Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.mft
File:                     9h0r7udUOkGpCKGgHs_AqHJqOuI.mft (raw, json)
Hash identifier:          HUW6//aDMRA9p1z3Q7CgJaSSgjPDN4bTCt+yUIff+aI=
Subject key identifier:   9F:B0:44:DF:56:65:72:6A:0A:89:5A:42:C9:E8:92:41:5A:D5:69:1F
Authority key identifier: F6:1D:2B:EE:E7:54:3A:41:A9:08:A1:A0:1E:CF:C0:A8:72:6A:3A:E2
Certificate issuer:       /CN=f61d2beee7543a41a908a1a01ecfc0a8726a3ae2
Certificate serial:       0196B1452819E8078AAB77E353A5C780BBBD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9h0r7udUOkGpCKGgHs_AqHJqOuI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.mft
Manifest number:          09CF
Signing time:             Thu 08 May 2025 19:00:21 +0000
Manifest this update:     Thu 08 May 2025 19:00:21 +0000
Manifest next update:     Fri 09 May 2025 19:00:21 +0000
Files and hashes:         1: 9h0r7udUOkGpCKGgHs_AqHJqOuI.crl (hash: lbdFc5N3c/qG31CJ58ogz9K5C9cdI6Na97t9vqOVz5U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9h0r7udUOkGpCKGgHs_AqHJqOuI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 15:42:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b1:45:28:19:e8:07:8a:ab:77:e3:53:a5:c7:80:bb:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f61d2beee7543a41a908a1a01ecfc0a8726a3ae2
        Validity
            Not Before: May  8 19:00:21 2025 GMT
            Not After : May  9 19:00:21 2025 GMT
        Subject: CN=9fb044df5665726a0a895a42c9e892415ad5691f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:2c:ca:3f:94:ad:b6:2e:2f:71:ed:74:51:3c:
                    b8:6d:f1:ef:e7:1a:a1:ca:9f:bf:f2:e4:53:94:e4:
                    7f:57:a5:30:1f:01:f9:c4:b3:7f:80:d3:05:c1:8d:
                    57:3b:0b:67:10:10:7a:f8:7a:65:c0:a1:d2:26:2d:
                    47:67:59:65:9a:68:c8:41:95:9e:8f:d0:3e:79:9b:
                    38:af:85:d2:2a:63:9b:f2:03:cd:68:d2:b0:84:d7:
                    89:f8:c0:f2:1c:30:a2:10:83:7a:e5:f5:00:18:19:
                    01:b0:ab:6f:58:c3:a5:95:e2:2e:bf:4b:92:4c:c4:
                    ea:97:d5:cb:ee:2a:c5:fe:a3:e3:5c:87:19:07:d6:
                    03:e1:a6:c4:96:e0:81:14:0c:64:2a:69:95:ea:e5:
                    31:9e:96:8b:9b:6f:06:ba:c8:70:ac:04:82:4c:c8:
                    dc:86:37:5e:9a:c0:23:7d:70:f0:9d:f9:e9:c3:c9:
                    2d:9b:c2:27:06:49:1c:21:06:39:36:26:ad:98:1b:
                    5e:4d:f8:95:c7:57:c0:c8:55:93:d2:04:77:8c:c7:
                    2f:1c:5b:5e:85:7e:0d:9f:82:d4:9c:21:6a:36:c4:
                    39:ac:bb:5e:27:6d:d9:44:d5:8d:2d:33:5e:6f:99:
                    c2:9b:19:e0:91:94:f7:15:4a:10:74:6d:de:b2:19:
                    ee:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:B0:44:DF:56:65:72:6A:0A:89:5A:42:C9:E8:92:41:5A:D5:69:1F
