Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/0196f1-4339-4bdc-8034-2eb2f2ed3029/1/_TSxP72Tgd-Exofwa80HTkp1WAM.mft
File:                     _TSxP72Tgd-Exofwa80HTkp1WAM.mft (raw, json)
Hash identifier:          WoEO9e549v/1XhUdoJ79xNyUP1lAm6SVPm1gXRM5EeM=
Subject key identifier:   08:32:CF:27:12:20:17:58:71:63:92:58:54:F8:6C:A1:C3:4D:3C:73
Authority key identifier: FD:34:B1:3F:BD:93:81:DF:84:C6:87:F0:6B:CD:07:4E:4A:75:58:03
Certificate issuer:       /CN=fd34b13fbd9381df84c687f06bcd074e4a755803
Certificate serial:       0196AEB285D5FDFF633533D95FB6F045BA98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_TSxP72Tgd-Exofwa80HTkp1WAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/0196f1-4339-4bdc-8034-2eb2f2ed3029/1/_TSxP72Tgd-Exofwa80HTkp1WAM.mft
Manifest number:          152A
Signing time:             Thu 08 May 2025 07:00:57 +0000
Manifest this update:     Thu 08 May 2025 07:00:57 +0000
Manifest next update:     Fri 09 May 2025 07:00:57 +0000
Files and hashes:         1: _TSxP72Tgd-Exofwa80HTkp1WAM.crl (hash: A6+ob4wTBoXoiy+lUeE2Mv5PqGyn3tsfvyKyO0WmDIs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/0196f1-4339-4bdc-8034-2eb2f2ed3029/1/_TSxP72Tgd-Exofwa80HTkp1WAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/0196f1-4339-4bdc-8034-2eb2f2ed3029/1/_TSxP72Tgd-Exofwa80HTkp1WAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_TSxP72Tgd-Exofwa80HTkp1WAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ae:b2:85:d5:fd:ff:63:35:33:d9:5f:b6:f0:45:ba:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd34b13fbd9381df84c687f06bcd074e4a755803
        Validity
            Not Before: May  8 07:00:57 2025 GMT
            Not After : May  9 07:00:57 2025 GMT
        Subject: CN=0832cf27122017587163925854f86ca1c34d3c73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:d7:9b:51:24:6b:e4:c1:03:42:f3:54:d0:e2:
                    23:28:ac:81:0c:03:ce:5e:35:3d:22:10:d8:0d:cb:
                    ec:a7:8b:77:b4:ed:02:e8:3d:ff:5d:5a:82:c8:a0:
                    c7:3a:88:d3:fe:e5:56:a1:9d:d5:68:a3:ef:08:5a:
                    f4:a9:b2:fa:f8:85:30:5d:c3:ef:f8:a8:5c:dd:f5:
                    00:04:9a:86:c4:a2:b1:1a:ef:df:67:a5:d8:e3:f3:
                    3f:d2:65:ee:95:f8:ad:0f:33:6b:d1:f5:34:c3:89:
                    7e:9b:66:b5:a0:4c:83:e3:3e:7f:38:71:60:92:41:
                    45:91:31:ea:52:c0:f6:b5:0e:d9:96:64:d0:c8:76:
                    1e:50:2c:52:36:3c:5d:3f:13:11:fe:68:d2:2f:7f:
                    d5:5a:93:f9:37:1b:2a:46:0d:55:99:ae:61:1f:71:
                    6d:fe:3d:dd:0d:de:d8:12:37:2b:68:30:5e:9c:13:
                    67:32:62:46:c8:82:d6:0e:60:c3:f0:dd:d1:fd:ee:
                    d0:cb:7c:e1:c1:32:1a:4a:18:f8:f8:81:a3:d1:4b:
                    13:0c:7c:a3:3a:54:69:2a:00:4e:f4:58:36:fc:14:
                    d9:4c:fb:6c:e5:3d:89:e5:b4:aa:50:3a:19:85:49:
                    27:13:d9:0e:80:04:4c:f8:25:94:4e:04:7b:e1:a6:
                    ff:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:32:CF:27:12:20:17:58:71:63:92:58:54:F8:6C:A1:C3:4D:3C:73
