Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/854c21-5e1a-451d-aea1-fca0741a586e/1/aluKc4anCgzU9gC-dYHe-JRHOkE.mft
File:                     aluKc4anCgzU9gC-dYHe-JRHOkE.mft (raw, json)
Hash identifier:          vaL2zPjmMDagWTKnMzYelpJ3tafSG8uiIw9qpvjXYt4=
Subject key identifier:   B2:A2:8B:B6:08:81:10:59:A6:03:6E:F6:DD:C4:B2:99:AF:99:12:13
Authority key identifier: 6A:5B:8A:73:86:A7:0A:0C:D4:F6:00:BE:75:81:DE:F8:94:47:3A:41
Certificate issuer:       /CN=6a5b8a7386a70a0cd4f600be7581def894473a41
Certificate serial:       0196B85A1ABF2CA3E962E65FD6657412C7D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aluKc4anCgzU9gC-dYHe-JRHOkE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/854c21-5e1a-451d-aea1-fca0741a586e/1/aluKc4anCgzU9gC-dYHe-JRHOkE.mft
Manifest number:          0650
Signing time:             Sat 10 May 2025 04:00:34 +0000
Manifest this update:     Sat 10 May 2025 04:00:34 +0000
Manifest next update:     Sun 11 May 2025 04:00:34 +0000
Files and hashes:         1: aluKc4anCgzU9gC-dYHe-JRHOkE.crl (hash: +AY/mlgV/wvYrYw2Qpg6eq+F5SroWmBV2SmNGuiYr/w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/854c21-5e1a-451d-aea1-fca0741a586e/1/aluKc4anCgzU9gC-dYHe-JRHOkE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/854c21-5e1a-451d-aea1-fca0741a586e/1/aluKc4anCgzU9gC-dYHe-JRHOkE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aluKc4anCgzU9gC-dYHe-JRHOkE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b8:5a:1a:bf:2c:a3:e9:62:e6:5f:d6:65:74:12:c7:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a5b8a7386a70a0cd4f600be7581def894473a41
        Validity
            Not Before: May 10 04:00:34 2025 GMT
            Not After : May 11 04:00:34 2025 GMT
        Subject: CN=b2a28bb608811059a6036ef6ddc4b299af991213
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:9c:c7:d9:80:cc:f5:38:29:c8:97:47:0f:2b:
                    ad:79:f5:89:0b:18:fd:3c:fb:18:00:ec:ff:9c:40:
                    96:31:d3:ed:4b:04:f3:2c:8e:f5:9e:f4:28:50:b7:
                    c7:97:0a:6e:aa:9b:e4:17:b4:b1:a8:4a:63:42:1b:
                    53:41:54:84:84:17:a1:85:af:02:e7:3e:8e:25:77:
                    24:51:67:df:ee:06:1f:a0:28:5e:2e:55:b1:4b:57:
                    1a:87:cc:95:ed:16:5f:a5:fa:36:12:30:1f:0d:f6:
                    29:ef:1a:a6:07:71:82:c5:5b:b5:ed:30:cf:b2:76:
                    36:0e:f7:8d:8d:f2:6a:8b:9d:bc:24:5c:07:55:1d:
                    a7:b8:9a:f6:8f:a7:0d:12:dd:a7:2f:8c:ce:b1:78:
                    a8:1f:a5:f1:25:ff:e5:2c:1f:70:b7:f9:ae:2b:9a:
                    ed:53:97:62:6b:fd:d8:ca:21:0a:67:a2:02:1f:c0:
                    0a:d9:9f:1e:b3:4c:fa:a5:9c:32:7e:31:ff:df:0c:
                    a1:96:bd:30:1d:c5:c5:3a:8f:e5:d2:70:a3:b6:86:
                    a2:8e:0b:80:48:d5:82:34:49:f3:2c:c6:23:0c:6a:
                    cb:3c:40:dd:6a:cb:7e:0c:af:61:9e:a0:44:8b:e5:
                    bb:19:4c:ac:30:c2:c2:d7:ce:2b:1e:ce:4b:67:69:
                    39:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:A2:8B:B6:08:81:10:59:A6:03:6E:F6:DD:C4:B2:99:AF:99:12:13
