Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
File:                     tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft (raw, json)
Hash identifier:          bONgzbnIEqSQJCvCiIW/6kaH8hSUc+x1UKg+U8d1U8w=
Subject key identifier:   C9:75:37:60:D5:82:09:7A:EF:8B:93:1D:4F:BF:9C:C4:4D:D3:98:5C
Authority key identifier: B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB
Certificate issuer:       /CN=b539831835c87c7501f6c37cb48e60a795a394bb
Certificate serial:       0196AC1FE5D4899BA3F22866652BB3B9D581
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
Manifest number:          152A
Signing time:             Wed 07 May 2025 19:01:33 +0000
Manifest this update:     Wed 07 May 2025 19:01:33 +0000
Manifest next update:     Thu 08 May 2025 19:01:33 +0000
Files and hashes:         1: tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl (hash: XmpHlwggRC1O3e3P3LcKePhiBWwEicAYyzfBi/owi8A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 13:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ac:1f:e5:d4:89:9b:a3:f2:28:66:65:2b:b3:b9:d5:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b539831835c87c7501f6c37cb48e60a795a394bb
        Validity
            Not Before: May  7 19:01:33 2025 GMT
            Not After : May  8 19:01:33 2025 GMT
        Subject: CN=c9753760d582097aef8b931d4fbf9cc44dd3985c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:39:9d:e4:8e:c7:4b:ec:d5:0b:56:d0:60:6f:
                    ce:c9:b0:9b:7a:e3:a9:ee:41:35:61:de:f2:ba:07:
                    fe:27:f3:d7:7f:7f:93:9f:1e:4d:5c:6b:03:04:76:
                    b3:28:ca:0c:ff:d6:d7:cc:24:23:a8:24:64:25:6b:
                    67:ff:e4:85:ac:a5:21:6d:62:42:8e:e6:26:5c:63:
                    31:5d:30:ff:2b:12:43:5d:ea:3a:61:0b:2f:3a:7a:
                    32:6f:68:11:3d:60:ac:b3:ac:d5:d8:32:78:7a:00:
                    a2:d9:43:4f:07:e3:70:f2:a3:ef:9b:5e:ff:48:08:
                    1e:c2:3e:47:6f:5e:42:9d:e5:6e:e7:4e:c8:88:30:
                    15:1c:cc:6e:d7:15:ee:b0:5f:24:ea:5f:4c:01:71:
                    e0:09:50:1e:82:dc:6e:22:9c:87:a7:b8:eb:ad:3c:
                    a1:8d:cd:fd:48:88:a7:0e:61:ab:e4:03:9d:9a:77:
                    96:a7:ed:09:88:b8:0b:d0:9f:f6:70:16:13:6d:34:
                    81:fd:d9:dc:e7:ff:92:bd:b3:22:02:e5:33:65:97:
                    75:23:6f:fa:3d:29:55:7a:cd:f7:73:b0:4f:a0:dd:
                    ac:84:7e:f0:1a:83:56:1d:0d:b4:e0:2d:5c:f4:64:
                    74:51:db:2f:dd:5b:f4:d2:f4:a2:f0:8b:ef:56:6a:
                    9f:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:75:37:60:D5:82:09:7A:EF:8B:93:1D:4F:BF:9C:C4:4D:D3:98:5C
            X509v3 Authority Key Identifier:
                keyid:B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:d6:5b:43:f1:7f:b1:16:12:0c:56:57:d9:07:4e:75:a0:5a:
         3f:f8:d9:da:b4:e9:cf:1b:74:34:c3:a2:41:30:54:fb:d6:86:
         eb:21:d4:bb:c9:b4:5e:c7:41:15:0b:d4:17:ba:01:e5:6f:97:
         63:88:e3:24:76:8f:7f:26:90:84:ab:4e:03:67:4a:f5:d0:8c:
         0c:75:73:54:20:cb:ae:5b:07:e1:fa:f2:44:bf:f6:17:b3:ae:
         b8:d4:ea:2a:0c:73:c9:cc:64:29:57:6a:75:9c:1e:7d:ae:b3:
         83:4d:82:c9:ad:e9:93:23:e9:f1:7e:1a:e7:d4:3a:ce:96:b0:
         ff:a4:81:85:15:53:04:10:44:67:f9:f3:6c:3f:cd:b1:dc:69:
         d6:fe:a0:e1:6d:e2:8a:8a:ac:b8:02:d9:56:40:1f:fd:f4:2f:
         e3:ec:69:9e:e7:49:21:0f:fd:2a:c0:c4:92:68:54:55:11:0b:
         60:2a:a7:4c:7e:00:d0:29:14:f1:24:50:cf:aa:83:86:04:88:
         9a:12:c8:ef:33:7d:78:94:40:43:89:6d:42:ad:e8:6c:00:fa:
         84:55:fc:62:e9:06:e8:fb:09:46:11:12:5b:2f:d3:34:37:14:
         85:6a:71:ab:cd:30:e1:02:ac:2f:aa:55:25:8a:47:9e:26:5a:
         c3:d9:e3:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZasH+XUiZuj8ihmZSuzudWBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1Mzk4MzE4MzVjODdjNzUwMWY2YzM3Y2I0OGU2MGE3OTVh
Mzk0YmIwHhcNMjUwNTA3MTkwMTMzWhcNMjUwNTA4MTkwMTMzWjAzMTEwLwYDVQQD
EyhjOTc1Mzc2MGQ1ODIwOTdhZWY4YjkzMWQ0ZmJmOWNjNDRkZDM5ODVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDmd5I7HS+zVC1bQYG/OybCbeuOp
7kE1Yd7yugf+J/PXf3+Tnx5NXGsDBHazKMoM/9bXzCQjqCRkJWtn/+SFrKUhbWJC
juYmXGMxXTD/KxJDXeo6YQsvOnoyb2gRPWCss6zV2DJ4egCi2UNPB+Nw8qPvm17/
SAgewj5Hb15CneVu507IiDAVHMxu1xXusF8k6l9MAXHgCVAegtxuIpyHp7jrrTyh
jc39SIinDmGr5AOdmneWp+0JiLgL0J/2cBYTbTSB/dnc5/+SvbMiAuUzZZd1I2/6
PSlVes33c7BPoN2shH7wGoNWHQ204C1c9GR0Udsv3Vv00vSi8IvvVmqfpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMl1N2DVggl674uTHU+/nMRN05hcMB8GA1UdIwQY
MBaAFLU5gxg1yHx1AfbDfLSOYKeVo5S7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMt
NDk1ZTE4ODcwMWI2LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMtNDk1ZTE4ODcwMWI2
LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbdZbQ/F/
sRYSDFZX2QdOdaBaP/jZ2rTpzxt0NMOiQTBU+9aG6yHUu8m0XsdBFQvUF7oB5W+X
Y4jjJHaPfyaQhKtOA2dK9dCMDHVzVCDLrlsH4fryRL/2F7OuuNTqKgxzycxkKVdq
dZwefa6zg02Cya3pkyPp8X4a59Q6zpaw/6SBhRVTBBBEZ/nzbD/Nsdxp1v6g4W3i
ioqsuALZVkAf/fQv4+xpnudJIQ/9KsDEkmhUVRELYCqnTH4A0CkU8SRQz6qDhgSI
mhLI7zN9eJRAQ4ltQq3obAD6hFX8YukG6PsJRhESWy/TNDcUhWpxq80w4QKsL6pV
JYpHniZaw9njWQ==
-----END CERTIFICATE-----