Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/sSZ6Uay2bymRvqUkP-OIBolxofE.mft
File:                     sSZ6Uay2bymRvqUkP-OIBolxofE.mft (raw, json)
Hash identifier:          ZaiSBaXHWi+qNiCdG8xHVAOd7sTTUMBPuYbAlp4lMbg=
Subject key identifier:   8D:92:3F:A6:C9:49:76:D6:6A:EB:64:E2:C4:26:89:5F:80:24:97:F1
Authority key identifier: B1:26:7A:51:AC:B6:6F:29:91:BE:A5:24:3F:E3:88:06:89:71:A1:F1
Certificate issuer:       /CN=b1267a51acb66f2991bea5243fe388068971a1f1
Certificate serial:       01969E9B30718886ACD964A8E1F42A89D7D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sSZ6Uay2bymRvqUkP-OIBolxofE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/sSZ6Uay2bymRvqUkP-OIBolxofE.mft
Manifest number:          1520
Signing time:             Mon 05 May 2025 04:01:32 +0000
Manifest this update:     Mon 05 May 2025 04:01:32 +0000
Manifest next update:     Tue 06 May 2025 04:01:32 +0000
Files and hashes:         1: sSZ6Uay2bymRvqUkP-OIBolxofE.crl (hash: Sp0FJAk/BdUzTD++j9X3mTSGt9boWF3sCQYGXclPCNo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/sSZ6Uay2bymRvqUkP-OIBolxofE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/sSZ6Uay2bymRvqUkP-OIBolxofE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sSZ6Uay2bymRvqUkP-OIBolxofE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9e:9b:30:71:88:86:ac:d9:64:a8:e1:f4:2a:89:d7:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1267a51acb66f2991bea5243fe388068971a1f1
        Validity
            Not Before: May  5 04:01:32 2025 GMT
            Not After : May  6 04:01:32 2025 GMT
        Subject: CN=8d923fa6c94976d66aeb64e2c426895f802497f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:96:6e:71:57:11:d8:74:2c:63:7d:c1:5a:92:
                    14:f5:12:eb:f4:e2:cb:52:c4:f0:ce:14:15:b3:1c:
                    71:69:58:1a:27:70:07:eb:00:6e:18:c4:4b:14:85:
                    d0:31:c8:d0:92:af:b2:dd:ad:00:3e:60:e2:6e:0c:
                    d0:03:c8:f4:85:74:28:59:88:31:14:5c:2d:a6:92:
                    4b:ab:d6:99:89:4b:47:90:88:d4:f8:a1:00:41:e7:
                    13:de:89:83:b6:58:c4:0f:e5:0c:94:c3:98:60:5b:
                    bb:a8:5c:0c:ea:97:74:fb:dd:28:6f:df:45:4f:ed:
                    49:47:01:1b:28:58:5a:90:34:2a:d8:cb:6f:47:a0:
                    d9:04:65:94:b9:62:ec:a2:fd:9b:d8:e5:cb:fd:53:
                    6c:83:5c:16:70:85:80:98:2a:4b:af:39:20:cf:cf:
                    f0:be:f0:aa:99:4f:09:75:f7:a1:91:b7:f6:87:be:
                    24:e6:8c:a2:7e:a4:ff:60:52:70:15:7b:d0:d9:e2:
                    bf:f7:1b:a0:6b:19:45:72:6a:44:7a:36:96:f9:55:
                    82:52:31:e3:b8:62:60:8b:20:bb:83:c4:41:79:cf:
                    c6:68:14:88:00:99:04:a9:59:45:a4:f1:28:ee:bd:
                    48:7a:45:73:86:09:05:cb:f2:3c:2f:a1:f6:78:e5:
                    a7:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:92:3F:A6:C9:49:76:D6:6A:EB:64:E2:C4:26:89:5F:80:24:97:F1