            X509v3 Authority Key Identifier:
                keyid:FD:34:B1:3F:BD:93:81:DF:84:C6:87:F0:6B:CD:07:4E:4A:75:58:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TSxP72Tgd-Exofwa80HTkp1WAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/0196f1-4339-4bdc-8034-2eb2f2ed3029/1/_TSxP72Tgd-Exofwa80HTkp1WAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/0196f1-4339-4bdc-8034-2eb2f2ed3029/1/_TSxP72Tgd-Exofwa80HTkp1WAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:9b:2d:6d:75:9c:f1:22:ad:00:43:02:48:78:79:6e:16:ec:
         7d:28:cc:02:d9:ea:14:5d:23:71:23:7b:84:31:5b:70:a7:c6:
         48:41:7b:00:d5:12:47:2a:67:0d:d6:4e:01:b4:0b:3d:d3:9d:
         e2:1c:48:db:86:f7:27:88:09:ec:80:40:25:c0:c4:4c:70:67:
         4d:5e:2b:83:72:4c:0d:59:b9:b9:12:ee:b4:5f:99:d6:e1:1e:
         1e:ef:f3:d4:ba:e4:4b:5d:03:d0:b7:58:dd:04:4c:6f:aa:d7:
         cb:20:ae:15:eb:ee:32:51:2f:48:c6:ec:e7:20:4a:d7:71:f2:
         e0:36:e6:af:b9:a7:3b:0a:9f:b8:8a:01:e0:09:c3:b7:88:07:
         85:43:9f:f7:87:f7:5c:e1:14:f5:b8:e0:25:e6:8f:5f:d4:28:
         c3:13:11:28:8b:99:13:e9:be:2f:73:b7:6b:54:50:b6:37:9c:
         9e:4e:f5:9a:e7:e7:86:73:bc:b2:79:35:8e:2a:65:8a:f2:06:
         0e:b2:3a:16:58:4c:e7:2a:ff:a9:dd:36:44:c3:20:4d:55:ab:
         e2:dc:ed:e3:53:40:bb:1d:b4:eb:1f:4f:a1:8f:45:4b:ab:6c:
         8d:d5:ca:8c:cd:0f:90:a2:84:a4:09:4e:eb:42:a5:86:9b:61:
         b9:24:20:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZausoXV/f9jNTPZX7bwRbqYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzRiMTNmYmQ5MzgxZGY4NGM2ODdmMDZiY2QwNzRlNGE3
NTU4MDMwHhcNMjUwNTA4MDcwMDU3WhcNMjUwNTA5MDcwMDU3WjAzMTEwLwYDVQQD
EygwODMyY2YyNzEyMjAxNzU4NzE2MzkyNTg1NGY4NmNhMWMzNGQzYzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNebUSRr5MEDQvNU0OIjKKyBDAPO
XjU9IhDYDcvsp4t3tO0C6D3/XVqCyKDHOojT/uVWoZ3VaKPvCFr0qbL6+IUwXcPv
+Khc3fUABJqGxKKxGu/fZ6XY4/M/0mXulfitDzNr0fU0w4l+m2a1oEyD4z5/OHFg
kkFFkTHqUsD2tQ7ZlmTQyHYeUCxSNjxdPxMR/mjSL3/VWpP5NxsqRg1Vma5hH3Ft
/j3dDd7YEjcraDBenBNnMmJGyILWDmDD8N3R/e7Qy3zhwTIaShj4+IGj0UsTDHyj
OlRpKgBO9Fg2/BTZTPts5T2J5bSqUDoZhUknE9kOgARM+CWUTgR74ab/RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAgyzycSIBdYcWOSWFT4bKHDTTxzMB8GA1UdIwQY
MBaAFP00sT+9k4HfhMaH8GvNB05KdVgDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RTeFA3MlRnZC1FeG9md2E4MEhUa3AxV0FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8wMTk2ZjEtNDMzOS00YmRjLTgwMzQt
MmViMmYyZWQzMDI5LzEvX1RTeFA3MlRnZC1FeG9md2E4MEhUa3AxV0FNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8wMTk2ZjEtNDMzOS00YmRjLTgwMzQtMmViMmYyZWQzMDI5
LzEvX1RTeFA3MlRnZC1FeG9md2E4MEhUa3AxV0FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeZstbXWc
8SKtAEMCSHh5bhbsfSjMAtnqFF0jcSN7hDFbcKfGSEF7ANUSRypnDdZOAbQLPdOd
4hxI24b3J4gJ7IBAJcDETHBnTV4rg3JMDVm5uRLutF+Z1uEeHu/z1LrkS10D0LdY
3QRMb6rXyyCuFevuMlEvSMbs5yBK13Hy4Dbmr7mnOwqfuIoB4AnDt4gHhUOf94f3
XOEU9bjgJeaPX9QowxMRKIuZE+m+L3O3a1RQtjecnk71mufnhnO8snk1jiplivIG
DrI6FlhM5yr/qd02RMMgTVWr4tzt41NAux206x9PoY9FS6tsjdXKjM0PkKKEpAlO
60KlhpthuSQg2g==
-----END CERTIFICATE-----