Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft
File:                     qhC-mR89uJUJcQwgZ233qKS_4bQ.mft (raw, json)
Hash identifier:          YTPAau2dkmf85PqZEKvbAALzqaGmO0tWz/bJQ93NEBo=
Subject key identifier:   EB:02:DD:A7:84:59:C5:95:64:7D:BF:70:EA:B4:F1:D4:79:FE:3F:89
Authority key identifier: AA:10:BE:99:1F:3D:B8:95:09:71:0C:20:67:6D:F7:A8:A4:BF:E1:B4
Certificate issuer:       /CN=aa10be991f3db89509710c20676df7a8a4bfe1b4
Certificate serial:       01965613957DCFFE711F192D3CDC3F4FE378
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qhC-mR89uJUJcQwgZ233qKS_4bQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft
Manifest number:          090B
Signing time:             Mon 21 Apr 2025 02:00:46 +0000
Manifest this update:     Mon 21 Apr 2025 02:00:46 +0000
Manifest next update:     Tue 22 Apr 2025 02:00:46 +0000
Files and hashes:         1: qhC-mR89uJUJcQwgZ233qKS_4bQ.crl (hash: SrjCRZbTAZeiM58BaRZok7WJ7EE3pAJY4G/quLxSSO0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qhC-mR89uJUJcQwgZ233qKS_4bQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:56:13:95:7d:cf:fe:71:1f:19:2d:3c:dc:3f:4f:e3:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa10be991f3db89509710c20676df7a8a4bfe1b4
        Validity
            Not Before: Apr 21 02:00:46 2025 GMT
            Not After : Apr 22 02:00:46 2025 GMT
        Subject: CN=eb02dda78459c595647dbf70eab4f1d479fe3f89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:16:8e:34:f7:ed:fb:64:1b:fa:75:21:59:dd:
                    10:40:f4:fa:51:36:9c:66:9d:d7:ef:95:cf:a2:7f:
                    e0:01:62:ae:35:e2:9a:bf:b0:89:e8:60:31:e6:a4:
                    02:ab:75:c0:50:f3:68:b1:d8:d3:05:8f:a2:4e:e1:
                    d8:94:46:dd:97:a2:67:1e:36:78:60:51:39:68:3b:
                    55:7e:bc:47:3c:5b:5e:c8:df:d5:e9:00:0d:1f:cc:
                    5f:67:76:a0:09:b6:0b:fb:8d:28:69:02:5a:e9:0c:
                    82:2c:87:3f:78:23:ac:fc:37:84:72:7e:79:f4:24:
                    ed:8a:b1:9b:0c:b8:3a:9c:f4:40:80:db:ca:42:f9:
                    55:1d:2b:8f:f5:7c:29:99:50:c1:bb:52:d0:40:f9:
                    29:a1:b0:bf:e5:f0:14:f7:ec:26:10:bf:ae:7b:b2:
                    f3:e4:1c:64:3c:f9:0b:27:da:80:f8:cd:30:c9:e5:
                    81:3e:ad:13:19:09:03:f6:24:74:7f:14:7f:76:88:
                    95:67:8f:b6:35:78:7a:a7:a2:e5:73:86:77:d2:92:
                    72:6b:40:0b:df:68:ef:51:cf:6c:4d:97:0e:78:c4:
                    76:ea:6b:f2:6a:56:e6:c8:40:bc:9e:67:6e:51:65:
                    70:70:a5:e2:e1:aa:3e:fc:c4:af:6a:aa:ac:97:d6:
                    1a:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:02:DD:A7:84:59:C5:95:64:7D:BF:70:EA:B4:F1:D4:79:FE:3F:89
            X509v3 Authority Key Identifier:
