Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
File:                     bHwktnELOtfXKCoMlH9rlTHVjsU.mft (raw, json)
Hash identifier:          f6inAZeTxWh1sc0wjF5MLk+VxBY/yeE1rBbzpidA7/4=
Subject key identifier:   16:25:13:09:E7:CC:94:5C:08:98:BA:2E:8D:61:96:F1:B1:15:DD:40
Authority key identifier: 6C:7C:24:B6:71:0B:3A:D7:D7:28:2A:0C:94:7F:6B:95:31:D5:8E:C5
Certificate issuer:       /CN=6c7c24b6710b3ad7d7282a0c947f6b9531d58ec5
Certificate serial:       0196BDEE8390E66618D1D6182B9FECB5DC98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
Manifest number:          1530
Signing time:             Sun 11 May 2025 06:00:47 +0000
Manifest this update:     Sun 11 May 2025 06:00:47 +0000
Manifest next update:     Mon 12 May 2025 06:00:47 +0000
Files and hashes:         1: bHwktnELOtfXKCoMlH9rlTHVjsU.crl (hash: 7XDPTpbFjtho0Jy4BLme9PdYLOIP8sa+vadSyw/Y03w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 06:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:ee:83:90:e6:66:18:d1:d6:18:2b:9f:ec:b5:dc:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c7c24b6710b3ad7d7282a0c947f6b9531d58ec5
        Validity
            Not Before: May 11 06:00:47 2025 GMT
            Not After : May 12 06:00:47 2025 GMT
        Subject: CN=16251309e7cc945c0898ba2e8d6196f1b115dd40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:0d:9a:28:aa:8d:35:e4:2c:61:1d:18:fc:7e:
                    65:36:41:09:55:a2:08:02:be:3d:98:e7:e8:e6:a2:
                    5e:14:eb:f6:89:12:d3:e8:ce:14:0d:b5:8d:c8:62:
                    41:08:cd:53:f3:80:4c:43:06:45:bd:d5:f6:2e:e1:
                    dd:64:f4:d6:28:c9:87:ad:0b:65:0a:c0:fa:ce:24:
                    71:ea:73:97:94:1c:bc:60:4d:46:af:8c:ff:df:e5:
                    d7:c2:ed:54:09:87:e9:aa:1f:5a:14:c4:c6:43:b2:
                    80:0b:7c:c8:74:03:35:28:80:ab:c5:53:a9:a9:8f:
                    42:5d:8b:57:60:d7:41:22:a2:02:b6:b1:31:5f:f7:
                    6c:dc:83:15:c2:9d:48:2a:63:63:3e:34:22:8f:a8:
                    50:c8:86:29:a6:96:50:01:f4:27:c9:bb:7d:f5:ee:
                    8c:9c:c2:63:57:97:69:da:81:a4:d8:38:1c:cf:93:
                    2d:d5:d4:c5:eb:01:79:fe:23:58:a2:86:c7:4f:06:
                    bb:75:7e:f9:e5:c1:c9:bf:18:07:c9:6c:50:e1:6f:
                    c5:33:6e:90:bf:1e:ff:23:cc:2b:7d:fd:7b:c9:95:
                    e5:9c:55:55:99:f4:a1:b4:9b:1c:1e:71:50:37:36:
                    cd:8d:95:aa:6f:5d:a0:27:13:1d:91:dc:35:f7:57:
                    78:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:25:13:09:E7:CC:94:5C:08:98:BA:2E:8D:61:96:F1:B1:15:DD:40
