Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/dc0be1-adb8-4220-b4bd-1076242b3072/1/9wWSyQtMskXlRxjXxXmbR9QZpoQ.mft
File:                     9wWSyQtMskXlRxjXxXmbR9QZpoQ.mft (raw, json)
Hash identifier:          zN/aF3IrC6V4UWe8HkD4m91f64PUqviUYN3JBIYvIfc=
Subject key identifier:   08:21:EB:72:CE:83:37:D0:37:F7:00:5D:82:5D:71:AC:A3:2D:CF:23
Authority key identifier: F7:05:92:C9:0B:4C:B2:45:E5:47:18:D7:C5:79:9B:47:D4:19:A6:84
Certificate issuer:       /CN=f70592c90b4cb245e54718d7c5799b47d419a684
Certificate serial:       0196CE3D13C3BE18F1EE1A50141C8AD7B08C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9wWSyQtMskXlRxjXxXmbR9QZpoQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/dc0be1-adb8-4220-b4bd-1076242b3072/1/9wWSyQtMskXlRxjXxXmbR9QZpoQ.mft
Manifest number:          153A
Signing time:             Wed 14 May 2025 10:00:31 +0000
Manifest this update:     Wed 14 May 2025 10:00:31 +0000
Manifest next update:     Thu 15 May 2025 10:00:31 +0000
Files and hashes:         1: 9wWSyQtMskXlRxjXxXmbR9QZpoQ.crl (hash: cs9SBLXUOPyO4zPKINJv+Ry/3JUR3MfnR3yNVIqlIPU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/93/dc0be1-adb8-4220-b4bd-1076242b3072/1/9wWSyQtMskXlRxjXxXmbR9QZpoQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/93/dc0be1-adb8-4220-b4bd-1076242b3072/1/9wWSyQtMskXlRxjXxXmbR9QZpoQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9wWSyQtMskXlRxjXxXmbR9QZpoQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ce:3d:13:c3:be:18:f1:ee:1a:50:14:1c:8a:d7:b0:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f70592c90b4cb245e54718d7c5799b47d419a684
        Validity
            Not Before: May 14 10:00:31 2025 GMT
            Not After : May 15 10:00:31 2025 GMT
        Subject: CN=0821eb72ce8337d037f7005d825d71aca32dcf23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:8a:44:8f:02:ce:6b:ba:a8:07:a5:cc:a8:35:
                    97:c1:92:09:b1:b7:39:60:e1:ff:e9:df:97:76:02:
                    9b:e1:d3:60:4c:58:ce:4b:3b:92:24:2f:70:6a:42:
                    71:44:8f:b0:77:2d:37:77:3e:6e:14:a4:25:3d:61:
                    24:00:f9:82:d9:31:42:76:18:5d:7c:57:84:ad:84:
                    25:2c:b0:1b:70:b8:54:22:35:af:c2:cb:58:ba:76:
                    19:fb:7d:7d:f5:01:10:45:2f:07:35:ad:8f:4f:25:
                    bd:23:48:02:e3:38:58:53:24:4a:ee:9c:4f:65:e8:
                    c0:4b:c7:28:33:1d:7e:68:bd:18:51:00:05:e1:18:
                    92:8b:db:d3:00:f3:4a:9a:60:0a:ec:b9:0c:34:c8:
                    81:93:2a:47:e3:83:c8:13:ce:e9:cc:cb:71:63:9d:
                    92:30:3e:7d:31:ea:b3:9f:3f:cb:16:69:ec:9d:63:
                    a1:b0:d1:4f:d9:54:47:95:07:d1:fd:40:a9:b1:2f:
                    8f:27:14:9f:fe:e0:7b:f7:be:23:2a:b0:f5:2d:7d:
                    94:41:ff:5c:82:02:1d:77:8b:93:c3:d7:0f:e8:ee:
                    8d:78:0a:5d:3b:07:ec:9b:b8:56:10:ef:18:29:ea:
                    d5:15:ce:df:19:19:6a:ba:91:42:fa:a2:06:d4:2f:
                    ed:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:21:EB:72:CE:83:37:D0:37:F7:00:5D:82:5D:71:AC:A3:2D:CF:23
