Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
File:                     a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json)
Hash identifier:          0GZvbel79CK84bg4/cIOT5Cvpo1cp8hhh3DTMiqhUtY=
Subject key identifier:   0F:8C:45:B5:D3:16:27:26:AE:E6:78:25:AA:62:D0:FF:64:2D:0C:07
Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61
Certificate issuer:       /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
Certificate serial:       0196BCDBF8A83CFC702095824009377B1484
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
Manifest number:          08F3
Signing time:             Sun 11 May 2025 01:00:54 +0000
Manifest this update:     Sun 11 May 2025 01:00:54 +0000
Manifest next update:     Mon 12 May 2025 01:00:54 +0000
Files and hashes:         1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: f1RlncmKj47fAC4D+QhsCAQUlX/vp4EwswINAZv1B7I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bc:db:f8:a8:3c:fc:70:20:95:82:40:09:37:7b:14:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
        Validity
            Not Before: May 11 01:00:54 2025 GMT
            Not After : May 12 01:00:54 2025 GMT
        Subject: CN=0f8c45b5d3162726aee67825aa62d0ff642d0c07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:a2:6c:7b:54:d5:15:fb:0a:60:93:a0:19:dc:
                    4e:8d:a3:36:d7:8d:25:cb:d7:97:db:23:fc:42:3c:
                    ea:02:76:59:db:dd:e3:49:29:64:36:c9:56:1a:e7:
                    93:24:7c:39:d9:9c:4e:fe:01:48:04:b2:6b:2a:6d:
                    f7:7f:82:aa:61:e7:78:fe:5c:04:ae:3a:51:40:be:
                    6b:46:fb:84:5c:ed:49:17:d4:c2:7e:99:e3:e2:9e:
                    3c:97:0e:5d:89:bf:fa:8f:55:c2:79:91:46:13:46:
                    d8:1f:da:2f:fb:b3:4f:74:8d:d8:a7:df:cf:46:57:
                    f0:c1:54:d5:65:b6:e1:dd:ae:23:a9:62:53:f0:bd:
                    35:40:01:f6:69:43:8b:8d:dc:d3:b8:ef:fa:6d:a3:
                    90:93:41:d9:6d:a2:ee:4e:1a:75:94:15:de:06:35:
                    8d:14:0e:a4:b7:3e:6c:9c:1f:e5:ce:20:43:6b:c8:
                    b5:cf:5d:3a:2a:8e:85:bc:44:45:24:0c:b5:c0:68:
                    80:55:c9:43:68:d3:2f:95:39:d2:6e:93:04:66:d6:
                    ce:a6:bd:4e:70:e3:b3:02:71:ba:ab:65:c6:d7:5c:
                    77:ed:ed:2f:9c:af:98:23:56:15:51:bc:3d:25:77:
                    c8:1e:7a:55:98:32:16:95:b0:e1:02:17:5e:73:1f:
                    b8:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:8C:45:B5:D3:16:27:26:AE:E6:78:25:AA:62:D0:FF:64:2D:0C:07
            X509v3 Authority Key Identifier:
                keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:15:0b:21:9f:68:c0:a4:a4:a7:b7:ef:9b:61:76:7c:6b:13:
         25:e7:f4:7f:01:41:dc:17:a7:a2:43:f5:ed:e8:7d:4b:db:4f:
         31:f9:93:55:91:a9:46:0d:0c:7c:65:c9:58:c2:18:21:f9:22:
         a6:58:32:01:dd:62:d9:d4:94:b0:97:13:14:36:6d:fc:09:c0:
         39:5f:4d:7a:13:a1:b4:d7:f7:b2:eb:b1:ee:33:cd:28:07:d4:
         34:2f:0c:fa:c2:76:e6:9c:4d:3c:b1:1d:06:f4:fc:22:0b:2d:
         18:ce:16:88:e4:c0:ae:7f:8b:45:19:67:a9:16:79:6a:81:22:
         20:aa:18:4c:da:cb:6f:02:76:bd:e6:97:de:24:f3:88:04:a4:
         b3:94:e3:90:90:ff:5f:6f:df:87:55:e9:d7:e1:80:ae:d3:f9:
         15:c6:65:fd:ec:ad:78:bc:84:8f:17:6f:df:ea:49:e3:73:96:
         cf:d3:6c:2e:dd:11:73:61:9b:81:8e:25:a7:77:6c:e8:40:e3:
         3d:0b:d5:de:bd:15:82:4f:49:31:67:35:02:95:96:fd:5c:5f:
         8c:ec:91:6e:1e:d1:e8:bd:0e:b4:ef:fd:78:07:b2:e0:ca:13:
         6d:65:ba:16:50:bd:b2:4f:29:77:7e:fc:39:86:ce:46:bb:ba:
         00:33:68:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa82/ioPPxwIJWCQAk3exSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj
ZmFkNjEwHhcNMjUwNTExMDEwMDU0WhcNMjUwNTEyMDEwMDU0WjAzMTEwLwYDVQQD
EygwZjhjNDViNWQzMTYyNzI2YWVlNjc4MjVhYTYyZDBmZjY0MmQwYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6Jse1TVFfsKYJOgGdxOjaM2140l
y9eX2yP8QjzqAnZZ293jSSlkNslWGueTJHw52ZxO/gFIBLJrKm33f4KqYed4/lwE
rjpRQL5rRvuEXO1JF9TCfpnj4p48lw5dib/6j1XCeZFGE0bYH9ov+7NPdI3Yp9/P
RlfwwVTVZbbh3a4jqWJT8L01QAH2aUOLjdzTuO/6baOQk0HZbaLuThp1lBXeBjWN
FA6ktz5snB/lziBDa8i1z106Ko6FvERFJAy1wGiAVclDaNMvlTnSbpMEZtbOpr1O
cOOzAnG6q2XG11x37e0vnK+YI1YVUbw9JXfIHnpVmDIWlbDhAhdecx+4GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+MRbXTFicmruZ4Japi0P9kLQwHMB8GA1UdIwQY
MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt
MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5
LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfhULIZ9o
wKSkp7fvm2F2fGsTJef0fwFB3BenokP17eh9S9tPMfmTVZGpRg0MfGXJWMIYIfki
plgyAd1i2dSUsJcTFDZt/AnAOV9NehOhtNf3suux7jPNKAfUNC8M+sJ25pxNPLEd
BvT8IgstGM4WiOTArn+LRRlnqRZ5aoEiIKoYTNrLbwJ2veaX3iTziASks5TjkJD/
X2/fh1Xp1+GArtP5FcZl/eyteLyEjxdv3+pJ43OWz9NsLt0Rc2GbgY4lp3ds6EDj
PQvV3r0Vgk9JMWc1ApWW/VxfjOyRbh7R6L0OtO/9eAey4MoTbWW6FlC9sk8pd378
OYbORru6ADNoIQ==
-----END CERTIFICATE-----