Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/b729cc-754e-4aea-85f2-0ac2cd3fe008/1/9rG5O-fUO4bWT4tLljvJFWJfI_I.mft
File:                     9rG5O-fUO4bWT4tLljvJFWJfI_I.mft (raw, json)
Hash identifier:          B+8t4nJxVeisHQFswlcD3B0c5gTQlPvMpUN3jkNHSIM=
Subject key identifier:   ED:3D:BC:52:DB:BE:7D:25:7C:A0:B2:43:BD:0F:A9:6D:87:85:7C:19
Authority key identifier: F6:B1:B9:3B:E7:D4:3B:86:D6:4F:8B:4B:96:3B:C9:15:62:5F:23:F2
Certificate issuer:       /CN=f6b1b93be7d43b86d64f8b4b963bc915625f23f2
Certificate serial:       0196A051D3A92F05B5732866D58262AD1CA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9rG5O-fUO4bWT4tLljvJFWJfI_I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/b729cc-754e-4aea-85f2-0ac2cd3fe008/1/9rG5O-fUO4bWT4tLljvJFWJfI_I.mft
Manifest number:          01B6
Signing time:             Mon 05 May 2025 12:00:39 +0000
Manifest this update:     Mon 05 May 2025 12:00:39 +0000
Manifest next update:     Tue 06 May 2025 12:00:39 +0000
Files and hashes:         1: 9rG5O-fUO4bWT4tLljvJFWJfI_I.crl (hash: nqBNFHb1/ZwT8YIgfFBFOUeXpPM3eVbDEv35gefEyPI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/b729cc-754e-4aea-85f2-0ac2cd3fe008/1/9rG5O-fUO4bWT4tLljvJFWJfI_I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/b729cc-754e-4aea-85f2-0ac2cd3fe008/1/9rG5O-fUO4bWT4tLljvJFWJfI_I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9rG5O-fUO4bWT4tLljvJFWJfI_I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a0:51:d3:a9:2f:05:b5:73:28:66:d5:82:62:ad:1c:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f6b1b93be7d43b86d64f8b4b963bc915625f23f2
        Validity
            Not Before: May  5 12:00:39 2025 GMT
            Not After : May  6 12:00:39 2025 GMT
        Subject: CN=ed3dbc52dbbe7d257ca0b243bd0fa96d87857c19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:55:93:7e:ba:2e:63:07:4a:64:89:97:fb:48:
                    a8:03:95:45:9f:88:c2:9e:df:8c:a3:54:b5:20:7b:
                    2f:6a:36:d4:eb:46:ce:ad:c6:22:25:39:c6:c1:ea:
                    85:93:0b:16:81:ed:08:4d:ad:51:18:4d:4f:79:e4:
                    6e:6d:8e:7c:00:ad:64:0a:71:d0:b9:59:9c:0f:48:
                    f8:e2:44:e3:7f:c1:c8:98:e9:70:6e:f1:bb:e4:5d:
                    47:6e:fd:6a:f7:ad:90:24:53:66:05:4b:3b:3f:68:
                    67:b2:da:27:59:7b:ff:f0:33:f9:63:d5:26:52:2a:
                    3d:27:9b:75:89:df:40:fe:a6:30:bf:44:38:55:3b:
                    d3:68:da:f4:2b:cf:d5:5e:0e:38:69:28:a8:f5:02:
                    17:ed:ac:4f:8a:24:b9:c0:9d:a2:be:6a:82:fd:73:
                    5e:55:ed:e6:e8:60:2b:fb:77:9e:83:0d:6d:e9:9b:
                    43:1c:9f:fc:02:be:a2:5b:9d:c7:fa:cf:45:a6:9e:
                    f6:da:67:88:4f:84:16:1f:a5:9a:2b:e3:b0:ba:6d:
                    6c:66:8d:c2:6d:45:c4:05:4f:3d:98:74:2d:1a:5e:
                    02:28:02:3b:0a:fe:e8:0b:80:7e:39:0d:d3:fa:62:
                    90:2b:96:eb:6f:be:a0:3f:ba:47:07:d0:73:99:bb:
                    8e:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:3D:BC:52:DB:BE:7D:25:7C:A0:B2:43:BD:0F:A9:6D:87:85:7C:19
