Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.mft
File:                     i5epFTYKSH1c9dXGZeW_4f_1Np8.mft (raw, json)
Hash identifier:          UNrozguKd+2RU6r+Rupo3NFnJ561b+qSlyYW2+t1NLk=
Subject key identifier:   24:5D:94:32:B3:54:0A:5E:08:CB:04:9E:2A:46:B3:C8:53:18:C0:66
Authority key identifier: 8B:97:A9:15:36:0A:48:7D:5C:F5:D5:C6:65:E5:BF:E1:FF:F5:36:9F
Certificate issuer:       /CN=8b97a915360a487d5cf5d5c665e5bfe1fff5369f
Certificate serial:       0196B3D953897D72E16A111784A1C3B1E525
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i5epFTYKSH1c9dXGZeW_4f_1Np8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.mft
Manifest number:          03CC
Signing time:             Fri 09 May 2025 07:01:26 +0000
Manifest this update:     Fri 09 May 2025 07:01:26 +0000
Manifest next update:     Sat 10 May 2025 07:01:26 +0000
Files and hashes:         1: i5epFTYKSH1c9dXGZeW_4f_1Np8.crl (hash: 5DweyVglAvUQQrLczXdRHLNy9YmOpcUTJOiyfwyJN1w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i5epFTYKSH1c9dXGZeW_4f_1Np8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b3:d9:53:89:7d:72:e1:6a:11:17:84:a1:c3:b1:e5:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b97a915360a487d5cf5d5c665e5bfe1fff5369f
        Validity
            Not Before: May  9 07:01:26 2025 GMT
            Not After : May 10 07:01:26 2025 GMT
        Subject: CN=245d9432b3540a5e08cb049e2a46b3c85318c066
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:d2:91:dd:f5:09:89:7c:78:f6:91:3e:5f:72:
                    52:e5:d1:84:37:eb:f4:18:0e:17:f8:ae:7d:f0:91:
                    13:4d:bb:bb:29:ee:b0:14:3d:28:02:82:4f:a9:34:
                    75:5e:b8:a4:14:05:a1:a1:b0:57:03:c2:3d:13:99:
                    78:04:13:0f:91:d6:2d:be:1b:4b:4e:8a:17:f1:e1:
                    d0:09:4e:f6:0f:bc:4e:f6:be:ef:78:65:dd:d1:35:
                    62:e5:42:47:d0:43:c8:57:4e:b7:b4:3f:67:3f:91:
                    20:f5:8a:4c:98:90:bb:5e:8b:7a:0f:b9:a8:a4:e3:
                    71:46:ae:09:17:c0:bd:11:06:44:d9:e1:26:59:b4:
                    f8:27:a3:8c:46:2b:f1:d7:ed:ea:cf:1e:fa:e7:8e:
                    67:9f:3a:e7:4a:dd:b0:5c:8e:46:e8:ac:da:17:82:
                    9b:94:b1:ba:99:57:e0:62:f4:9c:ab:1e:2e:c6:77:
                    ab:f4:d6:30:79:5f:6d:1f:2e:d1:e0:88:c0:68:66:
                    90:f5:29:ad:e9:65:d5:1a:3e:bb:32:1d:d2:b2:60:
                    fa:fa:78:1a:32:01:a4:7d:2e:fa:c0:c1:d5:db:cb:
                    38:cd:48:8b:af:6a:c6:39:68:8e:22:43:9f:68:f9:
                    d3:9d:1f:b8:96:1d:75:e9:e1:34:5f:26:cc:a0:92:
                    35:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:5D:94:32:B3:54:0A:5E:08:CB:04:9E:2A:46:B3:C8:53:18:C0:66
            X509v3 Authority Key Identifier:
