Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft
File:                     4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft (raw, json)
Hash identifier:          kHf+RGC3qmZ+6aEIbuStWzWaX/DrbA61Z9l1kkrY9u8=
Subject key identifier:   99:EF:EC:BF:EB:A0:5D:66:57:1E:59:46:7D:22:8A:DD:50:9B:F8:C9
Authority key identifier: E2:AD:1B:50:37:7D:7C:07:5C:64:D0:09:F4:0A:30:FE:72:90:68:7C
Certificate issuer:       /CN=e2ad1b50377d7c075c64d009f40a30fe7290687c
Certificate serial:       0196BD811DB22D649279EA761D014A578831
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft
Manifest number:          12D9
Signing time:             Sun 11 May 2025 04:01:17 +0000
Manifest this update:     Sun 11 May 2025 04:01:17 +0000
Manifest next update:     Mon 12 May 2025 04:01:17 +0000
Files and hashes:         1: 4q0bUDd9fAdcZNAJ9Aow_nKQaHw.crl (hash: aLSS4oer+j/9QoaOgEzuk8EG9gplVIWJEfciROGFQL0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:81:1d:b2:2d:64:92:79:ea:76:1d:01:4a:57:88:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2ad1b50377d7c075c64d009f40a30fe7290687c
        Validity
            Not Before: May 11 04:01:17 2025 GMT
            Not After : May 12 04:01:17 2025 GMT
        Subject: CN=99efecbfeba05d66571e59467d228add509bf8c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:0b:51:c1:8f:36:4d:0c:bd:68:19:5e:d9:39:
                    be:6a:24:99:e6:18:97:90:ea:60:86:02:83:0d:5f:
                    75:16:dd:ae:e9:61:8a:7d:9b:66:01:d0:cf:48:40:
                    af:1b:80:35:f0:89:70:70:1a:3d:52:74:fb:bb:3c:
                    c8:b6:5b:84:5b:ff:6d:e1:c4:b3:52:61:19:df:0f:
                    df:c3:42:a7:c6:21:72:1f:fb:ef:c2:26:d4:95:a8:
                    2f:6f:44:33:14:1e:ae:d3:5c:3c:a7:c2:7b:16:d9:
                    f0:01:85:cb:d3:c2:70:1c:df:f0:a7:e0:13:84:43:
                    79:bc:3b:1c:9c:2b:69:d8:5f:f0:45:6d:24:04:75:
                    2d:27:79:e7:20:4f:3e:ea:da:07:52:3b:a7:9d:92:
                    a6:2a:b4:0e:9c:1f:18:ac:49:75:f6:84:c4:95:ef:
                    35:be:8c:47:69:18:1f:38:24:2a:e4:ef:1a:19:42:
                    34:ca:41:ea:11:0b:37:da:29:e9:01:87:af:ae:0a:
                    e3:3a:71:8a:b5:a7:7d:11:10:9f:dd:58:d3:a8:2e:
                    7e:d6:92:15:92:03:e4:e3:03:6e:c5:ef:e9:18:eb:
                    4c:8e:34:d6:9c:91:d5:a8:fe:11:12:40:0e:a4:89:
                    91:b5:ef:5b:38:23:67:53:db:4e:c3:4b:2f:5f:1e:
                    f2:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:EF:EC:BF:EB:A0:5D:66:57:1E:59:46:7D:22:8A:DD:50:9B:F8:C9
            X509v3 Authority Key Identifier:
