Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
File:                     CeVm4OteXiEQflX8lg-x7iGHRHQ.mft (raw, json)
Hash identifier:          TKFwB/2vtGLAyPW8i9AElsKl1l1JpVRgKuiZ/iksyJ0=
Subject key identifier:   4B:C4:9F:F1:D1:40:26:84:C9:52:0C:26:A7:21:4C:5A:CE:2F:B2:11
Authority key identifier: 09:E5:66:E0:EB:5E:5E:21:10:7E:55:FC:96:0F:B1:EE:21:87:44:74
Certificate issuer:       /CN=09e566e0eb5e5e21107e55fc960fb1ee21874474
Certificate serial:       0196C34B9408AC829AF9E6EEE10B417461EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
Manifest number:          137E
Signing time:             Mon 12 May 2025 07:00:32 +0000
Manifest this update:     Mon 12 May 2025 07:00:32 +0000
Manifest next update:     Tue 13 May 2025 07:00:32 +0000
Files and hashes:         1: CeVm4OteXiEQflX8lg-x7iGHRHQ.crl (hash: Q3zzA4ZBnz0A3KfS9DuKDiePv8FfN2uo0IDQP4ncZR4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:4b:94:08:ac:82:9a:f9:e6:ee:e1:0b:41:74:61:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09e566e0eb5e5e21107e55fc960fb1ee21874474
        Validity
            Not Before: May 12 07:00:32 2025 GMT
            Not After : May 13 07:00:32 2025 GMT
        Subject: CN=4bc49ff1d1402684c9520c26a7214c5ace2fb211
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:0f:e6:9c:1c:a2:67:19:96:0b:27:e8:1b:a5:
                    33:9e:bf:88:ec:eb:03:90:1b:22:9c:56:28:14:dd:
                    cf:70:81:89:8e:2b:d6:94:e6:cc:de:7c:63:82:c4:
                    84:f2:05:db:ab:f1:79:6c:03:78:45:24:6d:bb:d6:
                    c2:79:1a:65:03:18:bd:09:3f:40:20:67:d4:3d:1c:
                    5a:ec:97:1a:92:48:8a:a2:5e:11:56:e3:36:51:8b:
                    d1:b9:99:1d:bd:63:af:27:a3:0b:f8:ba:ba:15:74:
                    2d:3f:4a:9a:b3:bc:f1:8c:8e:20:4d:26:fc:49:7f:
                    60:30:33:c8:01:4a:3e:83:be:8e:91:8b:d7:45:d5:
                    9e:10:1a:25:06:be:ac:ac:66:7f:dc:90:cd:56:7d:
                    54:51:d0:3e:0c:52:67:e1:b7:83:86:13:1f:e9:5e:
                    19:00:78:ac:ff:8c:83:14:20:56:43:af:e5:04:3e:
                    7a:75:70:ff:61:a7:22:2d:d4:d9:05:02:69:c4:1c:
                    5f:bd:5d:fb:ea:3c:2c:c1:90:77:61:b7:a0:0a:d3:
                    00:90:2e:c6:d2:0f:94:4b:44:10:a0:3e:7a:3d:c8:
                    64:2d:a8:95:35:51:27:b7:c2:02:bd:58:1a:7d:b2:
                    c2:4c:15:d7:e8:43:b9:22:ad:1a:ed:3c:04:e0:c0:
                    f7:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:C4:9F:F1:D1:40:26:84:C9:52:0C:26:A7:21:4C:5A:CE:2F:B2:11
