Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
File:                     9aKrEck1CB9eSaaFyDl49vc9TaE.mft (raw, json)
Hash identifier:          bxTo6F+WiOOhcBm9aXq0XbVp+VTqgJFlxE66fvVrZ3U=
Subject key identifier:   66:DA:56:48:C7:5E:F3:A8:5E:AF:36:4B:64:24:4E:68:46:58:27:0C
Authority key identifier: F5:A2:AB:11:C9:35:08:1F:5E:49:A6:85:C8:39:78:F6:F7:3D:4D:A1
Certificate issuer:       /CN=f5a2ab11c935081f5e49a685c83978f6f73d4da1
Certificate serial:       0196D250BF39E306916534BE04EA3B72C8F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
Manifest number:          028C
Signing time:             Thu 15 May 2025 05:00:29 +0000
Manifest this update:     Thu 15 May 2025 05:00:29 +0000
Manifest next update:     Fri 16 May 2025 05:00:29 +0000
Files and hashes:         1: 9aKrEck1CB9eSaaFyDl49vc9TaE.crl (hash: 66fBrKjD1D/zDECLnrXJZI6/c2Q43dkKJ3r7nOuBEG4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d2:50:bf:39:e3:06:91:65:34:be:04:ea:3b:72:c8:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a2ab11c935081f5e49a685c83978f6f73d4da1
        Validity
            Not Before: May 15 05:00:29 2025 GMT
            Not After : May 16 05:00:29 2025 GMT
        Subject: CN=66da5648c75ef3a85eaf364b64244e684658270c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:ea:a0:0c:af:75:52:81:21:64:6e:97:f2:6b:
                    44:19:93:c1:c2:a3:26:d1:ac:be:54:51:8a:69:22:
                    f7:4b:f4:5c:9b:6b:4f:ea:8d:0e:56:ab:eb:85:5e:
                    e4:d3:3c:ce:ab:91:5a:88:44:f8:35:5e:85:d6:13:
                    b3:db:36:7b:b4:fc:e5:55:66:c9:91:84:e7:4c:0a:
                    46:63:67:c9:bd:b3:90:04:32:1a:ec:dc:c2:d1:24:
                    e4:cb:d8:01:27:68:1c:bb:2b:7a:73:0f:0a:f6:ba:
                    92:02:be:91:00:d6:9c:4a:b9:2e:fd:e4:93:f3:0a:
                    bd:bd:80:7a:bb:24:e9:fd:cc:1e:8d:d8:f8:6a:43:
                    7c:b8:cd:a8:ad:8d:cf:6e:79:02:4e:bc:ab:b7:b6:
                    de:d7:fa:a1:2f:6f:40:1f:be:06:7d:66:e4:6d:01:
                    9f:c8:61:80:46:93:71:58:16:85:a2:b4:c2:b0:ed:
                    f7:4e:9b:ce:f0:22:e8:80:d3:1c:97:b4:34:8e:e5:
                    db:2d:f9:b7:20:46:31:a4:70:90:82:58:69:e0:8a:
                    f3:25:51:87:16:97:7c:17:f8:fa:0a:80:5a:ed:aa:
                    3b:3b:71:a2:3f:6c:69:b6:e0:d8:73:0e:d1:c9:17:
                    35:da:b9:da:ba:6b:c9:3a:6e:28:f9:7c:0d:07:5c:
                    91:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:DA:56:48:C7:5E:F3:A8:5E:AF:36:4B:64:24:4E:68:46:58:27:0C