            X509v3 Authority Key Identifier:
                keyid:B1:26:7A:51:AC:B6:6F:29:91:BE:A5:24:3F:E3:88:06:89:71:A1:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sSZ6Uay2bymRvqUkP-OIBolxofE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/sSZ6Uay2bymRvqUkP-OIBolxofE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/sSZ6Uay2bymRvqUkP-OIBolxofE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:60:b1:43:36:38:8d:f3:1f:48:59:c0:05:50:8b:e2:72:fa:
         f2:13:88:07:51:95:ba:f9:b8:55:db:f2:ef:8a:4a:8f:90:55:
         61:4a:4d:a4:9d:49:3a:93:f6:8d:d7:3a:71:56:90:33:2f:7d:
         27:00:c2:f2:cc:01:72:0a:32:4c:74:24:d6:4d:73:1f:ec:a2:
         f6:a3:5f:fc:bb:a1:0b:9b:73:a3:67:cd:d6:db:a3:97:71:54:
         63:fa:85:e3:a9:63:2d:d2:86:13:a3:aa:04:34:e8:8f:ee:ba:
         c0:a3:00:e6:c2:9d:03:9c:98:8b:a0:cb:54:94:84:4d:a9:43:
         ee:7a:2d:d3:36:4e:0c:92:89:d3:76:48:32:91:5d:c4:c5:00:
         a2:4c:99:8b:eb:b5:cc:27:8a:cc:60:63:4e:0a:47:85:6f:8e:
         ac:d9:0b:00:af:22:ca:37:40:5d:71:de:13:7c:7a:3c:07:16:
         b9:7d:0c:8a:f8:f8:c8:50:09:5e:4f:b0:eb:1f:72:f3:38:99:
         d6:1d:18:a2:a2:f5:01:2d:24:7e:73:f9:ae:b2:1e:d4:f2:5b:
         1e:75:1e:dd:e1:a5:49:b5:71:60:21:87:16:3e:a7:ed:ab:23:
         8e:73:51:0a:4e:36:dc:d2:92:bc:32:9c:47:c2:84:c6:d4:6f:
         1a:51:e3:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaemzBxiIas2WSo4fQqidfWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMjY3YTUxYWNiNjZmMjk5MWJlYTUyNDNmZTM4ODA2ODk3
MWExZjEwHhcNMjUwNTA1MDQwMTMyWhcNMjUwNTA2MDQwMTMyWjAzMTEwLwYDVQQD
Eyg4ZDkyM2ZhNmM5NDk3NmQ2NmFlYjY0ZTJjNDI2ODk1ZjgwMjQ5N2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJZucVcR2HQsY33BWpIU9RLr9OLL
UsTwzhQVsxxxaVgaJ3AH6wBuGMRLFIXQMcjQkq+y3a0APmDibgzQA8j0hXQoWYgx
FFwtppJLq9aZiUtHkIjU+KEAQecT3omDtljED+UMlMOYYFu7qFwM6pd0+90ob99F
T+1JRwEbKFhakDQq2MtvR6DZBGWUuWLsov2b2OXL/VNsg1wWcIWAmCpLrzkgz8/w
vvCqmU8Jdfehkbf2h74k5oyifqT/YFJwFXvQ2eK/9xugaxlFcmpEejaW+VWCUjHj
uGJgiyC7g8RBec/GaBSIAJkEqVlFpPEo7r1IekVzhgkFy/I8L6H2eOWn1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI2SP6bJSXbWautk4sQmiV+AJJfxMB8GA1UdIwQY
MBaAFLEmelGstm8pkb6lJD/jiAaJcaHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1NaNlVheTJieW1SdnFVa1AtT0lCb2x4b2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9kNzRjYTItM2RlNi00YjY5LWEwMDAt
OTRkMWI4OWY4Y2IyLzEvc1NaNlVheTJieW1SdnFVa1AtT0lCb2x4b2ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9kNzRjYTItM2RlNi00YjY5LWEwMDAtOTRkMWI4OWY4Y2Iy
LzEvc1NaNlVheTJieW1SdnFVa1AtT0lCb2x4b2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlGCxQzY4
jfMfSFnABVCL4nL68hOIB1GVuvm4Vdvy74pKj5BVYUpNpJ1JOpP2jdc6cVaQMy99
JwDC8swBcgoyTHQk1k1zH+yi9qNf/LuhC5tzo2fN1tujl3FUY/qF46ljLdKGE6Oq
BDToj+66wKMA5sKdA5yYi6DLVJSETalD7not0zZODJKJ03ZIMpFdxMUAokyZi+u1
zCeKzGBjTgpHhW+OrNkLAK8iyjdAXXHeE3x6PAcWuX0Mivj4yFAJXk+w6x9y8ziZ
1h0YoqL1AS0kfnP5rrIe1PJbHnUe3eGlSbVxYCGHFj6n7asjjnNRCk423NKSvDKc
R8KExtRvGlHjUw==
-----END CERTIFICATE-----