Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
File:                     q6N0OU_hCA1kohnX01pJRi6Omaw.mft (raw, json)
Hash identifier:          QNiJe7C3wboS/F4+Ka/PgrRcAxqDHq+TxS7oW4qDjQk=
Subject key identifier:   90:51:61:7D:3A:4D:C8:1E:E9:B7:8D:61:F6:A1:02:30:64:E9:FC:16
Authority key identifier: AB:A3:74:39:4F:E1:08:0D:64:A2:19:D7:D3:5A:49:46:2E:8E:99:AC
Certificate issuer:       /CN=aba374394fe1080d64a219d7d35a49462e8e99ac
Certificate serial:       0196A509EB5CDD37DFF9099B7F0E8867340A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
Manifest number:          0634
Signing time:             Tue 06 May 2025 10:00:12 +0000
Manifest this update:     Tue 06 May 2025 10:00:12 +0000
Manifest next update:     Wed 07 May 2025 10:00:12 +0000
Files and hashes:         1: q6N0OU_hCA1kohnX01pJRi6Omaw.crl (hash: 4sNcm0hlsxfaq57ENgmYhLaaPzxpNceNZT1pYs/Zvpg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 10:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a5:09:eb:5c:dd:37:df:f9:09:9b:7f:0e:88:67:34:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aba374394fe1080d64a219d7d35a49462e8e99ac
        Validity
            Not Before: May  6 10:00:12 2025 GMT
            Not After : May  7 10:00:12 2025 GMT
        Subject: CN=9051617d3a4dc81ee9b78d61f6a1023064e9fc16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:3d:fb:42:1d:99:2f:79:85:a2:6e:bd:53:c2:
                    b2:60:f0:04:bb:fc:71:ab:7d:76:07:b5:26:df:e9:
                    0e:b6:eb:30:fd:70:20:0c:c5:67:79:4c:7b:2d:cd:
                    c2:b3:3c:b0:be:dd:a6:19:d6:7e:aa:37:ec:7b:4f:
                    04:f0:83:ca:e8:ce:00:79:d5:f6:0b:c2:96:5c:64:
                    ec:7c:5c:ad:15:2a:f5:71:52:80:95:10:b5:fa:a8:
                    61:fd:07:1c:ca:e8:d8:24:3d:16:b9:34:3a:36:22:
                    7c:7e:f3:ce:20:ed:df:65:62:df:0e:3d:43:b5:60:
                    b3:5d:3b:51:db:84:29:d2:64:93:1e:1b:a5:a1:81:
                    b8:5b:5d:31:ec:ac:81:21:6b:95:2e:b8:d1:a4:05:
                    3a:5c:78:31:d0:3b:e9:21:ba:ce:6e:a4:5e:d3:a9:
                    48:c4:9a:09:7a:a5:f4:ae:0d:c7:f8:11:bd:78:4c:
                    ba:0d:eb:06:3e:35:9a:27:15:bf:57:b7:fe:df:c7:
                    33:77:fb:13:d7:eb:c0:a5:b0:24:30:1f:34:cb:fd:
                    64:07:2e:c4:9d:ed:15:e0:90:5b:5f:cf:03:ff:ec:
                    41:e0:83:cd:de:eb:21:52:ff:84:e0:98:f9:99:f6:
                    f2:18:28:fe:30:ff:93:71:f6:e6:ab:2b:d6:93:6f:
                    15:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:51:61:7D:3A:4D:C8:1E:E9:B7:8D:61:F6:A1:02:30:64:E9:FC:16
