Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft
File:                     aiElvfZalVLVuOF6s2FaoQuAWXY.mft (raw, json)
Hash identifier:          6YSKDNv18T4Ye+gWILr+OOmAgOuptZ8e40j80cFx64s=
Subject key identifier:   16:9F:08:47:A0:3F:E6:17:2D:A6:41:20:DC:21:4D:56:51:11:2A:39
Authority key identifier: 6A:21:25:BD:F6:5A:95:52:D5:B8:E1:7A:B3:61:5A:A1:0B:80:59:76
Certificate issuer:       /CN=6a2125bdf65a9552d5b8e17ab3615aa10b805976
Certificate serial:       01957A225FC7ED09369A83BB62A165EBA81E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft
Manifest number:          8E
Signing time:             Sun 09 Mar 2025 09:00:27 +0000
Manifest this update:     Sun 09 Mar 2025 09:00:27 +0000
Manifest next update:     Mon 10 Mar 2025 09:00:27 +0000
Files and hashes:         1: aiElvfZalVLVuOF6s2FaoQuAWXY.crl (hash: oMNw3lHq6ycsvi5V3amxs9QyoOYmM0StlUF78UkHt6U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 10 Mar 2025 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:7a:22:5f:c7:ed:09:36:9a:83:bb:62:a1:65:eb:a8:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a2125bdf65a9552d5b8e17ab3615aa10b805976
        Validity
            Not Before: Mar  9 09:00:27 2025 GMT
            Not After : Mar 10 09:00:27 2025 GMT
        Subject: CN=169f0847a03fe6172da64120dc214d5651112a39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:6e:fe:9d:3a:c2:f7:10:23:0a:dc:f5:c1:01:
                    da:77:6b:2c:30:92:08:16:04:84:0f:46:e5:d5:58:
                    b0:37:96:70:b5:36:a8:22:9a:82:84:cc:2c:62:08:
                    4b:1c:9f:04:22:4d:17:06:de:b7:50:b2:c9:ff:b3:
                    df:40:59:20:74:d9:dc:95:63:56:b1:2d:27:0a:5c:
                    47:14:66:64:a6:3d:dd:16:0b:38:9d:1f:83:68:5b:
                    5e:80:13:f3:ff:2a:ca:92:8e:65:bf:52:75:11:ba:
                    b5:8a:c5:68:be:00:99:a9:15:55:dc:2e:41:8f:f8:
                    cc:54:e4:94:fe:72:62:5b:9d:e0:e2:c3:72:a8:78:
                    94:21:d6:75:77:70:9f:8c:27:39:93:b7:5d:57:24:
                    5e:77:d8:98:5a:06:0e:b3:d0:fb:70:1f:42:93:83:
                    a2:9b:18:e3:f7:6d:ce:2e:22:1a:60:67:82:4e:5b:
                    90:4b:4b:61:50:8b:17:cd:96:9d:35:24:24:10:49:
                    51:0b:50:36:75:53:53:29:fd:68:04:f5:c9:d7:09:
                    ba:e5:bd:90:76:ef:7a:ea:a7:bb:df:3e:44:ae:19:
                    b4:61:53:9b:86:6d:2a:d5:09:3b:d8:e5:72:e6:86:
                    48:79:4d:ce:d5:31:5a:61:cc:20:16:47:9c:d0:06:
                    d3:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:9F:08:47:A0:3F:E6:17:2D:A6:41:20:DC:21:4D:56:51:11:2A:39
