Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
File:                     249r9UNKqjLT5fETsAxbsUAvZ_Y.mft (raw, json)
Hash identifier:          OQb45ejmO4Qf+dmLpSryneGA7JhOy2h6YcKBqhMa2mY=
Subject key identifier:   A1:BA:19:9B:98:F7:3E:34:37:B7:0F:C1:76:A9:9C:C5:14:85:87:51
Authority key identifier: DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6
Certificate issuer:       /CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
Certificate serial:       0196BAED9F7F11FC5FD04593E55F8A43CAC4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
Manifest number:          0627
Signing time:             Sat 10 May 2025 16:00:57 +0000
Manifest this update:     Sat 10 May 2025 16:00:57 +0000
Manifest next update:     Sun 11 May 2025 16:00:57 +0000
Files and hashes:         1: 249r9UNKqjLT5fETsAxbsUAvZ_Y.crl (hash: 9Sm37RluLCHBDyrm3kMXuzCL1BLvpN+NpkurtI0zM1I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 16:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ba:ed:9f:7f:11:fc:5f:d0:45:93:e5:5f:8a:43:ca:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
        Validity
            Not Before: May 10 16:00:57 2025 GMT
            Not After : May 11 16:00:57 2025 GMT
        Subject: CN=a1ba199b98f73e3437b70fc176a99cc514858751
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:ac:98:37:20:a7:36:12:fb:21:81:ac:d6:d2:
                    f4:80:49:29:4e:13:39:19:43:90:23:06:4d:9b:36:
                    dd:8f:b6:8b:62:0a:e9:25:ab:6b:f2:f2:39:9c:af:
                    2b:9d:bf:ad:a7:f6:fd:87:a0:ce:02:95:04:25:71:
                    27:f0:f0:86:24:ed:dd:a3:95:2c:be:5a:3f:1b:8f:
                    a9:6e:9d:9f:f7:ba:7c:b8:4b:f9:fd:0d:d0:af:81:
                    77:f2:ed:c5:06:78:7f:10:90:5f:2c:e6:00:ac:8a:
                    b7:a0:81:66:cd:f4:4b:79:72:c4:ae:07:a5:92:c9:
                    8a:01:38:7c:9a:cd:18:9d:d2:39:b4:2b:55:85:95:
                    0f:96:51:b0:3c:f2:fb:66:b8:5e:1a:04:84:b8:2b:
                    95:7d:de:06:f7:af:89:cc:d3:19:66:bb:a9:a9:24:
                    6f:7a:4f:2d:83:ca:dd:b6:61:12:fd:97:67:9d:db:
                    37:13:3e:68:99:ff:58:b0:4d:6e:55:8e:c3:35:b1:
                    61:c0:31:bd:f9:9e:8e:05:06:a2:9c:39:34:be:7e:
                    f2:1a:d9:81:f3:d0:a3:19:3b:56:2e:83:58:38:95:
                    05:57:39:a9:ea:85:b8:6d:f1:e6:47:85:b2:a8:04:
                    b7:7b:17:4e:e4:97:44:4a:0f:23:65:b2:ed:3b:09:
                    c6:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:BA:19:9B:98:F7:3E:34:37:B7:0F:C1:76:A9:9C:C5:14:85:87:51
            X509v3 Authority Key Identifier:
                keyid:DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:af:85:ce:c2:c7:44:b4:da:32:18:85:5e:ee:c7:2a:8d:33:
         18:07:be:92:2e:58:8e:c6:d8:96:dc:41:fd:69:96:94:78:73:
         c4:f7:e8:47:69:05:6f:0f:da:d2:97:da:4d:85:8b:47:f8:fd:
         8e:14:85:63:a2:26:64:81:56:c6:f2:3d:1d:be:80:d0:a9:42:
         3a:1b:da:b1:ad:eb:1d:57:d6:09:80:26:b8:64:e2:47:af:b8:
         b0:53:64:55:0b:c3:43:6e:5f:7f:d8:f4:0c:96:2b:50:76:18:
         fd:9a:92:db:24:e3:71:af:3e:d5:fc:dd:6c:b0:0d:0e:4d:92:
         a9:82:37:30:15:db:45:e5:e9:0c:35:d7:6d:7e:43:27:59:c1:
         3c:db:3d:15:16:09:e8:6b:2a:a0:4d:f3:e4:32:fb:6b:3c:ee:
         dc:a8:ea:a5:26:1d:95:cc:73:8f:92:e6:a1:75:c8:d7:6b:0d:
         ac:2c:23:dd:4a:8b:98:34:66:19:6f:5e:63:e8:60:7e:d4:34:
         24:cb:25:ff:6c:11:3f:58:97:cc:74:68:cf:5d:89:46:01:f4:
         7b:cc:7d:76:e9:a3:42:f9:a2:1d:5c:db:5f:45:c0:ec:a1:fb:
         ef:69:8a:98:56:f4:62:78:3c:4f:11:c3:ce:ed:28:a1:99:e4:
         b8:2b:70:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa67Z9/Efxf0EWT5V+KQ8rEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOGY2YmY1NDM0YWFhMzJkM2U1ZjExM2IwMGM1YmIxNDAy
ZjY3ZjYwHhcNMjUwNTEwMTYwMDU3WhcNMjUwNTExMTYwMDU3WjAzMTEwLwYDVQQD
EyhhMWJhMTk5Yjk4ZjczZTM0MzdiNzBmYzE3NmE5OWNjNTE0ODU4NzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqyYNyCnNhL7IYGs1tL0gEkpThM5
GUOQIwZNmzbdj7aLYgrpJatr8vI5nK8rnb+tp/b9h6DOApUEJXEn8PCGJO3do5Us
vlo/G4+pbp2f97p8uEv5/Q3Qr4F38u3FBnh/EJBfLOYArIq3oIFmzfRLeXLErgel
ksmKATh8ms0YndI5tCtVhZUPllGwPPL7ZrheGgSEuCuVfd4G96+JzNMZZrupqSRv
ek8tg8rdtmES/Zdnnds3Ez5omf9YsE1uVY7DNbFhwDG9+Z6OBQainDk0vn7yGtmB
89CjGTtWLoNYOJUFVzmp6oW4bfHmR4WyqAS3exdO5JdESg8jZbLtOwnGxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKG6GZuY9z40N7cPwXapnMUUhYdRMB8GA1UdIwQY
MBaAFNuPa/VDSqoy0+XxE7AMW7FAL2f2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEt
ZDk3OTY3OTRjNjFjLzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEtZDk3OTY3OTRjNjFj
LzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUq+FzsLH
RLTaMhiFXu7HKo0zGAe+ki5YjsbYltxB/WmWlHhzxPfoR2kFbw/a0pfaTYWLR/j9
jhSFY6ImZIFWxvI9Hb6A0KlCOhvasa3rHVfWCYAmuGTiR6+4sFNkVQvDQ25ff9j0
DJYrUHYY/ZqS2yTjca8+1fzdbLANDk2SqYI3MBXbReXpDDXXbX5DJ1nBPNs9FRYJ
6GsqoE3z5DL7azzu3KjqpSYdlcxzj5LmoXXI12sNrCwj3UqLmDRmGW9eY+hgftQ0
JMsl/2wRP1iXzHRoz12JRgH0e8x9dumjQvmiHVzbX0XA7KH772mKmFb0Yng8TxHD
zu0ooZnkuCtwTQ==
-----END CERTIFICATE-----