                keyid:AA:10:BE:99:1F:3D:B8:95:09:71:0C:20:67:6D:F7:A8:A4:BF:E1:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qhC-mR89uJUJcQwgZ233qKS_4bQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:bb:63:17:dc:cb:1f:6a:3d:3d:80:e6:64:9b:43:81:43:02:
         16:fa:33:ff:7d:dc:0f:8e:a7:e6:71:e8:64:60:d4:fb:24:b0:
         9c:4b:65:43:9d:b5:de:46:62:de:f5:65:82:ee:59:01:4e:23:
         79:d8:84:9b:6b:ef:32:8d:e1:46:7b:ce:54:ad:6b:6f:0b:9f:
         c5:2d:a4:a2:25:a2:58:bc:95:e3:79:7d:3b:4a:d9:63:3c:43:
         2e:b3:20:c5:37:43:12:5d:90:8c:80:91:c0:a7:66:a6:f7:41:
         e7:73:04:ba:58:61:c5:7b:4b:54:ad:52:e5:dd:92:af:f9:2a:
         c0:28:04:bb:0c:cd:e4:2e:6a:57:ec:9d:6a:62:b3:63:03:37:
         6a:57:ec:4a:5e:af:b6:0a:92:49:5f:2e:ab:e5:30:e5:47:21:
         4d:70:74:f2:5e:69:89:5c:6d:a5:fd:60:2c:56:85:2f:13:53:
         aa:60:22:3f:be:f0:d4:0d:b4:80:22:43:16:e6:50:54:c7:9a:
         86:de:a3:dc:db:39:3c:7d:3f:f4:34:b2:1b:db:4c:39:0e:62:
         6a:e7:7f:0a:0d:af:bd:dc:ff:b5:dc:2b:43:3c:db:00:dc:f4:
         a9:33:0f:4c:e0:7b:38:97:60:2a:d3:d2:05:d1:e4:58:a1:09:
         b9:4b:c0:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWE5V9z/5xHxktPNw/T+N4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMTBiZTk5MWYzZGI4OTUwOTcxMGMyMDY3NmRmN2E4YTRi
ZmUxYjQwHhcNMjUwNDIxMDIwMDQ2WhcNMjUwNDIyMDIwMDQ2WjAzMTEwLwYDVQQD
EyhlYjAyZGRhNzg0NTljNTk1NjQ3ZGJmNzBlYWI0ZjFkNDc5ZmUzZjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxaONPft+2Qb+nUhWd0QQPT6UTac
Zp3X75XPon/gAWKuNeKav7CJ6GAx5qQCq3XAUPNosdjTBY+iTuHYlEbdl6JnHjZ4
YFE5aDtVfrxHPFteyN/V6QANH8xfZ3agCbYL+40oaQJa6QyCLIc/eCOs/DeEcn55
9CTtirGbDLg6nPRAgNvKQvlVHSuP9XwpmVDBu1LQQPkpobC/5fAU9+wmEL+ue7Lz
5BxkPPkLJ9qA+M0wyeWBPq0TGQkD9iR0fxR/doiVZ4+2NXh6p6Llc4Z30pJya0AL
32jvUc9sTZcOeMR26mvyalbmyEC8nmduUWVwcKXi4ao+/MSvaqqsl9Ya+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOsC3aeEWcWVZH2/cOq08dR5/j+JMB8GA1UdIwQY
MBaAFKoQvpkfPbiVCXEMIGdt96ikv+G0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWhDLW1SODl1SlVKY1F3Z1oyMzNxS1NfNGJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzUzNjUtOGQxNS00MTI1LTkwMTct
MTgzZTJlNzIzMDFiLzEvcWhDLW1SODl1SlVKY1F3Z1oyMzNxS1NfNGJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzUzNjUtOGQxNS00MTI1LTkwMTctMTgzZTJlNzIzMDFi
LzEvcWhDLW1SODl1SlVKY1F3Z1oyMzNxS1NfNGJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXrtjF9zL
H2o9PYDmZJtDgUMCFvoz/33cD46n5nHoZGDU+ySwnEtlQ5213kZi3vVlgu5ZAU4j
ediEm2vvMo3hRnvOVK1rbwufxS2koiWiWLyV43l9O0rZYzxDLrMgxTdDEl2QjICR
wKdmpvdB53MEulhhxXtLVK1S5d2Sr/kqwCgEuwzN5C5qV+ydamKzYwM3alfsSl6v
tgqSSV8uq+Uw5UchTXB08l5piVxtpf1gLFaFLxNTqmAiP77w1A20gCJDFuZQVMea
ht6j3Ns5PH0/9DSyG9tMOQ5iaud/Cg2vvdz/tdwrQzzbANz0qTMPTOB7OJdgKtPS
BdHkWKEJuUvAog==
-----END CERTIFICATE-----