Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
File:                     _ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft (raw, json)
Hash identifier:          smnq3WZa9T4Dul1xe6mbJSoMDbWv7ISY54Q3CTrU1IE=
Subject key identifier:   36:18:3F:4B:69:C0:CE:21:E6:5C:47:4C:03:B2:33:30:9E:29:C1:78
Authority key identifier: FD:38:5A:61:63:98:E4:16:C7:0D:CB:32:25:66:F9:3E:3D:2F:BF:13
Certificate issuer:       /CN=fd385a616398e416c70dcb322566f93e3d2fbf13
Certificate serial:       01969F07F89677AF2BF42CFFF37E241860CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
Manifest number:          0C94
Signing time:             Mon 05 May 2025 06:00:21 +0000
Manifest this update:     Mon 05 May 2025 06:00:21 +0000
Manifest next update:     Tue 06 May 2025 06:00:21 +0000
Files and hashes:         1: _ThaYWOY5BbHDcsyJWb5Pj0vvxM.crl (hash: MKNRtudWb2tvAGbGF6nkk9dQJNhmQZAXsw1FdyR/qvA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 06:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9f:07:f8:96:77:af:2b:f4:2c:ff:f3:7e:24:18:60:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd385a616398e416c70dcb322566f93e3d2fbf13
        Validity
            Not Before: May  5 06:00:21 2025 GMT
            Not After : May  6 06:00:21 2025 GMT
        Subject: CN=36183f4b69c0ce21e65c474c03b233309e29c178
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:1b:2e:10:6a:f5:c8:21:b5:35:40:40:26:e8:
                    6f:8b:e2:3f:1d:35:8b:8d:55:ec:c2:c6:30:d2:6a:
                    46:cd:92:63:26:7e:6d:24:7b:82:db:38:a4:01:e1:
                    e0:5a:ca:91:86:13:e6:83:e4:19:ad:09:7a:7c:53:
                    44:aa:24:bf:80:26:04:9e:f9:c9:da:5f:fb:f1:d2:
                    9d:4d:f2:fa:ad:6d:fb:22:7f:47:14:c0:02:a2:7b:
                    8c:f5:f2:9d:87:b0:83:b9:13:6c:0f:5c:99:00:62:
                    0b:21:c0:6b:5e:87:ca:4c:3f:8a:16:c1:07:04:8c:
                    a4:fa:0d:80:6d:01:77:fe:78:34:db:33:79:73:b0:
                    f8:3d:dd:52:13:43:19:8f:3f:de:84:c1:13:cc:96:
                    0d:ef:89:65:03:74:11:84:df:1d:63:b7:b4:5d:6c:
                    4c:49:f6:97:96:49:8b:51:66:26:5c:d5:8b:e7:39:
                    ce:ec:7b:b3:e1:de:2b:22:d1:e1:e5:12:a5:d6:20:
                    6c:46:9a:d6:85:90:ff:7e:24:04:bd:1a:cd:96:bf:
                    31:26:17:a9:cc:1a:1f:92:9a:87:bc:bd:77:99:8a:
                    cb:e0:38:57:62:59:f9:9d:5d:b2:13:67:09:b4:f9:
                    71:99:4c:0e:05:97:8e:29:4c:84:7b:d0:6a:c0:0e:
                    ff:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:18:3F:4B:69:C0:CE:21:E6:5C:47:4C:03:B2:33:30:9E:29:C1:78
            X509v3 Authority Key Identifier:
