Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/Q2aEdOe7Pb2yatwBg4znBi1wxJg.mft
File:                     Q2aEdOe7Pb2yatwBg4znBi1wxJg.mft (raw, json)
Hash identifier:          3lDru8soYmeaHgFOsOqUP+GW9GIhbGK+7R2U13DNHuY=
Subject key identifier:   46:B9:8A:FC:0F:D5:88:6B:C6:EA:C7:BA:8C:B0:F5:DE:5F:F2:64:95
Authority key identifier: 43:66:84:74:E7:BB:3D:BD:B2:6A:DC:01:83:8C:E7:06:2D:70:C4:98
Certificate issuer:       /CN=43668474e7bb3dbdb26adc01838ce7062d70c498
Certificate serial:       0196C57104BEEF9CF2FD49712A91AB1AF8E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q2aEdOe7Pb2yatwBg4znBi1wxJg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/Q2aEdOe7Pb2yatwBg4znBi1wxJg.mft
Manifest number:          153A
Signing time:             Mon 12 May 2025 17:00:40 +0000
Manifest this update:     Mon 12 May 2025 17:00:40 +0000
Manifest next update:     Tue 13 May 2025 17:00:40 +0000
Files and hashes:         1: Q2aEdOe7Pb2yatwBg4znBi1wxJg.crl (hash: CZ6P22uFEH3o0PabyJ5rv+B4JlLcC0cf1bYiOhg68Mw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/Q2aEdOe7Pb2yatwBg4znBi1wxJg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/Q2aEdOe7Pb2yatwBg4znBi1wxJg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q2aEdOe7Pb2yatwBg4znBi1wxJg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:71:04:be:ef:9c:f2:fd:49:71:2a:91:ab:1a:f8:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43668474e7bb3dbdb26adc01838ce7062d70c498
        Validity
            Not Before: May 12 17:00:40 2025 GMT
            Not After : May 13 17:00:40 2025 GMT
        Subject: CN=46b98afc0fd5886bc6eac7ba8cb0f5de5ff26495
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:70:ba:44:4c:e3:95:ec:5d:ae:aa:44:cf:3d:
                    91:35:41:9c:15:1b:24:56:60:60:07:84:71:e5:e5:
                    0f:0d:10:54:30:aa:8f:e2:99:1f:bd:b4:87:d9:75:
                    82:54:91:60:f5:4c:b1:38:74:63:50:70:15:63:c1:
                    6a:5c:2d:2e:d0:dc:50:a4:bf:ca:fe:ae:36:61:00:
                    a9:1e:0f:97:2f:31:21:09:74:1d:0d:a6:68:4d:c7:
                    db:86:5a:8e:12:f1:b2:f0:8f:81:73:3c:b9:4b:f3:
                    28:48:b7:02:52:20:3d:a9:66:ea:94:c1:2c:c3:96:
                    73:58:7e:db:ba:53:d7:40:04:59:35:dc:01:89:b5:
                    e4:21:17:a2:c6:a5:53:76:ba:44:1a:4d:24:f2:dc:
                    6b:ca:43:60:59:27:93:af:d2:c6:ec:8c:23:c4:e2:
                    33:95:44:97:9a:50:c3:0f:54:42:f8:b8:8a:3b:bf:
                    53:8e:84:8c:03:4d:12:99:44:5f:80:6b:35:48:62:
                    ab:39:bf:95:80:8a:aa:d9:e1:ab:af:cf:85:ca:74:
                    4a:3b:3e:14:e4:08:e5:9a:14:4f:84:ca:da:ec:bf:
                    24:f9:a6:d4:39:04:c8:1e:99:ad:31:0f:44:fb:28:
                    06:c3:30:53:1a:18:7e:f7:83:1f:98:af:ee:bf:84:
                    10:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:B9:8A:FC:0F:D5:88:6B:C6:EA:C7:BA:8C:B0:F5:DE:5F:F2:64:95
