4:9e:d7:62:37:1b:9b:0b:d2:32:42:85:
         aa:ab:c8:98:75:e9:47:14:63:3c:fd:00:02:bc:ee:72:e3:ab:
         d3:0f:7f:bf:b7:c2:87:6d:84:0f:3c:d1:e4:cd:33:d3:7f:7d:
         c5:a5:1b:f9:40:37:22:5a:31:c0:6f:5a:33:88:12:51:77:ad:
         ff:bc:23:d6:35:4d:dd:a4:43:87:95:54:f1:db:ee:2e:5b:9e:
         87:c3:6d:93:47:2f:f8:38:48:11:b5:f2:17:02:66:03:c0:03:
         3c:55:c7:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKDNM+kjub6yxFjVdMaHWsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YTJhYjExYzkzNTA4MWY1ZTQ5YTY4NWM4Mzk3OGY2Zjcz
ZDRkYTEwHhcNMjUwNjA3MTEwMDQzWhcNMjUwNjA4MTEwMDQzWjAzMTEwLwYDVQQD
EygxMGJhNjgwYmM1YmFjYTgwNWRmZDljNGM0NThiZDY4MDBlMzEwNzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoDhnUVWpGgMek+uT6ut7WeBjQs8
vmymjjySwegyafwa5gtxPG/+fGClFfBViNsfMtMsxjVFqNLB+4GBZfiSlycvSo1j
UGufx6Phvusoj4ygIGWwO1xfo/IDWLqg+raDJWQ/LWFRBKpLs5Ei4aUNNBl6TKKL
7wy31El2T8Em2lPY2loEhBM9//vHotXj46yRPGLMMveoahDN/XCJZiThbk6Pr6AF
j/zkfo40WkwkuLVjsCHVpbP6S9OJuwHfX4qGuZq4zMLIPyzrJMAPNY6bFXyNipyr
68PmtJpK8knctvsszYfIIgAqT0gBL6xxILX8CaxmReX2hhpDB4sGzhgHZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBC6aAvFusqAXf2cTEWL1oAOMQd1MB8GA1UdIwQY
MBaAFPWiqxHJNQgfXkmmhcg5ePb3PU2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9kNzhiYjQtNTY4YS00NTQ1LWIyMTAt
NTNhYjg2NTk1ZmMwLzEvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9kNzhiYjQtNTY4YS00NTQ1LWIyMTAtNTNhYjg2NTk1ZmMw
LzEvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdeo9BO3Y
+GbkpaWDPvrU016bIoTjvMfi+CiBl+YvwRCDFUu2Q5a6HO+DZ8aguy+vi4bVSJC/
x+r3dlPULp9vUaUgpbvMX94FgSwH3X4+WuFd5WKNcWedMwQiDH/PFO7DEBc5+jI3
M8sfSXs3/N15pZLRvLwXqW/7oAvgAxpKGnztgxxJXzoKgCeYhLZv93LAmbWPPs4J
9J7XYjcbmwvSMkKFqqvImHXpRxRjPP0AArzucuOr0w9/v7fCh22EDzzR5M0z0399
xaUb+UA3IloxwG9aM4gSUXet/7wj1jVN3aRDh5VU8dvuLlueh8Ntk0cv+DhIEbXy
FwJmA8ADPFXHKA==
-----END CERTIFICATE-----