Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
File:                     lQPIUJD5zC4inTj96rrmJlCL3rg.mft (raw, json)
Hash identifier:          yYXFjln9tQXK0iDGBuSHlSwKMYN2BZEzHLymta9AITk=
Subject key identifier:   FE:CE:05:99:49:7E:6E:91:15:1F:C8:62:D5:15:3F:9D:1F:62:77:4E
Authority key identifier: 95:03:C8:50:90:F9:CC:2E:22:9D:38:FD:EA:BA:E6:26:50:8B:DE:B8
Certificate issuer:       /CN=9503c85090f9cc2e229d38fdeabae626508bdeb8
Certificate serial:       0196C0EF8E820706C57F7B318A7B0A7EEC3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
Manifest number:          0257
Signing time:             Sun 11 May 2025 20:00:47 +0000
Manifest this update:     Sun 11 May 2025 20:00:47 +0000
Manifest next update:     Mon 12 May 2025 20:00:47 +0000
Files and hashes:         1: lQPIUJD5zC4inTj96rrmJlCL3rg.crl (hash: 2rEX1+LWeClSDDsYttp6nf8sKYmoG8fihrR8t9ebsIk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c0:ef:8e:82:07:06:c5:7f:7b:31:8a:7b:0a:7e:ec:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9503c85090f9cc2e229d38fdeabae626508bdeb8
        Validity
            Not Before: May 11 20:00:47 2025 GMT
            Not After : May 12 20:00:47 2025 GMT
        Subject: CN=fece0599497e6e91151fc862d5153f9d1f62774e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:2b:5d:58:fa:6d:a0:f8:cb:1c:50:ab:90:ee:
                    d0:e5:65:f3:80:10:fb:4c:9a:21:93:64:05:d3:b2:
                    e7:49:23:80:f1:63:01:51:53:f1:77:cf:2e:0c:97:
                    7d:a2:ea:0f:dc:b0:a4:09:04:ae:d1:23:2c:4f:99:
                    eb:6a:0f:d8:8d:7e:54:da:39:b5:b9:f6:ed:93:c7:
                    23:64:69:4f:31:84:32:0c:46:c0:2f:10:69:e1:98:
                    db:84:a7:e8:c8:ce:18:c3:30:de:3b:b5:20:f0:59:
                    d9:a8:a2:96:f3:bb:3e:a6:3e:f9:c8:d1:c9:b2:1d:
                    b4:4e:8b:d3:dd:09:b9:42:29:be:1e:6e:20:fa:72:
                    22:5b:90:f5:8c:70:8e:c5:a1:71:60:ff:e9:89:bc:
                    2b:a4:a4:95:a4:fd:76:2f:e5:05:21:d5:a0:e9:40:
                    74:76:d9:71:03:2c:71:b9:de:60:74:4a:3f:05:ed:
                    0b:56:08:ef:53:08:8a:09:83:19:36:2f:09:b7:e8:
                    a4:63:09:0d:bd:f2:ac:13:51:01:2e:98:98:28:2d:
                    5f:ac:d2:6a:7b:70:38:77:00:c0:4d:cd:c3:53:b6:
                    6c:39:61:c9:33:46:73:20:6c:46:56:aa:66:19:05:
                    8f:6e:65:c7:1c:be:4f:d9:c3:ee:d6:6e:42:7e:02:
                    d8:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:CE:05:99:49:7E:6E:91:15:1F:C8:62:D5:15:3F:9D:1F:62:77:4E
