Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft
File:                     qYI63d9sNfBbfByuB5BL_58vass.mft (raw, json)
Hash identifier:          oImFNl3OiLMfzw7C25WgrBfHb9jeL6iTTrr9vlBBMIk=
Subject key identifier:   57:AC:F4:BF:65:C0:EF:DF:2D:C1:55:2C:46:1C:01:F2:2F:58:16:1E
Authority key identifier: A9:82:3A:DD:DF:6C:35:F0:5B:7C:1C:AE:07:90:4B:FF:9F:2F:6A:CB
Certificate issuer:       /CN=a9823adddf6c35f05b7c1cae07904bff9f2f6acb
Certificate serial:       0196A4D38693F3D8FACD116C7BA3DF6F3F77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qYI63d9sNfBbfByuB5BL_58vass.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft
Manifest number:          099D
Signing time:             Tue 06 May 2025 09:00:48 +0000
Manifest this update:     Tue 06 May 2025 09:00:48 +0000
Manifest next update:     Wed 07 May 2025 09:00:48 +0000
Files and hashes:         1: qYI63d9sNfBbfByuB5BL_58vass.crl (hash: StLyrp0/oDxXqhVDK5hMd3wNTJHV4KHTgzm0NMdCP8Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qYI63d9sNfBbfByuB5BL_58vass.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 09:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a4:d3:86:93:f3:d8:fa:cd:11:6c:7b:a3:df:6f:3f:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9823adddf6c35f05b7c1cae07904bff9f2f6acb
        Validity
            Not Before: May  6 09:00:48 2025 GMT
            Not After : May  7 09:00:48 2025 GMT
        Subject: CN=57acf4bf65c0efdf2dc1552c461c01f22f58161e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:f3:0b:c1:ec:ce:f8:9e:6b:38:de:e7:69:fc:
                    b1:f9:ed:c2:56:22:75:17:53:08:d7:2f:08:2f:c3:
                    a9:ac:0d:bb:f0:b9:ba:2d:26:57:a4:96:67:ee:4c:
                    58:63:70:bf:78:14:e8:a1:c8:ea:df:a7:41:d8:7b:
                    62:3f:55:e0:84:3c:fb:ac:0d:9a:87:39:03:46:e7:
                    5c:2c:f6:a4:92:06:8a:6f:75:9f:dd:ea:8f:19:ee:
                    3a:15:f6:b7:b1:63:0c:26:21:79:4b:fb:d3:2f:d5:
                    87:75:15:7f:c4:9e:2f:2d:74:7e:1a:9b:82:8a:aa:
                    ea:9e:bb:4d:62:9a:8b:4a:23:60:94:b4:62:18:77:
                    6f:c1:25:af:57:d6:19:60:95:50:eb:2c:15:c6:33:
                    49:48:64:c8:a8:84:3e:cf:7b:f4:d0:e6:9b:11:fa:
                    c0:79:4b:f2:2d:1a:fc:be:28:60:f6:bc:89:77:cd:
                    38:21:52:f7:aa:d5:8f:d3:86:e3:67:a5:a6:58:72:
                    83:ee:8a:38:17:22:ec:7a:ae:15:ba:42:c5:c2:12:
                    c5:08:01:27:46:51:b2:e2:8f:c1:be:e5:83:c7:2d:
                    1f:40:d4:d0:6f:c5:2a:cf:e2:47:e5:83:79:0b:ab:
                    0c:44:55:47:80:68:24:b5:e1:59:ce:af:fb:8a:f7:
                    55:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:AC:F4:BF:65:C0:EF:DF:2D:C1:55:2C:46:1C:01:F2:2F:58:16:1E
