Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
File:                     q7lESdTSRidxdzvAimJFB9pRKw0.mft (raw, json)
Hash identifier:          fjwBFmQgqN7qvVzvSeBsSkr0u9j+8JSL/nUiA/J0ZOM=
Subject key identifier:   D2:F9:B9:5C:EC:BA:50:F3:DB:C9:D2:51:97:AC:1D:9A:F0:90:BA:7A
Authority key identifier: AB:B9:44:49:D4:D2:46:27:71:77:3B:C0:8A:62:45:07:DA:51:2B:0D
Certificate issuer:       /CN=abb94449d4d2462771773bc08a624507da512b0d
Certificate serial:       01969D87EFCC98D7EFD68A03E1DDA9ADDA73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
Manifest number:          0608
Signing time:             Sun 04 May 2025 23:00:53 +0000
Manifest this update:     Sun 04 May 2025 23:00:53 +0000
Manifest next update:     Mon 05 May 2025 23:00:53 +0000
Files and hashes:         1: q7lESdTSRidxdzvAimJFB9pRKw0.crl (hash: sx/1sZRf7Zm4S/3z1ASi2elUP77x1VGfMITAe/8tFys=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9d:87:ef:cc:98:d7:ef:d6:8a:03:e1:dd:a9:ad:da:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=abb94449d4d2462771773bc08a624507da512b0d
        Validity
            Not Before: May  4 23:00:53 2025 GMT
            Not After : May  5 23:00:53 2025 GMT
        Subject: CN=d2f9b95cecba50f3dbc9d25197ac1d9af090ba7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:c3:10:06:42:29:80:26:49:a8:36:33:d8:1d:
                    a4:1d:c6:c5:6b:f9:20:9f:8a:23:09:04:7c:08:55:
                    95:55:2b:13:a3:2d:8d:60:c6:e7:f7:a7:0c:bc:15:
                    39:56:14:50:68:eb:72:74:7e:e2:53:ae:0b:ea:ec:
                    34:9d:45:ca:69:a6:79:b8:f5:cd:8c:29:a1:51:08:
                    58:6c:56:af:fd:6e:ec:51:24:c9:a4:e0:c0:b1:2f:
                    03:fd:13:dd:64:18:c6:f8:f4:ff:1d:13:17:9f:2c:
                    a8:7b:b0:a9:30:83:1d:78:56:8b:c8:cc:f4:90:a5:
                    7b:02:33:60:5f:2c:03:19:b2:e0:6b:dc:13:e3:29:
                    1b:46:5c:9e:08:f3:5f:8e:70:d3:bc:68:52:69:57:
                    25:b8:c1:e8:4d:21:7e:fd:1d:44:4a:30:9f:12:87:
                    6f:7b:7d:c2:d0:6c:83:68:38:d8:22:1a:53:4b:b4:
                    79:9e:72:57:e8:6a:85:a8:40:0a:60:e0:12:d8:a4:
                    54:bf:3a:5d:8e:98:88:30:f3:9a:75:7e:3d:df:b2:
                    20:ab:46:ce:b7:63:b0:95:1a:cd:2b:e1:4d:1f:93:
                    63:07:77:2b:8b:91:24:68:fa:14:c0:9e:09:9e:fb:
                    74:1c:88:9e:ed:f4:d1:b3:85:e7:b9:53:fc:94:90:
                    06:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:F9:B9:5C:EC:BA:50:F3:DB:C9:D2:51:97:AC:1D:9A:F0:90:BA:7A
