Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
File:                     04G3AXBRkLnOnRsYRTU4TnHKMWU.mft (raw, json)
Hash identifier:          jq7ntsSuqX2gf7w3/lY9q6/xTTjlMtqN9lkS0yK45HM=
Subject key identifier:   D9:AC:5F:26:7C:27:72:FD:3D:9E:12:1E:06:7B:84:FD:52:0A:49:85
Authority key identifier: D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65
Certificate issuer:       /CN=d381b701705190b9ce9d1b184535384e71ca3165
Certificate serial:       0196B5C7875F92BD9B1F694B7C5449DE3010
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
Manifest number:          152E
Signing time:             Fri 09 May 2025 16:01:14 +0000
Manifest this update:     Fri 09 May 2025 16:01:14 +0000
Manifest next update:     Sat 10 May 2025 16:01:14 +0000
Files and hashes:         1: 04G3AXBRkLnOnRsYRTU4TnHKMWU.crl (hash: q3LoW0BMJpaCOiWjqQHBxar94OJAdOCtUfW3doVKdq4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 16:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b5:c7:87:5f:92:bd:9b:1f:69:4b:7c:54:49:de:30:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d381b701705190b9ce9d1b184535384e71ca3165
        Validity
            Not Before: May  9 16:01:14 2025 GMT
            Not After : May 10 16:01:14 2025 GMT
        Subject: CN=d9ac5f267c2772fd3d9e121e067b84fd520a4985
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:6d:6d:6b:15:da:53:00:be:95:a6:cd:fb:0c:
                    de:c1:bc:80:86:69:09:7d:a1:89:c9:73:06:51:ee:
                    19:1c:b2:2a:c8:7e:92:b8:a0:a1:d8:97:8f:13:02:
                    56:d7:aa:79:32:cb:9f:8f:70:c2:5f:2c:b1:c1:e5:
                    2e:0e:13:1d:db:06:17:27:92:18:b5:35:a8:76:78:
                    2c:98:5a:0c:e7:14:8b:24:a4:fa:8e:70:ac:0f:9a:
                    4d:c3:cd:a5:bb:18:35:24:e4:e2:92:f6:4a:e9:89:
                    ac:bd:26:58:27:bd:f3:fd:4d:55:92:aa:65:f0:27:
                    56:52:34:37:37:a4:dd:5f:30:ea:50:2d:8c:e8:0f:
                    95:90:fb:31:0e:b5:ad:17:93:7b:98:d5:75:3d:85:
                    09:d9:26:ec:9a:52:c8:5b:1d:97:44:ce:6a:0b:78:
                    ea:ea:da:8d:d2:91:9c:5a:8f:0c:40:87:b7:5c:a6:
                    5b:01:d1:da:77:ed:3e:09:a7:a1:cb:cc:59:3e:6b:
                    0e:59:f6:ee:6f:b0:99:b1:80:f4:9b:60:7d:41:a2:
                    49:ac:80:62:52:3f:bc:fc:f5:c9:b5:d6:1f:31:5d:
                    70:19:13:6b:95:00:72:ff:86:8a:1d:83:92:25:4e:
                    75:9f:93:c2:02:39:f6:8a:20:a3:24:48:67:f7:59:
                    27:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:AC:5F:26:7C:27:72:FD:3D:9E:12:1E:06:7B:84:FD:52:0A:49:85
            X509v3 Authority Key Identifier:
                keyid:D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:2a:ab:f1:3c:2b:33:e3:4b:a4:ac:5b:5e:7e:42:f2:6b:90:
         a4:8e:03:7c:64:f7:d8:64:87:bd:5f:6e:a2:c6:55:b5:60:26:
         43:ed:80:67:52:75:5a:22:2b:b8:d0:1d:8a:9a:e2:00:6d:27:
         a8:27:46:71:83:4e:4c:8e:bb:a8:eb:70:e2:7a:6c:84:3f:ca:
         d8:93:88:33:13:79:e9:f5:71:59:f6:1e:8e:91:b1:2c:fa:27:
         b4:65:e2:8c:00:59:ed:7d:bb:f6:c9:79:b1:94:3b:de:9a:86:
         87:bf:a4:2d:56:23:76:1c:8a:b6:80:a6:a2:e7:f6:ca:49:1f:
         57:79:10:d2:27:0a:03:74:91:68:8b:e8:7a:cd:77:c0:46:a7:
         c1:b4:e4:db:a2:36:c5:9d:95:9c:a8:4f:98:c0:37:ff:fc:2e:
         a9:be:0e:81:c1:48:ad:e4:6c:f6:2d:ba:73:b0:f5:ff:24:ab:
         fb:58:19:87:a9:5a:e4:5b:37:b6:af:7d:be:9e:5e:69:ea:a9:
         9a:19:81:47:a9:d0:7d:19:3d:4b:e4:bb:20:d5:c7:ce:11:56:
         67:ac:4a:11:5e:25:2e:d5:dc:41:c3:a8:2e:4c:2c:6f:c0:43:
         c6:8c:85:e1:a2:a0:d0:38:7c:ef:cb:ec:d4:5a:1a:71:3a:e0:
         04:70:e3:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa1x4dfkr2bH2lLfFRJ3jAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODFiNzAxNzA1MTkwYjljZTlkMWIxODQ1MzUzODRlNzFj
YTMxNjUwHhcNMjUwNTA5MTYwMTE0WhcNMjUwNTEwMTYwMTE0WjAzMTEwLwYDVQQD
EyhkOWFjNWYyNjdjMjc3MmZkM2Q5ZTEyMWUwNjdiODRmZDUyMGE0OTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsm1taxXaUwC+labN+wzewbyAhmkJ
faGJyXMGUe4ZHLIqyH6SuKCh2JePEwJW16p5Msufj3DCXyyxweUuDhMd2wYXJ5IY
tTWodngsmFoM5xSLJKT6jnCsD5pNw82luxg1JOTikvZK6YmsvSZYJ73z/U1Vkqpl
8CdWUjQ3N6TdXzDqUC2M6A+VkPsxDrWtF5N7mNV1PYUJ2SbsmlLIWx2XRM5qC3jq
6tqN0pGcWo8MQIe3XKZbAdHad+0+Caehy8xZPmsOWfbub7CZsYD0m2B9QaJJrIBi
Uj+8/PXJtdYfMV1wGRNrlQBy/4aKHYOSJU51n5PCAjn2iiCjJEhn91knXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNmsXyZ8J3L9PZ4SHgZ7hP1SCkmFMB8GA1UdIwQY
MBaAFNOBtwFwUZC5zp0bGEU1OE5xyjFlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTct
NzA1NGViMmM0YzAwLzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTctNzA1NGViMmM0YzAw
LzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAACqr8Twr
M+NLpKxbXn5C8muQpI4DfGT32GSHvV9uosZVtWAmQ+2AZ1J1WiIruNAdipriAG0n
qCdGcYNOTI67qOtw4npshD/K2JOIMxN56fVxWfYejpGxLPontGXijABZ7X279sl5
sZQ73pqGh7+kLVYjdhyKtoCmouf2ykkfV3kQ0icKA3SRaIvoes13wEanwbTk26I2
xZ2VnKhPmMA3//wuqb4OgcFIreRs9i26c7D1/ySr+1gZh6la5Fs3tq99vp5eaeqp
mhmBR6nQfRk9S+S7INXHzhFWZ6xKEV4lLtXcQcOoLkwsb8BDxoyF4aKg0Dh878vs
1FoacTrgBHDjLQ==
-----END CERTIFICATE-----