Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/069be4-41c0-4312-94dd-f697c2ea6767/1/eXqQW0595YVil_bgOmViXeIsQvM.mft
File:                     eXqQW0595YVil_bgOmViXeIsQvM.mft (raw, json)
Hash identifier:          QUg5UQKuI4Gyn3j9s3tjLcb6mEuvTlyXgBZNt1lWddY=
Subject key identifier:   48:B1:39:E3:4C:F3:1A:41:EB:EB:CA:C8:6E:6A:73:31:C4:50:23:CF
Authority key identifier: 79:7A:90:5B:4E:7D:E5:85:62:97:F6:E0:3A:65:62:5D:E2:2C:42:F3
Certificate issuer:       /CN=797a905b4e7de5856297f6e03a65625de22c42f3
Certificate serial:       0196C314814354427722CDA5009C19E59497
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eXqQW0595YVil_bgOmViXeIsQvM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/069be4-41c0-4312-94dd-f697c2ea6767/1/eXqQW0595YVil_bgOmViXeIsQvM.mft
Manifest number:          0D02
Signing time:             Mon 12 May 2025 06:00:22 +0000
Manifest this update:     Mon 12 May 2025 06:00:22 +0000
Manifest next update:     Tue 13 May 2025 06:00:22 +0000
Files and hashes:         1: eXqQW0595YVil_bgOmViXeIsQvM.crl (hash: 7PeyqptgpusSRpum6TAjLriB4ByMW/Fio25/a4YLSl4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/069be4-41c0-4312-94dd-f697c2ea6767/1/eXqQW0595YVil_bgOmViXeIsQvM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/069be4-41c0-4312-94dd-f697c2ea6767/1/eXqQW0595YVil_bgOmViXeIsQvM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eXqQW0595YVil_bgOmViXeIsQvM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:14:81:43:54:42:77:22:cd:a5:00:9c:19:e5:94:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=797a905b4e7de5856297f6e03a65625de22c42f3
        Validity
            Not Before: May 12 06:00:22 2025 GMT
            Not After : May 13 06:00:22 2025 GMT
        Subject: CN=48b139e34cf31a41ebebcac86e6a7331c45023cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:84:85:9f:f1:72:85:f4:e0:0d:7f:54:32:89:
                    62:f0:a2:bf:e6:67:19:c9:cc:ee:0e:ad:14:fc:fd:
                    8d:27:f2:ee:ee:df:9f:68:bd:5e:98:22:5b:a4:f5:
                    f1:80:bd:ba:e9:b0:0a:c2:80:c6:d6:96:cd:5b:0c:
                    51:44:0a:94:27:95:29:3d:16:0d:6d:08:fb:f6:cc:
                    66:83:b6:d5:5c:32:ac:b5:3f:2e:8d:a8:9d:51:30:
                    40:1c:63:3c:5f:8c:8c:1f:b8:5d:27:4d:96:d1:3d:
                    ca:ee:f6:9d:f7:de:70:3c:a9:ef:fc:99:81:43:68:
                    f5:62:bf:9b:7b:b9:12:bb:97:e3:f6:08:0c:f4:32:
                    26:41:c9:a3:6d:59:9d:80:e8:c9:35:74:6a:f6:c1:
                    41:7d:cd:1e:24:eb:92:18:c8:7b:68:55:5b:6a:13:
                    73:63:4a:74:5e:5a:9c:89:aa:d4:c8:c7:5f:83:1b:
                    04:35:16:80:2c:9b:ea:7a:14:ed:dc:87:d3:a8:bf:
                    21:45:77:cc:f6:7f:24:35:ba:28:8f:6e:65:26:5d:
                    05:6a:15:29:7d:9c:35:82:33:60:15:89:bf:1e:d7:
                    ab:17:3b:23:94:35:b0:40:96:bc:63:9e:97:1a:31:
                    a1:3d:d9:d0:88:f8:33:be:da:ce:55:d0:a5:f5:42:
                    c3:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:B1:39:E3:4C:F3:1A:41:EB:EB:CA:C8:6E:6A:73:31:C4:50:23:CF
