Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/2d52ae-3928-449e-86eb-66f053f6a4f8/1/pCqe9isMK_HTQWU5sqBKJlmMLEM.mft
File:                     pCqe9isMK_HTQWU5sqBKJlmMLEM.mft (raw, json)
Hash identifier:          2PkzRoyHI+3+S4uWzaHKK5SckPB5ictw0EMLrrZZyP4=
Subject key identifier:   27:B0:D8:86:11:42:BA:54:CC:FA:51:68:E4:B1:5F:99:0A:EC:55:A1
Authority key identifier: A4:2A:9E:F6:2B:0C:2B:F1:D3:41:65:39:B2:A0:4A:26:59:8C:2C:43
Certificate issuer:       /CN=a42a9ef62b0c2bf1d3416539b2a04a26598c2c43
Certificate serial:       019643D73BF42E75C56F989C7F5C4D9F0125
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pCqe9isMK_HTQWU5sqBKJlmMLEM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/2d52ae-3928-449e-86eb-66f053f6a4f8/1/pCqe9isMK_HTQWU5sqBKJlmMLEM.mft
Manifest number:          14F3
Signing time:             Thu 17 Apr 2025 13:01:41 +0000
Manifest this update:     Thu 17 Apr 2025 13:01:41 +0000
Manifest next update:     Fri 18 Apr 2025 13:01:41 +0000
Files and hashes:         1: pCqe9isMK_HTQWU5sqBKJlmMLEM.crl (hash: ZNNziu1Kh88ZdEQw6SvXtmcKQKTLXMwSb+x2vWDPjB4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/2d52ae-3928-449e-86eb-66f053f6a4f8/1/pCqe9isMK_HTQWU5sqBKJlmMLEM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/2d52ae-3928-449e-86eb-66f053f6a4f8/1/pCqe9isMK_HTQWU5sqBKJlmMLEM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pCqe9isMK_HTQWU5sqBKJlmMLEM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 13:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:43:d7:3b:f4:2e:75:c5:6f:98:9c:7f:5c:4d:9f:01:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a42a9ef62b0c2bf1d3416539b2a04a26598c2c43
        Validity
            Not Before: Apr 17 13:01:41 2025 GMT
            Not After : Apr 18 13:01:41 2025 GMT
        Subject: CN=27b0d8861142ba54ccfa5168e4b15f990aec55a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:85:ac:1e:5d:2c:9a:a7:71:19:af:46:3f:72:
                    cc:36:16:17:f9:ad:c8:39:38:f5:dd:c5:10:de:85:
                    89:0f:b5:16:5d:d4:a2:c7:de:6c:00:16:98:a1:55:
                    2a:fa:98:8a:5c:3f:24:b0:dd:f4:73:77:fa:10:9e:
                    25:9b:8a:3f:ac:07:1a:45:df:17:09:af:8a:1e:ce:
                    35:8b:04:94:df:b8:f9:60:66:2a:74:7c:73:8f:e7:
                    f1:ae:56:29:36:d7:6a:d9:73:bc:2d:b8:0a:97:b4:
                    b6:30:04:5e:78:83:88:2b:d9:27:eb:71:c4:74:6b:
                    ab:9a:0a:5e:2a:bc:ab:ba:fc:7a:80:1a:16:14:1b:
                    fd:89:ff:52:dc:54:c8:7d:12:63:d5:63:f3:74:8b:
                    16:64:a6:ef:87:5b:58:db:25:7c:13:83:6a:6c:12:
                    40:fe:d3:cc:ae:42:b0:f3:8a:39:c0:e5:5d:9f:d2:
                    33:b5:59:b8:4a:0a:e7:67:2b:0e:0f:66:33:4b:3b:
                    97:c2:7d:25:39:2d:4d:21:af:ef:8e:c6:8f:26:57:
                    54:01:01:17:cf:09:12:c3:3e:30:20:d3:25:e0:5a:
                    74:a2:c1:4c:38:9a:33:af:fa:0c:7e:56:40:1a:ee:
                    2c:c3:fa:d5:df:7d:ec:ce:5f:9c:04:64:9b:13:39:
                    30:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:B0:D8:86:11:42:BA:54:CC:FA:51:68:E4:B1:5F:99:0A:EC:55:A1
