Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
File:                     urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft (raw, json)
Hash identifier:          Zl18Aslte8Ps4mSm8iTCPZKXgxW89ofBpcMWuHDrciE=
Subject key identifier:   FF:0F:F8:B2:98:E8:B6:63:F1:F0:02:48:9F:BE:2B:3A:E9:00:E8:1A
Authority key identifier: BA:B9:BB:C2:4E:9A:C3:D9:EC:7E:10:BF:95:74:7D:AB:5C:45:DD:2B
Certificate issuer:       /CN=bab9bbc24e9ac3d9ec7e10bf95747dab5c45dd2b
Certificate serial:       0196AC1F288E636AE05E047CDBC3988D98C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
Manifest number:          0A48
Signing time:             Wed 07 May 2025 19:00:45 +0000
Manifest this update:     Wed 07 May 2025 19:00:45 +0000
Manifest next update:     Thu 08 May 2025 19:00:45 +0000
Files and hashes:         1: urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl (hash: ooj8TQvGHztpSslRJvGy/EvOIycOfrYJbnaIwRKIL48=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 19:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ac:1f:28:8e:63:6a:e0:5e:04:7c:db:c3:98:8d:98:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bab9bbc24e9ac3d9ec7e10bf95747dab5c45dd2b
        Validity
            Not Before: May  7 19:00:45 2025 GMT
            Not After : May  8 19:00:45 2025 GMT
        Subject: CN=ff0ff8b298e8b663f1f002489fbe2b3ae900e81a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:73:eb:d0:78:21:0b:9e:d1:7e:0f:bb:59:f4:
                    57:f6:07:81:72:48:56:45:a9:7f:b8:ca:36:f9:3b:
                    52:1e:d8:23:89:21:a5:59:f5:81:42:2a:af:c7:6c:
                    99:33:b6:2e:2c:30:a4:8c:27:94:56:06:b4:36:12:
                    57:9c:51:9f:44:ff:c9:9e:e6:e8:29:69:19:19:92:
                    02:af:ec:67:72:47:b5:29:69:a3:28:51:5b:a5:4f:
                    19:17:77:05:6e:fc:88:89:4d:84:7b:35:7a:b5:2c:
                    61:0e:ee:bc:9a:87:f3:49:0b:ca:fb:57:78:3b:fa:
                    a6:0c:63:de:d1:18:77:4a:b3:b6:d9:00:ac:81:77:
                    a7:56:f2:3b:cd:3c:2f:43:a4:f3:34:8a:e1:1b:46:
                    e0:77:31:26:b2:1e:0a:31:de:7d:14:b2:84:aa:7d:
                    50:cc:be:0d:32:ad:39:3d:6d:e4:e7:26:51:4d:44:
                    c7:35:d2:12:20:62:a3:e2:53:72:49:f6:59:e6:7b:
                    3a:02:59:aa:f0:a6:86:7b:5c:9d:51:dd:31:4a:2b:
                    f5:75:70:4f:d6:a3:6b:7c:1f:20:72:45:cf:79:bf:
                    9e:33:1d:3f:64:a7:9e:05:e1:a9:c3:c0:79:5d:07:
                    6c:ac:24:3a:bd:8c:f7:2d:90:23:72:9b:6b:57:c7:
                    32:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:0F:F8:B2:98:E8:B6:63:F1:F0:02:48:9F:BE:2B:3A:E9:00:E8:1A
