Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
File:                     MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft (raw, json)
Hash identifier:          zl5EOQfHpzKICbqVhDzbASuwG2z7nJ+p2zQBzTSzJ28=
Subject key identifier:   A0:8F:91:09:30:4C:9C:9E:17:63:5E:85:B5:17:2E:6A:1F:A8:37:22
Authority key identifier: 30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34
Certificate issuer:       /CN=30fd95ce80eace734e340ddd723110fa5252fa34
Certificate serial:       01969CE2C616704960E01EFCD1B958965DF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
Manifest number:          1521
Signing time:             Sun 04 May 2025 20:00:29 +0000
Manifest this update:     Sun 04 May 2025 20:00:29 +0000
Manifest next update:     Mon 05 May 2025 20:00:29 +0000
Files and hashes:         1: MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl (hash: ffH1f44bSv3dCLaObFkmxH4xgbHtn9XAm9pHr7bd9i4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 20:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9c:e2:c6:16:70:49:60:e0:1e:fc:d1:b9:58:96:5d:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30fd95ce80eace734e340ddd723110fa5252fa34
        Validity
            Not Before: May  4 20:00:29 2025 GMT
            Not After : May  5 20:00:29 2025 GMT
        Subject: CN=a08f9109304c9c9e17635e85b5172e6a1fa83722
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:c6:ac:42:9a:54:9c:66:a6:b0:26:38:d3:50:
                    17:89:84:52:b8:6d:31:50:48:ab:f8:65:45:a7:99:
                    75:6a:8e:e3:8c:a5:a9:c2:4d:76:7d:8e:87:7d:b6:
                    11:b5:79:7b:98:5c:0c:fc:9f:20:e5:f1:2a:a1:9d:
                    d1:fa:1c:ff:d2:f4:0a:b8:20:5f:a4:45:ea:46:11:
                    4a:bd:1c:bd:23:1f:1f:d9:15:6d:0d:e9:39:67:56:
                    c3:c5:55:0d:2b:5e:16:0b:cd:4b:6a:0d:6c:0a:52:
                    cd:01:32:d2:1a:e5:5f:bb:5f:31:b1:06:9d:7d:2e:
                    24:fb:33:8e:26:85:d1:86:14:b8:c3:f5:21:85:e2:
                    d8:19:99:65:c1:99:82:9e:7a:7f:d3:8a:f7:ce:7b:
                    c7:7f:76:5c:f7:13:7c:e2:c3:4d:52:20:04:03:84:
                    d1:66:b0:fe:9c:fe:d0:bf:69:04:d9:65:65:97:49:
                    13:ea:33:0a:ed:02:90:a8:5f:64:da:43:a3:fa:42:
                    51:11:06:3e:0f:1a:9f:0a:1d:6f:ec:8d:c4:d4:b5:
                    14:db:33:65:74:5e:4b:b7:42:3c:78:fb:0c:98:80:
                    c4:bb:36:70:24:96:fe:2b:25:83:65:e0:06:6d:2b:
                    73:af:28:2b:5c:cb:02:b2:6b:28:e7:69:9e:25:87:
                    18:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:8F:91:09:30:4C:9C:9E:17:63:5E:85:B5:17:2E:6A:1F:A8:37:22
            X509v3 Authority Key Identifier:
                keyid:30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:d1:38:ef:d8:5c:86:1f:7f:07:d1:9e:b7:11:79:87:86:2a:
         a4:c0:44:f3:d9:79:82:ae:f3:89:15:0e:b6:29:50:55:fa:a2:
         8e:76:43:34:f9:b8:ec:a1:d6:e1:96:f1:d6:cb:3f:fe:da:f7:
         d0:13:31:a3:ce:1e:44:53:27:14:ca:64:15:29:1f:49:84:9f:
         25:52:75:4b:2c:f0:ab:f9:9b:14:57:71:91:38:6d:2f:4a:59:
         53:4b:4a:52:0d:b3:b9:06:00:9a:00:11:5c:c3:1f:4b:27:3f:
         43:eb:6a:2e:77:e9:c2:26:52:e6:15:5f:a5:2b:bb:50:c1:2d:
         62:fa:8f:25:16:05:2b:8c:51:52:a1:b3:e5:a1:6a:65:f1:db:
         00:ff:a8:cf:93:c6:85:34:9f:1e:c4:a9:fe:5d:b2:fa:1f:83:
         1c:9c:ff:6f:e6:05:f5:60:30:ca:40:5c:a2:5f:69:6a:c5:a7:
         99:11:f5:5e:4a:b5:2c:b0:8c:41:26:07:80:82:e6:51:47:c4:
         8b:cc:b7:f4:d5:09:55:93:df:5c:65:0a:d8:cf:32:a8:ef:18:
         2c:15:2f:dd:9a:3a:10:2a:69:bc:ab:d2:c7:41:68:b2:63:d4:
         16:61:2b:f1:de:af:4d:ca:96:2b:9a:34:ff:31:d8:1c:1c:df:
         67:52:54:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZac4sYWcElg4B780blYll3xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZmQ5NWNlODBlYWNlNzM0ZTM0MGRkZDcyMzExMGZhNTI1
MmZhMzQwHhcNMjUwNTA0MjAwMDI5WhcNMjUwNTA1MjAwMDI5WjAzMTEwLwYDVQQD
EyhhMDhmOTEwOTMwNGM5YzllMTc2MzVlODViNTE3MmU2YTFmYTgzNzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucasQppUnGamsCY401AXiYRSuG0x
UEir+GVFp5l1ao7jjKWpwk12fY6HfbYRtXl7mFwM/J8g5fEqoZ3R+hz/0vQKuCBf
pEXqRhFKvRy9Ix8f2RVtDek5Z1bDxVUNK14WC81Lag1sClLNATLSGuVfu18xsQad
fS4k+zOOJoXRhhS4w/UhheLYGZllwZmCnnp/04r3znvHf3Zc9xN84sNNUiAEA4TR
ZrD+nP7Qv2kE2WVll0kT6jMK7QKQqF9k2kOj+kJREQY+DxqfCh1v7I3E1LUU2zNl
dF5Lt0I8ePsMmIDEuzZwJJb+KyWDZeAGbStzrygrXMsCsmso52meJYcYlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKCPkQkwTJyeF2NehbUXLmofqDciMB8GA1UdIwQY
MBaAFDD9lc6A6s5zTjQN3XIxEPpSUvo0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAt
YzdkM2U5NmZkMzViLzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAtYzdkM2U5NmZkMzVi
LzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACdE479hc
hh9/B9GetxF5h4YqpMBE89l5gq7ziRUOtilQVfqijnZDNPm47KHW4Zbx1ss//tr3
0BMxo84eRFMnFMpkFSkfSYSfJVJ1Syzwq/mbFFdxkThtL0pZU0tKUg2zuQYAmgAR
XMMfSyc/Q+tqLnfpwiZS5hVfpSu7UMEtYvqPJRYFK4xRUqGz5aFqZfHbAP+oz5PG
hTSfHsSp/l2y+h+DHJz/b+YF9WAwykBcol9pasWnmRH1Xkq1LLCMQSYHgILmUUfE
i8y39NUJVZPfXGUK2M8yqO8YLBUv3Zo6ECppvKvSx0FosmPUFmEr8d6vTcqWK5o0
/zHYHBzfZ1JUhg==
-----END CERTIFICATE-----