            X509v3 Authority Key Identifier:
                keyid:F6:1D:2B:EE:E7:54:3A:41:A9:08:A1:A0:1E:CF:C0:A8:72:6A:3A:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9h0r7udUOkGpCKGgHs_AqHJqOuI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:b0:24:ff:37:30:59:f4:4d:34:3a:36:5d:cb:72:ca:01:cc:
         2b:aa:21:e4:4b:97:40:d8:f6:9c:e2:03:49:de:bc:1c:44:ee:
         d7:90:7f:5e:cf:8f:a3:da:37:ac:2d:64:24:01:3b:06:e9:e4:
         16:f5:e3:c2:f9:3f:ca:b4:96:de:10:ff:4f:1e:d2:44:d1:af:
         34:76:29:83:fc:4b:40:6f:7a:5c:ea:71:03:75:47:49:4c:62:
         b5:00:c5:c3:db:22:c8:26:c7:ee:a7:1e:1f:61:f6:5c:28:2e:
         b5:14:f5:95:3c:46:72:a9:32:a5:4a:3c:62:2b:65:c8:29:ae:
         41:6f:0d:c4:d9:c2:bf:fd:26:2e:72:05:83:2e:c2:b0:a3:69:
         00:84:6d:b5:6c:55:92:54:d1:11:78:8f:cc:7d:b8:b6:1a:15:
         9b:1a:24:79:ea:9e:99:98:a3:bd:c0:e6:8a:d2:98:a6:6f:16:
         00:66:90:e1:ac:eb:bc:ac:cc:1c:d5:e8:e2:18:70:de:46:3b:
         44:1d:2a:95:10:bd:94:ac:86:68:21:2c:0f:ff:53:79:5b:fb:
         54:dc:9a:c1:85:55:41:12:37:66:05:68:7b:46:fd:d0:ab:8d:
         45:01:22:5b:55:65:02:9b:91:fb:7b:ce:b5:45:4f:41:47:33:
         09:8d:72:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaxRSgZ6AeKq3fjU6XHgLu9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MWQyYmVlZTc1NDNhNDFhOTA4YTFhMDFlY2ZjMGE4NzI2
YTNhZTIwHhcNMjUwNTA4MTkwMDIxWhcNMjUwNTA5MTkwMDIxWjAzMTEwLwYDVQQD
Eyg5ZmIwNDRkZjU2NjU3MjZhMGE4OTVhNDJjOWU4OTI0MTVhZDU2OTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yzKP5Stti4vce10UTy4bfHv5xqh
yp+/8uRTlOR/V6UwHwH5xLN/gNMFwY1XOwtnEBB6+HplwKHSJi1HZ1llmmjIQZWe
j9A+eZs4r4XSKmOb8gPNaNKwhNeJ+MDyHDCiEIN65fUAGBkBsKtvWMOlleIuv0uS
TMTql9XL7irF/qPjXIcZB9YD4abEluCBFAxkKmmV6uUxnpaLm28GushwrASCTMjc
hjdemsAjfXDwnfnpw8ktm8InBkkcIQY5NiatmBteTfiVx1fAyFWT0gR3jMcvHFte
hX4Nn4LUnCFqNsQ5rLteJ23ZRNWNLTNeb5nCmxngkZT3FUoQdG3eshnu/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ+wRN9WZXJqColaQsnokkFa1WkfMB8GA1UdIwQY
MBaAFPYdK+7nVDpBqQihoB7PwKhyajriMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWgwcjd1ZFVPa0dwQ0tHZ0hzX0FxSEpxT3VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8xZWRmMTAtZDNkZi00MGY1LWI0YTMt
YTczMWU5ZTFlNTMzLzEvOWgwcjd1ZFVPa0dwQ0tHZ0hzX0FxSEpxT3VJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8xZWRmMTAtZDNkZi00MGY1LWI0YTMtYTczMWU5ZTFlNTMz
LzEvOWgwcjd1ZFVPa0dwQ0tHZ0hzX0FxSEpxT3VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI7Ak/zcw
WfRNNDo2XctyygHMK6oh5EuXQNj2nOIDSd68HETu15B/Xs+Po9o3rC1kJAE7Bunk
FvXjwvk/yrSW3hD/Tx7SRNGvNHYpg/xLQG96XOpxA3VHSUxitQDFw9siyCbH7qce
H2H2XCgutRT1lTxGcqkypUo8YitlyCmuQW8NxNnCv/0mLnIFgy7CsKNpAIRttWxV
klTREXiPzH24thoVmxokeeqemZijvcDmitKYpm8WAGaQ4azrvKzMHNXo4hhw3kY7
RB0qlRC9lKyGaCEsD/9TeVv7VNyawYVVQRI3ZgVoe0b90KuNRQEiW1VlApuR+3vO
tUVPQUczCY1yTA==
-----END CERTIFICATE-----