            X509v3 Authority Key Identifier:
                keyid:BA:B9:BB:C2:4E:9A:C3:D9:EC:7E:10:BF:95:74:7D:AB:5C:45:DD:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:8c:34:9c:1e:36:76:56:a3:4e:0d:d4:f4:e4:b4:ab:67:ee:
         05:ca:36:69:dc:5c:99:76:87:9b:b9:91:5d:82:3d:5b:05:0a:
         f3:81:7a:04:8b:1d:f6:d1:6a:65:22:08:41:e4:ea:8d:27:08:
         41:14:37:5d:28:04:20:73:b7:2c:31:c6:86:fe:0e:bd:68:ee:
         5e:63:62:da:1b:5e:d5:a2:b6:27:05:59:ed:f1:d8:c9:28:fe:
         0b:96:fa:18:a6:b9:2b:54:39:08:a0:34:4e:ad:50:50:3c:52:
         d5:22:4a:6e:db:32:8e:59:de:11:91:87:80:22:7e:b5:ab:01:
         65:82:4f:d7:1b:86:a7:e6:ae:b1:de:6a:d0:97:e4:bb:8e:12:
         38:d3:14:41:5d:f7:b4:f6:d2:e9:f2:f0:11:6c:da:e5:fb:cd:
         7a:a1:0d:7e:27:8a:f6:95:21:97:a0:12:47:ef:95:54:d4:b5:
         5a:9e:fe:72:03:36:4e:97:8d:56:d4:2b:a7:c7:59:b3:cc:46:
         b8:0b:30:12:e8:32:ab:f8:ea:da:c5:bd:84:f7:04:ad:3d:70:
         80:30:9e:d3:a1:7e:d1:c4:7e:43:12:42:c7:07:c2:18:5a:45:
         2d:2b:f8:08:e2:79:15:05:de:dd:e6:1c:92:3c:0c:b6:6b:40:
         6c:59:48:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZasHyiOY2rgXgR828OYjZjJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjliYmMyNGU5YWMzZDllYzdlMTBiZjk1NzQ3ZGFiNWM0
NWRkMmIwHhcNMjUwNTA3MTkwMDQ1WhcNMjUwNTA4MTkwMDQ1WjAzMTEwLwYDVQQD
EyhmZjBmZjhiMjk4ZThiNjYzZjFmMDAyNDg5ZmJlMmIzYWU5MDBlODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHPr0HghC57Rfg+7WfRX9geBckhW
Ral/uMo2+TtSHtgjiSGlWfWBQiqvx2yZM7YuLDCkjCeUVga0NhJXnFGfRP/Jnubo
KWkZGZICr+xncke1KWmjKFFbpU8ZF3cFbvyIiU2EezV6tSxhDu68mofzSQvK+1d4
O/qmDGPe0Rh3SrO22QCsgXenVvI7zTwvQ6TzNIrhG0bgdzEmsh4KMd59FLKEqn1Q
zL4NMq05PW3k5yZRTUTHNdISIGKj4lNySfZZ5ns6Almq8KaGe1ydUd0xSiv1dXBP
1qNrfB8gckXPeb+eMx0/ZKeeBeGpw8B5XQdsrCQ6vYz3LZAjcptrV8cyqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP8P+LKY6LZj8fACSJ++KzrpAOgaMB8GA1UdIwQY
MBaAFLq5u8JOmsPZ7H4Qv5V0fatcRd0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yODI5ZmEtYzBhMi00YTc4LTkyNjIt
MmViYzY0NDhmNjAyLzEvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yODI5ZmEtYzBhMi00YTc4LTkyNjItMmViYzY0NDhmNjAy
LzEvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXYw0nB42
dlajTg3U9OS0q2fuBco2adxcmXaHm7mRXYI9WwUK84F6BIsd9tFqZSIIQeTqjScI
QRQ3XSgEIHO3LDHGhv4OvWjuXmNi2hte1aK2JwVZ7fHYySj+C5b6GKa5K1Q5CKA0
Tq1QUDxS1SJKbtsyjlneEZGHgCJ+tasBZYJP1xuGp+ausd5q0Jfku44SONMUQV33
tPbS6fLwEWza5fvNeqENfieK9pUhl6ASR++VVNS1Wp7+cgM2TpeNVtQrp8dZs8xG
uAswEugyq/jq2sW9hPcErT1wgDCe06F+0cR+QxJCxwfCGFpFLSv4COJ5FQXe3eYc
kjwMtmtAbFlIXA==
-----END CERTIFICATE-----