Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/64dabc-6564-4ca0-802f-ca9790080716/1/SmO14kps7e29L-j2bXl6s9jqpMk.mft
File:                     SmO14kps7e29L-j2bXl6s9jqpMk.mft (raw, json)
Hash identifier:          gy0HkcF83ghcrnSOrBQPOMjn2toLf7KCzff2nLjPzXo=
Subject key identifier:   34:B7:F7:16:D9:4F:FB:15:CD:DC:E0:63:2C:05:91:50:6E:4C:18:3B
Authority key identifier: 4A:63:B5:E2:4A:6C:ED:ED:BD:2F:E8:F6:6D:79:7A:B3:D8:EA:A4:C9
Certificate issuer:       /CN=4a63b5e24a6cededbd2fe8f66d797ab3d8eaa4c9
Certificate serial:       0196BB923CBB34EF2E62F440B2069A23965F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SmO14kps7e29L-j2bXl6s9jqpMk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/64dabc-6564-4ca0-802f-ca9790080716/1/SmO14kps7e29L-j2bXl6s9jqpMk.mft
Manifest number:          152D
Signing time:             Sat 10 May 2025 19:00:45 +0000
Manifest this update:     Sat 10 May 2025 19:00:45 +0000
Manifest next update:     Sun 11 May 2025 19:00:45 +0000
Files and hashes:         1: SmO14kps7e29L-j2bXl6s9jqpMk.crl (hash: tSNPcvuGKiKnLcduuXswVEGJn2U3SsbBs8Vp3/8QsVs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/64dabc-6564-4ca0-802f-ca9790080716/1/SmO14kps7e29L-j2bXl6s9jqpMk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/64dabc-6564-4ca0-802f-ca9790080716/1/SmO14kps7e29L-j2bXl6s9jqpMk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SmO14kps7e29L-j2bXl6s9jqpMk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:92:3c:bb:34:ef:2e:62:f4:40:b2:06:9a:23:96:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a63b5e24a6cededbd2fe8f66d797ab3d8eaa4c9
        Validity
            Not Before: May 10 19:00:45 2025 GMT
            Not After : May 11 19:00:45 2025 GMT
        Subject: CN=34b7f716d94ffb15cddce0632c0591506e4c183b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:e1:f2:e1:07:bf:e1:00:8a:f8:fc:b6:71:83:
                    8e:3c:3b:6c:84:47:7e:58:d3:5e:a5:60:49:0c:11:
                    05:bd:58:28:a5:5b:9e:ef:45:bd:d9:84:b5:77:08:
                    ad:09:2e:b5:00:1b:dc:67:73:3e:f1:ea:e3:f9:2e:
                    45:48:d0:c5:04:f5:ed:02:fb:f6:bd:4c:bb:65:c7:
                    43:bf:0e:e7:d8:f6:cd:15:a9:b6:1e:55:31:15:82:
                    7f:df:84:2c:bd:64:a5:76:4e:99:33:74:1c:69:64:
                    dc:88:52:84:6a:83:d5:6d:c8:70:0d:76:5e:b9:03:
                    09:9d:60:ed:1d:a7:88:d7:a5:ab:24:4b:4d:5d:31:
                    f1:be:13:9a:ce:ed:be:f8:0e:75:b8:a9:85:7c:c4:
                    a6:04:2a:4c:98:8a:77:1a:6b:1b:13:3b:50:50:b8:
                    10:a7:72:58:8c:6a:07:22:1c:a6:db:a6:52:ce:bd:
                    82:5e:2e:de:d0:43:52:6d:50:43:5e:94:c9:23:63:
                    5a:6c:2d:52:d0:16:9b:ce:e2:88:15:84:b6:3c:98:
                    5f:0b:29:e9:72:b0:a8:23:11:8d:d1:29:ee:79:64:
                    2b:bb:70:e7:e4:81:98:70:1c:96:1d:e9:97:ac:29:
                    e4:1a:df:4b:c0:92:16:c8:b8:d8:df:d6:fc:0c:37:
                    04:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:B7:F7:16:D9:4F:FB:15:CD:DC:E0:63:2C:05:91:50:6E:4C:18:3B
