Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft
File:                     ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft (raw, json)
Hash identifier:          9qqh9bSIYT3+/a1sAutrbct6oZ9dVFD1hNlML89114E=
Subject key identifier:   A7:CA:14:04:5D:DD:DD:FB:6C:F1:40:C9:88:FC:F0:38:66:48:43:67
Authority key identifier: 72:20:2E:64:5F:72:CD:70:AA:81:43:B7:3B:CC:0D:DD:93:BF:E9:1A
Certificate issuer:       /CN=72202e645f72cd70aa8143b73bcc0ddd93bfe91a
Certificate serial:       0196C3147FF9E197E212198934A3AEFD8183
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft
Manifest number:          0286
Signing time:             Mon 12 May 2025 06:00:22 +0000
Manifest this update:     Mon 12 May 2025 06:00:22 +0000
Manifest next update:     Tue 13 May 2025 06:00:22 +0000
Files and hashes:         1: ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl (hash: qd+rnGpg/YMiM+keFOt0sbVpO6ow0VFxLNoa6PWPERw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 06:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:14:7f:f9:e1:97:e2:12:19:89:34:a3:ae:fd:81:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72202e645f72cd70aa8143b73bcc0ddd93bfe91a
        Validity
            Not Before: May 12 06:00:22 2025 GMT
            Not After : May 13 06:00:22 2025 GMT
        Subject: CN=a7ca14045dddddfb6cf140c988fcf03866484367
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:91:e5:5c:81:9f:3f:a0:77:70:65:51:78:72:
                    c8:b5:ca:55:5f:a5:e4:af:b1:b3:6a:cb:e4:a7:c7:
                    0d:77:07:a5:53:1f:83:b0:05:cf:08:b9:06:c4:18:
                    64:8e:2f:7f:fe:68:08:c3:10:ee:8f:49:91:f6:3e:
                    a1:37:7e:61:d4:cd:52:47:81:76:cc:de:b9:8a:9f:
                    37:28:a8:3c:d9:cb:2f:36:c1:44:4f:05:b6:66:a2:
                    8c:68:17:a1:45:37:6d:f4:b6:e0:ae:27:10:f9:ee:
                    40:59:33:1c:81:a6:fd:08:ad:f5:f9:53:84:2f:8a:
                    d6:86:a6:68:25:91:ac:93:54:03:d1:53:e7:39:18:
                    d1:e3:5b:26:f0:19:03:f2:2a:37:18:63:c7:7c:8e:
                    02:e6:73:51:2f:10:08:53:4a:69:30:eb:34:48:32:
                    5f:7b:fb:3d:c6:71:c9:e5:f0:47:43:2a:7e:4f:bb:
                    ac:82:3b:91:da:10:75:eb:f3:ec:49:f6:f0:09:e5:
                    16:8a:ba:55:ee:e7:3b:f4:d4:9b:f5:92:ec:01:8b:
                    61:7f:c6:01:9b:bf:be:6e:03:e3:f7:49:d0:dd:37:
                    8c:e4:6d:5b:05:09:b8:7c:20:39:fd:40:0c:37:f0:
                    7a:1e:2d:0c:2a:15:1c:59:1b:7c:f8:98:b8:9d:47:
                    4a:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:CA:14:04:5D:DD:DD:FB:6C:F1:40:C9:88:FC:F0:38:66:48:43:67
