Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft
File:                     mtVmfEEoFBE5zKfFBH_BclC_Y68.mft (raw, json)
Hash identifier:          5DWTpWxmNG8aGBhM2v6BkjKmvKRyf7BlXhVEwnPw8Uw=
Subject key identifier:   46:2A:2F:6E:A5:C6:CA:76:34:DD:E3:05:5A:DA:83:FA:74:DA:6C:FE
Authority key identifier: 9A:D5:66:7C:41:28:14:11:39:CC:A7:C5:04:7F:C1:72:50:BF:63:AF
Certificate issuer:       /CN=9ad5667c4128141139cca7c5047fc17250bf63af
Certificate serial:       01969D199DE5D1569BDD24609A257182F446
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft
Manifest number:          1520
Signing time:             Sun 04 May 2025 21:00:23 +0000
Manifest this update:     Sun 04 May 2025 21:00:23 +0000
Manifest next update:     Mon 05 May 2025 21:00:23 +0000
Files and hashes:         1: mtVmfEEoFBE5zKfFBH_BclC_Y68.crl (hash: J2x+ACSU7t6i61Izid1aQsIsB1RLUC09rnhgFq5StJA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 21:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9d:19:9d:e5:d1:56:9b:dd:24:60:9a:25:71:82:f4:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ad5667c4128141139cca7c5047fc17250bf63af
        Validity
            Not Before: May  4 21:00:23 2025 GMT
            Not After : May  5 21:00:23 2025 GMT
        Subject: CN=462a2f6ea5c6ca7634dde3055ada83fa74da6cfe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:64:eb:e0:67:66:ba:ae:a1:f4:f2:fa:a4:77:
                    07:54:5e:73:88:bc:c9:c0:85:25:4c:5e:51:12:1e:
                    25:15:6f:13:ee:27:00:3b:b5:b7:21:3a:04:5c:20:
                    18:f8:1b:05:f3:9c:1b:a0:56:20:e8:38:be:61:c7:
                    a9:a5:ef:36:58:8e:12:39:4d:46:1c:87:6c:87:67:
                    3a:de:a9:b1:00:bd:3f:61:3d:d2:77:2c:3f:0d:2b:
                    85:45:2d:d0:ef:50:91:32:61:e3:4e:4d:c0:33:19:
                    44:d3:fb:1a:8b:b1:a6:4c:eb:01:02:59:41:18:1a:
                    eb:d7:89:6c:c3:b0:3b:2a:d7:ba:6f:cf:e0:d1:5e:
                    11:2d:bf:fa:91:33:f5:7a:9e:18:6c:63:3e:17:e7:
                    47:a5:5c:78:e7:e0:0d:6c:a4:9d:f9:79:02:c8:99:
                    d2:e1:20:eb:81:62:7b:92:31:2b:2b:cc:e1:72:64:
                    6e:62:33:a5:a3:6d:47:8c:62:e1:85:11:74:b6:c1:
                    77:8d:e9:e5:e7:17:65:cb:f9:8a:1e:17:82:dd:03:
                    b6:c2:d3:d0:26:52:03:28:8f:8b:21:fe:ea:d1:1e:
                    1e:5f:fd:81:23:a1:c9:3c:88:20:7d:3a:4e:7c:08:
                    29:fc:09:e3:1f:a4:8b:b6:48:28:ac:f4:36:44:7d:
                    eb:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:2A:2F:6E:A5:C6:CA:76:34:DD:E3:05:5A:DA:83:FA:74:DA:6C:FE