            X509v3 Authority Key Identifier:
                keyid:6A:21:25:BD:F6:5A:95:52:D5:B8:E1:7A:B3:61:5A:A1:0B:80:59:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:bb:d3:2d:1b:fa:8a:5a:5c:a2:09:9c:1f:d8:12:31:ec:de:
         16:81:63:fd:7f:42:43:0d:0f:88:f7:57:65:5e:2b:28:dc:cf:
         20:a4:da:b0:2c:92:cc:df:94:bb:64:ad:2b:48:21:6a:18:af:
         20:0e:83:62:26:6a:54:cf:e5:91:d4:4f:32:0e:62:cc:bf:1b:
         0b:79:b9:65:bd:8b:1a:dd:0d:69:9f:bb:d2:8a:a2:15:e4:ca:
         3f:41:40:83:84:57:c4:74:74:c1:2a:dc:35:43:2c:6c:19:1e:
         a4:c4:90:7d:bf:1b:ff:54:bb:22:ca:12:70:8c:f5:64:8a:82:
         07:91:90:a6:e0:31:40:b4:00:4f:65:1e:24:95:a0:53:37:8d:
         66:e6:8c:00:5e:f6:c2:de:7d:5f:0a:9d:20:7c:d8:d2:ff:a4:
         29:c5:83:01:b0:3c:2e:90:51:1c:bf:f5:f5:08:db:99:8e:28:
         fc:03:1b:82:17:3a:8d:51:7c:39:dc:77:4c:ba:15:f9:3a:28:
         af:dc:2e:0b:51:95:59:93:64:f5:2e:4a:51:34:9c:8b:a2:cc:
         37:dd:a3:3e:1c:71:b8:59:c2:b8:ca:eb:a1:72:4d:5b:17:6c:
         ec:02:95:33:80:76:86:9b:d8:4a:10:bb:bd:a2:d9:c9:cf:c8:
         de:d9:71:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV6Il/H7Qk2moO7YqFl66geMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMjEyNWJkZjY1YTk1NTJkNWI4ZTE3YWIzNjE1YWExMGI4
MDU5NzYwHhcNMjUwMzA5MDkwMDI3WhcNMjUwMzEwMDkwMDI3WjAzMTEwLwYDVQQD
EygxNjlmMDg0N2EwM2ZlNjE3MmRhNjQxMjBkYzIxNGQ1NjUxMTEyYTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkm7+nTrC9xAjCtz1wQHad2ssMJII
FgSED0bl1ViwN5ZwtTaoIpqChMwsYghLHJ8EIk0XBt63ULLJ/7PfQFkgdNnclWNW
sS0nClxHFGZkpj3dFgs4nR+DaFtegBPz/yrKko5lv1J1Ebq1isVovgCZqRVV3C5B
j/jMVOSU/nJiW53g4sNyqHiUIdZ1d3CfjCc5k7ddVyRed9iYWgYOs9D7cB9Ck4Oi
mxjj923OLiIaYGeCTluQS0thUIsXzZadNSQkEElRC1A2dVNTKf1oBPXJ1wm65b2Q
du966qe73z5Erhm0YVObhm0q1Qk72OVy5oZIeU3O1TFaYcwgFkec0AbTsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBafCEegP+YXLaZBINwhTVZRESo5MB8GA1UdIwQY
MBaAFGohJb32WpVS1bjherNhWqELgFl2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9mNWI2OGUtZTA5My00NmQ1LThkMGQt
NjNlZDIyY2FiYzkyLzEvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9mNWI2OGUtZTA5My00NmQ1LThkMGQtNjNlZDIyY2FiYzky
LzEvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK7vTLRv6
ilpcogmcH9gSMezeFoFj/X9CQw0PiPdXZV4rKNzPIKTasCySzN+Uu2StK0ghahiv
IA6DYiZqVM/lkdRPMg5izL8bC3m5Zb2LGt0NaZ+70oqiFeTKP0FAg4RXxHR0wSrc
NUMsbBkepMSQfb8b/1S7IsoScIz1ZIqCB5GQpuAxQLQAT2UeJJWgUzeNZuaMAF72
wt59XwqdIHzY0v+kKcWDAbA8LpBRHL/19QjbmY4o/AMbghc6jVF8Odx3TLoV+Too
r9wuC1GVWZNk9S5KUTSci6LMN92jPhxxuFnCuMrroXJNWxds7AKVM4B2hpvYShC7
vaLZyc/I3tlxSA==
-----END CERTIFICATE-----