            X509v3 Authority Key Identifier:
                keyid:AB:B9:44:49:D4:D2:46:27:71:77:3B:C0:8A:62:45:07:DA:51:2B:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:9d:77:ed:44:fb:36:5d:07:5f:fc:01:37:8a:55:fb:02:44:
         6d:e0:9b:7f:d5:ec:0e:81:be:4d:1a:25:56:06:97:56:a0:c9:
         7a:6c:af:92:d9:8e:d4:a2:5d:af:19:0e:12:83:34:a9:94:13:
         a6:bc:38:84:41:06:45:7c:56:13:bd:e3:fd:24:9d:60:1e:e8:
         c6:64:4c:c8:41:6f:2a:9c:5e:d6:43:c5:5c:e2:a8:94:dc:9d:
         22:94:cd:57:85:e0:0e:be:a8:94:bc:53:f8:be:0a:0e:b6:53:
         bd:de:57:f8:ba:4b:f3:cc:d4:95:83:77:2b:fa:3e:2c:4c:2c:
         85:8d:d8:b7:58:17:b4:00:26:85:69:b5:5f:b5:1f:ca:43:f8:
         10:31:cf:4d:2e:d6:3f:36:b4:a5:c4:fb:9b:52:0f:36:99:b7:
         f4:50:1c:13:76:5c:04:6d:ca:d2:23:3c:7d:82:ea:9c:00:8f:
         07:ee:a1:83:4c:3c:74:49:0a:75:1b:93:c6:7b:57:1e:05:92:
         ef:31:e2:f3:0b:0a:67:b4:34:b3:ba:ec:5a:84:d2:cb:80:04:
         52:46:a8:f1:2a:99:c1:2e:ca:2b:17:a6:a8:42:25:73:03:c4:
         01:1e:eb:d0:42:3e:f9:de:14:50:24:91:d1:10:c2:37:f0:d4:
         f7:56:29:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZadh+/MmNfv1ooD4d2prdpzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYjk0NDQ5ZDRkMjQ2Mjc3MTc3M2JjMDhhNjI0NTA3ZGE1
MTJiMGQwHhcNMjUwNTA0MjMwMDUzWhcNMjUwNTA1MjMwMDUzWjAzMTEwLwYDVQQD
EyhkMmY5Yjk1Y2VjYmE1MGYzZGJjOWQyNTE5N2FjMWQ5YWYwOTBiYTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsMQBkIpgCZJqDYz2B2kHcbFa/kg
n4ojCQR8CFWVVSsToy2NYMbn96cMvBU5VhRQaOtydH7iU64L6uw0nUXKaaZ5uPXN
jCmhUQhYbFav/W7sUSTJpODAsS8D/RPdZBjG+PT/HRMXnyyoe7CpMIMdeFaLyMz0
kKV7AjNgXywDGbLga9wT4ykbRlyeCPNfjnDTvGhSaVcluMHoTSF+/R1ESjCfEodv
e33C0GyDaDjYIhpTS7R5nnJX6GqFqEAKYOAS2KRUvzpdjpiIMPOadX4937Igq0bO
t2OwlRrNK+FNH5NjB3cri5EkaPoUwJ4Jnvt0HIie7fTRs4XnuVP8lJAGhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNL5uVzsulDz28nSUZesHZrwkLp6MB8GA1UdIwQY
MBaAFKu5REnU0kYncXc7wIpiRQfaUSsNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82MjVkNzgtMDE5Yy00MzAxLWJhNzgt
NzBjMGMxNWJjODBhLzEvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82MjVkNzgtMDE5Yy00MzAxLWJhNzgtNzBjMGMxNWJjODBh
LzEvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoZ137UT7
Nl0HX/wBN4pV+wJEbeCbf9XsDoG+TRolVgaXVqDJemyvktmO1KJdrxkOEoM0qZQT
prw4hEEGRXxWE73j/SSdYB7oxmRMyEFvKpxe1kPFXOKolNydIpTNV4XgDr6olLxT
+L4KDrZTvd5X+LpL88zUlYN3K/o+LEwshY3Yt1gXtAAmhWm1X7UfykP4EDHPTS7W
Pza0pcT7m1IPNpm39FAcE3ZcBG3K0iM8fYLqnACPB+6hg0w8dEkKdRuTxntXHgWS
7zHi8wsKZ7Q0s7rsWoTSy4AEUkao8SqZwS7KKxemqEIlcwPEAR7r0EI++d4UUCSR
0RDCN/DU91Yp1w==
-----END CERTIFICATE-----