            X509v3 Authority Key Identifier:
                keyid:79:7A:90:5B:4E:7D:E5:85:62:97:F6:E0:3A:65:62:5D:E2:2C:42:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXqQW0595YVil_bgOmViXeIsQvM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/069be4-41c0-4312-94dd-f697c2ea6767/1/eXqQW0595YVil_bgOmViXeIsQvM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/069be4-41c0-4312-94dd-f697c2ea6767/1/eXqQW0595YVil_bgOmViXeIsQvM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:e7:75:20:e7:fe:6c:c5:ca:72:ca:42:10:a1:04:45:58:e8:
         d6:02:95:ec:03:51:04:7e:ba:64:73:ae:a2:df:af:76:49:73:
         42:4f:5f:6f:56:d4:68:09:5e:4e:7b:04:b1:c0:70:0d:bc:ca:
         8e:37:e5:49:03:fa:88:62:8f:71:4c:cf:92:0f:be:a3:db:5f:
         23:c6:2d:ad:45:9b:fb:0a:fe:61:9f:03:71:b0:99:92:2a:9b:
         cb:a1:83:fb:0d:e6:1f:36:7c:8a:da:40:89:c8:b5:d3:34:6d:
         e1:48:1c:1e:5b:98:86:5d:fb:66:3d:fe:68:34:e9:c2:70:34:
         b7:c8:fd:5f:98:4b:f2:5f:85:6f:00:23:28:26:b2:d1:20:2b:
         b0:09:3c:17:4e:d6:b1:98:d8:0e:f9:8b:d7:a8:09:93:d4:3a:
         84:df:d3:2f:b3:28:42:af:54:c5:9a:4f:3b:9f:7c:17:8a:1c:
         8f:54:19:8d:82:41:c3:bf:f5:19:3a:f2:41:6e:f5:5d:cf:bd:
         13:cd:76:87:aa:2d:2e:60:84:bb:53:09:62:04:2b:a1:39:8f:
         db:b0:65:60:d1:06:b8:f6:49:6a:4a:8b:f1:86:c3:4d:e0:df:
         97:91:05:1f:de:0e:2e:c8:18:bd:6a:a3:5d:ce:f1:4c:23:35:
         39:7b:51:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDFIFDVEJ3Is2lAJwZ5ZSXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5N2E5MDViNGU3ZGU1ODU2Mjk3ZjZlMDNhNjU2MjVkZTIy
YzQyZjMwHhcNMjUwNTEyMDYwMDIyWhcNMjUwNTEzMDYwMDIyWjAzMTEwLwYDVQQD
Eyg0OGIxMzllMzRjZjMxYTQxZWJlYmNhYzg2ZTZhNzMzMWM0NTAyM2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoSFn/FyhfTgDX9UMoli8KK/5mcZ
yczuDq0U/P2NJ/Lu7t+faL1emCJbpPXxgL266bAKwoDG1pbNWwxRRAqUJ5UpPRYN
bQj79sxmg7bVXDKstT8ujaidUTBAHGM8X4yMH7hdJ02W0T3K7vad995wPKnv/JmB
Q2j1Yr+be7kSu5fj9ggM9DImQcmjbVmdgOjJNXRq9sFBfc0eJOuSGMh7aFVbahNz
Y0p0XlqciarUyMdfgxsENRaALJvqehTt3IfTqL8hRXfM9n8kNbooj25lJl0FahUp
fZw1gjNgFYm/HterFzsjlDWwQJa8Y56XGjGhPdnQiPgzvtrOVdCl9ULD4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEixOeNM8xpB6+vKyG5qczHEUCPPMB8GA1UdIwQY
MBaAFHl6kFtOfeWFYpf24DplYl3iLELzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhxUVcwNTk1WVZpbF9iZ09tVmlYZUlzUXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8wNjliZTQtNDFjMC00MzEyLTk0ZGQt
ZjY5N2MyZWE2NzY3LzEvZVhxUVcwNTk1WVZpbF9iZ09tVmlYZUlzUXZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8wNjliZTQtNDFjMC00MzEyLTk0ZGQtZjY5N2MyZWE2NzY3
LzEvZVhxUVcwNTk1WVZpbF9iZ09tVmlYZUlzUXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWOd1IOf+
bMXKcspCEKEERVjo1gKV7ANRBH66ZHOuot+vdklzQk9fb1bUaAleTnsEscBwDbzK
jjflSQP6iGKPcUzPkg++o9tfI8YtrUWb+wr+YZ8DcbCZkiqby6GD+w3mHzZ8itpA
ici10zRt4UgcHluYhl37Zj3+aDTpwnA0t8j9X5hL8l+FbwAjKCay0SArsAk8F07W
sZjYDvmL16gJk9Q6hN/TL7MoQq9UxZpPO598F4ocj1QZjYJBw7/1GTryQW71Xc+9
E812h6otLmCEu1MJYgQroTmP27BlYNEGuPZJakqL8YbDTeDfl5EFH94OLsgYvWqj
Xc7xTCM1OXtR5w==
-----END CERTIFICATE-----