Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
File:                     898KdcnvaBuNIzZ9vo7a0FPzvZU.mft (raw, json)
Hash identifier:          QGRR1bhgmEyVitVfYCFB0BQhMTjwX67GTMt6i6lJCV0=
Subject key identifier:   F4:05:7A:84:1B:13:67:C7:DB:5D:36:C6:0F:B7:B0:AB:7C:9A:F5:C7
Authority key identifier: F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95
Certificate issuer:       /CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
Certificate serial:       0196CEE212656CABEDE959E75EEFA5A3AA35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
Manifest number:          153B
Signing time:             Wed 14 May 2025 13:00:44 +0000
Manifest this update:     Wed 14 May 2025 13:00:44 +0000
Manifest next update:     Thu 15 May 2025 13:00:44 +0000
Files and hashes:         1: 898KdcnvaBuNIzZ9vo7a0FPzvZU.crl (hash: 09K7zZp6i05//WcuaJe0vA7PKsBYfwAmDcLABbE/kHE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 13:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ce:e2:12:65:6c:ab:ed:e9:59:e7:5e:ef:a5:a3:aa:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
        Validity
            Not Before: May 14 13:00:44 2025 GMT
            Not After : May 15 13:00:44 2025 GMT
        Subject: CN=f4057a841b1367c7db5d36c60fb7b0ab7c9af5c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:98:6e:21:8e:ca:40:60:1c:b1:9b:33:78:6f:
                    ea:65:c5:d3:a8:06:7d:41:c3:9d:a9:c9:c0:c4:4f:
                    bc:3a:94:17:64:a9:02:30:72:2b:cc:5f:ff:17:24:
                    90:be:e2:0a:01:97:20:ba:b6:da:e6:c9:7d:76:a1:
                    ee:2a:c4:b2:4c:1e:ea:97:3e:6d:7d:59:90:d8:38:
                    5a:95:53:c1:b0:4f:e3:2a:fa:0b:d5:69:f1:b6:73:
                    02:48:3f:bf:f7:8a:c7:97:42:30:32:6f:d5:92:1b:
                    76:99:62:d4:37:a8:c2:93:a7:4d:61:f0:99:d8:7c:
                    22:28:ef:40:25:17:d2:6d:0d:0a:7b:61:22:8a:3b:
                    dc:11:da:26:a2:09:5f:8d:ed:c7:92:54:fa:37:c5:
                    f8:b4:83:06:c2:11:d4:86:5b:09:a0:20:2b:0e:9b:
                    66:80:cc:f6:02:d5:3e:71:90:0a:bc:59:3d:63:de:
                    90:91:f5:68:83:be:20:e7:92:36:84:42:4a:0b:ed:
                    65:8a:e4:f8:53:1a:81:f2:ab:4b:b6:46:04:60:12:
                    67:e4:2c:0b:2d:44:6d:42:22:fe:3a:fa:b4:f1:4b:
                    5e:ac:8c:24:d3:3d:40:e8:0d:cd:3d:d2:5a:22:f4:
                    9b:01:43:8f:b8:ed:d6:47:9b:3d:3a:c2:a0:23:80:
                    66:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:05:7A:84:1B:13:67:C7:DB:5D:36:C6:0F:B7:B0:AB:7C:9A:F5:C7
            X509v3 Authority Key Identifier:
                keyid:F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:00:b2:91:47:f7:12:8c:7d:2b:2b:59:6a:30:78:02:cd:c7:
         78:c9:77:4b:04:0e:6d:fc:9b:30:37:12:2d:17:0e:9d:b4:5e:
         df:c8:2b:9b:a1:81:2e:1d:d6:67:cf:5b:c3:5f:9d:57:c1:b7:
         29:3d:8d:3a:1c:2f:81:a5:6a:b8:d9:fd:bd:30:45:31:ee:d8:
         ff:da:5f:8f:a4:39:75:1f:2a:7d:73:1f:e3:35:f6:27:fb:8c:
         70:29:8f:be:7d:9c:f0:3c:ce:c5:af:3b:07:1a:63:d6:cf:7b:
         85:70:f3:63:92:cb:0b:96:64:e7:68:d7:ca:39:27:57:62:ce:
         b7:99:11:e4:5f:2e:28:e0:36:76:1d:de:fc:76:40:dd:f9:f0:
         67:de:01:ea:58:34:5a:92:3a:27:64:b6:e8:93:dd:f9:ed:26:
         08:eb:0f:36:5f:31:89:dc:dd:61:61:0e:a2:b0:2d:86:4d:3e:
         6c:77:af:dc:12:be:4a:4c:00:2c:b7:e3:81:84:0b:9b:78:ed:
         14:ef:dc:69:ef:85:db:71:12:c9:7f:54:24:61:f0:cf:4c:50:
         aa:26:57:53:2e:aa:f7:eb:76:65:c0:c1:f4:b1:d8:c3:e6:8a:
         84:df:ac:c4:20:23:76:f5:d0:2c:ae:b6:e8:12:4e:66:f8:f0:
         b1:9d:38:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbO4hJlbKvt6VnnXu+lo6o1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZGYwYTc1YzllZjY4MWI4ZDIzMzY3ZGJlOGVkYWQwNTNm
M2JkOTUwHhcNMjUwNTE0MTMwMDQ0WhcNMjUwNTE1MTMwMDQ0WjAzMTEwLwYDVQQD
EyhmNDA1N2E4NDFiMTM2N2M3ZGI1ZDM2YzYwZmI3YjBhYjdjOWFmNWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJhuIY7KQGAcsZszeG/qZcXTqAZ9
QcOdqcnAxE+8OpQXZKkCMHIrzF//FySQvuIKAZcgurba5sl9dqHuKsSyTB7qlz5t
fVmQ2DhalVPBsE/jKvoL1WnxtnMCSD+/94rHl0IwMm/Vkht2mWLUN6jCk6dNYfCZ
2HwiKO9AJRfSbQ0Ke2EiijvcEdomoglfje3HklT6N8X4tIMGwhHUhlsJoCArDptm
gMz2AtU+cZAKvFk9Y96QkfVog74g55I2hEJKC+1liuT4UxqB8qtLtkYEYBJn5CwL
LURtQiL+Ovq08UterIwk0z1A6A3NPdJaIvSbAUOPuO3WR5s9OsKgI4Bm1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQFeoQbE2fH2102xg+3sKt8mvXHMB8GA1UdIwQY
MBaAFPPfCnXJ72gbjSM2fb6O2tBT872VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUt
YWI4YWJjYzY5MDE2LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUtYWI4YWJjYzY5MDE2
LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvQCykUf3
Eox9KytZajB4As3HeMl3SwQObfybMDcSLRcOnbRe38grm6GBLh3WZ89bw1+dV8G3
KT2NOhwvgaVquNn9vTBFMe7Y/9pfj6Q5dR8qfXMf4zX2J/uMcCmPvn2c8DzOxa87
Bxpj1s97hXDzY5LLC5Zk52jXyjknV2LOt5kR5F8uKOA2dh3e/HZA3fnwZ94B6lg0
WpI6J2S26JPd+e0mCOsPNl8xidzdYWEOorAthk0+bHev3BK+SkwALLfjgYQLm3jt
FO/cae+F23ESyX9UJGHwz0xQqiZXUy6q9+t2ZcDB9LHYw+aKhN+sxCAjdvXQLK62
6BJOZvjwsZ04JA==
-----END CERTIFICATE-----