                keyid:8B:97:A9:15:36:0A:48:7D:5C:F5:D5:C6:65:E5:BF:E1:FF:F5:36:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5epFTYKSH1c9dXGZeW_4f_1Np8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:e7:b4:7e:8b:df:e3:71:7a:a6:ae:f5:5e:2b:3d:73:cf:29:
         68:9d:53:fa:ea:aa:ef:1c:d3:17:a5:33:5a:a8:fb:5e:d0:53:
         a3:24:a8:fa:5b:c5:8a:d3:1c:a0:f5:77:2e:ca:51:57:a3:df:
         25:17:e6:f4:b1:4d:a1:07:10:09:43:af:3b:7c:a6:b5:de:d3:
         1b:47:9b:36:8f:d8:56:be:e3:92:8e:d7:6f:cc:e7:89:67:aa:
         6d:6b:e2:0d:69:73:cb:27:76:22:55:2b:d8:2a:52:c6:d5:08:
         c3:69:cd:af:01:73:fa:2e:87:06:35:31:5d:8a:32:d7:bf:ce:
         b4:b3:c4:77:ca:96:7b:a4:47:a4:23:77:e9:00:0d:53:73:67:
         d7:ba:43:a3:fe:df:bb:c5:17:a5:e8:b2:a6:3f:11:5e:e7:66:
         83:41:85:05:c0:53:5c:5b:f3:87:de:c6:87:b6:d2:f6:7d:68:
         b1:51:a8:a5:20:bb:50:e2:86:5d:45:9a:75:19:0d:7b:c6:24:
         8f:0c:f2:b7:1f:c1:ae:42:24:e0:5e:9c:b6:de:0c:8f:0e:bc:
         4b:48:6d:2f:76:42:a8:dc:04:89:f0:e8:1d:d7:65:f8:9d:17:
         28:ca:0c:2d:2f:df:67:00:38:20:d6:b4:6a:62:9d:c8:d9:20:
         81:ef:13:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaz2VOJfXLhahEXhKHDseUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOTdhOTE1MzYwYTQ4N2Q1Y2Y1ZDVjNjY1ZTViZmUxZmZm
NTM2OWYwHhcNMjUwNTA5MDcwMTI2WhcNMjUwNTEwMDcwMTI2WjAzMTEwLwYDVQQD
EygyNDVkOTQzMmIzNTQwYTVlMDhjYjA0OWUyYTQ2YjNjODUzMThjMDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNKR3fUJiXx49pE+X3JS5dGEN+v0
GA4X+K598JETTbu7Ke6wFD0oAoJPqTR1XrikFAWhobBXA8I9E5l4BBMPkdYtvhtL
TooX8eHQCU72D7xO9r7veGXd0TVi5UJH0EPIV063tD9nP5Eg9YpMmJC7Xot6D7mo
pONxRq4JF8C9EQZE2eEmWbT4J6OMRivx1+3qzx76545nnzrnSt2wXI5G6KzaF4Kb
lLG6mVfgYvScqx4uxner9NYweV9tHy7R4IjAaGaQ9Smt6WXVGj67Mh3SsmD6+nga
MgGkfS76wMHV28s4zUiLr2rGOWiOIkOfaPnTnR+4lh116eE0XybMoJI1+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCRdlDKzVApeCMsEnipGs8hTGMBmMB8GA1UdIwQY
MBaAFIuXqRU2Ckh9XPXVxmXlv+H/9TafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTVlcEZUWUtTSDFjOWRYR1plV180Zl8xTnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy83ZDRhMjktMDIzZi00MmQ3LWFhYjct
ZDg3YjM2MWFjZDg5LzEvaTVlcEZUWUtTSDFjOWRYR1plV180Zl8xTnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy83ZDRhMjktMDIzZi00MmQ3LWFhYjctZDg3YjM2MWFjZDg5
LzEvaTVlcEZUWUtTSDFjOWRYR1plV180Zl8xTnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVue0fovf
43F6pq71Xis9c88paJ1T+uqq7xzTF6UzWqj7XtBToySo+lvFitMcoPV3LspRV6Pf
JRfm9LFNoQcQCUOvO3ymtd7TG0ebNo/YVr7jko7Xb8zniWeqbWviDWlzyyd2IlUr
2CpSxtUIw2nNrwFz+i6HBjUxXYoy17/OtLPEd8qWe6RHpCN36QANU3Nn17pDo/7f
u8UXpeiypj8RXudmg0GFBcBTXFvzh97Gh7bS9n1osVGopSC7UOKGXUWadRkNe8Yk
jwzytx/BrkIk4F6ctt4Mjw68S0htL3ZCqNwEifDoHddl+J0XKMoMLS/fZwA4INa0
amKdyNkgge8TzQ==
-----END CERTIFICATE-----