Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
File:                     352lG6cnhKBORBIPne1HhWd5TBs.mft (raw, json)
Hash identifier:          jqkacTOf7YiLIJQOueyex5+JLtgSV2dpO1YD7sVsrEE=
Subject key identifier:   E4:30:26:EA:B9:87:1D:3E:59:32:05:E2:8E:6C:A3:74:FE:A9:D8:48
Authority key identifier: DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B
Certificate issuer:       /CN=df9da51ba72784a04e44120f9ded478567794c1b
Certificate serial:       0196C87223F131AD342A02BA814068CD9BB2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
Manifest number:          0922
Signing time:             Tue 13 May 2025 07:00:45 +0000
Manifest this update:     Tue 13 May 2025 07:00:45 +0000
Manifest next update:     Wed 14 May 2025 07:00:45 +0000
Files and hashes:         1: 352lG6cnhKBORBIPne1HhWd5TBs.crl (hash: ttTnwoGlREMl55njzonO2yHF9FJZqq2pGzpMXhTArVw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 07:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c8:72:23:f1:31:ad:34:2a:02:ba:81:40:68:cd:9b:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df9da51ba72784a04e44120f9ded478567794c1b
        Validity
            Not Before: May 13 07:00:45 2025 GMT
            Not After : May 14 07:00:45 2025 GMT
        Subject: CN=e43026eab9871d3e593205e28e6ca374fea9d848
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:94:ce:2b:2a:1a:7d:78:2b:1a:64:19:d9:13:
                    8a:7c:7b:8c:b0:30:63:88:de:24:cb:4d:6c:a4:68:
                    92:03:d1:82:b2:7a:02:ab:fd:55:a4:17:f7:fa:d7:
                    b9:91:ef:d8:41:dd:14:ab:98:7b:f2:a4:a6:a0:96:
                    61:69:9c:bc:7a:3e:03:37:5b:9d:77:d7:9f:78:72:
                    00:6a:46:93:61:35:92:54:dd:73:92:45:a0:4c:50:
                    77:a2:59:2d:69:40:db:d8:51:ed:83:76:ce:ce:5a:
                    6c:2a:dd:44:6f:99:4d:6d:f0:07:ed:38:88:d8:fe:
                    29:43:23:a2:ce:f1:d7:c2:ab:61:58:e7:61:8d:61:
                    e4:5a:b4:ac:f6:fe:dd:78:a8:43:a8:65:0f:e5:72:
                    e8:1b:9c:47:d8:75:31:45:08:5b:d6:ca:81:bb:ff:
                    4d:61:66:0c:4a:41:5c:5d:a7:14:6c:8b:de:db:b9:
                    20:de:ee:1a:a3:dd:2f:04:d7:60:b0:b0:f8:9b:f6:
                    bd:89:6d:8f:f1:c5:b5:f2:d8:60:f8:4b:a5:1f:c7:
                    45:f9:70:38:8c:3a:2f:01:5f:fa:d6:36:d1:bf:70:
                    35:0e:51:ba:61:64:4f:7e:d2:1d:51:d1:f5:4f:81:
                    92:0f:27:7d:ab:74:a1:25:ba:24:69:b0:23:ef:1a:
                    40:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:30:26:EA:B9:87:1D:3E:59:32:05:E2:8E:6C:A3:74:FE:A9:D8:48
            X509v3 Authority Key Identifier:
                keyid:DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:fd:ba:9a:4a:f8:de:23:48:5f:58:ba:82:ac:8b:03:be:a8:
         b1:a0:b2:b5:9c:52:4e:e4:60:c8:4b:72:dc:3d:d2:06:89:3c:
         0d:67:8e:a3:c3:37:e4:c3:3f:f3:c6:7e:0c:89:e3:f4:41:c4:
         a2:4e:41:f5:c9:63:40:57:e8:0d:3b:53:5d:bf:ef:a6:be:3b:
         0f:e6:20:17:8d:64:12:ef:96:6e:cf:ee:d1:b3:c4:a1:7d:d1:
         89:9d:e7:ad:d1:54:f8:04:da:ed:3f:45:46:e4:f0:b7:e6:af:
         4c:33:37:fd:e9:22:dc:97:18:c9:f8:09:c6:30:96:c2:a7:54:
         01:d8:3f:22:90:e7:1e:48:71:62:7f:7a:db:01:1e:66:36:f3:
         95:c2:9b:45:ce:f1:be:f0:15:e6:d5:cb:14:fa:8a:de:76:4f:
         f3:de:6f:37:a9:19:c7:a1:17:e4:f3:c5:ab:c7:58:91:f6:40:
         7b:b2:79:ba:7d:f9:d2:ed:11:eb:a6:c9:73:33:df:ad:d8:f9:
         a6:3d:2b:65:c6:0f:fa:57:0a:2a:eb:f0:2b:e1:dc:ae:bc:4e:
         26:08:8d:14:1a:4b:d6:fc:98:f7:19:1e:8d:41:48:d7:42:88:
         6f:d9:16:fe:5e:3c:aa:da:b9:a0:2d:18:3f:5b:00:54:aa:cb:
         a9:0d:01:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbIciPxMa00KgK6gUBozZuyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWRhNTFiYTcyNzg0YTA0ZTQ0MTIwZjlkZWQ0Nzg1Njc3
OTRjMWIwHhcNMjUwNTEzMDcwMDQ1WhcNMjUwNTE0MDcwMDQ1WjAzMTEwLwYDVQQD
EyhlNDMwMjZlYWI5ODcxZDNlNTkzMjA1ZTI4ZTZjYTM3NGZlYTlkODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspTOKyoafXgrGmQZ2ROKfHuMsDBj
iN4ky01spGiSA9GCsnoCq/1VpBf3+te5ke/YQd0Uq5h78qSmoJZhaZy8ej4DN1ud
d9efeHIAakaTYTWSVN1zkkWgTFB3olktaUDb2FHtg3bOzlpsKt1Eb5lNbfAH7TiI
2P4pQyOizvHXwqthWOdhjWHkWrSs9v7deKhDqGUP5XLoG5xH2HUxRQhb1sqBu/9N
YWYMSkFcXacUbIve27kg3u4ao90vBNdgsLD4m/a9iW2P8cW18thg+EulH8dF+XA4
jDovAV/61jbRv3A1DlG6YWRPftIdUdH1T4GSDyd9q3ShJbokabAj7xpAWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQwJuq5hx0+WTIF4o5so3T+qdhIMB8GA1UdIwQY
MBaAFN+dpRunJ4SgTkQSD53tR4VneUwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYt
YmM2OTc1NTYxMDc4LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYtYmM2OTc1NTYxMDc4
LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE/26mkr4
3iNIX1i6gqyLA76osaCytZxSTuRgyEty3D3SBok8DWeOo8M35MM/88Z+DInj9EHE
ok5B9cljQFfoDTtTXb/vpr47D+YgF41kEu+Wbs/u0bPEoX3RiZ3nrdFU+ATa7T9F
RuTwt+avTDM3/eki3JcYyfgJxjCWwqdUAdg/IpDnHkhxYn962wEeZjbzlcKbRc7x
vvAV5tXLFPqK3nZP895vN6kZx6EX5PPFq8dYkfZAe7J5un350u0R66bJczPfrdj5
pj0rZcYP+lcKKuvwK+HcrrxOJgiNFBpL1vyY9xkejUFI10KIb9kW/l48qtq5oC0Y
P1sAVKrLqQ0BlQ==
-----END CERTIFICATE-----