Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
File:                     I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft (raw, json)
Hash identifier:          wJGrGVKxSOL+gRnvB4PIurfVxS4gpOCDpcsVv0BQnt0=
Subject key identifier:   23:58:F6:E3:59:02:3B:BC:77:3F:68:20:79:39:27:64:13:52:71:A2
Authority key identifier: 23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0
Certificate issuer:       /CN=23f91084058819889a4a8f32ea347759543134f0
Certificate serial:       0196D32CC7DB7CA808B34F99EF89E24345A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
Manifest number:          153C
Signing time:             Thu 15 May 2025 09:00:49 +0000
Manifest this update:     Thu 15 May 2025 09:00:49 +0000
Manifest next update:     Fri 16 May 2025 09:00:49 +0000
Files and hashes:         1: I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl (hash: JdEMJsUol9YGMeSRezNdP2QbazTo2K71pQuEvKbIBH0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 16 May 2025 09:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d3:2c:c7:db:7c:a8:08:b3:4f:99:ef:89:e2:43:45:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23f91084058819889a4a8f32ea347759543134f0
        Validity
            Not Before: May 15 09:00:49 2025 GMT
            Not After : May 16 09:00:49 2025 GMT
        Subject: CN=2358f6e359023bbc773f682079392764135271a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:df:9d:94:2f:5e:fe:dd:06:0d:60:b1:dc:b8:
                    44:53:8b:d3:68:35:78:c7:cc:f0:80:8e:d2:ca:70:
                    12:ee:7f:09:90:b9:f8:a1:82:2c:8e:8e:9f:ab:62:
                    e1:35:0d:4d:69:c0:78:30:01:d7:c8:89:78:5f:07:
                    ff:dd:a3:c6:0c:5c:39:65:bf:3d:18:f8:f0:82:be:
                    e4:cd:41:c0:c7:e5:f2:c3:60:80:89:6a:29:f1:d8:
                    04:52:c3:2a:7f:c4:4b:26:e6:f3:61:1e:b0:4f:3c:
                    5f:f7:40:98:68:ed:b3:75:bd:7c:2e:21:4e:bb:4f:
                    70:31:3b:a3:a1:7e:4e:e1:5e:d3:c5:de:1e:0a:e3:
                    c8:35:77:78:6d:1f:8b:85:2b:26:e7:9a:aa:dc:d8:
                    50:74:71:e4:6c:d2:9d:f6:b3:02:62:8e:c9:d8:a6:
                    ee:05:94:71:a2:4f:1e:27:c2:6c:e3:6c:05:d8:6b:
                    51:f7:4e:80:e2:60:5a:d5:fa:8f:73:3d:6d:2a:27:
                    9d:c3:b9:78:0b:3e:2e:15:fe:64:1c:09:c9:ef:98:
                    af:eb:31:c3:db:71:6a:8e:c3:31:0e:d6:9a:76:72:
                    bf:c1:0f:00:8e:9c:ce:3e:d7:45:5e:42:8c:71:f8:
                    51:8c:dd:49:ec:16:4d:a3:19:93:85:d5:0d:43:85:
                    08:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:58:F6:E3:59:02:3B:BC:77:3F:68:20:79:39:27:64:13:52:71:A2
            X509v3 Authority Key Identifier:
                keyid:23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:df:9c:d1:02:82:d2:e7:c3:5b:99:55:da:cc:06:40:2d:24:
         00:86:c6:a3:4d:6b:0a:49:a0:39:81:23:3b:94:07:38:5d:76:
         4f:1d:17:02:6e:1e:52:77:af:86:91:af:63:2a:7a:0c:5e:e9:
         b6:7f:d5:88:32:06:c9:a0:9b:1d:a5:72:aa:3c:5b:2f:e1:3b:
         19:1b:21:44:6a:14:7e:47:88:da:36:16:75:a3:c0:72:1c:b5:
         19:44:f1:e4:34:bc:61:7e:b5:d3:da:f9:1f:24:86:0f:93:e6:
         de:05:40:6d:31:79:0e:84:8e:6d:b4:36:48:bd:f9:f9:bc:31:
         64:9e:d9:33:dd:ca:b2:04:29:de:07:39:84:f3:0e:b7:9f:20:
         04:57:b6:f8:70:f2:c3:bf:12:c1:c8:37:c3:72:1b:d7:bd:91:
         b3:ff:7f:5f:27:a6:c3:6d:69:6c:ef:8d:46:87:32:a1:d0:dd:
         09:e8:b2:65:fd:1e:a7:9c:e4:2b:3f:c4:0b:cb:77:72:12:bb:
         ce:aa:4a:c9:16:a1:b7:8d:83:8e:33:87:16:c7:c2:9a:53:07:
         34:f3:e1:4d:bd:33:f5:8d:e6:0b:47:ae:b3:b7:50:aa:64:84:
         97:73:12:39:b5:1e:61:0e:c1:a1:8b:67:ec:b7:54:8f:51:59:
         ac:00:70:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbTLMfbfKgIs0+Z74niQ0WnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjkxMDg0MDU4ODE5ODg5YTRhOGYzMmVhMzQ3NzU5NTQz
MTM0ZjAwHhcNMjUwNTE1MDkwMDQ5WhcNMjUwNTE2MDkwMDQ5WjAzMTEwLwYDVQQD
EygyMzU4ZjZlMzU5MDIzYmJjNzczZjY4MjA3OTM5Mjc2NDEzNTI3MWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9+dlC9e/t0GDWCx3LhEU4vTaDV4
x8zwgI7SynAS7n8JkLn4oYIsjo6fq2LhNQ1NacB4MAHXyIl4Xwf/3aPGDFw5Zb89
GPjwgr7kzUHAx+Xyw2CAiWop8dgEUsMqf8RLJubzYR6wTzxf90CYaO2zdb18LiFO
u09wMTujoX5O4V7Txd4eCuPINXd4bR+LhSsm55qq3NhQdHHkbNKd9rMCYo7J2Kbu
BZRxok8eJ8Js42wF2GtR906A4mBa1fqPcz1tKiedw7l4Cz4uFf5kHAnJ75iv6zHD
23FqjsMxDtaadnK/wQ8AjpzOPtdFXkKMcfhRjN1J7BZNoxmThdUNQ4UIkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCNY9uNZAju8dz9oIHk5J2QTUnGiMB8GA1UdIwQY
MBaAFCP5EIQFiBmImkqPMuo0d1lUMTTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQt
ZmRjZWQ0NWQyZmVjLzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQtZmRjZWQ0NWQyZmVj
LzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACd+c0QKC
0ufDW5lV2swGQC0kAIbGo01rCkmgOYEjO5QHOF12Tx0XAm4eUnevhpGvYyp6DF7p
tn/ViDIGyaCbHaVyqjxbL+E7GRshRGoUfkeI2jYWdaPAchy1GUTx5DS8YX6109r5
HySGD5Pm3gVAbTF5DoSObbQ2SL35+bwxZJ7ZM93KsgQp3gc5hPMOt58gBFe2+HDy
w78Swcg3w3Ib172Rs/9/Xyemw21pbO+NRocyodDdCeiyZf0ep5zkKz/EC8t3chK7
zqpKyRaht42DjjOHFsfCmlMHNPPhTb0z9Y3mC0eus7dQqmSEl3MSObUeYQ7BoYtn
7LdUj1FZrABwsw==
-----END CERTIFICATE-----