            X509v3 Authority Key Identifier:
                keyid:A9:82:3A:DD:DF:6C:35:F0:5B:7C:1C:AE:07:90:4B:FF:9F:2F:6A:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYI63d9sNfBbfByuB5BL_58vass.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:47:57:aa:c8:77:ba:05:c8:c0:99:80:64:b7:0b:d4:3e:4b:
         ec:f2:ce:aa:1b:b3:08:11:5e:72:b0:14:d1:73:2d:08:d9:d7:
         3a:6a:b7:5b:b9:85:6b:72:37:f2:d6:4b:95:77:2b:61:67:8f:
         04:a9:ea:a5:f4:f8:ad:c7:98:0a:8e:89:f0:6b:db:d1:4a:f9:
         ae:9f:b5:df:d0:02:fe:5a:30:1a:fd:6a:9a:27:2f:f3:c7:a9:
         c1:9c:20:21:13:ce:c2:01:78:67:4e:95:41:0f:91:9f:ac:06:
         47:15:72:0a:8d:ed:5a:f3:5f:d1:51:0e:47:47:20:ea:20:f6:
         4e:8c:45:77:2a:06:53:bc:ba:81:60:69:09:56:e6:16:5e:9b:
         6b:e1:dd:f9:b2:86:c2:a8:5c:76:8c:d6:7c:38:63:b0:cc:08:
         45:21:2c:43:e1:78:16:b9:65:cf:b6:91:46:e0:56:d6:56:46:
         43:95:1b:87:92:8f:56:2b:15:5c:f5:3d:42:86:e0:d4:bb:38:
         63:5a:b2:c6:84:96:86:fb:01:b0:32:b5:f5:8c:c2:60:9c:a1:
         c2:aa:ee:5b:5f:d7:f7:2f:df:89:f5:9d:16:c9:c7:0d:33:0a:
         55:56:21:f1:ab:2f:1a:86:3b:75:d9:2b:0e:45:29:87:e2:75:
         78:7f:ca:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZak04aT89j6zRFse6Pfbz93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODIzYWRkZGY2YzM1ZjA1YjdjMWNhZTA3OTA0YmZmOWYy
ZjZhY2IwHhcNMjUwNTA2MDkwMDQ4WhcNMjUwNTA3MDkwMDQ4WjAzMTEwLwYDVQQD
Eyg1N2FjZjRiZjY1YzBlZmRmMmRjMTU1MmM0NjFjMDFmMjJmNTgxNjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6PMLwezO+J5rON7nafyx+e3CViJ1
F1MI1y8IL8OprA278Lm6LSZXpJZn7kxYY3C/eBToocjq36dB2HtiP1XghDz7rA2a
hzkDRudcLPakkgaKb3Wf3eqPGe46Ffa3sWMMJiF5S/vTL9WHdRV/xJ4vLXR+GpuC
iqrqnrtNYpqLSiNglLRiGHdvwSWvV9YZYJVQ6ywVxjNJSGTIqIQ+z3v00OabEfrA
eUvyLRr8vihg9ryJd804IVL3qtWP04bjZ6WmWHKD7oo4FyLseq4VukLFwhLFCAEn
RlGy4o/BvuWDxy0fQNTQb8Uqz+JH5YN5C6sMRFVHgGgkteFZzq/7ivdVcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFes9L9lwO/fLcFVLEYcAfIvWBYeMB8GA1UdIwQY
MBaAFKmCOt3fbDXwW3wcrgeQS/+fL2rLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlJNjNkOXNOZkJiZkJ5dUI1QkxfNTh2YXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zNGZkMDgtY2U3Ni00YmMzLTg3YzAt
MzZkNGQ3ZjA3YzhhLzEvcVlJNjNkOXNOZkJiZkJ5dUI1QkxfNTh2YXNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8zNGZkMDgtY2U3Ni00YmMzLTg3YzAtMzZkNGQ3ZjA3Yzhh
LzEvcVlJNjNkOXNOZkJiZkJ5dUI1QkxfNTh2YXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOkdXqsh3
ugXIwJmAZLcL1D5L7PLOqhuzCBFecrAU0XMtCNnXOmq3W7mFa3I38tZLlXcrYWeP
BKnqpfT4rceYCo6J8Gvb0Ur5rp+139AC/lowGv1qmicv88epwZwgIRPOwgF4Z06V
QQ+Rn6wGRxVyCo3tWvNf0VEOR0cg6iD2ToxFdyoGU7y6gWBpCVbmFl6ba+Hd+bKG
wqhcdozWfDhjsMwIRSEsQ+F4Frllz7aRRuBW1lZGQ5Ubh5KPVisVXPU9Qobg1Ls4
Y1qyxoSWhvsBsDK19YzCYJyhwqruW1/X9y/fifWdFsnHDTMKVVYh8asvGoY7ddkr
DkUph+J1eH/Kfg==
-----END CERTIFICATE-----