Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
File:                     aU0ylbrOkvvFQHllxly2WWm60Cg.mft (raw, json)
Hash identifier:          ti4vaLo/Y9ur/OJcoLNBdx0e0Fslp05Xr4swwEmq9PE=
Subject key identifier:   B8:7E:34:3E:EA:EB:01:F7:D9:6B:72:C9:EF:FB:77:EF:44:B1:20:02
Authority key identifier: 69:4D:32:95:BA:CE:92:FB:C5:40:79:65:C6:5C:B6:59:69:BA:D0:28
Certificate issuer:       /CN=694d3295bace92fbc5407965c65cb65969bad028
Certificate serial:       0196AC55999C34BF7810FBD449DAFD18BE07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
Manifest number:          29
Signing time:             Wed 07 May 2025 20:00:12 +0000
Manifest this update:     Wed 07 May 2025 20:00:12 +0000
Manifest next update:     Thu 08 May 2025 20:00:12 +0000
Files and hashes:         1: aU0ylbrOkvvFQHllxly2WWm60Cg.crl (hash: 6vlh2Rk+M9Zk5f+ODKAYfJRK5NizyPFPn9tFDiYgmv4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 20:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ac:55:99:9c:34:bf:78:10:fb:d4:49:da:fd:18:be:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=694d3295bace92fbc5407965c65cb65969bad028
        Validity
            Not Before: May  7 20:00:12 2025 GMT
            Not After : May  8 20:00:12 2025 GMT
        Subject: CN=b87e343eeaeb01f7d96b72c9effb77ef44b12002
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:cc:66:38:af:63:b9:bd:c5:f8:54:71:09:c5:
                    cd:e1:7d:2e:9a:c5:35:f0:04:e4:00:db:ac:95:af:
                    d2:21:f5:8e:bf:71:1f:b5:d1:0e:1b:8b:32:d1:93:
                    7c:83:7c:47:88:46:b3:3c:3a:9e:3b:2f:02:f5:8e:
                    08:40:be:99:fb:0b:3e:06:62:80:7d:48:43:16:45:
                    4e:05:a3:c8:2c:9f:20:cd:94:90:7a:3f:e2:04:b6:
                    44:09:b0:cd:ed:37:cd:c6:ac:0d:59:cb:26:35:b0:
                    cc:b3:f0:dc:37:76:ef:1e:9b:2e:cc:9e:62:43:68:
                    3b:c0:33:20:cb:e2:d0:57:1a:a0:79:39:fe:df:c0:
                    25:f2:f6:6f:51:ea:51:bf:8d:60:b4:ca:46:af:cd:
                    a1:8d:d8:d8:33:51:a8:d1:78:0f:11:a7:60:f2:ed:
                    1c:51:53:34:d7:c3:b9:0d:c5:19:c8:76:ae:a0:72:
                    4f:2d:d2:ed:c0:bb:e5:ca:7e:ae:3e:e8:a5:0d:ab:
                    5d:38:3e:b5:47:47:93:1c:b8:93:18:03:77:b1:6c:
                    eb:bb:cb:7a:1c:73:4b:8d:f2:a6:97:25:0f:15:c7:
                    02:ee:98:07:f9:31:af:b5:11:5c:03:d9:11:5d:ee:
                    56:b8:3c:90:66:a5:f7:19:a1:8f:3e:1d:6c:5b:97:
                    06:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:7E:34:3E:EA:EB:01:F7:D9:6B:72:C9:EF:FB:77:EF:44:B1:20:02
