Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
File:                     qCYCgPNU92LV7fNMisgW4cIHG1k.mft (raw, json)
Hash identifier:          Plv4ov1mhPLKxxzXF229CbJlhF6C6m70okSLUKoM0CI=
Subject key identifier:   96:A2:23:05:8A:9C:3C:A4:DD:09:64:EF:0A:FB:8E:DB:67:F5:4D:77
Authority key identifier: A8:26:02:80:F3:54:F7:62:D5:ED:F3:4C:8A:C8:16:E1:C2:07:1B:59
Certificate issuer:       /CN=a8260280f354f762d5edf34c8ac816e1c2071b59
Certificate serial:       0196BC6E3A379CA10720C84F0B0BEEFFBC4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
Manifest number:          1531
Signing time:             Sat 10 May 2025 23:01:02 +0000
Manifest this update:     Sat 10 May 2025 23:01:02 +0000
Manifest next update:     Sun 11 May 2025 23:01:02 +0000
Files and hashes:         1: qCYCgPNU92LV7fNMisgW4cIHG1k.crl (hash: no7LZO4tiyPN8/1jUwZopfaygayFDPneI0Ld0OM3RLs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bc:6e:3a:37:9c:a1:07:20:c8:4f:0b:0b:ee:ff:bc:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8260280f354f762d5edf34c8ac816e1c2071b59
        Validity
            Not Before: May 10 23:01:02 2025 GMT
            Not After : May 11 23:01:02 2025 GMT
        Subject: CN=96a223058a9c3ca4dd0964ef0afb8edb67f54d77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:74:77:81:d4:e0:1f:35:d2:16:fc:56:b0:54:
                    2b:24:63:40:44:79:d4:93:d2:8d:29:de:7e:46:13:
                    53:58:50:21:b2:19:0a:15:d1:cc:d3:66:ba:8b:44:
                    63:2e:5f:e5:b1:19:93:95:7b:62:17:e0:d6:d1:a7:
                    45:e0:a9:3e:65:26:ec:e8:1a:22:b6:db:5e:6e:38:
                    6b:16:de:5f:a2:e0:98:bf:6c:b9:42:dd:c8:af:0c:
                    bf:b7:4f:00:41:21:0f:c1:9c:22:a4:fd:b8:a3:21:
                    88:6e:d4:08:de:5f:23:89:67:92:f6:43:14:ed:7a:
                    f0:32:7e:f1:b7:9e:d5:ba:3b:e4:20:c7:10:3c:94:
                    63:11:fb:26:50:89:45:fa:b5:16:f5:7e:17:16:80:
                    d4:46:5f:18:77:39:f5:71:b1:21:68:6d:bc:a0:ff:
                    b5:83:97:45:e4:91:fd:c9:f2:c2:61:51:65:b0:0c:
                    ad:cd:c2:7c:6f:f1:b1:bc:f4:ba:0b:08:81:7b:6c:
                    cc:0f:15:2f:20:35:85:84:a8:1e:7f:f2:93:52:c4:
                    70:62:0c:ed:ca:74:15:a4:a9:1b:4d:85:b6:31:be:
                    e3:57:46:f6:af:42:de:6d:34:84:77:c7:59:07:8c:
                    d1:e5:ea:f1:d4:ae:7b:29:83:0c:8d:50:24:19:75:
                    98:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:A2:23:05:8A:9C:3C:A4:DD:09:64:EF:0A:FB:8E:DB:67:F5:4D:77
