Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.mft
File:                     6b4YGqvbGVUTomxntiHimGgY0D0.mft (raw, json)
Hash identifier:          q1nCDtjyiwPp5A2LMdHHqaDOom3vuNFXcSzPtJpnPQU=
Subject key identifier:   FE:FB:D1:8A:B1:F9:D4:91:49:A6:B7:5E:01:44:A4:58:75:6B:96:C3
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Certificate issuer:       /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial:       0196BCDC0444AB4FBE202811108B494BC996
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.mft
Manifest number:          0A9F
Signing time:             Sun 11 May 2025 01:00:57 +0000
Manifest this update:     Sun 11 May 2025 01:00:57 +0000
Manifest next update:     Mon 12 May 2025 01:00:57 +0000
Files and hashes:         1: 6b4YGqvbGVUTomxntiHimGgY0D0.crl (hash: IFK3jAMDpkEi4s4WdselevRwaWG8O9MY0F06LnHRLa4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bc:dc:04:44:ab:4f:be:20:28:11:10:8b:49:4b:c9:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
        Validity
            Not Before: May 11 01:00:57 2025 GMT
            Not After : May 12 01:00:57 2025 GMT
        Subject: CN=fefbd18ab1f9d49149a6b75e0144a458756b96c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:3d:ad:09:18:73:2d:84:fa:d1:ed:87:03:85:
                    26:b3:5f:ac:02:25:ea:b7:0d:b3:af:1d:f9:d5:f4:
                    df:44:35:8d:ee:6a:47:8d:2d:b8:6e:35:0d:c1:85:
                    82:64:c2:a2:a5:8d:cb:a5:2b:83:18:ba:f8:e2:8d:
                    cb:59:c5:2d:ba:63:98:5a:bd:a0:03:00:22:bb:dd:
                    e2:34:a4:6b:01:6d:58:ba:50:52:14:4b:57:dd:82:
                    8c:2b:4f:8d:1c:c8:99:ef:dd:82:df:58:fc:a2:e6:
                    ca:2b:10:d9:95:de:c2:e1:3b:be:77:90:2f:b1:f2:
                    14:ed:54:bc:6d:2a:de:86:fc:32:de:67:a8:10:63:
                    98:a3:90:85:08:26:98:b4:9f:b6:21:00:0e:28:ad:
                    88:55:b6:0d:bb:e7:66:0a:f7:d3:00:cb:1e:d5:a7:
                    45:56:af:9c:db:5e:0c:7e:17:e6:eb:7c:20:c1:61:
                    c3:96:42:d1:32:ec:a1:d6:5b:fa:af:f1:3f:55:10:
                    6f:19:72:0d:61:25:b1:51:20:0d:0b:8d:26:8f:18:
                    37:76:39:e4:2a:28:76:21:76:7d:71:bb:4d:e4:53:
                    aa:21:05:18:b3:49:35:51:3e:44:6d:c2:a4:a4:fb:
                    76:e1:3e:77:00:30:f4:68:90:cf:28:db:50:62:81:
                    d2:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:FB:D1:8A:B1:F9:D4:91:49:A6:B7:5E:01:44:A4:58:75:6B:96:C3
            X509v3 Authority Key Identifier:
                keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:33:da:be:ea:28:2e:1e:9a:cf:ca:bb:ea:fc:7d:2a:6a:74:
         16:e7:cb:22:7a:1f:d3:09:c8:46:1e:e9:0a:57:3a:ed:24:04:
         11:4f:74:7a:f1:72:c5:31:df:65:67:b7:3b:82:b3:5c:8f:f9:
         bb:e0:71:31:35:06:58:8b:6d:67:01:ae:b6:89:30:b9:87:50:
         68:1a:3b:a8:84:30:03:88:47:a2:74:3c:ad:0c:a2:ee:ce:69:
         7a:24:4c:f7:e0:c0:74:6c:fc:ef:9a:f3:a1:2a:65:fc:55:68:
         82:f7:78:7c:92:57:b6:51:c7:ad:ae:62:ad:21:fd:6d:2a:7c:
         14:6f:01:98:22:eb:94:b6:1e:77:a8:89:07:d3:61:a2:76:45:
         52:33:81:87:71:ca:d3:65:fc:06:bd:4f:d0:71:fb:b6:97:a2:
         de:ca:ad:1c:6c:7a:19:c8:eb:c0:36:9b:68:d7:91:01:99:47:
         fd:4a:5c:be:50:d9:85:ae:41:fb:c2:16:0a:50:a9:67:e3:c9:
         48:8e:f1:f6:01:4b:47:d1:d7:9f:7f:93:d0:d3:1d:c5:dc:a9:
         c5:1d:c5:d3:2f:b8:f1:5b:d0:52:14:6c:60:03:ca:ae:0b:ad:
         34:73:83:61:76:a2:0b:1f:59:c3:7c:bd:11:a8:98:77:7b:c3:
         4d:0e:d8:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa83AREq0++ICgREItJS8mWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjUwNTExMDEwMDU3WhcNMjUwNTEyMDEwMDU3WjAzMTEwLwYDVQQD
EyhmZWZiZDE4YWIxZjlkNDkxNDlhNmI3NWUwMTQ0YTQ1ODc1NmI5NmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoD2tCRhzLYT60e2HA4Ums1+sAiXq
tw2zrx351fTfRDWN7mpHjS24bjUNwYWCZMKipY3LpSuDGLr44o3LWcUtumOYWr2g
AwAiu93iNKRrAW1YulBSFEtX3YKMK0+NHMiZ792C31j8oubKKxDZld7C4Tu+d5Av
sfIU7VS8bSrehvwy3meoEGOYo5CFCCaYtJ+2IQAOKK2IVbYNu+dmCvfTAMse1adF
Vq+c214Mfhfm63wgwWHDlkLRMuyh1lv6r/E/VRBvGXINYSWxUSANC40mjxg3djnk
Kih2IXZ9cbtN5FOqIQUYs0k1UT5EbcKkpPt24T53ADD0aJDPKNtQYoHSJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP770Yqx+dSRSaa3XgFEpFh1a5bDMB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbTPavuoo
Lh6az8q76vx9Kmp0FufLInof0wnIRh7pClc67SQEEU90evFyxTHfZWe3O4KzXI/5
u+BxMTUGWIttZwGutokwuYdQaBo7qIQwA4hHonQ8rQyi7s5peiRM9+DAdGz875rz
oSpl/FVogvd4fJJXtlHHra5irSH9bSp8FG8BmCLrlLYed6iJB9NhonZFUjOBh3HK
02X8Br1P0HH7tpei3sqtHGx6GcjrwDabaNeRAZlH/UpcvlDZha5B+8IWClCpZ+PJ
SI7x9gFLR9HXn3+T0NMdxdypxR3F0y+48VvQUhRsYAPKrgutNHODYXaiCx9Zw3y9
EaiYd3vDTQ7Y6Q==
-----END CERTIFICATE-----