            X509v3 Authority Key Identifier:
                keyid:F6:B1:B9:3B:E7:D4:3B:86:D6:4F:8B:4B:96:3B:C9:15:62:5F:23:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9rG5O-fUO4bWT4tLljvJFWJfI_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b729cc-754e-4aea-85f2-0ac2cd3fe008/1/9rG5O-fUO4bWT4tLljvJFWJfI_I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b729cc-754e-4aea-85f2-0ac2cd3fe008/1/9rG5O-fUO4bWT4tLljvJFWJfI_I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:37:69:1c:f1:db:82:1e:bd:37:a9:e3:a8:a9:59:57:fb:18:
         24:14:18:80:c7:c0:46:1f:a1:8e:ff:bb:46:d2:c2:45:46:1d:
         9a:7b:e6:b5:b3:57:77:2e:b0:73:31:95:8b:0b:08:5c:d1:b0:
         31:9b:d9:4b:73:1f:b1:15:99:42:f2:f6:8b:b7:b2:ac:e4:f3:
         57:15:d2:4a:91:f5:79:b1:72:6d:29:b8:16:ca:f4:95:58:e2:
         3f:d7:08:c8:63:5e:e5:b1:1a:0b:b6:04:7a:36:2e:63:fb:21:
         f2:70:dd:d1:27:72:68:fe:06:5d:a4:08:ae:91:a8:01:92:b5:
         e6:ea:43:a7:d9:de:77:b1:af:4f:76:88:9a:a9:47:ad:a7:aa:
         9a:56:0e:7c:17:39:83:4e:37:03:d2:8b:bd:29:f8:1a:6b:49:
         fa:76:07:e1:92:8c:22:f2:f1:52:73:fb:2b:a6:82:fb:fb:30:
         25:64:4a:42:c8:0c:33:b9:c5:f5:1c:a0:5a:86:09:0f:73:65:
         9c:c5:28:91:df:ff:90:f4:0b:d4:0a:a0:a9:55:f7:79:47:e8:
         6d:a8:dc:e9:8c:cd:c1:b1:d4:57:75:30:6e:f6:8d:d7:b4:92:
         99:46:07:37:9c:f6:23:12:2d:cd:f0:6c:aa:fe:20:85:34:4d:
         81:70:12:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZagUdOpLwW1cyhm1YJirRyiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YjFiOTNiZTdkNDNiODZkNjRmOGI0Yjk2M2JjOTE1NjI1
ZjIzZjIwHhcNMjUwNTA1MTIwMDM5WhcNMjUwNTA2MTIwMDM5WjAzMTEwLwYDVQQD
EyhlZDNkYmM1MmRiYmU3ZDI1N2NhMGIyNDNiZDBmYTk2ZDg3ODU3YzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FWTfrouYwdKZImX+0ioA5VFn4jC
nt+Mo1S1IHsvajbU60bOrcYiJTnGweqFkwsWge0ITa1RGE1PeeRubY58AK1kCnHQ
uVmcD0j44kTjf8HImOlwbvG75F1Hbv1q962QJFNmBUs7P2hnstonWXv/8DP5Y9Um
Uio9J5t1id9A/qYwv0Q4VTvTaNr0K8/VXg44aSio9QIX7axPiiS5wJ2ivmqC/XNe
Ve3m6GAr+3eegw1t6ZtDHJ/8Ar6iW53H+s9Fpp722meIT4QWH6WaK+Owum1sZo3C
bUXEBU89mHQtGl4CKAI7Cv7oC4B+OQ3T+mKQK5brb76gP7pHB9BzmbuOUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO09vFLbvn0lfKCyQ70PqW2HhXwZMB8GA1UdIwQY
MBaAFPaxuTvn1DuG1k+LS5Y7yRViXyPyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXJHNU8tZlVPNGJXVDR0TGxqdkpGV0pmSV9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iNzI5Y2MtNzU0ZS00YWVhLTg1ZjIt
MGFjMmNkM2ZlMDA4LzEvOXJHNU8tZlVPNGJXVDR0TGxqdkpGV0pmSV9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iNzI5Y2MtNzU0ZS00YWVhLTg1ZjItMGFjMmNkM2ZlMDA4
LzEvOXJHNU8tZlVPNGJXVDR0TGxqdkpGV0pmSV9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfDdpHPHb
gh69N6njqKlZV/sYJBQYgMfARh+hjv+7RtLCRUYdmnvmtbNXdy6wczGViwsIXNGw
MZvZS3MfsRWZQvL2i7eyrOTzVxXSSpH1ebFybSm4Fsr0lVjiP9cIyGNe5bEaC7YE
ejYuY/sh8nDd0SdyaP4GXaQIrpGoAZK15upDp9ned7GvT3aImqlHraeqmlYOfBc5
g043A9KLvSn4GmtJ+nYH4ZKMIvLxUnP7K6aC+/swJWRKQsgMM7nF9RygWoYJD3Nl
nMUokd//kPQL1AqgqVX3eUfobajc6YzNwbHUV3UwbvaN17SSmUYHN5z2IxItzfBs
qv4ghTRNgXASsw==
-----END CERTIFICATE-----