            X509v3 Authority Key Identifier:
                keyid:4A:63:B5:E2:4A:6C:ED:ED:BD:2F:E8:F6:6D:79:7A:B3:D8:EA:A4:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmO14kps7e29L-j2bXl6s9jqpMk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/64dabc-6564-4ca0-802f-ca9790080716/1/SmO14kps7e29L-j2bXl6s9jqpMk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/64dabc-6564-4ca0-802f-ca9790080716/1/SmO14kps7e29L-j2bXl6s9jqpMk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:3b:47:84:48:8b:1c:41:f6:32:4d:75:0c:39:0d:b5:e7:f5:
         13:88:99:6a:44:ce:67:af:81:98:d5:7f:54:bc:09:26:73:c0:
         cc:8c:56:5c:5d:46:d3:8b:2f:ac:55:61:18:2a:e9:42:02:cf:
         92:be:9b:da:d0:d2:4f:67:63:50:55:ab:4a:21:f2:1a:0d:50:
         6e:76:82:7a:96:e8:03:9b:be:81:b5:69:f6:ce:7f:0c:da:94:
         e3:45:18:d8:0b:2c:98:06:60:7c:cf:c5:ed:96:9a:25:3b:2d:
         21:a2:5b:f1:74:69:f2:3e:a6:3c:7b:69:8e:5b:78:da:5b:48:
         f2:19:d5:04:d9:f6:c7:2c:24:f8:49:0c:17:0a:41:c3:81:fc:
         a0:fe:6c:3e:8e:33:47:b0:f2:8f:80:ce:07:a8:0f:94:0a:f5:
         2a:21:1b:8e:31:d5:1d:65:6a:13:50:d3:36:a7:a7:68:42:5c:
         3f:78:fd:65:33:ff:f8:b7:39:5b:8e:e2:3f:73:b2:37:d9:f1:
         e0:61:b7:c7:64:48:a5:9d:3d:21:8f:8c:c5:89:6e:a1:b1:6b:
         8e:df:c9:da:32:67:39:e0:db:f2:4b:43:b2:a1:bf:70:14:12:
         f1:be:b2:11:7a:8c:46:a8:7e:1d:cc:24:04:34:3f:0c:c5:78:
         95:ba:b8:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7kjy7NO8uYvRAsgaaI5ZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjNiNWUyNGE2Y2VkZWRiZDJmZThmNjZkNzk3YWIzZDhl
YWE0YzkwHhcNMjUwNTEwMTkwMDQ1WhcNMjUwNTExMTkwMDQ1WjAzMTEwLwYDVQQD
EygzNGI3ZjcxNmQ5NGZmYjE1Y2RkY2UwNjMyYzA1OTE1MDZlNGMxODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+Hy4Qe/4QCK+Py2cYOOPDtshEd+
WNNepWBJDBEFvVgopVue70W92YS1dwitCS61ABvcZ3M+8erj+S5FSNDFBPXtAvv2
vUy7ZcdDvw7n2PbNFam2HlUxFYJ/34QsvWSldk6ZM3QcaWTciFKEaoPVbchwDXZe
uQMJnWDtHaeI16WrJEtNXTHxvhOazu2++A51uKmFfMSmBCpMmIp3GmsbEztQULgQ
p3JYjGoHIhym26ZSzr2CXi7e0ENSbVBDXpTJI2NabC1S0BabzuKIFYS2PJhfCynp
crCoIxGN0SnueWQru3Dn5IGYcByWHemXrCnkGt9LwJIWyLjY39b8DDcE6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDS39xbZT/sVzdzgYywFkVBuTBg7MB8GA1UdIwQY
MBaAFEpjteJKbO3tvS/o9m15erPY6qTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21PMTRrcHM3ZTI5TC1qMmJYbDZzOWpxcE1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC82NGRhYmMtNjU2NC00Y2EwLTgwMmYt
Y2E5NzkwMDgwNzE2LzEvU21PMTRrcHM3ZTI5TC1qMmJYbDZzOWpxcE1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC82NGRhYmMtNjU2NC00Y2EwLTgwMmYtY2E5NzkwMDgwNzE2
LzEvU21PMTRrcHM3ZTI5TC1qMmJYbDZzOWpxcE1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmjtHhEiL
HEH2Mk11DDkNtef1E4iZakTOZ6+BmNV/VLwJJnPAzIxWXF1G04svrFVhGCrpQgLP
kr6b2tDST2djUFWrSiHyGg1QbnaCepboA5u+gbVp9s5/DNqU40UY2AssmAZgfM/F
7ZaaJTstIaJb8XRp8j6mPHtpjlt42ltI8hnVBNn2xywk+EkMFwpBw4H8oP5sPo4z
R7Dyj4DOB6gPlAr1KiEbjjHVHWVqE1DTNqenaEJcP3j9ZTP/+Lc5W47iP3OyN9nx
4GG3x2RIpZ09IY+MxYluobFrjt/J2jJnOeDb8ktDsqG/cBQS8b6yEXqMRqh+Hcwk
BDQ/DMV4lbq4lA==
-----END CERTIFICATE-----