Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/d7bcb7-94f2-4908-977d-a20da56c4184/1/ISApS0bJAtk8B5wWhs_kW7ozGMs.mft
File:                     ISApS0bJAtk8B5wWhs_kW7ozGMs.mft (raw, json)
Hash identifier:          QT2e4SHmtpLFx0Ocq187NOx0itp8xNUa6km5A/n1uzc=
Subject key identifier:   23:94:77:81:B8:72:B6:3E:8B:2B:39:67:F5:06:38:95:EA:8D:31:3B
Authority key identifier: 21:20:29:4B:46:C9:02:D9:3C:07:9C:16:86:CF:E4:5B:BA:33:18:CB
Certificate issuer:       /CN=2120294b46c902d93c079c1686cfe45bba3318cb
Certificate serial:       0196A0891B8F10ECC1B85BEB0BCC87457F86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ISApS0bJAtk8B5wWhs_kW7ozGMs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/d7bcb7-94f2-4908-977d-a20da56c4184/1/ISApS0bJAtk8B5wWhs_kW7ozGMs.mft
Manifest number:          0CBB
Signing time:             Mon 05 May 2025 13:01:02 +0000
Manifest this update:     Mon 05 May 2025 13:01:02 +0000
Manifest next update:     Tue 06 May 2025 13:01:02 +0000
Files and hashes:         1: ISApS0bJAtk8B5wWhs_kW7ozGMs.crl (hash: t/rmrHGXroxxSXun1zh1QnVtYImhPbeegXqWlD0+xlI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/d7bcb7-94f2-4908-977d-a20da56c4184/1/ISApS0bJAtk8B5wWhs_kW7ozGMs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/d7bcb7-94f2-4908-977d-a20da56c4184/1/ISApS0bJAtk8B5wWhs_kW7ozGMs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ISApS0bJAtk8B5wWhs_kW7ozGMs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a0:89:1b:8f:10:ec:c1:b8:5b:eb:0b:cc:87:45:7f:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2120294b46c902d93c079c1686cfe45bba3318cb
        Validity
            Not Before: May  5 13:01:02 2025 GMT
            Not After : May  6 13:01:02 2025 GMT
        Subject: CN=23947781b872b63e8b2b3967f5063895ea8d313b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:6f:1a:61:03:e4:10:91:5d:8d:1a:8c:08:fb:
                    46:e0:10:ea:4b:f9:d7:04:ac:6e:e0:42:68:2c:e5:
                    5b:ac:b6:69:88:f9:24:18:b5:89:35:68:fe:e8:4b:
                    b5:ff:58:d3:f4:3b:54:7e:d5:3b:4f:b8:f4:af:46:
                    51:59:c5:02:e6:24:b7:ac:00:d2:7e:96:0a:77:ea:
                    73:7f:90:8e:b6:3d:f8:23:eb:f7:07:43:80:37:5b:
                    22:44:f7:86:29:62:8f:88:63:69:22:52:a7:80:6f:
                    01:80:cd:7a:aa:60:bd:82:5b:8b:1c:68:59:b1:bf:
                    49:b0:e7:86:fd:1c:56:ef:b5:65:0d:22:f7:75:31:
                    3b:90:2d:f4:98:54:8e:df:16:c0:55:99:af:af:10:
                    92:63:cb:73:64:24:f5:5b:fd:b1:4f:03:86:49:c5:
                    1b:47:97:e1:76:dd:e5:67:f4:4b:a7:d3:ca:d9:2a:
                    0d:53:0e:17:a4:32:5d:d5:28:b2:8c:6d:ca:fa:58:
                    dd:c5:36:6b:a8:bb:13:08:bb:53:9d:f1:92:6e:29:
                    c1:12:3a:15:05:15:a2:a6:8e:3d:70:25:23:d0:1f:
                    be:30:9e:52:d8:46:41:1c:93:6f:9b:5e:06:98:b8:
                    f5:8e:64:c3:d9:af:7e:50:92:17:1a:ae:57:2d:0e:
                    31:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:94:77:81:B8:72:B6:3E:8B:2B:39:67:F5:06:38:95:EA:8D:31:3B