            X509v3 Authority Key Identifier:
                keyid:A8:26:02:80:F3:54:F7:62:D5:ED:F3:4C:8A:C8:16:E1:C2:07:1B:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:ce:62:94:2d:b0:31:32:84:3e:54:9a:55:ca:eb:56:87:d5:
         d8:93:90:3b:36:8e:d5:cb:80:22:33:31:c0:33:3b:f5:f8:c6:
         5d:49:d6:7b:ab:ea:a8:c4:dd:a2:f6:35:ed:11:02:45:5f:5c:
         c9:74:15:36:24:d2:34:33:b4:a7:f0:20:a3:3c:59:e6:71:44:
         2c:f3:e3:d1:cd:d1:f6:56:d7:f4:d0:61:16:be:96:41:d6:40:
         d3:47:c5:99:63:80:e0:95:1c:bb:1b:29:15:4f:9f:8b:15:42:
         e9:48:14:54:19:4d:5e:13:38:e5:c3:f9:63:e0:20:e6:61:ff:
         0d:27:ec:4c:83:f1:23:00:de:7c:1f:2f:e9:db:85:51:68:88:
         97:ab:62:e8:05:6a:45:46:96:56:3d:a2:8c:fe:c0:be:dd:57:
         12:74:eb:d1:39:24:68:54:64:36:62:5b:5e:00:09:0a:b7:7f:
         c9:9f:14:51:68:d7:0e:88:da:78:84:10:cd:7a:75:87:21:7f:
         01:d8:28:77:17:b8:a6:94:18:64:38:37:3e:f3:27:88:56:48:
         1c:6b:41:f7:36:2f:6a:3d:ba:d1:bc:66:07:d5:a6:3c:c5:82:
         e6:c7:51:de:c4:c4:ba:c2:3f:61:34:11:a1:d6:98:c3:4c:8c:
         83:df:84:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa8bjo3nKEHIMhPCwvu/7xKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjYwMjgwZjM1NGY3NjJkNWVkZjM0YzhhYzgxNmUxYzIw
NzFiNTkwHhcNMjUwNTEwMjMwMTAyWhcNMjUwNTExMjMwMTAyWjAzMTEwLwYDVQQD
Eyg5NmEyMjMwNThhOWMzY2E0ZGQwOTY0ZWYwYWZiOGVkYjY3ZjU0ZDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnR3gdTgHzXSFvxWsFQrJGNARHnU
k9KNKd5+RhNTWFAhshkKFdHM02a6i0RjLl/lsRmTlXtiF+DW0adF4Kk+ZSbs6Boi
tttebjhrFt5fouCYv2y5Qt3Irwy/t08AQSEPwZwipP24oyGIbtQI3l8jiWeS9kMU
7XrwMn7xt57VujvkIMcQPJRjEfsmUIlF+rUW9X4XFoDURl8Ydzn1cbEhaG28oP+1
g5dF5JH9yfLCYVFlsAytzcJ8b/GxvPS6CwiBe2zMDxUvIDWFhKgef/KTUsRwYgzt
ynQVpKkbTYW2Mb7jV0b2r0LebTSEd8dZB4zR5erx1K57KYMMjVAkGXWYOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJaiIwWKnDyk3Qlk7wr7jttn9U13MB8GA1UdIwQY
MBaAFKgmAoDzVPdi1e3zTIrIFuHCBxtZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hMzAzZmQtMzZhNi00MzhkLTk2ZGEt
MTgzYTQ3YTQ1YjJhLzEvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hMzAzZmQtMzZhNi00MzhkLTk2ZGEtMTgzYTQ3YTQ1YjJh
LzEvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm85ilC2w
MTKEPlSaVcrrVofV2JOQOzaO1cuAIjMxwDM79fjGXUnWe6vqqMTdovY17RECRV9c
yXQVNiTSNDO0p/AgozxZ5nFELPPj0c3R9lbX9NBhFr6WQdZA00fFmWOA4JUcuxsp
FU+fixVC6UgUVBlNXhM45cP5Y+Ag5mH/DSfsTIPxIwDefB8v6duFUWiIl6ti6AVq
RUaWVj2ijP7Avt1XEnTr0TkkaFRkNmJbXgAJCrd/yZ8UUWjXDojaeIQQzXp1hyF/
Adgodxe4ppQYZDg3PvMniFZIHGtB9zYvaj260bxmB9WmPMWC5sdR3sTEusI/YTQR
odaYw0yMg9+Ecg==
-----END CERTIFICATE-----