Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft
File:                     soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft (raw, json)
Hash identifier:          KWTcA4pqc3oVWv98Z0Wfr4u4jiOqeXUpoZOoM1UnJ5M=
Subject key identifier:   BD:06:D3:F0:38:76:FD:D1:AD:41:01:89:3D:EC:A2:FE:BA:A4:0B:C9
Authority key identifier: B2:84:CD:F0:50:74:43:E1:6E:50:9D:57:A2:29:E9:14:F7:35:66:A4
Certificate issuer:       /CN=b284cdf0507443e16e509d57a229e914f73566a4
Certificate serial:       0196B1451B1313CC5BE6D9C815E92F1AEDF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft
Manifest number:          13D4
Signing time:             Thu 08 May 2025 19:00:18 +0000
Manifest this update:     Thu 08 May 2025 19:00:18 +0000
Manifest next update:     Fri 09 May 2025 19:00:18 +0000
Files and hashes:         1: soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.crl (hash: ktD7JD1/ZdI86NDdjLPRBkxFNS4hoEOXqYg5AlTcaUA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b1:45:1b:13:13:cc:5b:e6:d9:c8:15:e9:2f:1a:ed:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b284cdf0507443e16e509d57a229e914f73566a4
        Validity
            Not Before: May  8 19:00:18 2025 GMT
            Not After : May  9 19:00:18 2025 GMT
        Subject: CN=bd06d3f03876fdd1ad4101893deca2febaa40bc9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:ff:60:bf:89:1c:bc:4e:1f:5a:b6:50:fc:4b:
                    7a:1e:65:58:a9:58:5e:32:69:e4:16:de:ee:8a:4a:
                    10:fd:67:3e:d8:3f:20:d7:24:c6:d8:a5:7a:1d:17:
                    55:d6:f4:88:7b:80:bb:9b:20:55:76:df:70:09:ed:
                    36:f8:36:6e:8e:d7:23:2d:94:33:fe:77:b9:57:76:
                    75:79:6f:07:69:66:84:78:d6:c4:31:94:f8:1b:17:
                    19:0a:3e:20:20:f9:0b:a4:14:64:ff:20:cb:98:bc:
                    15:73:1a:f4:57:a8:b2:d9:4f:fc:bf:c7:c6:5c:0b:
                    4c:db:48:b7:45:61:63:c2:7d:95:19:e0:72:3b:a8:
                    fc:8f:7b:f7:a6:c4:69:5f:9c:c7:d7:ac:d1:9f:6d:
                    11:7f:84:cc:56:ff:ea:ce:aa:40:0d:91:4d:08:b1:
                    69:ce:79:66:48:72:7f:5d:85:df:9a:d7:00:42:5a:
                    fc:eb:96:1d:2d:ea:49:64:64:6a:82:5f:77:35:90:
                    de:08:aa:c3:50:2c:57:3e:e7:7a:ed:b2:a3:00:e0:
                    09:c2:18:0e:f4:9b:83:cd:be:ab:49:50:4f:d0:b8:
                    7a:a4:2a:39:84:a0:04:7c:4b:61:bf:5f:18:65:41:
                    f0:bd:63:8b:1a:b8:5f:71:f9:c1:71:fd:e9:0b:93:
                    19:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:06:D3:F0:38:76:FD:D1:AD:41:01:89:3D:EC:A2:FE:BA:A4:0B:C9
            X509v3 Authority Key Identifier:
                keyid:B2:84:CD:F0:50:74:43:E1:6E:50:9D:57:A2:29:E9:14:F7:35:66:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:0f:7d:3a:98:27:05:32:36:ae:c7:40:e8:fd:d6:04:e1:c9:
         86:51:62:53:b8:99:41:52:62:1e:01:35:2a:ad:bc:0b:40:25:
         a0:97:f5:f2:68:fa:72:7e:6d:1d:ae:5d:17:5a:88:af:f3:e5:
         21:5f:41:61:87:e8:63:d6:18:79:00:a7:5c:2d:c7:e4:35:1f:
         d6:aa:9f:9d:22:b4:e4:6a:89:9b:ee:7d:89:8e:62:2d:2a:11:
         f6:d1:9b:76:1a:a5:4b:be:94:0c:c6:3c:9f:9f:fe:be:b5:59:
         9a:7e:d6:d8:e0:28:f9:9c:f9:88:8d:53:a5:c9:e4:c9:e1:58:
         c5:f1:20:3c:c0:9c:4d:72:1d:e3:2b:89:aa:d5:b8:b2:e2:be:
         0e:be:19:32:68:f5:91:f7:d0:b8:66:ff:c3:de:45:e0:84:46:
         bf:95:9e:9c:f0:36:cc:bf:58:15:ac:c2:02:eb:92:c2:8b:95:
         c2:d5:9b:9c:31:10:c5:36:c0:dd:1b:23:c7:ab:23:44:e4:bd:
         f0:a4:1b:5f:c8:8c:7d:71:e9:f1:1c:22:58:91:d9:23:19:85:
         f5:5a:e9:90:b9:77:56:95:22:a3:68:18:fe:f6:07:3a:bf:c7:
         46:f2:90:8e:7e:59:b3:82:c0:40:fd:1e:71:c3:84:d7:ae:78:
         ea:75:cf:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaxRRsTE8xb5tnIFekvGu35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODRjZGYwNTA3NDQzZTE2ZTUwOWQ1N2EyMjllOTE0Zjcz
NTY2YTQwHhcNMjUwNTA4MTkwMDE4WhcNMjUwNTA5MTkwMDE4WjAzMTEwLwYDVQQD
EyhiZDA2ZDNmMDM4NzZmZGQxYWQ0MTAxODkzZGVjYTJmZWJhYTQwYmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmP9gv4kcvE4fWrZQ/Et6HmVYqVhe
MmnkFt7uikoQ/Wc+2D8g1yTG2KV6HRdV1vSIe4C7myBVdt9wCe02+DZujtcjLZQz
/ne5V3Z1eW8HaWaEeNbEMZT4GxcZCj4gIPkLpBRk/yDLmLwVcxr0V6iy2U/8v8fG
XAtM20i3RWFjwn2VGeByO6j8j3v3psRpX5zH16zRn20Rf4TMVv/qzqpADZFNCLFp
znlmSHJ/XYXfmtcAQlr865YdLepJZGRqgl93NZDeCKrDUCxXPud67bKjAOAJwhgO
9JuDzb6rSVBP0Lh6pCo5hKAEfEthv18YZUHwvWOLGrhfcfnBcf3pC5MZbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL0G0/A4dv3RrUEBiT3sov66pAvJMB8GA1UdIwQY
MBaAFLKEzfBQdEPhblCdV6Ip6RT3NWakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29UTjhGQjBRLUZ1VUoxWG9pbnBGUGMxWnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9hMzgyOGQtMGY1MS00ZGEwLTg0MzMt
ZGY1NmEyNDEwOThmLzEvc29UTjhGQjBRLUZ1VUoxWG9pbnBGUGMxWnFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9hMzgyOGQtMGY1MS00ZGEwLTg0MzMtZGY1NmEyNDEwOThm
LzEvc29UTjhGQjBRLUZ1VUoxWG9pbnBGUGMxWnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXA99Opgn
BTI2rsdA6P3WBOHJhlFiU7iZQVJiHgE1Kq28C0AloJf18mj6cn5tHa5dF1qIr/Pl
IV9BYYfoY9YYeQCnXC3H5DUf1qqfnSK05GqJm+59iY5iLSoR9tGbdhqlS76UDMY8
n5/+vrVZmn7W2OAo+Zz5iI1TpcnkyeFYxfEgPMCcTXId4yuJqtW4suK+Dr4ZMmj1
kffQuGb/w95F4IRGv5WenPA2zL9YFazCAuuSwouVwtWbnDEQxTbA3Rsjx6sjROS9
8KQbX8iMfXHp8RwiWJHZIxmF9VrpkLl3VpUio2gY/vYHOr/HRvKQjn5Zs4LAQP0e
ccOE16546nXPpw==
-----END CERTIFICATE-----