Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
File:                     pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft (raw, json)
Hash identifier:          qf/B7xMMvbW2Q3BLleebjtK+HeQlQvS2DlkXgz76vko=
Subject key identifier:   BF:96:15:24:8A:68:BC:91:D5:8D:2B:3C:B8:9D:19:F1:C0:EB:8D:94
Authority key identifier: A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34
Certificate issuer:       /CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
Certificate serial:       0196CEE21E56BF3B8E12D7F2951B7112D026
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
Manifest number:          150D
Signing time:             Wed 14 May 2025 13:00:47 +0000
Manifest this update:     Wed 14 May 2025 13:00:47 +0000
Manifest next update:     Thu 15 May 2025 13:00:47 +0000
Files and hashes:         1: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl (hash: nwQvJVL6CFteflD2X05LYzUTjGXW4EuRKSM/32LLcjM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 13:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ce:e2:1e:56:bf:3b:8e:12:d7:f2:95:1b:71:12:d0:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
        Validity
            Not Before: May 14 13:00:47 2025 GMT
            Not After : May 15 13:00:47 2025 GMT
        Subject: CN=bf9615248a68bc91d58d2b3cb89d19f1c0eb8d94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:ba:4c:d1:80:ba:d5:82:50:38:ed:71:25:2b:
                    a4:17:c4:ec:a1:3b:bb:28:d7:5b:ca:0d:98:3f:06:
                    ed:11:af:48:b8:23:1b:38:26:60:c9:40:a9:cf:02:
                    d5:10:38:fc:a6:10:c7:c7:db:90:2f:03:5d:2d:ab:
                    5e:fd:2f:f3:db:89:4d:eb:12:1c:7e:39:07:74:d2:
                    5c:91:0b:4b:9d:42:89:cc:41:d8:ec:fe:d3:a0:8a:
                    6b:13:f5:2a:c7:f9:9f:01:56:b7:ca:68:80:b9:b1:
                    41:47:20:41:ca:a8:9c:ec:40:bb:3f:b2:be:a7:e9:
                    df:ce:cb:8e:f0:51:b6:a6:0e:9b:72:78:5f:4a:18:
                    cd:a6:e9:32:c9:f2:27:c6:7c:b2:ac:73:83:a5:b3:
                    33:70:13:0f:db:3e:c2:f5:e5:c3:4c:17:b7:3a:91:
                    d5:f7:2f:2d:b0:16:29:7b:95:82:13:a8:a9:99:17:
                    f8:39:7b:ca:27:a0:ca:3b:75:09:c4:2d:70:c7:e4:
                    68:f4:2f:d6:b7:80:db:30:72:5a:a9:32:e2:2e:bf:
                    89:41:34:cc:b0:52:3e:cf:85:2a:3d:78:39:24:df:
                    72:1d:9f:0d:2a:d4:0f:12:e3:c4:d5:8c:8a:ba:90:
                    8e:8c:9e:19:b7:a0:1a:b7:b1:16:0b:aa:fa:c6:da:
                    d8:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:96:15:24:8A:68:BC:91:D5:8D:2B:3C:B8:9D:19:F1:C0:EB:8D:94
            X509v3 Authority Key Identifier:
                keyid:A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:27:12:19:5f:0f:0a:58:28:26:33:c3:73:8e:a1:b0:c2:b4:
         04:16:27:d0:59:03:86:12:c1:c0:0f:6c:0c:89:29:6e:34:c3:
         60:6f:bc:30:24:6e:d5:93:b7:73:fd:00:3e:a9:00:78:3f:24:
         12:1c:f2:a2:c5:50:a7:63:c3:b1:01:dc:7d:ef:71:2f:fe:d8:
         c4:f0:ca:a2:c4:1f:1b:d6:27:3b:ec:9c:32:aa:93:cf:f0:01:
         e7:e6:0b:d8:76:71:c7:1f:48:f7:44:62:df:fc:cf:a7:c3:81:
         b0:88:e4:55:7d:7f:cd:4e:47:4c:7a:99:74:d7:81:2d:23:b5:
         e6:ed:7f:c7:95:92:1c:d4:21:33:6f:02:10:d6:0d:4a:c9:de:
         a6:85:da:28:7c:f4:c4:4e:0f:6a:7b:fe:22:c4:5d:dd:f6:5f:
         fc:43:d9:18:e5:1e:82:a1:4c:43:4f:d4:c9:b2:bf:c1:11:7f:
         2b:dc:a7:ce:9f:95:90:be:ef:0b:eb:9f:ff:7b:14:f2:0f:c9:
         f9:8f:ae:7d:f7:f5:5b:09:7c:2a:04:e5:83:85:ef:fe:e3:ec:
         91:e9:c9:5b:c3:66:02:89:d4:b9:8d:b5:4e:48:15:db:55:7d:
         0f:8c:4e:9b:c3:93:63:79:75:48:77:bf:f3:ee:ea:59:b9:37:
         04:8a:d5:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbO4h5WvzuOEtfylRtxEtAmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZDM4MDQxYWU0ZTczMTU3NzI0YWE5ZjNlZTA0MzA1ZTVm
MTI4MzQwHhcNMjUwNTE0MTMwMDQ3WhcNMjUwNTE1MTMwMDQ3WjAzMTEwLwYDVQQD
EyhiZjk2MTUyNDhhNjhiYzkxZDU4ZDJiM2NiODlkMTlmMWMwZWI4ZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbpM0YC61YJQOO1xJSukF8TsoTu7
KNdbyg2YPwbtEa9IuCMbOCZgyUCpzwLVEDj8phDHx9uQLwNdLate/S/z24lN6xIc
fjkHdNJckQtLnUKJzEHY7P7ToIprE/Uqx/mfAVa3ymiAubFBRyBByqic7EC7P7K+
p+nfzsuO8FG2pg6bcnhfShjNpukyyfInxnyyrHODpbMzcBMP2z7C9eXDTBe3OpHV
9y8tsBYpe5WCE6ipmRf4OXvKJ6DKO3UJxC1wx+Ro9C/Wt4DbMHJaqTLiLr+JQTTM
sFI+z4UqPXg5JN9yHZ8NKtQPEuPE1YyKupCOjJ4Zt6Aat7EWC6r6xtrYfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+WFSSKaLyR1Y0rPLidGfHA642UMB8GA1UdIwQY
MBaAFKTTgEGuTnMVdySqnz7gQwXl8Sg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYt
MTg2YjI4Njg1NGJlLzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYtMTg2YjI4Njg1NGJl
LzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaScSGV8P
ClgoJjPDc46hsMK0BBYn0FkDhhLBwA9sDIkpbjTDYG+8MCRu1ZO3c/0APqkAeD8k
EhzyosVQp2PDsQHcfe9xL/7YxPDKosQfG9YnO+ycMqqTz/AB5+YL2HZxxx9I90Ri
3/zPp8OBsIjkVX1/zU5HTHqZdNeBLSO15u1/x5WSHNQhM28CENYNSsnepoXaKHz0
xE4Panv+IsRd3fZf/EPZGOUegqFMQ0/UybK/wRF/K9ynzp+VkL7vC+uf/3sU8g/J
+Y+ufff1Wwl8KgTlg4Xv/uPskenJW8NmAonUuY21TkgV21V9D4xOm8OTY3l1SHe/
8+7qWbk3BIrVpA==
-----END CERTIFICATE-----