Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
File:                     bIlKsevTD7N84imjdNPjE52QUY8.mft (raw, json)
Hash identifier:          Pi2JGdB0pgvR9pqPVOxPHpVKPL85lt/s0PsnYGdPTt8=
Subject key identifier:   0D:9A:5D:FA:46:7C:42:2F:6E:44:3C:00:77:9F:0D:0F:1F:5E:8C:56
Authority key identifier: 6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F
Certificate issuer:       /CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
Certificate serial:       0196580205A37456D5152BACC537C9478F15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
Manifest number:          053F
Signing time:             Mon 21 Apr 2025 11:00:49 +0000
Manifest this update:     Mon 21 Apr 2025 11:00:49 +0000
Manifest next update:     Tue 22 Apr 2025 11:00:49 +0000
Files and hashes:         1: bIlKsevTD7N84imjdNPjE52QUY8.crl (hash: r6sGPgEeccVHxv7rAkY0gxttxBc87vk6YambIaMRKUo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:58:02:05:a3:74:56:d5:15:2b:ac:c5:37:c9:47:8f:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
        Validity
            Not Before: Apr 21 11:00:49 2025 GMT
            Not After : Apr 22 11:00:49 2025 GMT
        Subject: CN=0d9a5dfa467c422f6e443c00779f0d0f1f5e8c56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:a0:08:c5:59:3e:6b:e1:65:6e:c6:00:a2:e6:
                    78:9e:1a:d7:d9:b2:1a:c2:60:5d:32:7a:6c:8f:65:
                    99:c6:69:75:07:fa:63:11:a4:b0:ce:c9:9a:46:5e:
                    b3:a4:0f:79:f0:3c:54:04:ea:2f:21:81:22:ba:ed:
                    57:5e:fb:b2:76:eb:0a:49:1f:20:9f:75:43:eb:86:
                    01:a9:75:1f:1e:26:79:81:26:7e:b4:93:9b:9c:e6:
                    b9:b0:3e:2f:be:66:4c:e5:48:fb:62:6e:1a:c5:da:
                    6d:64:31:eb:06:99:17:00:b0:eb:0c:ad:87:14:a2:
                    cf:f4:17:39:46:e2:41:56:5f:85:7f:eb:fb:c4:3c:
                    dd:4a:35:b8:78:c3:1b:55:c5:89:b6:d4:1c:eb:72:
                    07:0f:1b:17:8d:04:be:94:a7:0f:c1:0c:6e:3a:a0:
                    86:b6:48:09:06:6c:64:dc:37:ce:76:16:20:2b:00:
                    1f:89:cb:ae:c2:2d:47:72:ba:bf:38:40:4d:74:21:
                    93:51:91:d1:79:b0:82:7c:f2:a5:10:c8:48:73:85:
                    16:6e:e6:1a:63:6c:9b:32:58:ec:44:18:39:1e:66:
                    5a:ae:cf:39:0a:17:3d:1f:c7:18:65:13:ad:64:63:
                    b6:91:30:a5:80:7e:96:47:b2:96:fb:38:82:9b:93:
                    37:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:9A:5D:FA:46:7C:42:2F:6E:44:3C:00:77:9F:0D:0F:1F:5E:8C:56
            X509v3 Authority Key Identifier:
                keyid:6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:44:b9:de:35:05:76:90:23:de:a8:65:2f:f4:22:b2:9d:0f:
         3e:7b:6a:c1:a7:1d:a1:bb:f3:63:3c:dd:f7:b0:17:85:a2:7a:
         f4:ae:89:82:a9:ea:68:95:c8:17:fc:cd:ff:fd:dc:b1:39:a8:
         9e:1e:20:aa:e9:6b:6f:a5:04:43:35:f2:62:a9:90:08:6b:a0:
         34:de:32:ac:41:bb:c7:b0:37:70:59:dc:c8:e9:fa:42:27:51:
         11:3f:95:48:92:53:e1:8a:c0:da:d2:27:4e:68:00:7f:b3:57:
         cf:cb:27:07:f6:4e:22:25:33:2d:7b:c3:f4:b8:9c:21:b7:bb:
         cb:22:47:87:c0:40:21:c1:74:95:4a:0f:c0:57:6a:c9:04:8d:
         02:f5:be:60:89:51:8f:5d:64:fe:43:c4:0a:58:7a:58:64:bd:
         02:27:99:0b:76:e2:ae:2b:da:04:ec:ad:5a:c7:b8:b8:ed:a6:
         53:df:52:aa:9f:af:cc:ed:e1:56:36:73:c8:8a:95:b2:7b:f2:
         7c:1b:ff:10:47:c1:02:a2:70:d9:14:1a:ad:47:36:01:da:b4:
         0d:c4:a7:42:6e:b3:87:47:25:80:3e:60:eb:32:31:bf:d2:70:
         c5:56:3e:ef:41:e1:c5:6e:0f:fa:43:a2:37:dc:a6:4c:55:a5:
         76:de:10:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZYAgWjdFbVFSusxTfJR48VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjODk0YWIxZWJkMzBmYjM3Y2UyMjlhMzc0ZDNlMzEzOWQ5
MDUxOGYwHhcNMjUwNDIxMTEwMDQ5WhcNMjUwNDIyMTEwMDQ5WjAzMTEwLwYDVQQD
EygwZDlhNWRmYTQ2N2M0MjJmNmU0NDNjMDA3NzlmMGQwZjFmNWU4YzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8KAIxVk+a+FlbsYAouZ4nhrX2bIa
wmBdMnpsj2WZxml1B/pjEaSwzsmaRl6zpA958DxUBOovIYEiuu1XXvuydusKSR8g
n3VD64YBqXUfHiZ5gSZ+tJObnOa5sD4vvmZM5Uj7Ym4axdptZDHrBpkXALDrDK2H
FKLP9Bc5RuJBVl+Ff+v7xDzdSjW4eMMbVcWJttQc63IHDxsXjQS+lKcPwQxuOqCG
tkgJBmxk3DfOdhYgKwAficuuwi1Hcrq/OEBNdCGTUZHRebCCfPKlEMhIc4UWbuYa
Y2ybMljsRBg5HmZars85Chc9H8cYZROtZGO2kTClgH6WR7KW+ziCm5M3QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2aXfpGfEIvbkQ8AHefDQ8fXoxWMB8GA1UdIwQY
MBaAFGyJSrHr0w+zfOIpo3TT4xOdkFGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgt
YTFhZTU5ZTE2ODczLzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgtYTFhZTU5ZTE2ODcz
LzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPES53jUF
dpAj3qhlL/Qisp0PPntqwacdobvzYzzd97AXhaJ69K6JgqnqaJXIF/zN//3csTmo
nh4gqulrb6UEQzXyYqmQCGugNN4yrEG7x7A3cFncyOn6QidRET+VSJJT4YrA2tIn
TmgAf7NXz8snB/ZOIiUzLXvD9LicIbe7yyJHh8BAIcF0lUoPwFdqyQSNAvW+YIlR
j11k/kPEClh6WGS9AieZC3birivaBOytWse4uO2mU99Sqp+vzO3hVjZzyIqVsnvy
fBv/EEfBAqJw2RQarUc2Adq0DcSnQm6zh0clgD5g6zIxv9JwxVY+70HhxW4P+kOi
N9ymTFWldt4QlA==
-----END CERTIFICATE-----