            X509v3 Authority Key Identifier:
                keyid:9A:D5:66:7C:41:28:14:11:39:CC:A7:C5:04:7F:C1:72:50:BF:63:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:e9:68:56:87:03:ee:f1:36:4b:5a:33:aa:ad:a8:66:e3:53:
         36:66:68:34:d4:81:25:e5:d2:dc:51:95:37:a3:22:40:6b:1e:
         cf:1a:1d:8b:01:7a:f8:b6:31:be:e7:15:72:3f:de:42:3a:17:
         48:82:b3:5c:b6:9b:fd:70:c2:e2:31:2c:c0:65:dd:17:3c:22:
         db:72:c9:1c:c0:05:45:fa:81:7e:55:58:7a:5c:42:7a:cf:27:
         20:2b:c3:88:6e:23:59:da:13:27:c3:48:7a:d7:c2:e0:81:9a:
         d3:c7:a2:f5:6c:85:6d:92:53:9d:d4:7d:de:93:4b:34:52:fd:
         18:6d:24:fc:c3:44:b1:4d:a5:e2:88:1c:1d:e4:ed:34:10:f6:
         f1:5d:50:41:df:b6:f1:2d:d8:03:c9:27:7e:42:01:b5:57:71:
         d2:4e:63:0c:ea:53:3e:7e:11:8c:c8:cc:3b:5b:77:b0:69:56:
         c0:d4:33:0a:ef:ad:e9:01:0c:a2:56:e4:a5:1c:d1:a1:a8:dd:
         b4:f0:16:8d:e2:ee:19:c5:b8:a8:a2:37:ae:a9:7d:08:51:39:
         e4:6f:23:4d:8c:cf:60:29:79:8c:ef:2b:f6:61:ae:05:e3:af:
         6e:db:ec:48:47:bb:04:f5:60:a6:9c:2c:4a:54:7b:f0:0e:41:
         78:c9:7e:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZadGZ3l0Vab3SRgmiVxgvRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZDU2NjdjNDEyODE0MTEzOWNjYTdjNTA0N2ZjMTcyNTBi
ZjYzYWYwHhcNMjUwNTA0MjEwMDIzWhcNMjUwNTA1MjEwMDIzWjAzMTEwLwYDVQQD
Eyg0NjJhMmY2ZWE1YzZjYTc2MzRkZGUzMDU1YWRhODNmYTc0ZGE2Y2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWTr4Gdmuq6h9PL6pHcHVF5ziLzJ
wIUlTF5REh4lFW8T7icAO7W3IToEXCAY+BsF85wboFYg6Di+Yceppe82WI4SOU1G
HIdsh2c63qmxAL0/YT3Sdyw/DSuFRS3Q71CRMmHjTk3AMxlE0/sai7GmTOsBAllB
GBrr14lsw7A7Kte6b8/g0V4RLb/6kTP1ep4YbGM+F+dHpVx45+ANbKSd+XkCyJnS
4SDrgWJ7kjErK8zhcmRuYjOlo21HjGLhhRF0tsF3jenl5xdly/mKHheC3QO2wtPQ
JlIDKI+LIf7q0R4eX/2BI6HJPIggfTpOfAgp/AnjH6SLtkgorPQ2RH3rrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEYqL26lxsp2NN3jBVrag/p02mz+MB8GA1UdIwQY
MBaAFJrVZnxBKBQROcynxQR/wXJQv2OvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NzlmMGYtMDcwZS00NDNkLThlY2Qt
Njg3MjM1NTgzOGEyLzEvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NzlmMGYtMDcwZS00NDNkLThlY2QtNjg3MjM1NTgzOGEy
LzEvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU+loVocD
7vE2S1ozqq2oZuNTNmZoNNSBJeXS3FGVN6MiQGsezxodiwF6+LYxvucVcj/eQjoX
SIKzXLab/XDC4jEswGXdFzwi23LJHMAFRfqBflVYelxCes8nICvDiG4jWdoTJ8NI
etfC4IGa08ei9WyFbZJTndR93pNLNFL9GG0k/MNEsU2l4ogcHeTtNBD28V1QQd+2
8S3YA8knfkIBtVdx0k5jDOpTPn4RjMjMO1t3sGlWwNQzCu+t6QEMolbkpRzRoajd
tPAWjeLuGcW4qKI3rql9CFE55G8jTYzPYCl5jO8r9mGuBeOvbtvsSEe7BPVgppws
SlR78A5BeMl+Zw==
-----END CERTIFICATE-----