Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/ebab47-6091-4b14-8008-362bb5446085/1/8cgdjkJn0tRetlJQoqSCULX7Uls.mft
File:                     8cgdjkJn0tRetlJQoqSCULX7Uls.mft (raw, json)
Hash identifier:          kVvCY0kDmrjfmHIhNszqBzlLucWMDehiP0cDXG5SIMk=
Subject key identifier:   BB:1D:D4:BB:EE:E5:E7:30:F7:F4:14:DF:1D:74:03:36:C3:AF:2D:AD
Authority key identifier: F1:C8:1D:8E:42:67:D2:D4:5E:B6:52:50:A2:A4:82:50:B5:FB:52:5B
Certificate issuer:       /CN=f1c81d8e4267d2d45eb65250a2a48250b5fb525b
Certificate serial:       0196C34B9901FC3613D9B9B98F140EA07087
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8cgdjkJn0tRetlJQoqSCULX7Uls.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/ebab47-6091-4b14-8008-362bb5446085/1/8cgdjkJn0tRetlJQoqSCULX7Uls.mft
Manifest number:          095B
Signing time:             Mon 12 May 2025 07:00:33 +0000
Manifest this update:     Mon 12 May 2025 07:00:33 +0000
Manifest next update:     Tue 13 May 2025 07:00:33 +0000
Files and hashes:         1: 8cgdjkJn0tRetlJQoqSCULX7Uls.crl (hash: HCp2gtpGpTLUJJzT0c8nqjEJiCR9L1O5/4WaPDVs9aU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/ebab47-6091-4b14-8008-362bb5446085/1/8cgdjkJn0tRetlJQoqSCULX7Uls.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/ebab47-6091-4b14-8008-362bb5446085/1/8cgdjkJn0tRetlJQoqSCULX7Uls.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8cgdjkJn0tRetlJQoqSCULX7Uls.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 07:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:4b:99:01:fc:36:13:d9:b9:b9:8f:14:0e:a0:70:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1c81d8e4267d2d45eb65250a2a48250b5fb525b
        Validity
            Not Before: May 12 07:00:33 2025 GMT
            Not After : May 13 07:00:33 2025 GMT
        Subject: CN=bb1dd4bbeee5e730f7f414df1d740336c3af2dad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:65:74:8d:5a:55:b0:a5:9b:02:49:34:43:d4:
                    e4:3f:79:a7:9e:75:9a:cd:80:2a:b8:0a:6b:c5:5e:
                    c1:fd:b3:13:d7:96:cd:40:5f:4b:38:7a:ff:6b:1c:
                    be:5f:69:5b:1b:16:59:cd:95:45:03:26:2c:f4:af:
                    63:e8:c7:7e:55:4d:ed:b8:1d:e1:c3:9a:0b:fb:8c:
                    b3:0a:e8:ae:6f:69:b6:e4:b5:06:32:6c:9c:ed:8c:
                    be:12:f9:ec:8c:ea:9c:db:1b:d3:0d:99:81:6a:c2:
                    86:bd:22:4e:29:81:f2:f2:e9:01:cd:dc:45:2c:1e:
                    4f:74:d0:58:a1:37:d4:ed:b2:60:77:07:8e:3a:45:
                    a2:88:3b:fc:00:66:fd:4c:54:58:18:4a:30:89:0b:
                    ae:30:89:0b:9c:03:c4:2f:1b:88:2b:01:79:19:ff:
                    a7:04:4f:bc:ad:a1:92:ff:d0:92:1a:7c:2e:d6:6d:
                    b8:ac:0a:d1:a2:c1:e0:28:26:ff:c6:ac:22:47:69:
                    16:87:f8:15:60:9d:1e:7e:59:bc:5a:b4:67:1c:09:
                    b6:b2:e1:06:72:a9:bf:9a:12:ef:d6:59:4f:65:0b:
                    13:1f:c9:74:b9:de:c1:f8:fb:ea:14:ee:01:59:89:
                    4d:87:b1:83:b6:95:9f:de:03:d9:40:21:dd:a3:f1:
                    dd:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:1D:D4:BB:EE:E5:E7:30:F7:F4:14:DF:1D:74:03:36:C3:AF:2D:AD