            X509v3 Authority Key Identifier:
                keyid:69:4D:32:95:BA:CE:92:FB:C5:40:79:65:C6:5C:B6:59:69:BA:D0:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:90:4a:f0:fa:5b:6b:a0:38:9b:e2:b1:b7:de:2e:33:34:59:
         a1:c2:72:d2:0e:47:fc:53:e0:7c:e0:b0:95:0e:09:bf:ee:a1:
         16:28:88:d2:ed:0b:7b:1e:1b:6d:09:1e:06:b3:47:89:b7:c8:
         a1:23:6b:91:82:1e:f1:16:88:cc:b1:96:70:85:f0:50:03:82:
         b0:23:91:e8:23:f9:22:9f:f5:11:06:b6:cb:67:de:61:d6:3a:
         a9:f8:ae:8f:ed:83:33:be:c1:4b:94:bc:00:c4:8c:87:b2:3f:
         40:1a:2d:bd:10:84:75:20:4d:b9:e1:12:f3:4c:f9:86:b4:d4:
         33:07:1f:d0:8b:9c:d3:12:3d:af:5a:88:cd:7a:25:38:e9:12:
         4b:8a:3e:2e:d3:44:e0:1a:d2:71:15:6e:4d:15:71:90:7a:ef:
         23:f0:2f:cc:b7:38:99:eb:c1:8e:39:85:2d:44:c1:c2:69:d7:
         40:b6:72:35:d3:bc:e0:b9:46:75:8b:16:af:f0:3e:39:a5:2d:
         00:53:93:c1:95:9a:22:66:d8:72:9a:b5:13:a9:20:c1:20:18:
         c4:32:70:6c:67:d8:aa:d4:67:06:88:f8:3b:13:6f:df:e5:92:
         f8:dc:d8:f1:87:21:e3:72:be:43:a3:7c:ea:28:09:f8:cd:97:
         58:5a:bc:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZasVZmcNL94EPvUSdr9GL4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NGQzMjk1YmFjZTkyZmJjNTQwNzk2NWM2NWNiNjU5Njli
YWQwMjgwHhcNMjUwNTA3MjAwMDEyWhcNMjUwNTA4MjAwMDEyWjAzMTEwLwYDVQQD
EyhiODdlMzQzZWVhZWIwMWY3ZDk2YjcyYzllZmZiNzdlZjQ0YjEyMDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcxmOK9jub3F+FRxCcXN4X0umsU1
8ATkANusla/SIfWOv3EftdEOG4sy0ZN8g3xHiEazPDqeOy8C9Y4IQL6Z+ws+BmKA
fUhDFkVOBaPILJ8gzZSQej/iBLZECbDN7TfNxqwNWcsmNbDMs/DcN3bvHpsuzJ5i
Q2g7wDMgy+LQVxqgeTn+38Al8vZvUepRv41gtMpGr82hjdjYM1Go0XgPEadg8u0c
UVM018O5DcUZyHauoHJPLdLtwLvlyn6uPuilDatdOD61R0eTHLiTGAN3sWzru8t6
HHNLjfKmlyUPFccC7pgH+TGvtRFcA9kRXe5WuDyQZqX3GaGPPh1sW5cGQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLh+ND7q6wH32Wtyye/7d+9EsSACMB8GA1UdIwQY
MBaAFGlNMpW6zpL7xUB5ZcZctllputAoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wYWQ0NjgtZGFlYS00YjA0LWE0MDgt
MjdlOTZiOTA0N2E4LzEvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wYWQ0NjgtZGFlYS00YjA0LWE0MDgtMjdlOTZiOTA0N2E4
LzEvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA5BK8Ppb
a6A4m+Kxt94uMzRZocJy0g5H/FPgfOCwlQ4Jv+6hFiiI0u0Lex4bbQkeBrNHibfI
oSNrkYIe8RaIzLGWcIXwUAOCsCOR6CP5Ip/1EQa2y2feYdY6qfiuj+2DM77BS5S8
AMSMh7I/QBotvRCEdSBNueES80z5hrTUMwcf0Iuc0xI9r1qIzXolOOkSS4o+LtNE
4BrScRVuTRVxkHrvI/AvzLc4mevBjjmFLUTBwmnXQLZyNdO84LlGdYsWr/A+OaUt
AFOTwZWaImbYcpq1E6kgwSAYxDJwbGfYqtRnBoj4OxNv3+WS+NzY8Ych43K+Q6N8
6igJ+M2XWFq8Hw==
-----END CERTIFICATE-----