Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
File:                     582m42RtyToNLUKV0esJR2xmvKY.mft (raw, json)
Hash identifier:          2dM+nS6Qs8Q5V5ul3OL4mfXH09UUgdEoXY6oyNnQuJo=
Subject key identifier:   A9:A6:15:70:EE:DB:B3:72:6C:CE:04:C4:09:4A:12:D9:A8:25:1E:2E
Authority key identifier: E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6
Certificate issuer:       /CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
Certificate serial:       0196C803D2F77A93544292A809971DD95779
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
Manifest number:          0260
Signing time:             Tue 13 May 2025 05:00:15 +0000
Manifest this update:     Tue 13 May 2025 05:00:15 +0000
Manifest next update:     Wed 14 May 2025 05:00:15 +0000
Files and hashes:         1: 582m42RtyToNLUKV0esJR2xmvKY.crl (hash: 94/4C+6xWdbYh06rPuT7iwHgZ7NY2TKLmC8LyZeG4Wg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c8:03:d2:f7:7a:93:54:42:92:a8:09:97:1d:d9:57:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
        Validity
            Not Before: May 13 05:00:15 2025 GMT
            Not After : May 14 05:00:15 2025 GMT
        Subject: CN=a9a61570eedbb3726cce04c4094a12d9a8251e2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:a5:29:b2:c1:e1:3f:8d:4a:de:2b:db:cd:a3:
                    5b:c8:76:fc:ac:c7:87:3a:b2:28:d1:6e:92:99:bf:
                    18:cd:84:13:c4:1b:b4:f8:d2:f0:03:b1:da:45:5f:
                    9a:d2:7b:8b:78:03:b5:5c:0d:2a:ec:9c:5a:fe:5b:
                    fb:e2:ee:2a:96:15:d7:8b:94:04:ca:b2:94:6c:8c:
                    f4:d7:f8:df:c9:ad:f8:a3:ea:88:91:e7:22:f6:70:
                    6d:fb:c0:b9:34:94:81:e3:27:ad:15:97:f3:a9:a7:
                    78:ff:25:48:44:e4:1c:2e:67:c5:a6:65:2c:19:00:
                    95:53:a9:d1:d8:7e:77:76:6a:d3:0a:ac:ae:63:7d:
                    51:f0:56:08:6f:97:b1:c0:34:4b:da:d8:bd:8a:ea:
                    5d:58:48:d8:ff:75:ba:61:b6:10:c7:23:b7:27:8e:
                    43:29:6e:bc:92:08:70:70:51:ec:72:22:1e:05:54:
                    51:6a:9d:67:33:c8:4a:92:53:2d:98:0f:70:ca:5e:
                    68:2d:d9:bc:56:0a:7a:04:d6:3f:13:32:4e:52:fe:
                    b3:3b:d3:ae:d3:14:0b:79:fc:32:2a:2e:65:87:80:
                    cb:43:89:c5:a9:ee:b2:dc:68:c6:20:f4:72:98:1c:
                    13:0c:b3:c2:71:ca:41:26:86:df:29:75:d4:29:fe:
                    a8:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:A6:15:70:EE:DB:B3:72:6C:CE:04:C4:09:4A:12:D9:A8:25:1E:2E
            X509v3 Authority Key Identifier:
                keyid:E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:e2:38:8d:7d:7e:55:42:76:9f:ce:c9:3c:ca:c4:d7:cf:51:
         92:de:d6:9c:95:9e:f4:60:79:d4:79:6b:b9:6d:36:d7:ec:c7:
         3a:5a:fb:5f:a0:e8:9a:88:17:7e:56:d5:df:58:34:13:4f:23:
         5d:36:af:bd:ad:95:9b:67:93:20:0d:8f:77:70:df:fd:1e:77:
         fc:49:82:43:13:0d:eb:2d:2c:7c:b7:e8:ac:d1:ed:85:e3:fc:
         07:80:01:c8:18:7f:58:fc:2f:9c:46:f3:c5:93:1f:2d:69:57:
         36:73:dd:b8:f8:3f:3c:59:aa:51:39:fe:a4:2f:f1:cd:cf:d6:
         6f:e2:c2:8a:f7:fb:d1:2b:60:28:9d:3e:c1:66:34:b9:6d:36:
         53:d0:4d:49:a8:0c:59:b6:9e:6a:07:b9:dc:a5:b8:8e:eb:e5:
         65:7d:d6:01:ca:8d:77:20:ae:33:05:54:fd:48:7c:e4:a6:dd:
         5b:d9:18:fe:16:75:2e:00:1b:11:69:6b:05:35:cd:d8:ee:d9:
         ae:d4:db:e7:71:a2:6b:35:8b:6c:60:c3:50:f2:95:b0:cc:61:
         98:e2:13:18:23:65:bb:ff:f5:98:9e:28:67:56:78:0e:c9:84:
         fe:1f:41:73:29:36:0e:5b:6b:ea:e3:cc:83:b4:1d:30:cd:04:
         07:10:7d:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbIA9L3epNUQpKoCZcd2Vd5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2RhNmUzNjQ2ZGM5M2EwZDJkNDI5NWQxZWIwOTQ3NmM2
NmJjYTYwHhcNMjUwNTEzMDUwMDE1WhcNMjUwNTE0MDUwMDE1WjAzMTEwLwYDVQQD
EyhhOWE2MTU3MGVlZGJiMzcyNmNjZTA0YzQwOTRhMTJkOWE4MjUxZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKUpssHhP41K3ivbzaNbyHb8rMeH
OrIo0W6Smb8YzYQTxBu0+NLwA7HaRV+a0nuLeAO1XA0q7Jxa/lv74u4qlhXXi5QE
yrKUbIz01/jfya34o+qIkeci9nBt+8C5NJSB4yetFZfzqad4/yVIROQcLmfFpmUs
GQCVU6nR2H53dmrTCqyuY31R8FYIb5exwDRL2ti9iupdWEjY/3W6YbYQxyO3J45D
KW68kghwcFHsciIeBVRRap1nM8hKklMtmA9wyl5oLdm8Vgp6BNY/EzJOUv6zO9Ou
0xQLefwyKi5lh4DLQ4nFqe6y3GjGIPRymBwTDLPCccpBJobfKXXUKf6oHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKmmFXDu27NybM4ExAlKEtmoJR4uMB8GA1UdIwQY
MBaAFOfNpuNkbck6DS1CldHrCUdsZrymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMt
NTY4YzQwN2IzMGY3LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMtNTY4YzQwN2IzMGY3
LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu+I4jX1+
VUJ2n87JPMrE189Rkt7WnJWe9GB51HlruW021+zHOlr7X6DomogXflbV31g0E08j
XTavva2Vm2eTIA2Pd3Df/R53/EmCQxMN6y0sfLforNHtheP8B4AByBh/WPwvnEbz
xZMfLWlXNnPduPg/PFmqUTn+pC/xzc/Wb+LCivf70StgKJ0+wWY0uW02U9BNSagM
Wbaeage53KW4juvlZX3WAcqNdyCuMwVU/Uh85KbdW9kY/hZ1LgAbEWlrBTXN2O7Z
rtTb53GiazWLbGDDUPKVsMxhmOITGCNlu//1mJ4oZ1Z4DsmE/h9Bcyk2Dltr6uPM
g7QdMM0EBxB9yw==
-----END CERTIFICATE-----