            X509v3 Authority Key Identifier:
                keyid:F1:C8:1D:8E:42:67:D2:D4:5E:B6:52:50:A2:A4:82:50:B5:FB:52:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8cgdjkJn0tRetlJQoqSCULX7Uls.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/ebab47-6091-4b14-8008-362bb5446085/1/8cgdjkJn0tRetlJQoqSCULX7Uls.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/ebab47-6091-4b14-8008-362bb5446085/1/8cgdjkJn0tRetlJQoqSCULX7Uls.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:ff:bc:bd:8e:c7:90:d5:71:23:d9:33:55:20:86:65:70:4d:
         ce:93:ee:75:e8:6e:03:61:5f:f1:0f:f7:c7:50:4e:59:24:06:
         5f:56:92:88:a2:b3:08:66:0c:e6:51:39:71:7f:a9:77:34:d1:
         8f:0b:6c:ca:a8:47:02:1c:2c:a4:6a:0a:c8:3e:bc:36:b2:d1:
         e2:da:ba:05:bf:b0:11:c7:c3:84:c5:bf:75:84:76:e3:43:42:
         3c:7c:b9:a5:24:72:b2:5d:bc:2a:be:dc:ee:b8:91:c8:68:ed:
         4e:42:6d:c6:da:93:28:f2:b9:51:6c:ca:aa:91:cd:e5:3d:62:
         f4:24:4c:52:70:1f:6a:f4:31:fc:b5:9c:0b:8c:78:d4:97:10:
         74:09:d4:f6:c6:81:27:25:cc:01:4b:13:b8:9a:a4:ab:a6:ab:
         90:80:1c:7e:1e:44:e9:35:e1:0e:aa:9d:bf:00:32:c4:08:a5:
         cf:33:2d:64:de:87:d5:69:1e:f2:a4:58:ac:95:be:df:7c:60:
         13:a0:90:b9:ba:c8:26:af:d0:49:f7:db:a2:04:76:0d:76:d8:
         9a:6a:7e:23:d4:f6:37:56:75:ae:d3:28:a4:2b:23:81:ca:e5:
         9a:4a:56:9f:41:6b:a7:b1:ff:df:8a:0d:45:52:70:15:49:91:
         10:0e:a4:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDS5kB/DYT2bm5jxQOoHCHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYzgxZDhlNDI2N2QyZDQ1ZWI2NTI1MGEyYTQ4MjUwYjVm
YjUyNWIwHhcNMjUwNTEyMDcwMDMzWhcNMjUwNTEzMDcwMDMzWjAzMTEwLwYDVQQD
EyhiYjFkZDRiYmVlZTVlNzMwZjdmNDE0ZGYxZDc0MDMzNmMzYWYyZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGV0jVpVsKWbAkk0Q9TkP3mnnnWa
zYAquAprxV7B/bMT15bNQF9LOHr/axy+X2lbGxZZzZVFAyYs9K9j6Md+VU3tuB3h
w5oL+4yzCuiub2m25LUGMmyc7Yy+EvnsjOqc2xvTDZmBasKGvSJOKYHy8ukBzdxF
LB5PdNBYoTfU7bJgdweOOkWiiDv8AGb9TFRYGEowiQuuMIkLnAPELxuIKwF5Gf+n
BE+8raGS/9CSGnwu1m24rArRosHgKCb/xqwiR2kWh/gVYJ0eflm8WrRnHAm2suEG
cqm/mhLv1llPZQsTH8l0ud7B+PvqFO4BWYlNh7GDtpWf3gPZQCHdo/HdKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLsd1Lvu5ecw9/QU3x10AzbDry2tMB8GA1UdIwQY
MBaAFPHIHY5CZ9LUXrZSUKKkglC1+1JbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGNnZGprSm4wdFJldGxKUW9xU0NVTFg3VWxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9lYmFiNDctNjA5MS00YjE0LTgwMDgt
MzYyYmI1NDQ2MDg1LzEvOGNnZGprSm4wdFJldGxKUW9xU0NVTFg3VWxzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9lYmFiNDctNjA5MS00YjE0LTgwMDgtMzYyYmI1NDQ2MDg1
LzEvOGNnZGprSm4wdFJldGxKUW9xU0NVTFg3VWxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdv+8vY7H
kNVxI9kzVSCGZXBNzpPudehuA2Ff8Q/3x1BOWSQGX1aSiKKzCGYM5lE5cX+pdzTR
jwtsyqhHAhwspGoKyD68NrLR4tq6Bb+wEcfDhMW/dYR240NCPHy5pSRysl28Kr7c
7riRyGjtTkJtxtqTKPK5UWzKqpHN5T1i9CRMUnAfavQx/LWcC4x41JcQdAnU9saB
JyXMAUsTuJqkq6arkIAcfh5E6TXhDqqdvwAyxAilzzMtZN6H1Wke8qRYrJW+33xg
E6CQubrIJq/QSffbogR2DXbYmmp+I9T2N1Z1rtMopCsjgcrlmkpWn0Frp7H/34oN
RVJwFUmREA6kmA==
-----END CERTIFICATE-----