Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
File:                     9Lf2q209ljfV1-rM4943lLnPPg8.mft (raw, json)
Hash identifier:          FzBDsM5hck2SjvCZuHEp5Qlhm3x1KoVZAA/VBeQ+cxM=
Subject key identifier:   12:1B:69:2E:17:35:B0:17:62:B1:EE:68:08:AB:6A:D4:C1:55:B8:64
Authority key identifier: F4:B7:F6:AB:6D:3D:96:37:D5:D7:EA:CC:E3:DE:37:94:B9:CF:3E:0F
Certificate issuer:       /CN=f4b7f6ab6d3d9637d5d7eacce3de3794b9cf3e0f
Certificate serial:       0196DCD4A4966C9D2EAB5BBD0CDFCAC1F1D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
Manifest number:          EE
Signing time:             Sat 17 May 2025 06:00:45 +0000
Manifest this update:     Sat 17 May 2025 06:00:45 +0000
Manifest next update:     Sun 18 May 2025 06:00:45 +0000
Files and hashes:         1: 9Lf2q209ljfV1-rM4943lLnPPg8.crl (hash: NPtq98pnmkIOXYeqTmzCPYnnU3X4th8uiyLbq0LgtVo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 18 May 2025 06:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:dc:d4:a4:96:6c:9d:2e:ab:5b:bd:0c:df:ca:c1:f1:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4b7f6ab6d3d9637d5d7eacce3de3794b9cf3e0f
        Validity
            Not Before: May 17 06:00:45 2025 GMT
            Not After : May 18 06:00:45 2025 GMT
        Subject: CN=121b692e1735b01762b1ee6808ab6ad4c155b864
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ec:02:c9:28:fc:aa:44:ff:fe:ab:af:2a:e5:
                    de:0d:a0:c0:22:2e:23:04:b3:71:96:55:b8:51:7e:
                    20:69:d8:85:20:e2:ea:8e:44:18:da:ef:59:6f:94:
                    01:f7:c4:f8:fe:df:cd:9c:9a:8e:5d:6b:71:9c:63:
                    d7:c8:fd:31:05:79:14:e3:13:78:dd:21:ff:e9:b1:
                    5e:d8:a7:fb:87:37:57:c2:f8:b4:36:a6:64:ac:5a:
                    9e:2f:c4:dc:2e:da:1b:a2:ce:b1:76:dc:d4:57:69:
                    39:01:ae:9d:8b:ff:cf:03:15:22:2b:c3:25:00:54:
                    64:7f:96:ed:71:75:d2:7f:82:73:f0:fc:e6:ee:f7:
                    29:67:55:1e:13:04:43:31:48:d7:56:8f:63:85:a9:
                    f2:9b:d7:78:45:9d:61:a2:c2:1c:b8:d5:c6:94:2a:
                    29:da:63:a2:0a:af:79:d2:fd:9a:c5:45:95:cf:ad:
                    65:44:86:e9:28:84:a1:33:45:71:10:ec:7e:70:33:
                    21:f2:61:b6:37:8f:de:43:a6:df:3d:fa:a8:c1:af:
                    08:9f:38:53:74:e1:b6:c5:83:9d:51:22:99:24:17:
                    8f:b9:53:61:1e:df:62:0e:34:ad:22:8c:70:9d:1b:
                    4a:52:17:97:14:52:e0:88:88:d9:1c:3f:b0:6b:c7:
                    9e:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:1B:69:2E:17:35:B0:17:62:B1:EE:68:08:AB:6A:D4:C1:55:B8:64