                keyid:FD:38:5A:61:63:98:E4:16:C7:0D:CB:32:25:66:F9:3E:3D:2F:BF:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:4d:20:80:8d:2a:b7:8d:bc:f0:2a:34:7c:7b:e7:2a:0c:bf:
         b7:9e:7b:b7:6e:95:19:d7:4a:71:11:03:88:94:7c:61:15:c3:
         1c:ce:45:24:4a:f0:84:73:1b:57:a2:52:59:33:58:13:cf:02:
         81:ed:41:7f:bd:7a:17:a9:bd:22:19:3a:05:c3:d9:96:43:7c:
         bb:f0:69:d3:a6:18:c9:45:a4:2a:42:ec:90:39:ed:b7:77:7f:
         5c:90:e5:3e:f4:1b:a7:63:f6:fa:fd:7f:cb:b1:a9:45:a5:26:
         8b:b0:4f:72:b3:8d:89:62:00:7c:50:c2:df:06:e7:75:66:5d:
         85:2d:60:6a:18:52:c2:6d:5f:88:56:cc:62:3a:5f:4d:07:c4:
         20:d7:42:cd:b2:0c:da:ad:c8:07:5f:8c:b5:f5:2d:ae:09:6a:
         c7:7e:8b:44:b4:b4:fd:fe:85:47:4d:d8:64:cd:53:73:bf:1c:
         e8:8f:c7:b4:7f:f4:91:96:bd:b3:10:d7:95:30:d6:ce:2f:50:
         82:92:bb:6a:5c:d2:81:85:2d:4f:cc:69:7b:64:42:b8:1c:e8:
         7f:d8:64:4e:78:b9:e4:ba:80:04:b2:5e:58:cc:31:e6:29:4e:
         0f:73:95:80:c1:24:98:5d:4d:d1:5d:65:45:a9:55:07:c1:09:
         9d:f1:85:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZafB/iWd68r9Cz/834kGGDOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzg1YTYxNjM5OGU0MTZjNzBkY2IzMjI1NjZmOTNlM2Qy
ZmJmMTMwHhcNMjUwNTA1MDYwMDIxWhcNMjUwNTA2MDYwMDIxWjAzMTEwLwYDVQQD
EygzNjE4M2Y0YjY5YzBjZTIxZTY1YzQ3NGMwM2IyMzMzMDllMjljMTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRsuEGr1yCG1NUBAJuhvi+I/HTWL
jVXswsYw0mpGzZJjJn5tJHuC2zikAeHgWsqRhhPmg+QZrQl6fFNEqiS/gCYEnvnJ
2l/78dKdTfL6rW37In9HFMAConuM9fKdh7CDuRNsD1yZAGILIcBrXofKTD+KFsEH
BIyk+g2AbQF3/ng02zN5c7D4Pd1SE0MZjz/ehMETzJYN74llA3QRhN8dY7e0XWxM
SfaXlkmLUWYmXNWL5znO7Huz4d4rItHh5RKl1iBsRprWhZD/fiQEvRrNlr8xJhep
zBofkpqHvL13mYrL4DhXYln5nV2yE2cJtPlxmUwOBZeOKUyEe9BqwA7/OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDYYP0tpwM4h5lxHTAOyMzCeKcF4MB8GA1UdIwQY
MBaAFP04WmFjmOQWxw3LMiVm+T49L78TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RoYVlXT1k1QmJIRGNzeUpXYjVQajB2dnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yNTdmZDctYTlmNy00Mjg0LWFjZjMt
MzQzMDRmNWNkYTk4LzEvX1RoYVlXT1k1QmJIRGNzeUpXYjVQajB2dnhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8yNTdmZDctYTlmNy00Mjg0LWFjZjMtMzQzMDRmNWNkYTk4
LzEvX1RoYVlXT1k1QmJIRGNzeUpXYjVQajB2dnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYU0ggI0q
t4288Co0fHvnKgy/t557t26VGddKcREDiJR8YRXDHM5FJErwhHMbV6JSWTNYE88C
ge1Bf716F6m9Ihk6BcPZlkN8u/Bp06YYyUWkKkLskDntt3d/XJDlPvQbp2P2+v1/
y7GpRaUmi7BPcrONiWIAfFDC3wbndWZdhS1gahhSwm1fiFbMYjpfTQfEINdCzbIM
2q3IB1+MtfUtrglqx36LRLS0/f6FR03YZM1Tc78c6I/HtH/0kZa9sxDXlTDWzi9Q
gpK7alzSgYUtT8xpe2RCuBzof9hkTni55LqABLJeWMwx5ilOD3OVgMEkmF1N0V1l
RalVB8EJnfGF2g==
-----END CERTIFICATE-----