Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
File:                     dqIj-utMXd95nTyiqWDAbB1tHZY.mft (raw, json)
Hash identifier:          O0B452gnZSt9U4jWi3efYDVEJerDXQm5pbfsGCodLz8=
Subject key identifier:   EA:C9:68:E2:6F:DE:37:EC:D5:9C:B4:EB:EA:54:6A:C5:40:DD:FD:8C
Authority key identifier: 76:A2:23:FA:EB:4C:5D:DF:79:9D:3C:A2:A9:60:C0:6C:1D:6D:1D:96
Certificate issuer:       /CN=76a223faeb4c5ddf799d3ca2a960c06c1d6d1d96
Certificate serial:       019648C574102B9D767F805B0E7B43FF67F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
Manifest number:          0AA6
Signing time:             Fri 18 Apr 2025 12:00:21 +0000
Manifest this update:     Fri 18 Apr 2025 12:00:21 +0000
Manifest next update:     Sat 19 Apr 2025 12:00:21 +0000
Files and hashes:         1: dqIj-utMXd95nTyiqWDAbB1tHZY.crl (hash: VhkgR+hj9uC1uzzM6vYzVN1cpOZt7pgMCZ6+e221A1Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:48:c5:74:10:2b:9d:76:7f:80:5b:0e:7b:43:ff:67:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76a223faeb4c5ddf799d3ca2a960c06c1d6d1d96
        Validity
            Not Before: Apr 18 12:00:21 2025 GMT
            Not After : Apr 19 12:00:21 2025 GMT
        Subject: CN=eac968e26fde37ecd59cb4ebea546ac540ddfd8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:de:d9:46:86:f8:b5:b2:8c:49:29:5e:72:9f:
                    55:53:32:80:47:73:39:cd:ac:43:0d:c1:11:c6:f7:
                    77:1f:d2:bc:70:61:56:b4:8f:72:4b:4d:49:83:4e:
                    1f:0a:ad:6e:a3:28:13:95:6e:43:1e:98:51:a4:f6:
                    0d:da:2d:0d:25:a1:fe:20:c1:f7:85:37:c5:75:83:
                    f6:58:d7:fe:be:a1:6f:1c:0d:87:7c:26:43:ea:24:
                    2e:45:ce:f9:69:f1:ec:9a:d2:19:8d:ef:27:78:7d:
                    2c:9a:49:4d:e9:a6:e0:3a:dd:78:12:fc:14:69:d5:
                    61:b0:06:24:e2:78:e1:cf:eb:2f:9c:41:b7:94:2f:
                    2d:1b:47:d6:94:c9:83:0c:c6:c0:9a:6a:55:b7:f2:
                    05:ff:21:1d:cf:d3:72:50:6f:67:1c:a1:b4:3f:fd:
                    3d:08:5d:0d:60:1e:71:86:f9:de:f5:16:8d:9e:13:
                    6c:d3:6f:c6:64:b7:68:47:0d:6e:cb:b2:15:43:bd:
                    0b:18:e9:65:0b:f1:7d:2a:62:d0:f5:20:02:c1:30:
                    6e:52:3b:2d:84:ae:56:99:83:d8:b7:ad:20:47:6b:
                    22:fa:a8:e3:65:ca:40:b9:ae:94:cb:be:6a:2c:3b:
                    e5:c8:c0:8d:09:78:45:60:b2:4f:0d:97:21:d9:f3:
                    37:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:C9:68:E2:6F:DE:37:EC:D5:9C:B4:EB:EA:54:6A:C5:40:DD:FD:8C