            X509v3 Authority Key Identifier:
                keyid:43:66:84:74:E7:BB:3D:BD:B2:6A:DC:01:83:8C:E7:06:2D:70:C4:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q2aEdOe7Pb2yatwBg4znBi1wxJg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/Q2aEdOe7Pb2yatwBg4znBi1wxJg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/Q2aEdOe7Pb2yatwBg4znBi1wxJg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:b4:69:38:16:0c:29:41:c9:60:5f:e2:b4:4a:1b:de:1f:d6:
         1d:0f:49:6a:60:85:53:72:69:96:99:b8:4b:fa:38:f7:51:2f:
         0e:2a:93:34:24:e5:e9:d7:77:f7:64:b1:92:63:b1:06:db:ba:
         2a:35:25:17:b4:32:5f:7a:d1:a7:b3:69:6a:73:5a:d4:c1:1a:
         66:31:9c:3a:9f:0b:44:0f:1a:39:df:fb:3e:06:53:78:ab:15:
         c3:9e:05:38:76:48:bb:5d:60:19:47:ec:a7:cf:ac:47:f8:24:
         37:49:cb:2f:db:95:fc:f7:57:ba:f1:fc:ab:a0:0d:31:74:3c:
         bc:a5:7f:69:93:b3:fb:2e:d7:73:8b:7b:27:df:5f:15:74:9a:
         8e:9b:f7:89:d6:65:d7:b6:3f:46:cc:e5:1e:02:2d:7b:e7:aa:
         4a:f6:ee:7f:2b:2f:dc:e2:98:4f:58:65:44:60:70:10:6e:96:
         01:8b:5e:11:d1:a0:92:93:45:4b:df:da:fe:c0:f7:0d:ec:5a:
         9b:64:31:11:41:c2:e7:b3:d6:a7:5e:fd:8e:0a:2e:01:0d:74:
         10:96:6b:69:d3:94:1a:64:e9:5e:97:95:48:f5:5d:e9:b9:89:
         82:1f:22:63:7c:0b:08:d8:55:63:a2:cb:62:9c:7b:de:c2:b5:
         e6:ec:0c:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFcQS+75zy/UlxKpGrGvjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNjY4NDc0ZTdiYjNkYmRiMjZhZGMwMTgzOGNlNzA2MmQ3
MGM0OTgwHhcNMjUwNTEyMTcwMDQwWhcNMjUwNTEzMTcwMDQwWjAzMTEwLwYDVQQD
Eyg0NmI5OGFmYzBmZDU4ODZiYzZlYWM3YmE4Y2IwZjVkZTVmZjI2NDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+3C6REzjlexdrqpEzz2RNUGcFRsk
VmBgB4Rx5eUPDRBUMKqP4pkfvbSH2XWCVJFg9UyxOHRjUHAVY8FqXC0u0NxQpL/K
/q42YQCpHg+XLzEhCXQdDaZoTcfbhlqOEvGy8I+Bczy5S/MoSLcCUiA9qWbqlMEs
w5ZzWH7bulPXQARZNdwBibXkIReixqVTdrpEGk0k8txrykNgWSeTr9LG7IwjxOIz
lUSXmlDDD1RC+LiKO79TjoSMA00SmURfgGs1SGKrOb+VgIqq2eGrr8+FynRKOz4U
5AjlmhRPhMra7L8k+abUOQTIHpmtMQ9E+ygGwzBTGhh+94MfmK/uv4QQ8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEa5ivwP1YhrxurHuoyw9d5f8mSVMB8GA1UdIwQY
MBaAFENmhHTnuz29smrcAYOM5wYtcMSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTJhRWRPZTdQYjJ5YXR3Qmc0em5CaTF3eEpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9hNGE1NzctMTkyNS00ZGYzLTkyMGQt
ZmEyMDg4Y2M1MDE0LzEvUTJhRWRPZTdQYjJ5YXR3Qmc0em5CaTF3eEpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9hNGE1NzctMTkyNS00ZGYzLTkyMGQtZmEyMDg4Y2M1MDE0
LzEvUTJhRWRPZTdQYjJ5YXR3Qmc0em5CaTF3eEpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm7RpOBYM
KUHJYF/itEob3h/WHQ9JamCFU3Jplpm4S/o491EvDiqTNCTl6dd392SxkmOxBtu6
KjUlF7QyX3rRp7NpanNa1MEaZjGcOp8LRA8aOd/7PgZTeKsVw54FOHZIu11gGUfs
p8+sR/gkN0nLL9uV/PdXuvH8q6ANMXQ8vKV/aZOz+y7Xc4t7J99fFXSajpv3idZl
17Y/RszlHgIte+eqSvbufysv3OKYT1hlRGBwEG6WAYteEdGgkpNFS9/a/sD3Dexa
m2QxEUHC57PWp179jgouAQ10EJZradOUGmTpXpeVSPVd6bmJgh8iY3wLCNhVY6LL
Ypx73sK15uwMeQ==
-----END CERTIFICATE-----