            X509v3 Authority Key Identifier:
                keyid:F7:05:92:C9:0B:4C:B2:45:E5:47:18:D7:C5:79:9B:47:D4:19:A6:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9wWSyQtMskXlRxjXxXmbR9QZpoQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/dc0be1-adb8-4220-b4bd-1076242b3072/1/9wWSyQtMskXlRxjXxXmbR9QZpoQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/dc0be1-adb8-4220-b4bd-1076242b3072/1/9wWSyQtMskXlRxjXxXmbR9QZpoQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:3f:43:be:bd:33:49:35:99:f0:79:95:64:e6:c4:c9:12:d7:
         5e:d3:25:98:f9:86:5a:b9:0c:33:3a:7d:65:d4:95:65:ef:77:
         73:bb:9a:48:61:a2:35:8b:d5:72:e1:10:9a:1e:1a:77:d1:5d:
         e4:0d:46:39:69:5e:20:a1:f0:14:41:23:e9:60:01:72:71:a5:
         db:22:0a:f5:69:81:77:02:f7:95:17:93:36:c5:88:e2:16:f9:
         8c:65:6e:a6:fd:21:46:00:79:50:03:0f:f4:92:4e:82:f0:35:
         e7:5d:10:f6:0b:8e:eb:52:8a:48:0b:bf:28:b3:3e:4e:23:7e:
         98:25:64:f7:44:76:b1:02:01:fe:16:c4:7b:a8:db:fc:93:2b:
         f2:76:97:6c:b4:41:64:d8:98:31:d6:11:97:36:a9:05:87:9f:
         4b:30:45:c6:e5:0c:e0:2f:0e:96:ca:36:1c:50:08:1a:83:40:
         09:82:56:50:5d:a0:fe:86:9a:52:36:3a:be:89:04:36:32:0f:
         42:57:85:84:8d:43:56:ec:5a:d1:c0:cc:2d:11:be:58:f5:c9:
         8c:ed:32:28:b2:f6:ba:59:8f:bb:4c:07:60:6f:f9:a6:61:22:
         30:8c:49:e7:48:fa:16:24:61:49:70:b8:ec:33:42:c9:27:bc:
         67:d9:d0:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbOPRPDvhjx7hpQFByK17CMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MDU5MmM5MGI0Y2IyNDVlNTQ3MThkN2M1Nzk5YjQ3ZDQx
OWE2ODQwHhcNMjUwNTE0MTAwMDMxWhcNMjUwNTE1MTAwMDMxWjAzMTEwLwYDVQQD
EygwODIxZWI3MmNlODMzN2QwMzdmNzAwNWQ4MjVkNzFhY2EzMmRjZjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4pEjwLOa7qoB6XMqDWXwZIJsbc5
YOH/6d+XdgKb4dNgTFjOSzuSJC9wakJxRI+wdy03dz5uFKQlPWEkAPmC2TFCdhhd
fFeErYQlLLAbcLhUIjWvwstYunYZ+3199QEQRS8HNa2PTyW9I0gC4zhYUyRK7pxP
ZejAS8coMx1+aL0YUQAF4RiSi9vTAPNKmmAK7LkMNMiBkypH44PIE87pzMtxY52S
MD59Meqznz/LFmnsnWOhsNFP2VRHlQfR/UCpsS+PJxSf/uB7974jKrD1LX2UQf9c
ggIdd4uTw9cP6O6NeApdOwfsm7hWEO8YKerVFc7fGRlqupFC+qIG1C/tQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAgh63LOgzfQN/cAXYJdcayjLc8jMB8GA1UdIwQY
MBaAFPcFkskLTLJF5UcY18V5m0fUGaaEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXdXU3lRdE1za1hsUnhqWHhYbWJSOVFacG9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9kYzBiZTEtYWRiOC00MjIwLWI0YmQt
MTA3NjI0MmIzMDcyLzEvOXdXU3lRdE1za1hsUnhqWHhYbWJSOVFacG9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9kYzBiZTEtYWRiOC00MjIwLWI0YmQtMTA3NjI0MmIzMDcy
LzEvOXdXU3lRdE1za1hsUnhqWHhYbWJSOVFacG9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPD9Dvr0z
STWZ8HmVZObEyRLXXtMlmPmGWrkMMzp9ZdSVZe93c7uaSGGiNYvVcuEQmh4ad9Fd
5A1GOWleIKHwFEEj6WABcnGl2yIK9WmBdwL3lReTNsWI4hb5jGVupv0hRgB5UAMP
9JJOgvA1510Q9guO61KKSAu/KLM+TiN+mCVk90R2sQIB/hbEe6jb/JMr8naXbLRB
ZNiYMdYRlzapBYefSzBFxuUM4C8Olso2HFAIGoNACYJWUF2g/oaaUjY6vokENjIP
QleFhI1DVuxa0cDMLRG+WPXJjO0yKLL2ulmPu0wHYG/5pmEiMIxJ50j6FiRhSXC4
7DNCySe8Z9nQmQ==
-----END CERTIFICATE-----