            X509v3 Authority Key Identifier:
                keyid:F4:B7:F6:AB:6D:3D:96:37:D5:D7:EA:CC:E3:DE:37:94:B9:CF:3E:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:9a:49:f8:42:40:c4:6d:b4:a7:00:a2:13:a1:4e:a0:04:63:
         55:05:44:a1:4c:7c:69:e3:7c:ba:d6:2d:72:48:54:87:b9:90:
         83:1f:bd:b3:f1:9a:2f:84:fd:14:f4:0a:8e:4d:cc:5d:f3:4f:
         05:7f:c3:d8:60:7e:8a:77:df:cb:e8:c7:b0:8c:3e:4a:c8:58:
         6b:ae:74:31:5b:8f:f1:6a:7b:af:c4:ba:63:c1:f4:48:07:a5:
         1e:aa:73:ff:6e:b1:cb:d7:ca:b1:7c:ef:47:62:b7:0c:50:8e:
         de:0c:c4:2d:0b:3b:29:a1:8a:ac:c1:7e:aa:35:9d:bb:a6:f5:
         02:b7:7f:82:9c:29:ea:49:7c:b2:51:68:40:eb:5e:eb:4b:5d:
         9f:67:e3:42:f9:b4:85:47:17:49:ab:4f:78:5e:2a:3f:d2:da:
         be:d0:a2:80:34:2a:6f:75:70:9c:22:ea:0d:e5:12:e9:03:f6:
         3c:e1:54:12:e2:7a:e9:23:3e:68:14:0f:2c:b2:d0:5c:82:ac:
         1e:ea:47:74:70:91:f1:e9:81:40:74:69:90:e7:a2:4a:75:e1:
         20:59:d6:c6:06:7a:3f:45:78:88:d4:fa:a0:82:41:75:2c:6d:
         59:48:1b:47:d4:dd:ec:05:43:07:03:3e:b1:16:1d:45:32:a8:
         b8:7f:68:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbc1KSWbJ0uq1u9DN/KwfHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjdmNmFiNmQzZDk2MzdkNWQ3ZWFjY2UzZGUzNzk0Yjlj
ZjNlMGYwHhcNMjUwNTE3MDYwMDQ1WhcNMjUwNTE4MDYwMDQ1WjAzMTEwLwYDVQQD
EygxMjFiNjkyZTE3MzViMDE3NjJiMWVlNjgwOGFiNmFkNGMxNTViODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOwCySj8qkT//quvKuXeDaDAIi4j
BLNxllW4UX4gadiFIOLqjkQY2u9Zb5QB98T4/t/NnJqOXWtxnGPXyP0xBXkU4xN4
3SH/6bFe2Kf7hzdXwvi0NqZkrFqeL8TcLtobos6xdtzUV2k5Aa6di//PAxUiK8Ml
AFRkf5btcXXSf4Jz8Pzm7vcpZ1UeEwRDMUjXVo9jhanym9d4RZ1hosIcuNXGlCop
2mOiCq950v2axUWVz61lRIbpKIShM0VxEOx+cDMh8mG2N4/eQ6bfPfqowa8InzhT
dOG2xYOdUSKZJBePuVNhHt9iDjStIoxwnRtKUheXFFLgiIjZHD+wa8eemQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBIbaS4XNbAXYrHuaAiratTBVbhkMB8GA1UdIwQY
MBaAFPS39qttPZY31dfqzOPeN5S5zz4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8yYWE5ZjktYmRiNC00YWI5LThmOWIt
NmI4YWEwYTJjOTYwLzEvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8yYWE5ZjktYmRiNC00YWI5LThmOWItNmI4YWEwYTJjOTYw
LzEvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHZpJ+EJA
xG20pwCiE6FOoARjVQVEoUx8aeN8utYtckhUh7mQgx+9s/GaL4T9FPQKjk3MXfNP
BX/D2GB+inffy+jHsIw+SshYa650MVuP8Wp7r8S6Y8H0SAelHqpz/26xy9fKsXzv
R2K3DFCO3gzELQs7KaGKrMF+qjWdu6b1Ard/gpwp6kl8slFoQOte60tdn2fjQvm0
hUcXSatPeF4qP9LavtCigDQqb3VwnCLqDeUS6QP2POFUEuJ66SM+aBQPLLLQXIKs
HupHdHCR8emBQHRpkOeiSnXhIFnWxgZ6P0V4iNT6oIJBdSxtWUgbR9Td7AVDBwM+
sRYdRTKouH9oog==
-----END CERTIFICATE-----