Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
File:                     6kHoOY_3zvtSIWNusighJuv-O3g.mft (raw, json)
Hash identifier:          xKsHCz5Nx4CGm0yDUQvqH81a+Jes5ttCpD+Ri9QVLM0=
Subject key identifier:   9F:B7:23:A2:7C:44:A2:B4:99:2F:52:80:6F:EA:7F:AE:55:D6:73:42
Authority key identifier: EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78
Certificate issuer:       /CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78
Certificate serial:       01965EDF5547A747A8D73C20FF9116768F4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
Manifest number:          0152
Signing time:             Tue 22 Apr 2025 19:00:16 +0000
Manifest this update:     Tue 22 Apr 2025 19:00:16 +0000
Manifest next update:     Wed 23 Apr 2025 19:00:16 +0000
Files and hashes:         1: 6kHoOY_3zvtSIWNusighJuv-O3g.crl (hash: kpV01DEx7VV280NAeFnI0sMq3pfO3j3GWb3kbMUvOyo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 19:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5e:df:55:47:a7:47:a8:d7:3c:20:ff:91:16:76:8f:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78
        Validity
            Not Before: Apr 22 19:00:16 2025 GMT
            Not After : Apr 23 19:00:16 2025 GMT
        Subject: CN=9fb723a27c44a2b4992f52806fea7fae55d67342
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:a3:99:ff:43:62:1e:42:a6:a8:a5:85:4d:d0:
                    8d:28:dc:f1:85:56:01:3c:9d:20:f6:19:d6:6f:6e:
                    11:c2:58:10:55:f1:ed:1f:77:09:f6:f7:f4:d8:bb:
                    1f:9b:79:c4:a7:00:5f:cf:87:2a:3d:29:8a:f6:80:
                    dc:5e:c3:2e:4a:22:0a:f4:b3:29:36:d5:47:8a:0c:
                    84:7b:13:91:af:a4:89:91:4f:6f:d7:11:0a:a9:ba:
                    d6:55:90:d8:73:56:ad:73:9e:1e:32:ba:71:99:68:
                    72:9d:b6:b8:0a:b0:a5:34:11:a1:5b:fd:f1:17:3b:
                    46:93:65:40:1e:0b:c2:48:ad:95:ca:66:d1:25:b8:
                    36:00:f3:c8:37:56:6a:89:e0:29:97:03:b9:79:5d:
                    6d:39:6e:d0:4b:af:16:a3:14:4a:6d:ea:d4:b7:8a:
                    49:f3:03:b6:d4:2e:ea:4e:80:04:4d:4b:8f:ac:a4:
                    56:37:4f:dc:5b:50:2f:73:d9:18:be:94:8e:12:a5:
                    9b:f3:ee:f4:f9:47:f0:a2:ef:54:35:1d:c7:85:04:
                    f1:d5:25:2f:7c:3e:0f:84:3a:a5:be:b4:f4:f2:c6:
                    06:49:b3:83:8b:3d:0e:25:75:70:6f:39:ea:45:a4:
                    40:b4:89:2a:bc:0c:49:88:6a:3e:93:6c:6d:79:20:
                    04:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:B7:23:A2:7C:44:A2:B4:99:2F:52:80:6F:EA:7F:AE:55:D6:73:42
            X509v3 Authority Key Identifier:
                keyid:EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:c4:62:15:f9:bf:e1:7d:35:9b:f6:c2:96:f9:ae:ce:23:23:
         57:c0:a8:80:80:fb:9b:2a:3a:7d:b6:24:7e:e2:6a:96:3a:17:
         f9:c7:ea:26:fc:a9:1a:f0:9b:84:f6:fe:9b:65:a7:e6:29:80:
         60:f6:1c:76:76:31:7e:d8:bb:a3:76:30:e8:3b:7a:9e:15:4c:
         64:91:64:d6:e3:56:de:57:35:79:10:2d:4d:8b:6a:8e:af:65:
         ac:67:52:9e:44:62:55:3c:16:af:be:3a:73:14:5a:17:9e:0d:
         b9:7d:13:bb:eb:73:46:f0:6c:df:bd:02:41:1c:6f:50:70:3f:
         b4:2d:eb:c6:72:74:ba:a4:e3:a7:9e:24:87:65:05:8a:a0:75:
         6d:a7:5e:d8:7f:9f:24:9c:2a:7d:aa:99:3d:69:1e:b4:47:ad:
         fc:af:38:03:b5:ac:80:a9:45:12:c2:44:96:07:20:48:63:27:
         cc:08:b9:76:b9:6d:e7:95:63:7b:f2:9c:6a:f8:bc:cf:d2:96:
         fe:0c:f3:3e:56:83:c4:74:e9:02:78:6e:65:f9:d1:b1:e2:65:
         4f:18:ff:f8:3e:24:1f:83:6f:13:e6:5c:e8:6e:27:1c:56:44:
         84:8f:b4:f2:e6:68:46:4a:aa:e5:20:56:0c:37:2c:b2:6a:bc:
         2f:5c:ac:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZe31VHp0eo1zwg/5EWdo9LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNDFlODM5OGZmN2NlZmI1MjIxNjM2ZWIyMjgyMTI2ZWJm
ZTNiNzgwHhcNMjUwNDIyMTkwMDE2WhcNMjUwNDIzMTkwMDE2WjAzMTEwLwYDVQQD
Eyg5ZmI3MjNhMjdjNDRhMmI0OTkyZjUyODA2ZmVhN2ZhZTU1ZDY3MzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKOZ/0NiHkKmqKWFTdCNKNzxhVYB
PJ0g9hnWb24RwlgQVfHtH3cJ9vf02Lsfm3nEpwBfz4cqPSmK9oDcXsMuSiIK9LMp
NtVHigyEexORr6SJkU9v1xEKqbrWVZDYc1atc54eMrpxmWhynba4CrClNBGhW/3x
FztGk2VAHgvCSK2VymbRJbg2APPIN1ZqieAplwO5eV1tOW7QS68WoxRKberUt4pJ
8wO21C7qToAETUuPrKRWN0/cW1Avc9kYvpSOEqWb8+70+Ufwou9UNR3HhQTx1SUv
fD4PhDqlvrT08sYGSbODiz0OJXVwbznqRaRAtIkqvAxJiGo+k2xteSAEiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ+3I6J8RKK0mS9SgG/qf65V1nNCMB8GA1UdIwQY
MBaAFOpB6DmP9877UiFjbrIoISbr/jt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2Ut
NjI4YjQzOTRiODIyLzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2UtNjI4YjQzOTRiODIy
LzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiMRiFfm/
4X01m/bClvmuziMjV8CogID7myo6fbYkfuJqljoX+cfqJvypGvCbhPb+m2Wn5imA
YPYcdnYxfti7o3Yw6Dt6nhVMZJFk1uNW3lc1eRAtTYtqjq9lrGdSnkRiVTwWr746
cxRaF54NuX0Tu+tzRvBs370CQRxvUHA/tC3rxnJ0uqTjp54kh2UFiqB1bade2H+f
JJwqfaqZPWketEet/K84A7WsgKlFEsJElgcgSGMnzAi5drlt55Vje/Kcavi8z9KW
/gzzPlaDxHTpAnhuZfnRseJlTxj/+D4kH4NvE+Zc6G4nHFZEhI+08uZoRkqq5SBW
DDcssmq8L1ysaQ==
-----END CERTIFICATE-----