Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
File:                     MAhC2wg32vMRozS3IjGOcLWIsAk.mft (raw, json)
Hash identifier:          9nf0rh6kxk40pvAy0lnjROQvTFJaRdSl/FlUHNt42iA=
Subject key identifier:   4B:79:2A:B9:5B:AC:E8:EE:3B:9A:5E:BC:32:97:87:68:77:E8:03:C5
Authority key identifier: 30:08:42:DB:08:37:DA:F3:11:A3:34:B7:22:31:8E:70:B5:88:B0:09
Certificate issuer:       /CN=300842db0837daf311a334b722318e70b588b009
Certificate serial:       0196B9A3F0B9905CAC52B35E29F660D8093B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
Manifest number:          152F
Signing time:             Sat 10 May 2025 10:00:50 +0000
Manifest this update:     Sat 10 May 2025 10:00:50 +0000
Manifest next update:     Sun 11 May 2025 10:00:50 +0000
Files and hashes:         1: MAhC2wg32vMRozS3IjGOcLWIsAk.crl (hash: cEdA1RPqHz++Mv8+8wnIh8u6qYiYcwxFnlry4cQRiH8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b9:a3:f0:b9:90:5c:ac:52:b3:5e:29:f6:60:d8:09:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=300842db0837daf311a334b722318e70b588b009
        Validity
            Not Before: May 10 10:00:50 2025 GMT
            Not After : May 11 10:00:50 2025 GMT
        Subject: CN=4b792ab95bace8ee3b9a5ebc3297876877e803c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:01:70:ff:55:81:3c:f8:7b:c7:65:01:f2:9f:
                    02:e8:1a:3e:97:93:c8:22:aa:0f:60:4b:87:43:69:
                    e3:fb:ba:bb:5b:3b:09:d8:01:f3:b1:8f:a0:4b:8f:
                    94:5d:db:f2:59:a8:03:ba:fb:25:31:85:4c:a4:ac:
                    6d:7a:f5:60:52:81:07:24:a0:d5:22:fa:67:5f:f3:
                    76:7a:e2:1c:2e:92:f4:49:af:83:02:60:85:b2:3b:
                    0d:19:f1:76:69:5b:20:68:c0:86:01:60:03:4d:d0:
                    39:97:e7:5f:43:fb:30:97:c3:b7:e0:ef:5b:0d:07:
                    18:91:d4:72:07:d2:cb:ed:42:6b:9e:a6:95:5f:af:
                    68:2e:73:48:14:32:43:02:88:25:0e:13:1d:a4:d0:
                    d4:be:97:d5:ff:86:b2:59:3f:a8:37:bb:75:df:eb:
                    23:bd:56:fc:00:81:b0:d9:15:3c:10:c2:06:69:85:
                    ee:03:34:d6:4b:cd:da:37:22:91:82:82:d5:51:a2:
                    ae:9e:b1:4a:bd:a6:db:a3:c5:e3:71:d2:00:95:7a:
                    dc:c5:b3:b6:72:32:65:7c:4e:8f:8e:e6:1a:08:d8:
                    c9:57:a3:c7:c2:1c:75:8f:02:df:2c:93:44:31:c6:
                    bc:ed:71:bc:8a:53:8d:b0:2f:da:cf:f8:86:ba:f5:
                    63:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:79:2A:B9:5B:AC:E8:EE:3B:9A:5E:BC:32:97:87:68:77:E8:03:C5
