Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft
File:                     iX81rEgorqlfpdLYBNM6ewz_RYo.mft (raw, json)
Hash identifier:          twOCpW8bXJ6g16XgF5WsC2lgBhaRlkV2YUQ51y2l3a0=
Subject key identifier:   D4:2E:29:09:00:BB:F5:77:82:34:CC:70:67:38:40:9F:71:00:9A:B9
Authority key identifier: 89:7F:35:AC:48:28:AE:A9:5F:A5:D2:D8:04:D3:3A:7B:0C:FF:45:8A
Certificate issuer:       /CN=897f35ac4828aea95fa5d2d804d33a7b0cff458a
Certificate serial:       01964D101679257F1774488BF7DA12B5E880
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iX81rEgorqlfpdLYBNM6ewz_RYo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft
Manifest number:          03BB
Signing time:             Sat 19 Apr 2025 08:00:22 +0000
Manifest this update:     Sat 19 Apr 2025 08:00:22 +0000
Manifest next update:     Sun 20 Apr 2025 08:00:22 +0000
Files and hashes:         1: iX81rEgorqlfpdLYBNM6ewz_RYo.crl (hash: sBwI7L/pc956CPzV/QuXSx3oDDhXlv9D0LAG4Ho7WFE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iX81rEgorqlfpdLYBNM6ewz_RYo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:10:16:79:25:7f:17:74:48:8b:f7:da:12:b5:e8:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=897f35ac4828aea95fa5d2d804d33a7b0cff458a
        Validity
            Not Before: Apr 19 08:00:22 2025 GMT
            Not After : Apr 20 08:00:22 2025 GMT
        Subject: CN=d42e290900bbf5778234cc706738409f71009ab9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:fe:50:10:45:ca:2d:1c:d0:ea:b5:54:a9:c1:
                    cc:98:35:f7:30:b7:fa:0a:57:11:12:b7:c0:eb:01:
                    c8:b9:ce:d0:05:03:d2:2a:7c:9e:fb:11:3d:ed:18:
                    47:b3:3e:57:8e:38:23:86:9b:44:c3:9a:9e:25:91:
                    a7:e2:30:dd:cf:aa:27:11:5b:bc:c6:52:24:b6:c8:
                    79:20:ae:02:3f:ec:8f:27:ba:78:7f:b5:65:71:3a:
                    0c:c8:23:ca:25:0c:b3:90:61:fe:a0:8c:d5:4e:56:
                    38:8b:21:e5:2c:53:04:eb:ba:6c:fd:25:85:d4:f1:
                    77:d5:37:a5:0b:ea:a8:ea:4a:50:87:30:6f:f4:1d:
                    b9:60:20:e7:8a:47:9d:d2:13:7d:2d:6d:c0:93:53:
                    7d:7f:7a:2e:4b:0b:fd:f3:18:6f:df:36:1d:00:54:
                    02:3b:2e:b6:6e:1b:c0:4e:ab:1e:14:9f:98:bd:cc:
                    c7:a6:61:f9:20:91:61:d4:4b:22:da:fa:1f:4a:82:
                    b1:75:13:52:92:32:73:94:f9:6b:9b:57:ac:17:e4:
                    5b:5b:13:01:4c:63:9d:e1:25:0d:b8:cc:d8:73:e5:
                    97:09:1d:54:c7:90:52:8e:fe:1a:a4:90:d8:86:92:
                    9e:3c:17:62:25:b1:3c:71:75:a9:56:a1:ce:b1:b9:
                    99:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:2E:29:09:00:BB:F5:77:82:34:CC:70:67:38:40:9F:71:00:9A:B9
            X509v3 Authority Key Identifier:
                keyid:89:7F:35:AC:48:28:AE:A9:5F:A5:D2:D8:04:D3:3A:7B:0C:FF:45:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iX81rEgorqlfpdLYBNM6ewz_RYo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:08:00:f9:98:bd:1b:90:8a:1f:d8:ff:f7:1c:30:c8:44:f8:
         8b:21:f8:23:57:3f:55:f5:b7:04:52:76:a7:9b:68:86:48:53:
         9f:0e:13:a9:b7:ee:02:5a:dd:55:1a:65:6f:c8:a4:cd:1d:0b:
         39:5e:e1:15:4f:05:a3:e7:97:56:b0:0f:36:a4:95:59:21:81:
         b2:ea:28:e2:28:92:5e:98:29:47:0a:69:9b:f5:00:3a:80:81:
         d2:f0:7b:5d:0a:23:d5:b7:45:a7:4d:19:62:60:a7:6f:2f:32:
         7b:e0:c8:fa:14:70:a9:4b:b6:4e:c8:9d:0d:d0:5a:1e:66:ad:
         91:b9:87:1e:fc:48:e6:9c:ab:05:f4:11:f1:ec:0e:14:25:1f:
         08:0d:74:b9:b1:8d:4d:df:7f:e0:d1:91:89:ef:5e:8d:03:09:
         c4:90:cc:bb:b5:9e:d0:07:28:f2:39:f1:fc:49:e4:c8:8c:5e:
         fe:bb:e1:80:74:18:86:76:f2:a1:d4:16:94:37:d5:c9:66:0b:
         52:3c:8a:d0:6a:9d:2d:3b:8b:8f:9a:2d:f3:b9:57:7e:5a:78:
         dc:34:f0:1d:a0:2a:fd:f1:13:1a:16:de:f6:4d:83:b4:f4:2c:
         a8:6b:0d:59:9c:be:9f:80:49:4b:54:36:4a:8d:b6:38:74:5b:
         57:54:98:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNEBZ5JX8XdEiL99oSteiAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5N2YzNWFjNDgyOGFlYTk1ZmE1ZDJkODA0ZDMzYTdiMGNm
ZjQ1OGEwHhcNMjUwNDE5MDgwMDIyWhcNMjUwNDIwMDgwMDIyWjAzMTEwLwYDVQQD
EyhkNDJlMjkwOTAwYmJmNTc3ODIzNGNjNzA2NzM4NDA5ZjcxMDA5YWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/5QEEXKLRzQ6rVUqcHMmDX3MLf6
ClcRErfA6wHIuc7QBQPSKnye+xE97RhHsz5XjjgjhptEw5qeJZGn4jDdz6onEVu8
xlIktsh5IK4CP+yPJ7p4f7VlcToMyCPKJQyzkGH+oIzVTlY4iyHlLFME67ps/SWF
1PF31TelC+qo6kpQhzBv9B25YCDniked0hN9LW3Ak1N9f3ouSwv98xhv3zYdAFQC
Oy62bhvATqseFJ+YvczHpmH5IJFh1Esi2vofSoKxdRNSkjJzlPlrm1esF+RbWxMB
TGOd4SUNuMzYc+WXCR1Ux5BSjv4apJDYhpKePBdiJbE8cXWpVqHOsbmZewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQuKQkAu/V3gjTMcGc4QJ9xAJq5MB8GA1UdIwQY
MBaAFIl/NaxIKK6pX6XS2ATTOnsM/0WKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVg4MXJFZ29ycWxmcGRMWUJOTTZld3pfUllvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9kYmEyZjctN2MyYi00NjcwLWExZGYt
YjBlNDEwM2Y0OTYyLzEvaVg4MXJFZ29ycWxmcGRMWUJOTTZld3pfUllvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9kYmEyZjctN2MyYi00NjcwLWExZGYtYjBlNDEwM2Y0OTYy
LzEvaVg4MXJFZ29ycWxmcGRMWUJOTTZld3pfUllvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoggA+Zi9
G5CKH9j/9xwwyET4iyH4I1c/VfW3BFJ2p5tohkhTnw4TqbfuAlrdVRplb8ikzR0L
OV7hFU8Fo+eXVrAPNqSVWSGBsuoo4iiSXpgpRwppm/UAOoCB0vB7XQoj1bdFp00Z
YmCnby8ye+DI+hRwqUu2TsidDdBaHmatkbmHHvxI5pyrBfQR8ewOFCUfCA10ubGN
Td9/4NGRie9ejQMJxJDMu7We0Aco8jnx/EnkyIxe/rvhgHQYhnbyodQWlDfVyWYL
UjyK0GqdLTuLj5ot87lXflp43DTwHaAq/fETGhbe9k2DtPQsqGsNWZy+n4BJS1Q2
So22OHRbV1SYOA==
-----END CERTIFICATE-----