            X509v3 Authority Key Identifier:
                keyid:95:03:C8:50:90:F9:CC:2E:22:9D:38:FD:EA:BA:E6:26:50:8B:DE:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:97:1a:de:97:97:ae:fb:93:a4:e3:79:5e:ab:08:5f:27:39:
         b1:4e:90:a7:77:7f:75:9b:38:f1:21:ea:ad:e8:40:c1:68:46:
         2b:15:06:d4:43:61:21:df:04:96:be:f0:e8:65:d1:57:23:5d:
         50:f2:05:c0:a8:18:4a:48:6f:cb:42:cf:42:4c:2e:be:9b:55:
         28:2a:f1:6d:2c:15:94:7f:01:9f:12:d0:6b:5b:cf:dc:a3:b4:
         14:41:62:06:71:24:33:26:9d:a2:b1:0c:0a:ba:bd:2d:fc:32:
         57:f1:c6:0b:3c:31:a9:22:70:6b:f3:bf:64:21:9f:18:7c:dd:
         59:41:b4:ba:5c:f5:ac:08:c1:8e:df:63:fb:c6:0e:f3:b7:c5:
         dc:07:3e:83:ca:b8:0c:27:c0:34:80:f0:cf:4d:15:20:b7:71:
         fc:21:f1:62:7a:d7:01:77:1e:ab:c6:60:5f:a3:eb:46:88:c1:
         17:b7:5e:22:a5:4a:76:b6:ff:2a:6f:85:c8:ac:19:ed:dc:df:
         2e:38:4f:f6:e7:08:a8:ff:3b:c4:ad:4d:f2:7a:2e:3e:40:f4:
         66:13:44:99:e9:86:20:6a:99:59:f6:26:13:d2:35:53:bd:d3:
         ea:ed:c3:4e:bc:04:82:db:cf:5d:89:99:b9:8f:20:94:d0:58:
         7e:ac:92:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbA746CBwbFf3sxinsKfuw+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDNjODUwOTBmOWNjMmUyMjlkMzhmZGVhYmFlNjI2NTA4
YmRlYjgwHhcNMjUwNTExMjAwMDQ3WhcNMjUwNTEyMjAwMDQ3WjAzMTEwLwYDVQQD
EyhmZWNlMDU5OTQ5N2U2ZTkxMTUxZmM4NjJkNTE1M2Y5ZDFmNjI3NzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAritdWPptoPjLHFCrkO7Q5WXzgBD7
TJohk2QF07LnSSOA8WMBUVPxd88uDJd9ouoP3LCkCQSu0SMsT5nrag/YjX5U2jm1
ufbtk8cjZGlPMYQyDEbALxBp4ZjbhKfoyM4YwzDeO7Ug8FnZqKKW87s+pj75yNHJ
sh20TovT3Qm5Qim+Hm4g+nIiW5D1jHCOxaFxYP/pibwrpKSVpP12L+UFIdWg6UB0
dtlxAyxxud5gdEo/Be0LVgjvUwiKCYMZNi8Jt+ikYwkNvfKsE1EBLpiYKC1frNJq
e3A4dwDATc3DU7ZsOWHJM0ZzIGxGVqpmGQWPbmXHHL5P2cPu1m5CfgLYewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP7OBZlJfm6RFR/IYtUVP50fYndOMB8GA1UdIwQY
MBaAFJUDyFCQ+cwuIp04/eq65iZQi964MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zOTI5NGMtZWJkMS00ZWY0LTkxNWUt
ZjBkZDg3OWFlNTNhLzEvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zOTI5NGMtZWJkMS00ZWY0LTkxNWUtZjBkZDg3OWFlNTNh
LzEvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdpca3peX
rvuTpON5XqsIXyc5sU6Qp3d/dZs48SHqrehAwWhGKxUG1ENhId8Elr7w6GXRVyNd
UPIFwKgYSkhvy0LPQkwuvptVKCrxbSwVlH8BnxLQa1vP3KO0FEFiBnEkMyadorEM
Crq9LfwyV/HGCzwxqSJwa/O/ZCGfGHzdWUG0ulz1rAjBjt9j+8YO87fF3Ac+g8q4
DCfANIDwz00VILdx/CHxYnrXAXceq8ZgX6PrRojBF7deIqVKdrb/Km+FyKwZ7dzf
LjhP9ucIqP87xK1N8nouPkD0ZhNEmemGIGqZWfYmE9I1U73T6u3DTrwEgtvPXYmZ
uY8glNBYfqyS5A==
-----END CERTIFICATE-----