            X509v3 Authority Key Identifier:
                keyid:AB:A3:74:39:4F:E1:08:0D:64:A2:19:D7:D3:5A:49:46:2E:8E:99:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:9f:5a:be:7b:62:3e:89:3c:c9:7b:9f:93:59:82:9e:85:f6:
         0d:95:4c:f7:1d:bf:cb:b6:c4:6a:ca:04:53:f4:ba:58:74:f5:
         e4:ab:e4:fb:9e:3c:2f:13:fb:b8:5f:02:62:b4:86:83:ba:6d:
         79:2f:23:df:05:e4:44:7c:39:36:77:69:1e:8a:99:6d:08:59:
         67:eb:5a:77:49:2f:49:59:40:76:56:df:15:73:b2:19:80:2c:
         63:2d:76:3f:87:09:84:8f:e4:46:e6:4f:27:16:25:5f:80:67:
         45:b8:34:f1:5b:dc:d5:df:93:76:b0:95:18:f6:64:a8:a9:35:
         7d:45:06:9b:c3:f9:72:0f:ee:04:7b:a8:07:76:32:a7:8c:07:
         e1:9f:63:d0:01:d0:79:94:ba:f9:58:4a:0a:60:b6:17:f1:c1:
         6a:5a:ed:aa:35:13:ac:56:2c:e5:5d:f1:63:c0:63:bc:d3:a7:
         ad:de:0f:8c:b1:99:69:07:d3:fa:bd:45:2c:9a:6d:c6:67:00:
         b0:07:17:50:60:a0:01:b0:f8:4e:49:e9:be:3c:7c:a6:14:30:
         db:2d:3e:aa:db:38:d2:47:72:cd:76:ad:3a:70:3b:d6:da:eb:
         01:0d:aa:07:dd:64:2f:eb:98:dd:30:32:61:b9:39:31:83:11:
         01:78:e8:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZalCetc3Tff+Qmbfw6IZzQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYTM3NDM5NGZlMTA4MGQ2NGEyMTlkN2QzNWE0OTQ2MmU4
ZTk5YWMwHhcNMjUwNTA2MTAwMDEyWhcNMjUwNTA3MTAwMDEyWjAzMTEwLwYDVQQD
Eyg5MDUxNjE3ZDNhNGRjODFlZTliNzhkNjFmNmExMDIzMDY0ZTlmYzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2T37Qh2ZL3mFom69U8KyYPAEu/xx
q312B7Um3+kOtusw/XAgDMVneUx7Lc3Cszywvt2mGdZ+qjfse08E8IPK6M4AedX2
C8KWXGTsfFytFSr1cVKAlRC1+qhh/QccyujYJD0WuTQ6NiJ8fvPOIO3fZWLfDj1D
tWCzXTtR24Qp0mSTHhuloYG4W10x7KyBIWuVLrjRpAU6XHgx0DvpIbrObqRe06lI
xJoJeqX0rg3H+BG9eEy6DesGPjWaJxW/V7f+38czd/sT1+vApbAkMB80y/1kBy7E
ne0V4JBbX88D/+xB4IPN3ushUv+E4Jj5mfbyGCj+MP+TcfbmqyvWk28VOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJBRYX06Tcge6beNYfahAjBk6fwWMB8GA1UdIwQY
MBaAFKujdDlP4QgNZKIZ19NaSUYujpmsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84MTA0YzAtYmU2Mi00MDE3LTkxY2Yt
MjJjODdkZmY4ZDQxLzEvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84MTA0YzAtYmU2Mi00MDE3LTkxY2YtMjJjODdkZmY4ZDQx
LzEvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS59avnti
Pok8yXufk1mCnoX2DZVM9x2/y7bEasoEU/S6WHT15Kvk+548LxP7uF8CYrSGg7pt
eS8j3wXkRHw5NndpHoqZbQhZZ+tad0kvSVlAdlbfFXOyGYAsYy12P4cJhI/kRuZP
JxYlX4BnRbg08Vvc1d+TdrCVGPZkqKk1fUUGm8P5cg/uBHuoB3Yyp4wH4Z9j0AHQ
eZS6+VhKCmC2F/HBalrtqjUTrFYs5V3xY8BjvNOnrd4PjLGZaQfT+r1FLJptxmcA
sAcXUGCgAbD4Tknpvjx8phQw2y0+qts40kdyzXatOnA71trrAQ2qB91kL+uY3TAy
Ybk5MYMRAXjoxA==
-----END CERTIFICATE-----