            X509v3 Authority Key Identifier:
                keyid:F5:A2:AB:11:C9:35:08:1F:5E:49:A6:85:C8:39:78:F6:F7:3D:4D:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:e0:1c:98:98:9e:a8:68:5d:5e:74:a1:79:4d:ea:30:09:d9:
         fd:3a:ae:27:d3:bf:9d:d0:3e:61:e9:94:bc:ff:62:77:56:92:
         68:30:d5:ea:65:3d:51:45:73:0e:83:ec:88:df:4f:e2:8c:47:
         74:71:de:75:1b:eb:b2:b1:20:cb:e8:4a:01:df:db:0d:35:97:
         fb:ca:df:45:48:f9:14:d4:aa:44:09:17:00:75:04:56:83:07:
         24:13:64:ad:ae:e1:04:c8:ff:38:27:12:cd:ef:60:22:c1:e0:
         12:0a:8f:3a:d4:32:d3:3c:a5:e5:33:ea:a7:d8:cf:d4:d4:de:
         2b:12:ba:06:cd:a5:bd:5d:ea:b0:43:59:20:08:23:32:7e:22:
         61:99:b4:aa:65:b4:28:a1:66:eb:ef:61:d5:e5:72:3a:40:19:
         00:ef:9b:6c:bb:3b:e6:35:f7:ce:28:5a:33:24:00:ed:e4:c9:
         30:9c:57:67:c2:48:ba:96:58:0f:24:9e:3c:b7:6a:fd:45:fc:
         ce:47:b5:c3:50:3d:6d:2b:6f:94:e0:f1:a5:81:90:30:b8:cb:
         46:63:39:46:32:a0:86:c5:2f:55:26:f8:af:36:56:7a:79:96:
         14:17:d7:d9:0a:e2:21:33:da:56:53:5a:0b:a7:ae:28:4c:b2:
         2f:2a:e3:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbSUL854waRZTS+BOo7csj1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YTJhYjExYzkzNTA4MWY1ZTQ5YTY4NWM4Mzk3OGY2Zjcz
ZDRkYTEwHhcNMjUwNTE1MDUwMDI5WhcNMjUwNTE2MDUwMDI5WjAzMTEwLwYDVQQD
Eyg2NmRhNTY0OGM3NWVmM2E4NWVhZjM2NGI2NDI0NGU2ODQ2NTgyNzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+qgDK91UoEhZG6X8mtEGZPBwqMm
0ay+VFGKaSL3S/Rcm2tP6o0OVqvrhV7k0zzOq5FaiET4NV6F1hOz2zZ7tPzlVWbJ
kYTnTApGY2fJvbOQBDIa7NzC0STky9gBJ2gcuyt6cw8K9rqSAr6RANacSrku/eST
8wq9vYB6uyTp/cwejdj4akN8uM2orY3PbnkCTryrt7be1/qhL29AH74GfWbkbQGf
yGGARpNxWBaForTCsO33TpvO8CLogNMcl7Q0juXbLfm3IEYxpHCQglhp4IrzJVGH
Fpd8F/j6CoBa7ao7O3GiP2xptuDYcw7RyRc12rnaumvJOm4o+XwNB1yREwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbaVkjHXvOoXq82S2QkTmhGWCcMMB8GA1UdIwQY
MBaAFPWiqxHJNQgfXkmmhcg5ePb3PU2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9kNzhiYjQtNTY4YS00NTQ1LWIyMTAt
NTNhYjg2NTk1ZmMwLzEvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9kNzhiYjQtNTY4YS00NTQ1LWIyMTAtNTNhYjg2NTk1ZmMw
LzEvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW+AcmJie
qGhdXnSheU3qMAnZ/TquJ9O/ndA+YemUvP9id1aSaDDV6mU9UUVzDoPsiN9P4oxH
dHHedRvrsrEgy+hKAd/bDTWX+8rfRUj5FNSqRAkXAHUEVoMHJBNkra7hBMj/OCcS
ze9gIsHgEgqPOtQy0zyl5TPqp9jP1NTeKxK6Bs2lvV3qsENZIAgjMn4iYZm0qmW0
KKFm6+9h1eVyOkAZAO+bbLs75jX3zihaMyQA7eTJMJxXZ8JIupZYDySePLdq/UX8
zke1w1A9bStvlODxpYGQMLjLRmM5RjKghsUvVSb4rzZWenmWFBfX2QriITPaVlNa
C6euKEyyLyrjuw==
-----END CERTIFICATE-----