Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
File:                     A2loTGfKqZ_8AYS-rMrw6oipISk.mft (raw, json)
Hash identifier:          YmI6Yp6nYmHEbQ+bOu4NflfWHlGdBxhH3+aBjzIK5YE=
Subject key identifier:   50:94:BA:50:F5:C8:15:78:66:9D:0A:68:8E:C2:3D:62:A4:D7:BF:7D
Authority key identifier: 03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29
Certificate issuer:       /CN=0369684c67caa99ffc0184beaccaf0ea88a92129
Certificate serial:       0197470C5FF4A918D3771BA6D66030279DD6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
Manifest number:          0852
Signing time:             Fri 06 Jun 2025 21:01:22 +0000
Manifest this update:     Fri 06 Jun 2025 21:01:22 +0000
Manifest next update:     Sat 07 Jun 2025 21:01:22 +0000
Files and hashes:         1: A2loTGfKqZ_8AYS-rMrw6oipISk.crl (hash: /5r6awPXC4h6o+X3L8olVlfqrgIV613jagJpp8q/HFI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:0c:5f:f4:a9:18:d3:77:1b:a6:d6:60:30:27:9d:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0369684c67caa99ffc0184beaccaf0ea88a92129
        Validity
            Not Before: Jun  6 21:01:22 2025 GMT
            Not After : Jun  7 21:01:22 2025 GMT
        Subject: CN=5094ba50f5c81578669d0a688ec23d62a4d7bf7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:d4:97:56:fc:55:9f:68:b9:3c:0c:19:ce:fa:
                    81:dd:0c:dd:0d:36:4b:bb:61:c7:9a:39:30:de:0a:
                    38:8f:d4:43:cb:4f:b0:b9:75:41:09:85:be:0c:8a:
                    10:28:6d:2a:4d:11:52:a3:d9:0e:c2:51:48:10:eb:
                    6c:47:c1:21:95:8a:78:49:e4:3c:53:77:14:0b:51:
                    16:51:35:19:a1:36:ba:bc:0d:f0:3c:fc:bc:db:2d:
                    ac:51:72:a8:20:eb:d0:d7:88:99:e8:84:cb:bc:3f:
                    72:2d:a1:5c:5d:db:27:37:10:db:ba:54:ee:93:e2:
                    56:a4:f1:5f:3b:13:e7:36:ad:83:2d:de:41:cd:77:
                    7f:ff:b7:f1:43:25:ab:ad:20:5a:8f:b7:ce:36:9a:
                    8f:f9:ac:c9:ca:09:23:82:00:e5:9d:f1:b1:55:c7:
                    79:92:63:4d:25:eb:04:46:ff:9a:6d:64:74:41:7a:
                    65:d4:56:ca:d1:40:d7:98:14:bb:c1:10:bd:1f:11:
                    9f:0f:df:e1:6f:b8:b3:9a:5a:63:59:ac:59:34:b5:
                    2b:fe:ee:2e:a1:3b:8d:d3:6d:d1:29:39:3c:10:36:
                    b7:35:e6:0c:db:0f:58:f8:dc:f3:88:ec:e5:e9:07:
                    fc:b6:e0:99:23:cd:5a:f6:b8:dc:f2:d3:36:b1:83:
                    a2:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:94:BA:50:F5:C8:15:78:66:9D:0A:68:8E:C2:3D:62:A4:D7:BF:7D
            X509v3 Authority Key Identifier:
                keyid:03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:d3:7d:e5:49:c7:29:1e:3d:bd:1f:bc:28:95:23:95:b0:12:
         8f:f2:0b:a5:e4:12:04:31:e0:6a:50:36:47:86:ca:76:3d:41:
         32:4e:47:75:2f:b5:2e:a0:85:53:b6:fc:6f:9b:a1:1c:ff:10:
         02:eb:d7:50:b6:e1:49:a4:92:b6:0e:26:70:b3:99:f3:59:88:
         71:8b:c2:20:f2:38:8b:f9:df:a3:94:39:3d:7c:73:fa:88:8b:
         70:a3:8f:69:ca:77:fb:1a:68:46:83:23:c6:19:26:03:09:f9:
         61:a2:8e:a0:40:20:fe:37:02:e6:e8:39:8f:18:8f:11:46:6b:
         52:ee:ae:e4:53:18:70:41:bd:e6:21:e2:cb:b4:2e:ad:10:f0:
         00:27:2d:b2:7b:d1:29:33:28:16:78:4c:48:6d:8e:8c:8d:2a:
         0c:72:b4:dd:2d:a7:b5:42:bf:bf:7e:13:b6:63:a5:22:94:e1:
         9a:ab:72:b3:da:f1:d4:69:b5:fd:24:7a:c1:7f:3a:67:c7:b5:
         c9:69:6c:a0:b4:38:f6:53:1b:55:59:cf:ff:95:03:03:f1:89:
         12:04:fd:9f:d3:e3:6d:c6:49:cd:e0:c5:81:e0:52:2b:49:b0:
         ae:cb:b1:7b:f5:61:2c:7a:be:12:ea:ac:11:a3:a2:9e:a4:ee:
         17:7d:5f:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHDF/0qRjTdxum1mAwJ53WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjk2ODRjNjdjYWE5OWZmYzAxODRiZWFjY2FmMGVhODhh
OTIxMjkwHhcNMjUwNjA2MjEwMTIyWhcNMjUwNjA3MjEwMTIyWjAzMTEwLwYDVQQD
Eyg1MDk0YmE1MGY1YzgxNTc4NjY5ZDBhNjg4ZWMyM2Q2MmE0ZDdiZjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtSXVvxVn2i5PAwZzvqB3QzdDTZL
u2HHmjkw3go4j9RDy0+wuXVBCYW+DIoQKG0qTRFSo9kOwlFIEOtsR8EhlYp4SeQ8
U3cUC1EWUTUZoTa6vA3wPPy82y2sUXKoIOvQ14iZ6ITLvD9yLaFcXdsnNxDbulTu
k+JWpPFfOxPnNq2DLd5BzXd//7fxQyWrrSBaj7fONpqP+azJygkjggDlnfGxVcd5
kmNNJesERv+abWR0QXpl1FbK0UDXmBS7wRC9HxGfD9/hb7izmlpjWaxZNLUr/u4u
oTuN023RKTk8EDa3NeYM2w9Y+NzziOzl6Qf8tuCZI81a9rjc8tM2sYOieQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFCUulD1yBV4Zp0KaI7CPWKk1799MB8GA1UdIwQY
MBaAFANpaExnyqmf/AGEvqzK8OqIqSEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUt
MTU3NTYyNDk5OTA4LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUtMTU3NTYyNDk5OTA4
LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA9N95UnH
KR49vR+8KJUjlbASj/ILpeQSBDHgalA2R4bKdj1BMk5HdS+1LqCFU7b8b5uhHP8Q
AuvXULbhSaSStg4mcLOZ81mIcYvCIPI4i/nfo5Q5PXxz+oiLcKOPacp3+xpoRoMj
xhkmAwn5YaKOoEAg/jcC5ug5jxiPEUZrUu6u5FMYcEG95iHiy7QurRDwACctsnvR
KTMoFnhMSG2OjI0qDHK03S2ntUK/v34TtmOlIpThmqtys9rx1Gm1/SR6wX86Z8e1
yWlsoLQ49lMbVVnP/5UDA/GJEgT9n9PjbcZJzeDFgeBSK0mwrsuxe/VhLHq+Euqs
EaOinqTuF31fYg==
-----END CERTIFICATE-----