            X509v3 Authority Key Identifier:
                keyid:A4:2A:9E:F6:2B:0C:2B:F1:D3:41:65:39:B2:A0:4A:26:59:8C:2C:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCqe9isMK_HTQWU5sqBKJlmMLEM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/2d52ae-3928-449e-86eb-66f053f6a4f8/1/pCqe9isMK_HTQWU5sqBKJlmMLEM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/2d52ae-3928-449e-86eb-66f053f6a4f8/1/pCqe9isMK_HTQWU5sqBKJlmMLEM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:d7:74:e0:3a:01:51:30:68:91:8f:f9:77:d7:85:b8:5a:dd:
         af:6e:70:53:d9:c6:43:84:79:42:1d:07:00:0b:30:b9:98:59:
         f0:a4:a5:97:21:f8:22:47:fb:5a:09:39:52:51:97:76:e9:85:
         e5:22:11:a8:6c:87:47:ae:52:ad:b6:5e:68:ad:d4:40:4e:a9:
         78:60:95:34:09:1e:e7:28:08:c9:e5:20:17:e6:60:d5:77:da:
         0b:fa:5a:ce:52:da:cb:6d:b3:d6:74:63:13:03:5b:23:72:dc:
         26:ce:44:60:c9:77:dc:93:fe:0e:93:6f:db:64:b6:a0:5f:09:
         ae:ae:aa:ff:31:25:dd:a6:86:d9:86:28:9a:e3:28:50:37:49:
         4e:4f:56:97:6f:f3:79:ae:68:05:1b:e1:d6:2b:36:43:7b:8e:
         a9:6b:f0:c0:17:b2:6b:3d:d9:a1:e4:8d:42:bf:9c:84:be:de:
         04:d1:a3:62:89:0b:7c:58:f1:30:00:44:65:41:c8:48:35:52:
         cc:38:b2:0b:0f:f7:13:2f:05:7c:ff:63:81:54:45:f8:3c:db:
         83:14:f2:82:43:90:97:ec:fb:21:1c:f5:6e:0b:41:3a:33:48:
         1e:22:c1:0a:bb:2c:b9:1f:51:e3:e5:22:d1:e4:f6:4f:73:97:
         63:14:eb:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZD1zv0LnXFb5icf1xNnwElMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MmE5ZWY2MmIwYzJiZjFkMzQxNjUzOWIyYTA0YTI2NTk4
YzJjNDMwHhcNMjUwNDE3MTMwMTQxWhcNMjUwNDE4MTMwMTQxWjAzMTEwLwYDVQQD
EygyN2IwZDg4NjExNDJiYTU0Y2NmYTUxNjhlNGIxNWY5OTBhZWM1NWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4WsHl0smqdxGa9GP3LMNhYX+a3I
OTj13cUQ3oWJD7UWXdSix95sABaYoVUq+piKXD8ksN30c3f6EJ4lm4o/rAcaRd8X
Ca+KHs41iwSU37j5YGYqdHxzj+fxrlYpNtdq2XO8LbgKl7S2MAReeIOIK9kn63HE
dGurmgpeKryruvx6gBoWFBv9if9S3FTIfRJj1WPzdIsWZKbvh1tY2yV8E4NqbBJA
/tPMrkKw84o5wOVdn9IztVm4SgrnZysOD2YzSzuXwn0lOS1NIa/vjsaPJldUAQEX
zwkSwz4wINMl4Fp0osFMOJozr/oMflZAGu4sw/rV333szl+cBGSbEzkwkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCew2IYRQrpUzPpRaOSxX5kK7FWhMB8GA1UdIwQY
MBaAFKQqnvYrDCvx00FlObKgSiZZjCxDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcENxZTlpc01LX0hUUVdVNXNxQktKbG1NTEVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8yZDUyYWUtMzkyOC00NDllLTg2ZWIt
NjZmMDUzZjZhNGY4LzEvcENxZTlpc01LX0hUUVdVNXNxQktKbG1NTEVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8yZDUyYWUtMzkyOC00NDllLTg2ZWItNjZmMDUzZjZhNGY4
LzEvcENxZTlpc01LX0hUUVdVNXNxQktKbG1NTEVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABtd04DoB
UTBokY/5d9eFuFrdr25wU9nGQ4R5Qh0HAAswuZhZ8KSllyH4Ikf7Wgk5UlGXdumF
5SIRqGyHR65SrbZeaK3UQE6peGCVNAke5ygIyeUgF+Zg1XfaC/pazlLay22z1nRj
EwNbI3LcJs5EYMl33JP+DpNv22S2oF8Jrq6q/zEl3aaG2YYomuMoUDdJTk9Wl2/z
ea5oBRvh1is2Q3uOqWvwwBeyaz3ZoeSNQr+chL7eBNGjYokLfFjxMABEZUHISDVS
zDiyCw/3Ey8FfP9jgVRF+DzbgxTygkOQl+z7IRz1bgtBOjNIHiLBCrssuR9R4+Ui
0eT2T3OXYxTrxQ==
-----END CERTIFICATE-----