            X509v3 Authority Key Identifier:
                keyid:6A:5B:8A:73:86:A7:0A:0C:D4:F6:00:BE:75:81:DE:F8:94:47:3A:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aluKc4anCgzU9gC-dYHe-JRHOkE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/854c21-5e1a-451d-aea1-fca0741a586e/1/aluKc4anCgzU9gC-dYHe-JRHOkE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/854c21-5e1a-451d-aea1-fca0741a586e/1/aluKc4anCgzU9gC-dYHe-JRHOkE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:0d:36:2a:d3:5f:38:5e:88:0e:7c:fd:3c:15:7f:0e:37:67:
         74:e8:52:f2:2a:4b:63:e5:4d:ce:e9:05:44:be:5e:71:3a:83:
         b0:ba:0a:40:82:be:aa:41:0c:e0:03:c1:c4:ec:22:a9:48:0f:
         46:ec:87:a4:3d:67:7f:70:56:94:eb:0e:b2:bf:6d:30:c8:66:
         22:b6:04:69:52:fa:86:05:fa:3e:c4:51:d3:17:96:67:b8:10:
         5e:de:ae:55:79:62:82:1e:90:f7:fd:93:54:e5:ce:e7:8e:12:
         17:c0:8b:47:1c:30:32:8a:1b:1c:94:f2:10:fb:b8:32:d3:10:
         52:af:b1:e7:5c:db:cc:b8:de:f9:c5:c3:96:5f:86:43:fd:88:
         22:d3:d7:2e:7d:c6:5f:51:17:9f:8f:c1:f6:56:be:c8:dd:ee:
         b0:d0:d8:07:59:b9:27:d1:a7:0b:7b:2d:5a:fe:e1:9a:ef:d2:
         91:eb:bd:f7:5c:d9:ec:43:f0:5e:9c:3c:1e:93:b6:56:2f:28:
         a9:cc:61:e7:96:94:57:32:e6:ed:15:0b:c1:5b:43:79:aa:44:
         01:c2:e0:36:91:c2:b5:81:bd:96:f9:7e:cf:88:e8:7c:8c:65:
         32:7f:11:65:29:f0:b9:78:f7:42:36:cf:9c:3e:06:50:00:ec:
         9d:b1:cc:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa4Whq/LKPpYuZf1mV0EsfWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNWI4YTczODZhNzBhMGNkNGY2MDBiZTc1ODFkZWY4OTQ0
NzNhNDEwHhcNMjUwNTEwMDQwMDM0WhcNMjUwNTExMDQwMDM0WjAzMTEwLwYDVQQD
EyhiMmEyOGJiNjA4ODExMDU5YTYwMzZlZjZkZGM0YjI5OWFmOTkxMjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5zH2YDM9TgpyJdHDyutefWJCxj9
PPsYAOz/nECWMdPtSwTzLI71nvQoULfHlwpuqpvkF7SxqEpjQhtTQVSEhBehha8C
5z6OJXckUWff7gYfoCheLlWxS1cah8yV7RZfpfo2EjAfDfYp7xqmB3GCxVu17TDP
snY2DveNjfJqi528JFwHVR2nuJr2j6cNEt2nL4zOsXioH6XxJf/lLB9wt/muK5rt
U5dia/3YyiEKZ6ICH8AK2Z8es0z6pZwyfjH/3wyhlr0wHcXFOo/l0nCjtoaijguA
SNWCNEnzLMYjDGrLPEDdast+DK9hnqBEi+W7GUysMMLC184rHs5LZ2k5swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLKii7YIgRBZpgNu9t3EspmvmRITMB8GA1UdIwQY
MBaAFGpbinOGpwoM1PYAvnWB3viURzpBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWx1S2M0YW5DZ3pVOWdDLWRZSGUtSlJIT2tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS84NTRjMjEtNWUxYS00NTFkLWFlYTEt
ZmNhMDc0MWE1ODZlLzEvYWx1S2M0YW5DZ3pVOWdDLWRZSGUtSlJIT2tFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS84NTRjMjEtNWUxYS00NTFkLWFlYTEtZmNhMDc0MWE1ODZl
LzEvYWx1S2M0YW5DZ3pVOWdDLWRZSGUtSlJIT2tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANw02KtNf
OF6IDnz9PBV/DjdndOhS8ipLY+VNzukFRL5ecTqDsLoKQIK+qkEM4APBxOwiqUgP
RuyHpD1nf3BWlOsOsr9tMMhmIrYEaVL6hgX6PsRR0xeWZ7gQXt6uVXligh6Q9/2T
VOXO544SF8CLRxwwMoobHJTyEPu4MtMQUq+x51zbzLje+cXDll+GQ/2IItPXLn3G
X1EXn4/B9la+yN3usNDYB1m5J9GnC3stWv7hmu/Skeu991zZ7EPwXpw8HpO2Vi8o
qcxh55aUVzLm7RULwVtDeapEAcLgNpHCtYG9lvl+z4jofIxlMn8RZSnwuXj3QjbP
nD4GUADsnbHMrw==
-----END CERTIFICATE-----