Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft
File:                     rrlJQmajhxkETYKaSgqPF6QHBOg.mft (raw, json)
Hash identifier:          vsWQxEPrw8Mc+bKqkc7J0wvjYkjAgaRqD6qAhwPdIM4=
Subject key identifier:   0D:0A:B0:A2:0D:C6:DE:9C:F0:FB:9E:57:C5:E0:82:96:0C:28:1C:85
Authority key identifier: AE:B9:49:42:66:A3:87:19:04:4D:82:9A:4A:0A:8F:17:A4:07:04:E8
Certificate issuer:       /CN=aeb9494266a38719044d829a4a0a8f17a40704e8
Certificate serial:       0196BB91C652E3439BC680AFB937B9A72886
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rrlJQmajhxkETYKaSgqPF6QHBOg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft
Manifest number:          1530
Signing time:             Sat 10 May 2025 19:00:14 +0000
Manifest this update:     Sat 10 May 2025 19:00:14 +0000
Manifest next update:     Sun 11 May 2025 19:00:14 +0000
Files and hashes:         1: rrlJQmajhxkETYKaSgqPF6QHBOg.crl (hash: +HNFgbjQ/DdBOqIoNkGB7BdY4O3jqT1EfM6v5IXxyTE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rrlJQmajhxkETYKaSgqPF6QHBOg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 19:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:91:c6:52:e3:43:9b:c6:80:af:b9:37:b9:a7:28:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aeb9494266a38719044d829a4a0a8f17a40704e8
        Validity
            Not Before: May 10 19:00:14 2025 GMT
            Not After : May 11 19:00:14 2025 GMT
        Subject: CN=0d0ab0a20dc6de9cf0fb9e57c5e082960c281c85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:67:09:51:ce:75:f8:b0:58:c8:a0:41:bf:ee:
                    29:99:11:41:bd:58:01:b2:37:b6:3d:74:cc:ed:df:
                    e3:59:0b:91:8b:c1:56:be:4d:8a:02:a6:18:24:ce:
                    78:26:4c:32:02:a4:45:0f:7d:ed:6a:1c:56:8e:9f:
                    08:6e:cd:63:fa:ca:3e:22:47:70:45:6d:6e:0d:a6:
                    17:2e:3a:72:51:a3:99:43:5d:a9:a4:2b:d7:3f:fc:
                    90:c2:46:55:44:e9:46:97:3c:3e:bf:da:52:06:bc:
                    9d:fe:4b:6d:af:bd:05:11:fa:5a:33:54:4e:a3:93:
                    b5:d4:29:b3:95:7b:68:d1:56:16:36:0f:ad:3b:0b:
                    04:29:36:56:ca:59:f2:f0:0e:4a:d3:7b:b5:91:93:
                    15:ed:85:fe:74:c9:04:3c:ce:45:5e:70:2e:9c:f4:
                    7c:f0:50:4b:8e:25:1f:31:e8:87:47:c7:07:b3:c1:
                    af:c3:2e:b4:30:6e:b2:d2:3d:73:05:c4:2d:bd:23:
                    ea:c6:c7:12:c6:aa:0e:9a:74:9d:05:29:59:2f:0c:
                    0e:52:53:2e:bb:14:af:34:ed:65:20:e1:e7:4e:e1:
                    29:6f:4e:e0:72:5d:f6:77:1e:dc:25:66:b4:6b:1e:
                    9d:ad:01:c9:dc:a8:21:06:e1:a6:84:3b:26:79:d5:
                    c7:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:0A:B0:A2:0D:C6:DE:9C:F0:FB:9E:57:C5:E0:82:96:0C:28:1C:85