                keyid:E2:AD:1B:50:37:7D:7C:07:5C:64:D0:09:F4:0A:30:FE:72:90:68:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:fc:8b:e7:6c:d6:49:4d:1c:25:c4:8b:c5:60:1e:5c:e3:ed:
         69:1e:d8:e6:fb:d1:84:cf:0d:32:ac:ab:53:cd:89:9c:07:88:
         35:1d:32:94:97:e5:d7:52:b5:b8:2a:24:9c:11:5d:f4:48:a7:
         78:5f:ef:8b:f7:04:04:d0:76:23:9d:a6:a3:dd:64:4a:75:33:
         9f:99:d7:17:3d:b1:19:fc:d1:54:7d:c9:10:72:77:43:6e:83:
         66:83:5e:bb:0b:3b:e5:59:73:6b:2d:89:9d:bd:33:28:a1:59:
         2a:f8:68:47:a9:d7:86:3b:b1:d3:6a:95:0f:43:33:ee:c0:39:
         49:c7:ae:f0:94:bf:de:a0:de:25:94:ce:0f:6f:4d:bb:5b:27:
         86:00:ae:0f:8c:68:74:42:23:2f:6e:26:9e:13:b8:36:f7:bc:
         c1:88:00:56:58:23:bc:3d:b9:0b:c7:7f:7e:0e:25:e6:19:42:
         25:16:33:8a:5c:05:6f:af:4c:99:16:91:0e:19:ed:24:b5:bb:
         47:50:ce:4c:57:d0:0a:ed:44:da:ae:35:6a:d9:81:a5:8b:61:
         d5:5a:a0:3a:3c:66:b6:2c:58:a1:52:8c:1b:1a:b2:51:53:fe:
         96:b1:f9:3e:92:22:7a:9b:5f:74:3c:22:9a:4d:73:19:77:54:
         39:a6:85:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa9gR2yLWSSeep2HQFKV4gxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYWQxYjUwMzc3ZDdjMDc1YzY0ZDAwOWY0MGEzMGZlNzI5
MDY4N2MwHhcNMjUwNTExMDQwMTE3WhcNMjUwNTEyMDQwMTE3WjAzMTEwLwYDVQQD
Eyg5OWVmZWNiZmViYTA1ZDY2NTcxZTU5NDY3ZDIyOGFkZDUwOWJmOGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogtRwY82TQy9aBle2Tm+aiSZ5hiX
kOpghgKDDV91Ft2u6WGKfZtmAdDPSECvG4A18IlwcBo9UnT7uzzItluEW/9t4cSz
UmEZ3w/fw0KnxiFyH/vvwibUlagvb0QzFB6u01w8p8J7FtnwAYXL08JwHN/wp+AT
hEN5vDscnCtp2F/wRW0kBHUtJ3nnIE8+6toHUjunnZKmKrQOnB8YrEl19oTEle81
voxHaRgfOCQq5O8aGUI0ykHqEQs32inpAYevrgrjOnGKtad9ERCf3VjTqC5+1pIV
kgPk4wNuxe/pGOtMjjTWnJHVqP4REkAOpImRte9bOCNnU9tOw0svXx7yxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJnv7L/roF1mVx5ZRn0iit1Qm/jJMB8GA1UdIwQY
MBaAFOKtG1A3fXwHXGTQCfQKMP5ykGh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHEwYlVEZDlmQWRjWk5BSjlBb3dfbktRYUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi84ZjU5N2ItMzkyOC00YTRkLTgzMjUt
NzNmMWFiNWNhZTk2LzEvNHEwYlVEZDlmQWRjWk5BSjlBb3dfbktRYUh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi84ZjU5N2ItMzkyOC00YTRkLTgzMjUtNzNmMWFiNWNhZTk2
LzEvNHEwYlVEZDlmQWRjWk5BSjlBb3dfbktRYUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbPyL52zW
SU0cJcSLxWAeXOPtaR7Y5vvRhM8NMqyrU82JnAeINR0ylJfl11K1uCoknBFd9Ein
eF/vi/cEBNB2I52mo91kSnUzn5nXFz2xGfzRVH3JEHJ3Q26DZoNeuws75Vlzay2J
nb0zKKFZKvhoR6nXhjux02qVD0Mz7sA5Sceu8JS/3qDeJZTOD29Nu1snhgCuD4xo
dEIjL24mnhO4Nve8wYgAVlgjvD25C8d/fg4l5hlCJRYzilwFb69MmRaRDhntJLW7
R1DOTFfQCu1E2q41atmBpYth1VqgOjxmtixYoVKMGxqyUVP+lrH5PpIieptfdDwi
mk1zGXdUOaaFbQ==
-----END CERTIFICATE-----