            X509v3 Authority Key Identifier:
                keyid:09:E5:66:E0:EB:5E:5E:21:10:7E:55:FC:96:0F:B1:EE:21:87:44:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:ca:d5:54:ae:c5:df:ac:0e:64:90:a5:f9:73:cd:6d:63:44:
         80:bf:79:d4:2e:34:0b:de:e7:cc:39:8f:f8:da:c4:b7:2b:7e:
         47:c2:1b:e2:ae:23:f1:05:5c:8e:74:8d:d6:f8:09:d1:13:1d:
         e3:52:c8:e6:cc:de:6e:9e:ce:37:05:97:9f:43:47:7d:ba:6d:
         b7:75:b6:50:76:41:71:da:30:39:3c:78:91:f3:f2:d6:c9:03:
         72:b7:b6:8b:78:91:41:e4:7a:7e:62:27:df:dd:02:91:c7:e5:
         c1:22:d0:d5:07:1c:2b:b8:0e:b4:e3:11:9c:5e:10:1c:63:8c:
         9e:61:4f:6c:77:6a:58:b1:6b:a1:a6:1d:60:a7:da:67:66:d4:
         ac:ac:6d:e2:68:4d:09:27:d2:6c:2d:6a:7e:15:84:f6:4f:91:
         4c:e8:df:b2:46:e2:54:22:c2:16:b5:bf:20:1c:92:be:88:7f:
         b4:1c:ef:06:8e:60:9b:bb:05:fe:96:5f:1f:74:55:47:70:6a:
         8b:15:77:1e:f1:6d:f0:d3:3b:58:64:5a:35:ea:62:ba:f0:4c:
         fe:47:85:6d:e5:e4:57:4a:86:5b:22:60:fa:bd:6d:1c:c7:fb:
         d0:db:f9:78:91:0a:24:46:7b:4c:00:cd:79:63:83:dc:54:1e:
         9a:f7:8a:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDS5QIrIKa+ebu4QtBdGHuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTU2NmUwZWI1ZTVlMjExMDdlNTVmYzk2MGZiMWVlMjE4
NzQ0NzQwHhcNMjUwNTEyMDcwMDMyWhcNMjUwNTEzMDcwMDMyWjAzMTEwLwYDVQQD
Eyg0YmM0OWZmMWQxNDAyNjg0Yzk1MjBjMjZhNzIxNGM1YWNlMmZiMjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiA/mnByiZxmWCyfoG6Uznr+I7OsD
kBsinFYoFN3PcIGJjivWlObM3nxjgsSE8gXbq/F5bAN4RSRtu9bCeRplAxi9CT9A
IGfUPRxa7JcakkiKol4RVuM2UYvRuZkdvWOvJ6ML+Lq6FXQtP0qas7zxjI4gTSb8
SX9gMDPIAUo+g76OkYvXRdWeEBolBr6srGZ/3JDNVn1UUdA+DFJn4beDhhMf6V4Z
AHis/4yDFCBWQ6/lBD56dXD/YaciLdTZBQJpxBxfvV376jwswZB3YbegCtMAkC7G
0g+US0QQoD56PchkLaiVNVEnt8ICvVgafbLCTBXX6EO5Iq0a7TwE4MD3SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEvEn/HRQCaEyVIMJqchTFrOL7IRMB8GA1UdIwQY
MBaAFAnlZuDrXl4hEH5V/JYPse4hh0R0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wMDA4Y2QtZTEyOS00MjRjLWI1YWYt
MGFmMWRlOGYxZmYxLzEvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wMDA4Y2QtZTEyOS00MjRjLWI1YWYtMGFmMWRlOGYxZmYx
LzEvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFcrVVK7F
36wOZJCl+XPNbWNEgL951C40C97nzDmP+NrEtyt+R8Ib4q4j8QVcjnSN1vgJ0RMd
41LI5szebp7ONwWXn0NHfbptt3W2UHZBcdowOTx4kfPy1skDcre2i3iRQeR6fmIn
390CkcflwSLQ1QccK7gOtOMRnF4QHGOMnmFPbHdqWLFroaYdYKfaZ2bUrKxt4mhN
CSfSbC1qfhWE9k+RTOjfskbiVCLCFrW/IBySvoh/tBzvBo5gm7sF/pZfH3RVR3Bq
ixV3HvFt8NM7WGRaNepiuvBM/keFbeXkV0qGWyJg+r1tHMf70Nv5eJEKJEZ7TADN
eWOD3FQemveKVQ==
-----END CERTIFICATE-----