Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
File:                     hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft (raw, json)
Hash identifier:          kQJrMaBmnoZ+IDn3c58p/6bEObhPmsjELDe/QjLoivw=
Subject key identifier:   F6:33:4F:48:72:5A:DA:AC:C9:6B:51:11:27:17:9F:B2:08:93:39:72
Authority key identifier: 85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4
Certificate issuer:       /CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4
Certificate serial:       0196BB92F55326929E2BE014DBC7C583B9A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
Manifest number:          152F
Signing time:             Sat 10 May 2025 19:01:32 +0000
Manifest this update:     Sat 10 May 2025 19:01:32 +0000
Manifest next update:     Sun 11 May 2025 19:01:32 +0000
Files and hashes:         1: hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl (hash: ubtkYjenUjUyK5BcOdaNgYWoBL9Bt5oxIM68aDBRji0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:92:f5:53:26:92:9e:2b:e0:14:db:c7:c5:83:b9:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4
        Validity
            Not Before: May 10 19:01:32 2025 GMT
            Not After : May 11 19:01:32 2025 GMT
        Subject: CN=f6334f48725adaacc96b511127179fb208933972
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:63:30:69:0b:4d:01:9b:94:55:fe:85:ef:e7:
                    30:be:4a:16:bf:02:80:22:76:f9:bb:cc:be:ff:3f:
                    27:fc:74:fd:7d:2d:8b:0b:71:e5:b6:93:60:a3:76:
                    a4:fe:82:74:e5:e8:f2:0c:65:d2:21:35:ed:1b:f1:
                    d9:77:54:3b:1e:cc:77:57:0f:a9:a0:5c:93:ee:77:
                    fb:fb:d6:e3:b5:e8:95:13:24:6b:6d:a3:4d:c0:97:
                    e0:7a:42:53:c4:43:39:97:ee:12:c2:61:21:9b:6e:
                    ba:3f:38:53:6f:96:5f:7d:d3:ad:5c:3f:d6:a0:a8:
                    42:4a:63:94:62:06:44:e1:66:07:ce:df:c1:88:91:
                    0f:9a:11:11:b8:36:e0:70:32:97:e5:e6:ce:0c:4e:
                    47:f5:ee:72:bf:dd:04:20:23:4a:51:43:3f:45:8d:
                    22:df:3f:0b:6a:36:44:ad:25:d3:84:35:90:a3:60:
                    bf:d3:e8:f6:f6:48:d9:99:0d:ce:d7:bf:a9:6b:f6:
                    4c:88:24:d6:f8:fb:b0:a2:18:b7:22:40:49:b7:d2:
                    69:68:eb:52:15:8f:c7:c1:1c:d8:a1:83:35:ce:f8:
                    b6:df:92:a5:db:37:0a:9f:da:2c:7c:17:a4:04:02:
                    ab:c7:9e:42:f4:01:61:36:e9:6b:00:d9:a3:5a:7f:
                    25:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:33:4F:48:72:5A:DA:AC:C9:6B:51:11:27:17:9F:B2:08:93:39:72
            X509v3 Authority Key Identifier:
                keyid:85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:09:82:63:56:bb:b9:c3:53:8c:90:18:8d:2e:79:df:a4:fa:
         c2:39:b6:a6:9a:17:e4:54:ef:24:01:93:e9:32:95:19:66:47:
         c3:bc:b3:5b:39:42:11:e4:4b:e3:16:2c:d2:73:82:7f:3b:4f:
         38:31:ab:4f:dc:b9:4a:8c:0b:44:9b:95:ae:47:16:c5:bb:8e:
         4a:7a:99:97:17:c0:f6:37:c5:eb:73:07:31:05:5b:b6:63:a0:
         27:73:d7:4e:6c:14:d6:01:e6:a6:0c:98:9d:52:d9:11:dd:ca:
         b2:2d:48:b0:35:1a:73:3e:81:e9:2e:d2:1e:83:53:9d:f9:e5:
         f6:d3:1c:f0:a3:86:da:2f:e1:61:89:65:68:6e:e3:4f:ea:8f:
         f3:c5:e3:33:61:2d:cf:d8:ff:6f:3e:8d:f3:9d:e8:f4:07:5b:
         d9:3d:fd:9c:66:79:7e:75:31:c6:c6:23:04:5d:b3:30:e2:ee:
         9d:1b:79:03:d0:f4:0a:ce:d8:80:2d:46:2e:da:c0:35:c2:b4:
         24:e1:66:48:ed:a4:4a:86:a2:d2:21:ac:36:23:e1:d2:28:29:
         f2:ea:82:55:ec:7f:46:25:86:1c:33:37:1f:d1:c6:85:46:c5:
         e7:1c:cb:f9:f8:9b:17:c4:6e:5c:1f:a6:2c:3b:41:55:24:96:
         24:53:05:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7kvVTJpKeK+AU28fFg7mkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MDEyM2U0Y2UyYjgwZWJmMTJlNDNmZWU0YjFjMThjNWM3
M2QzYjQwHhcNMjUwNTEwMTkwMTMyWhcNMjUwNTExMTkwMTMyWjAzMTEwLwYDVQQD
EyhmNjMzNGY0ODcyNWFkYWFjYzk2YjUxMTEyNzE3OWZiMjA4OTMzOTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmMwaQtNAZuUVf6F7+cwvkoWvwKA
Inb5u8y+/z8n/HT9fS2LC3HltpNgo3ak/oJ05ejyDGXSITXtG/HZd1Q7Hsx3Vw+p
oFyT7nf7+9bjteiVEyRrbaNNwJfgekJTxEM5l+4SwmEhm266PzhTb5ZffdOtXD/W
oKhCSmOUYgZE4WYHzt/BiJEPmhERuDbgcDKX5ebODE5H9e5yv90EICNKUUM/RY0i
3z8LajZErSXThDWQo2C/0+j29kjZmQ3O17+pa/ZMiCTW+Puwohi3IkBJt9JpaOtS
FY/HwRzYoYM1zvi235Kl2zcKn9osfBekBAKrx55C9AFhNulrANmjWn8ljQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPYzT0hyWtqsyWtREScXn7IIkzlyMB8GA1UdIwQY
MBaAFIUBI+TOK4Dr8S5D/uSxwYxcc9O0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEt
MTYzMjBkMDE0YzA0LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEtMTYzMjBkMDE0YzA0
LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWwmCY1a7
ucNTjJAYjS5536T6wjm2ppoX5FTvJAGT6TKVGWZHw7yzWzlCEeRL4xYs0nOCfztP
ODGrT9y5SowLRJuVrkcWxbuOSnqZlxfA9jfF63MHMQVbtmOgJ3PXTmwU1gHmpgyY
nVLZEd3Ksi1IsDUacz6B6S7SHoNTnfnl9tMc8KOG2i/hYYllaG7jT+qP88XjM2Et
z9j/bz6N853o9Adb2T39nGZ5fnUxxsYjBF2zMOLunRt5A9D0Cs7YgC1GLtrANcK0
JOFmSO2kSoai0iGsNiPh0igp8uqCVex/RiWGHDM3H9HGhUbF5xzL+fibF8RuXB+m
LDtBVSSWJFMFMg==
-----END CERTIFICATE-----