            X509v3 Authority Key Identifier:
                keyid:30:08:42:DB:08:37:DA:F3:11:A3:34:B7:22:31:8E:70:B5:88:B0:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:3a:96:d2:77:a3:20:6b:4e:16:8b:22:3c:d3:12:43:d3:51:
         fc:f9:9c:9e:b3:47:e0:62:b8:84:c3:9c:88:a1:33:6d:65:80:
         6b:e7:de:22:49:97:7e:2a:11:4d:3a:b4:84:d3:6e:18:03:15:
         9f:2c:fc:2d:aa:46:8d:4a:8b:89:7b:fc:3b:f0:bc:08:6b:bb:
         d8:2a:0f:91:89:46:49:95:40:e7:4d:42:c3:6e:5e:2c:57:ef:
         c1:4c:a0:ea:00:d8:0f:6b:77:b3:38:91:ef:6f:1e:ff:0e:83:
         56:cf:20:5f:b3:13:bb:a8:6c:ea:ac:d7:d6:00:7a:63:bc:23:
         c7:cc:af:67:0b:9b:64:ef:31:65:17:8f:5f:e1:7c:1d:b6:56:
         c8:5c:3c:8b:db:a4:6b:64:ec:4b:00:2e:9d:74:e8:8e:de:d8:
         98:1f:74:d2:1a:b8:a9:ee:89:f2:dc:e2:9b:4b:b6:1f:18:4f:
         a2:2c:69:fc:66:3a:bd:78:ce:ae:e8:1d:d9:e5:90:97:52:2c:
         f5:7d:e8:9b:b1:15:c1:33:1e:ed:20:1d:fb:0a:dd:d7:7d:9d:
         5b:78:5f:39:c8:17:90:28:c3:70:1b:3d:7a:2f:3b:e7:4e:3f:
         90:c5:9c:75:47:19:bf:af:0e:8e:dc:c6:bd:0b:31:1b:be:03:
         b9:f9:77:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa5o/C5kFysUrNeKfZg2Ak7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDg0MmRiMDgzN2RhZjMxMWEzMzRiNzIyMzE4ZTcwYjU4
OGIwMDkwHhcNMjUwNTEwMTAwMDUwWhcNMjUwNTExMTAwMDUwWjAzMTEwLwYDVQQD
Eyg0Yjc5MmFiOTViYWNlOGVlM2I5YTVlYmMzMjk3ODc2ODc3ZTgwM2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAFw/1WBPPh7x2UB8p8C6Bo+l5PI
IqoPYEuHQ2nj+7q7WzsJ2AHzsY+gS4+UXdvyWagDuvslMYVMpKxtevVgUoEHJKDV
IvpnX/N2euIcLpL0Sa+DAmCFsjsNGfF2aVsgaMCGAWADTdA5l+dfQ/swl8O34O9b
DQcYkdRyB9LL7UJrnqaVX69oLnNIFDJDAoglDhMdpNDUvpfV/4ayWT+oN7t13+sj
vVb8AIGw2RU8EMIGaYXuAzTWS83aNyKRgoLVUaKunrFKvabbo8XjcdIAlXrcxbO2
cjJlfE6PjuYaCNjJV6PHwhx1jwLfLJNEMca87XG8ilONsC/az/iGuvVj8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEt5KrlbrOjuO5pevDKXh2h36APFMB8GA1UdIwQY
MBaAFDAIQtsIN9rzEaM0tyIxjnC1iLAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84ZDY0ZDEtNDk0MC00MGU3LTg5NWMt
NTMxMmExMzNiOTRlLzEvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84ZDY0ZDEtNDk0MC00MGU3LTg5NWMtNTMxMmExMzNiOTRl
LzEvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuTqW0nej
IGtOFosiPNMSQ9NR/PmcnrNH4GK4hMOciKEzbWWAa+feIkmXfioRTTq0hNNuGAMV
nyz8LapGjUqLiXv8O/C8CGu72CoPkYlGSZVA501Cw25eLFfvwUyg6gDYD2t3sziR
728e/w6DVs8gX7MTu6hs6qzX1gB6Y7wjx8yvZwubZO8xZRePX+F8HbZWyFw8i9uk
a2TsSwAunXTojt7YmB900hq4qe6J8tzim0u2HxhPoixp/GY6vXjOrugd2eWQl1Is
9X3om7EVwTMe7SAd+wrd132dW3hfOcgXkCjDcBs9ei87504/kMWcdUcZv68OjtzG
vQsxG74Dufl3bg==
-----END CERTIFICATE-----