            X509v3 Authority Key Identifier:
                keyid:AE:B9:49:42:66:A3:87:19:04:4D:82:9A:4A:0A:8F:17:A4:07:04:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrlJQmajhxkETYKaSgqPF6QHBOg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:a9:3f:08:3d:11:92:8e:32:00:bd:43:91:1a:f6:99:e2:53:
         6f:b7:dc:63:c6:e3:37:e0:e2:10:2e:d3:2d:1b:c4:54:bf:84:
         f4:1d:c5:8d:fe:f6:6e:9f:bd:85:3e:2b:ab:24:dc:e4:32:a9:
         6b:1e:6a:f4:88:80:70:3a:10:66:29:90:89:84:35:e0:8f:db:
         b6:74:73:cb:b0:f5:a9:ab:3f:6e:a3:4b:20:e8:be:78:5b:91:
         1a:a4:9e:d2:e8:59:23:f2:38:e3:e0:3e:cc:ec:9f:c5:19:b3:
         dd:bf:c4:f6:fa:30:5d:4a:b5:eb:47:0f:29:40:a2:53:48:51:
         aa:b0:06:0c:32:46:b3:0d:0c:bd:25:98:99:09:6f:38:f7:52:
         ae:6c:99:bd:bd:e4:25:80:ad:df:8f:29:ec:7c:93:f5:e5:94:
         3e:4a:64:25:c6:9b:01:39:a2:07:12:13:f9:c7:2e:5e:35:3c:
         3c:4d:7b:93:11:63:72:c4:a7:b2:05:e3:fd:2d:77:b3:b4:d9:
         cd:00:3c:68:4a:f6:75:32:b1:d6:ca:56:98:a9:e7:04:3b:fc:
         b6:63:54:e1:c3:99:74:d7:cf:71:14:30:4a:07:f8:ec:b4:12:
         ef:23:41:95:ce:ab:c3:1f:c2:22:a8:b4:32:32:02:96:7e:4b:
         69:ac:95:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7kcZS40ObxoCvuTe5pyiGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjk0OTQyNjZhMzg3MTkwNDRkODI5YTRhMGE4ZjE3YTQw
NzA0ZTgwHhcNMjUwNTEwMTkwMDE0WhcNMjUwNTExMTkwMDE0WjAzMTEwLwYDVQQD
EygwZDBhYjBhMjBkYzZkZTljZjBmYjllNTdjNWUwODI5NjBjMjgxYzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmcJUc51+LBYyKBBv+4pmRFBvVgB
sje2PXTM7d/jWQuRi8FWvk2KAqYYJM54JkwyAqRFD33tahxWjp8Ibs1j+so+Ikdw
RW1uDaYXLjpyUaOZQ12ppCvXP/yQwkZVROlGlzw+v9pSBryd/kttr70FEfpaM1RO
o5O11CmzlXto0VYWNg+tOwsEKTZWylny8A5K03u1kZMV7YX+dMkEPM5FXnAunPR8
8FBLjiUfMeiHR8cHs8Gvwy60MG6y0j1zBcQtvSPqxscSxqoOmnSdBSlZLwwOUlMu
uxSvNO1lIOHnTuEpb07gcl32dx7cJWa0ax6drQHJ3KghBuGmhDsmedXHGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0KsKINxt6c8PueV8XggpYMKByFMB8GA1UdIwQY
MBaAFK65SUJmo4cZBE2CmkoKjxekBwToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJsSlFtYWpoeGtFVFlLYVNncVBGNlFIQk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9lN2FkYWItODA1NS00Nzg1LThkZjUt
MmE3YjU4YmRmOTQ1LzEvcnJsSlFtYWpoeGtFVFlLYVNncVBGNlFIQk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9lN2FkYWItODA1NS00Nzg1LThkZjUtMmE3YjU4YmRmOTQ1
LzEvcnJsSlFtYWpoeGtFVFlLYVNncVBGNlFIQk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhqk/CD0R
ko4yAL1DkRr2meJTb7fcY8bjN+DiEC7TLRvEVL+E9B3Fjf72bp+9hT4rqyTc5DKp
ax5q9IiAcDoQZimQiYQ14I/btnRzy7D1qas/bqNLIOi+eFuRGqSe0uhZI/I44+A+
zOyfxRmz3b/E9vowXUq160cPKUCiU0hRqrAGDDJGsw0MvSWYmQlvOPdSrmyZvb3k
JYCt348p7HyT9eWUPkpkJcabATmiBxIT+ccuXjU8PE17kxFjcsSnsgXj/S13s7TZ
zQA8aEr2dTKx1spWmKnnBDv8tmNU4cOZdNfPcRQwSgf47LQS7yNBlc6rwx/CIqi0
MjICln5LaayVNQ==
-----END CERTIFICATE-----