Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
File:                     ba7zApYp3gKduYq3tOm9IhwomRw.mft (raw, json)
Hash identifier:          fWlKLA9QhnaEePQ+hIHAPJyP00gMjK3vvioY7WzcovU=
Subject key identifier:   28:DA:1F:92:3C:CD:E5:65:45:F3:B8:A1:7E:8E:EB:70:10:BA:3D:1A
Authority key identifier: 6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C
Certificate issuer:       /CN=6daef3029629de029db98ab7b4e9bd221c28991c
Certificate serial:       0196C34C54A23944D746941CC49E570C39F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
Manifest number:          0B20
Signing time:             Mon 12 May 2025 07:01:21 +0000
Manifest this update:     Mon 12 May 2025 07:01:21 +0000
Manifest next update:     Tue 13 May 2025 07:01:21 +0000
Files and hashes:         1: ba7zApYp3gKduYq3tOm9IhwomRw.crl (hash: RMfJRNKilduAZbtVgEQuGHsIKnIywvghEt/FFHVNuks=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:4c:54:a2:39:44:d7:46:94:1c:c4:9e:57:0c:39:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6daef3029629de029db98ab7b4e9bd221c28991c
        Validity
            Not Before: May 12 07:01:21 2025 GMT
            Not After : May 13 07:01:21 2025 GMT
        Subject: CN=28da1f923ccde56545f3b8a17e8eeb7010ba3d1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:06:60:c6:b3:46:44:d7:2e:b6:ed:2b:c8:5d:
                    90:a4:24:c4:a1:81:80:d5:ab:9e:54:d4:98:eb:cb:
                    e8:34:ec:a3:39:c1:f3:e5:04:f4:99:44:da:88:01:
                    f4:7b:9d:79:2c:04:00:c2:c6:d0:20:d5:a3:2c:da:
                    e5:6b:7b:7c:ff:63:92:e3:8a:a6:f5:72:70:e0:23:
                    e5:fb:9c:63:68:d9:f6:3b:f5:e6:83:9a:e1:e0:f9:
                    23:b5:16:9a:57:5c:1a:b5:47:8b:a2:91:51:74:99:
                    fd:3d:cb:e6:6b:de:35:43:7f:b1:3a:83:d8:26:fb:
                    d4:77:e8:1b:a8:0a:ed:74:0b:07:01:4d:93:df:84:
                    6a:4c:8a:81:ed:59:b0:79:c2:fe:0f:dc:31:32:f3:
                    43:de:77:6c:dc:2f:49:9b:be:2a:cd:5d:d2:0c:c2:
                    83:67:7a:43:72:43:2a:62:4d:0e:4a:b8:a1:e4:fa:
                    8e:d9:9e:30:13:92:7a:cf:56:72:89:ba:4e:92:19:
                    2e:64:e0:36:87:5c:01:98:24:3c:e1:e7:c8:1b:eb:
                    f0:4b:60:2f:a3:c7:8b:00:7a:af:76:81:66:68:44:
                    35:31:e9:3a:9c:98:e3:13:c3:96:9d:08:47:f9:98:
                    7d:c7:34:aa:b8:bf:ef:be:2d:10:fd:85:a5:53:36:
                    1d:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:DA:1F:92:3C:CD:E5:65:45:F3:B8:A1:7E:8E:EB:70:10:BA:3D:1A
            X509v3 Authority Key Identifier:
                keyid:6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:36:a2:3f:42:8b:09:aa:1f:91:d1:d2:c8:53:29:82:48:3e:
         66:29:aa:69:3c:38:a0:d7:e8:32:f0:0b:a5:8b:ae:d6:30:d2:
         11:00:3d:82:cf:cf:c6:25:e2:a7:b5:aa:e6:18:85:04:00:aa:
         53:ba:73:38:e5:90:dc:7e:ef:a7:de:70:85:79:93:0b:29:54:
         7d:c8:c2:d0:fa:9b:cc:19:a0:db:b9:cb:bc:3e:c2:c7:6b:b6:
         99:fd:89:7c:da:7c:27:3d:e2:66:16:31:3c:f9:78:cc:e0:0c:
         17:90:cd:da:76:83:41:ac:41:db:66:63:39:a3:0a:57:bf:c9:
         f6:62:4c:85:8e:35:0f:e0:5b:3c:eb:66:49:bc:6a:d6:ac:28:
         a9:87:1b:7a:89:4a:1c:0f:34:cb:05:e9:08:4b:65:8c:00:80:
         05:59:28:28:2d:1a:44:46:92:98:4c:4a:bc:c7:70:23:0a:8b:
         26:46:85:8b:46:58:5f:10:39:68:0e:0d:78:8d:48:9e:0c:a3:
         60:8c:e6:cb:9e:b6:98:f3:08:cc:25:fb:46:5f:a5:02:70:dd:
         1f:11:ec:a0:6f:9d:1e:75:67:bc:c0:7c:2d:66:22:a6:78:db:
         5b:42:23:a0:f7:72:a0:89:71:26:f5:5f:d4:1a:b7:10:05:30:
         2c:7d:86:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDTFSiOUTXRpQcxJ5XDDnzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYWVmMzAyOTYyOWRlMDI5ZGI5OGFiN2I0ZTliZDIyMWMy
ODk5MWMwHhcNMjUwNTEyMDcwMTIxWhcNMjUwNTEzMDcwMTIxWjAzMTEwLwYDVQQD
EygyOGRhMWY5MjNjY2RlNTY1NDVmM2I4YTE3ZThlZWI3MDEwYmEzZDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAZgxrNGRNcutu0ryF2QpCTEoYGA
1aueVNSY68voNOyjOcHz5QT0mUTaiAH0e515LAQAwsbQINWjLNrla3t8/2OS44qm
9XJw4CPl+5xjaNn2O/Xmg5rh4PkjtRaaV1watUeLopFRdJn9Pcvma941Q3+xOoPY
JvvUd+gbqArtdAsHAU2T34RqTIqB7VmwecL+D9wxMvND3nds3C9Jm74qzV3SDMKD
Z3pDckMqYk0OSrih5PqO2Z4wE5J6z1ZyibpOkhkuZOA2h1wBmCQ84efIG+vwS2Av
o8eLAHqvdoFmaEQ1Mek6nJjjE8OWnQhH+Zh9xzSquL/vvi0Q/YWlUzYdZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjaH5I8zeVlRfO4oX6O63AQuj0aMB8GA1UdIwQY
MBaAFG2u8wKWKd4CnbmKt7TpvSIcKJkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDIt
Y2RlNDA0ODA1YjEwLzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDItY2RlNDA0ODA1YjEw
LzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsDaiP0KL
CaofkdHSyFMpgkg+ZimqaTw4oNfoMvALpYuu1jDSEQA9gs/PxiXip7Wq5hiFBACq
U7pzOOWQ3H7vp95whXmTCylUfcjC0PqbzBmg27nLvD7Cx2u2mf2JfNp8Jz3iZhYx
PPl4zOAMF5DN2naDQaxB22ZjOaMKV7/J9mJMhY41D+BbPOtmSbxq1qwoqYcbeolK
HA80ywXpCEtljACABVkoKC0aREaSmExKvMdwIwqLJkaFi0ZYXxA5aA4NeI1Ingyj
YIzmy562mPMIzCX7Rl+lAnDdHxHsoG+dHnVnvMB8LWYipnjbW0IjoPdyoIlxJvVf
1Bq3EAUwLH2Gbg==
-----END CERTIFICATE-----