            X509v3 Authority Key Identifier:
                keyid:6C:7C:24:B6:71:0B:3A:D7:D7:28:2A:0C:94:7F:6B:95:31:D5:8E:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:60:9c:4b:33:d2:06:2c:2d:ad:9b:e7:52:bd:1f:bb:6e:e7:
         09:1b:f5:5d:7e:16:9d:b5:74:d3:ef:bb:ba:04:b8:7e:6b:f0:
         2e:37:30:b8:ea:54:90:cc:bd:bf:47:81:71:45:29:c8:eb:15:
         98:50:9b:96:a8:63:ab:cc:1c:41:99:1b:b0:67:6e:88:4c:dc:
         63:d7:94:4f:e1:b0:ee:b8:1a:ee:70:f9:c6:56:fd:fa:66:71:
         68:c1:13:81:b9:ff:09:dc:a5:a4:8e:db:fa:03:cd:70:ab:01:
         5e:c4:2f:ac:68:2b:b1:d7:c9:3d:8e:83:c9:7b:05:99:0b:ad:
         c7:ac:f0:0e:39:11:ab:8b:6f:e6:28:06:54:cc:0a:6c:d6:3e:
         06:51:5e:bc:a1:d0:21:ff:c0:f6:4d:86:f6:d8:cd:f0:79:6f:
         ed:74:c5:fa:2e:7c:d6:39:3f:dd:a9:9a:e2:08:5f:02:ba:83:
         97:89:62:cd:67:a3:86:2b:85:5e:9a:9a:e9:f4:85:82:80:e0:
         63:ad:dd:d7:11:45:1d:26:b8:77:c2:fd:68:cb:cd:9e:34:52:
         2f:37:24:86:02:99:f1:8b:8f:69:40:da:8e:86:ba:d2:dd:0a:
         14:25:39:83:50:f4:4d:1f:cd:81:ba:96:cc:2d:43:1c:34:e0:
         01:c2:10:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa97oOQ5mYY0dYYK5/stdyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjN2MyNGI2NzEwYjNhZDdkNzI4MmEwYzk0N2Y2Yjk1MzFk
NThlYzUwHhcNMjUwNTExMDYwMDQ3WhcNMjUwNTEyMDYwMDQ3WjAzMTEwLwYDVQQD
EygxNjI1MTMwOWU3Y2M5NDVjMDg5OGJhMmU4ZDYxOTZmMWIxMTVkZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Q2aKKqNNeQsYR0Y/H5lNkEJVaII
Ar49mOfo5qJeFOv2iRLT6M4UDbWNyGJBCM1T84BMQwZFvdX2LuHdZPTWKMmHrQtl
CsD6ziRx6nOXlBy8YE1Gr4z/3+XXwu1UCYfpqh9aFMTGQ7KAC3zIdAM1KICrxVOp
qY9CXYtXYNdBIqICtrExX/ds3IMVwp1IKmNjPjQij6hQyIYpppZQAfQnybt99e6M
nMJjV5dp2oGk2Dgcz5Mt1dTF6wF5/iNYoobHTwa7dX755cHJvxgHyWxQ4W/FM26Q
vx7/I8wrff17yZXlnFVVmfShtJscHnFQNzbNjZWqb12gJxMdkdw191d4IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBYlEwnnzJRcCJi6Lo1hlvGxFd1AMB8GA1UdIwQY
MBaAFGx8JLZxCzrX1ygqDJR/a5Ux1Y7FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi85ZmE4MTUtYjVmYy00Mzg3LTg3NzEt
MThmMGE1MGM4ZTI2LzEvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi85ZmE4MTUtYjVmYy00Mzg3LTg3NzEtMThmMGE1MGM4ZTI2
LzEvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf2CcSzPS
BiwtrZvnUr0fu27nCRv1XX4WnbV00++7ugS4fmvwLjcwuOpUkMy9v0eBcUUpyOsV
mFCblqhjq8wcQZkbsGduiEzcY9eUT+Gw7rga7nD5xlb9+mZxaMETgbn/CdylpI7b
+gPNcKsBXsQvrGgrsdfJPY6DyXsFmQutx6zwDjkRq4tv5igGVMwKbNY+BlFevKHQ
If/A9k2G9tjN8Hlv7XTF+i581jk/3ama4ghfArqDl4lizWejhiuFXpqa6fSFgoDg
Y63d1xFFHSa4d8L9aMvNnjRSLzckhgKZ8YuPaUDajoa60t0KFCU5g1D0TR/NgbqW
zC1DHDTgAcIQbQ==
-----END CERTIFICATE-----