            X509v3 Authority Key Identifier:
                keyid:21:20:29:4B:46:C9:02:D9:3C:07:9C:16:86:CF:E4:5B:BA:33:18:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ISApS0bJAtk8B5wWhs_kW7ozGMs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/d7bcb7-94f2-4908-977d-a20da56c4184/1/ISApS0bJAtk8B5wWhs_kW7ozGMs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/d7bcb7-94f2-4908-977d-a20da56c4184/1/ISApS0bJAtk8B5wWhs_kW7ozGMs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:55:53:82:c6:e6:5e:e8:09:8c:a7:24:e3:00:0e:ce:2c:d9:
         ed:d4:ad:41:df:63:65:82:82:a3:7c:2b:7e:60:6f:4c:f6:3c:
         6c:0a:93:04:a6:01:24:0a:16:86:46:ff:42:90:4c:b7:29:c3:
         01:c5:58:33:17:b1:a4:82:fd:d5:6e:ef:59:3d:b1:f5:ef:df:
         79:6e:59:40:37:75:d0:d2:7d:38:f0:e1:06:77:29:7d:e1:5e:
         72:89:73:04:86:a2:4b:f4:82:fb:e7:dc:91:aa:54:fa:40:56:
         72:5f:d5:d9:68:76:d4:88:a9:bf:3b:2b:d8:71:ee:ab:33:83:
         2d:a0:e8:1a:e8:ea:58:81:9b:5e:bd:85:0a:c7:5a:37:b4:e9:
         f1:03:e5:49:37:9a:f0:e0:f1:78:82:b8:a5:1b:0e:9a:1b:04:
         4e:ed:78:19:84:a6:aa:c9:f0:27:74:02:d9:32:d8:66:61:db:
         6d:5d:c3:da:d5:57:1b:04:3b:aa:35:00:c2:d6:88:23:a2:81:
         7c:06:cf:20:48:1c:19:3e:7c:a3:10:39:33:dc:71:3a:d9:9a:
         b7:f7:b2:ff:12:6f:3e:24:a7:1d:04:e7:8b:e4:3b:a5:f8:6e:
         5f:fe:d0:27:92:3d:a3:cb:e9:22:3d:ef:e0:e2:48:d1:1c:b6:
         d2:23:1c:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZagiRuPEOzBuFvrC8yHRX+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMjAyOTRiNDZjOTAyZDkzYzA3OWMxNjg2Y2ZlNDViYmEz
MzE4Y2IwHhcNMjUwNTA1MTMwMTAyWhcNMjUwNTA2MTMwMTAyWjAzMTEwLwYDVQQD
EygyMzk0Nzc4MWI4NzJiNjNlOGIyYjM5NjdmNTA2Mzg5NWVhOGQzMTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAym8aYQPkEJFdjRqMCPtG4BDqS/nX
BKxu4EJoLOVbrLZpiPkkGLWJNWj+6Eu1/1jT9DtUftU7T7j0r0ZRWcUC5iS3rADS
fpYKd+pzf5COtj34I+v3B0OAN1siRPeGKWKPiGNpIlKngG8BgM16qmC9gluLHGhZ
sb9JsOeG/RxW77VlDSL3dTE7kC30mFSO3xbAVZmvrxCSY8tzZCT1W/2xTwOGScUb
R5fhdt3lZ/RLp9PK2SoNUw4XpDJd1SiyjG3K+ljdxTZrqLsTCLtTnfGSbinBEjoV
BRWipo49cCUj0B++MJ5S2EZBHJNvm14GmLj1jmTD2a9+UJIXGq5XLQ4xTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCOUd4G4crY+iys5Z/UGOJXqjTE7MB8GA1UdIwQY
MBaAFCEgKUtGyQLZPAecFobP5Fu6MxjLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVNBcFMwYkpBdGs4QjV3V2hzX2tXN296R01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9kN2JjYjctOTRmMi00OTA4LTk3N2Qt
YTIwZGE1NmM0MTg0LzEvSVNBcFMwYkpBdGs4QjV3V2hzX2tXN296R01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9kN2JjYjctOTRmMi00OTA4LTk3N2QtYTIwZGE1NmM0MTg0
LzEvSVNBcFMwYkpBdGs4QjV3V2hzX2tXN296R01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQVVTgsbm
XugJjKck4wAOzizZ7dStQd9jZYKCo3wrfmBvTPY8bAqTBKYBJAoWhkb/QpBMtynD
AcVYMxexpIL91W7vWT2x9e/feW5ZQDd10NJ9OPDhBncpfeFecolzBIaiS/SC++fc
kapU+kBWcl/V2Wh21Iipvzsr2HHuqzODLaDoGujqWIGbXr2FCsdaN7Tp8QPlSTea
8ODxeIK4pRsOmhsETu14GYSmqsnwJ3QC2TLYZmHbbV3D2tVXGwQ7qjUAwtaII6KB
fAbPIEgcGT58oxA5M9xxOtmat/ey/xJvPiSnHQTni+Q7pfhuX/7QJ5I9o8vpIj3v
4OJI0Ry20iMcbQ==
-----END CERTIFICATE-----