            X509v3 Authority Key Identifier:
                keyid:76:A2:23:FA:EB:4C:5D:DF:79:9D:3C:A2:A9:60:C0:6C:1D:6D:1D:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:a6:e2:05:7b:a5:74:90:1e:68:d1:9d:19:f8:3a:a2:dc:82:
         0f:59:79:43:6c:ce:1b:1d:33:31:06:9f:36:5e:51:13:34:6d:
         c6:f3:20:5e:fd:c0:66:87:39:dc:09:62:ec:d9:67:a6:2d:19:
         5d:cc:9e:2d:6d:52:cd:49:6f:86:e8:69:a1:3d:cd:4d:62:55:
         40:04:4a:98:8b:80:b4:da:fb:eb:c9:28:f0:bc:a7:55:37:4e:
         db:6c:0c:ae:8e:c3:25:f2:2d:29:ee:b7:93:67:be:f5:10:47:
         b3:30:27:60:4a:bc:54:b8:96:08:40:10:c6:ec:f9:96:c7:43:
         b1:38:d4:00:d5:f8:f8:4c:3d:05:ba:96:80:0b:bb:8d:5f:eb:
         a9:83:44:5d:81:cd:7c:d6:6b:1c:3a:44:ce:b8:b9:8b:01:1b:
         4b:99:69:e0:3f:c0:5f:1c:24:5e:9b:62:e3:8b:51:3e:57:d9:
         a5:6b:36:de:43:4a:20:2f:a5:72:24:62:c2:54:aa:d5:3e:d6:
         e2:e7:03:60:e3:be:c4:35:ba:75:a8:cb:a1:e6:59:8b:a8:38:
         1b:ef:1a:7a:66:ea:15:2b:ac:c9:36:51:6a:f7:ae:60:00:f4:
         81:c4:88:54:a5:40:6c:0e:87:0b:b1:85:3f:8d:9e:4b:11:89:
         b3:12:6e:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZIxXQQK512f4BbDntD/2fwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTIyM2ZhZWI0YzVkZGY3OTlkM2NhMmE5NjBjMDZjMWQ2
ZDFkOTYwHhcNMjUwNDE4MTIwMDIxWhcNMjUwNDE5MTIwMDIxWjAzMTEwLwYDVQQD
EyhlYWM5NjhlMjZmZGUzN2VjZDU5Y2I0ZWJlYTU0NmFjNTQwZGRmZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1t7ZRob4tbKMSSlecp9VUzKAR3M5
zaxDDcERxvd3H9K8cGFWtI9yS01Jg04fCq1uoygTlW5DHphRpPYN2i0NJaH+IMH3
hTfFdYP2WNf+vqFvHA2HfCZD6iQuRc75afHsmtIZje8neH0smklN6abgOt14EvwU
adVhsAYk4njhz+svnEG3lC8tG0fWlMmDDMbAmmpVt/IF/yEdz9NyUG9nHKG0P/09
CF0NYB5xhvne9RaNnhNs02/GZLdoRw1uy7IVQ70LGOllC/F9KmLQ9SACwTBuUjst
hK5WmYPYt60gR2si+qjjZcpAua6Uy75qLDvlyMCNCXhFYLJPDZch2fM3xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOrJaOJv3jfs1Zy06+pUasVA3f2MMB8GA1UdIwQY
MBaAFHaiI/rrTF3feZ08oqlgwGwdbR2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81ZjBhYjEtMjM1Yy00Y2RhLWI1Mzgt
MWRkZWU4NTVjZGY4LzEvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81ZjBhYjEtMjM1Yy00Y2RhLWI1MzgtMWRkZWU4NTVjZGY4
LzEvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL6biBXul
dJAeaNGdGfg6otyCD1l5Q2zOGx0zMQafNl5REzRtxvMgXv3AZoc53Ali7Nlnpi0Z
XcyeLW1SzUlvhuhpoT3NTWJVQARKmIuAtNr768ko8LynVTdO22wMro7DJfItKe63
k2e+9RBHszAnYEq8VLiWCEAQxuz5lsdDsTjUANX4+Ew9BbqWgAu7jV/rqYNEXYHN
fNZrHDpEzri5iwEbS5lp4D/AXxwkXpti44tRPlfZpWs23kNKIC+lciRiwlSq1T7W
4ucDYOO+xDW6dajLoeZZi6g4G+8aembqFSusyTZRaveuYAD0gcSIVKVAbA6HC7GF
P42eSxGJsxJuqQ==
-----END CERTIFICATE-----