            X509v3 Authority Key Identifier:
                keyid:72:20:2E:64:5F:72:CD:70:AA:81:43:B7:3B:CC:0D:DD:93:BF:E9:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:a0:e6:3d:d1:76:da:7c:52:20:53:5d:ab:5c:42:67:ae:d3:
         07:d6:56:f9:8c:96:a7:ad:1a:fe:eb:3f:3a:85:b0:82:aa:fb:
         ae:29:61:2b:24:ea:a6:db:e6:11:0f:73:a4:c9:ab:37:f3:52:
         b2:c7:2a:76:41:75:7e:70:ec:f2:4a:b4:d8:06:33:80:3a:20:
         4a:e4:21:e4:73:3f:18:4e:b1:27:0c:65:32:80:96:25:c8:54:
         69:de:19:a8:d7:fa:dd:67:b1:64:68:07:36:54:9b:6e:2f:da:
         b1:6c:f1:ca:21:e7:15:14:c1:5e:34:4e:70:57:ec:98:fc:23:
         09:8f:e6:4c:af:c8:79:b2:33:8a:63:1a:92:af:3f:37:3c:0d:
         80:b3:5f:56:a6:50:af:98:c4:d0:8d:a1:85:a7:e8:53:e6:2c:
         82:4e:1d:3f:58:8f:f2:01:ba:0a:82:6e:1f:6c:72:10:d0:99:
         3b:62:08:39:ce:c0:0c:84:a9:3d:16:42:ba:31:b7:3c:a5:53:
         94:a8:e8:ee:57:83:9c:b4:d3:c2:e5:c7:e0:00:09:4b:4a:75:
         15:12:97:81:c2:bd:a6:7b:36:72:04:6e:71:fa:8b:f3:36:38:
         ff:b9:4a:08:a3:93:8b:24:33:e5:64:2d:5a:b0:d0:e3:ad:e8:
         6d:5d:8b:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDFH/54ZfiEhmJNKOu/YGDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjAyZTY0NWY3MmNkNzBhYTgxNDNiNzNiY2MwZGRkOTNi
ZmU5MWEwHhcNMjUwNTEyMDYwMDIyWhcNMjUwNTEzMDYwMDIyWjAzMTEwLwYDVQQD
EyhhN2NhMTQwNDVkZGRkZGZiNmNmMTQwYzk4OGZjZjAzODY2NDg0MzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5HlXIGfP6B3cGVReHLItcpVX6Xk
r7Gzasvkp8cNdwelUx+DsAXPCLkGxBhkji9//mgIwxDuj0mR9j6hN35h1M1SR4F2
zN65ip83KKg82csvNsFETwW2ZqKMaBehRTdt9LbgricQ+e5AWTMcgab9CK31+VOE
L4rWhqZoJZGsk1QD0VPnORjR41sm8BkD8io3GGPHfI4C5nNRLxAIU0ppMOs0SDJf
e/s9xnHJ5fBHQyp+T7usgjuR2hB16/PsSfbwCeUWirpV7uc79NSb9ZLsAYthf8YB
m7++bgPj90nQ3TeM5G1bBQm4fCA5/UAMN/B6Hi0MKhUcWRt8+Ji4nUdKkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKfKFARd3d37bPFAyYj88DhmSENnMB8GA1UdIwQY
MBaAFHIgLmRfcs1wqoFDtzvMDd2Tv+kaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lZTExMjctZjk5Yy00YWVhLWIyZmEt
NDBjYzE2ZjJhZmE0LzEvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lZTExMjctZjk5Yy00YWVhLWIyZmEtNDBjYzE2ZjJhZmE0
LzEvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjKDmPdF2
2nxSIFNdq1xCZ67TB9ZW+YyWp60a/us/OoWwgqr7rilhKyTqptvmEQ9zpMmrN/NS
sscqdkF1fnDs8kq02AYzgDogSuQh5HM/GE6xJwxlMoCWJchUad4ZqNf63WexZGgH
NlSbbi/asWzxyiHnFRTBXjROcFfsmPwjCY/mTK/IebIzimMakq8/NzwNgLNfVqZQ
r5jE0I2hhafoU+Ysgk4dP1iP8gG6CoJuH2xyENCZO2IIOc7ADISpPRZCujG3PKVT
lKjo7leDnLTTwuXH4AAJS0p1FRKXgcK9pns2cgRucfqL8zY4/7lKCKOTiyQz5WQt
WrDQ463obV2LXA==
-----END CERTIFICATE-----