Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft
File:                     tRm7YH6Ot267nMsgIsxkbDzOC2A.mft (raw, json)
Hash identifier:          OZQrZebdyFZT3b2T8Um/I0uHUBPNNqce2iyNORgxPHc=
Subject key identifier:   3A:0E:3E:32:06:B2:AA:F0:4C:E0:07:79:48:60:D9:AD:11:06:97:AF
Authority key identifier: B5:19:BB:60:7E:8E:B7:6E:BB:9C:CB:20:22:CC:64:6C:3C:CE:0B:60
Certificate issuer:       /CN=b519bb607e8eb76ebb9ccb2022cc646c3cce0b60
Certificate serial:       0196AE0DDE655643EE2252BDF301B7333233
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tRm7YH6Ot267nMsgIsxkbDzOC2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft
Manifest number:          1528
Signing time:             Thu 08 May 2025 04:01:06 +0000
Manifest this update:     Thu 08 May 2025 04:01:06 +0000
Manifest next update:     Fri 09 May 2025 04:01:06 +0000
Files and hashes:         1: tRm7YH6Ot267nMsgIsxkbDzOC2A.crl (hash: Xe7GwbGBatFdz1cCwzCGl7muaTupEDlVAFZBJqYGuBc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tRm7YH6Ot267nMsgIsxkbDzOC2A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 04:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ae:0d:de:65:56:43:ee:22:52:bd:f3:01:b7:33:32:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b519bb607e8eb76ebb9ccb2022cc646c3cce0b60
        Validity
            Not Before: May  8 04:01:06 2025 GMT
            Not After : May  9 04:01:06 2025 GMT
        Subject: CN=3a0e3e3206b2aaf04ce007794860d9ad110697af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:42:63:7f:f1:63:4e:0f:b2:67:e9:c6:01:f7:
                    9d:1d:e9:c3:65:e6:8a:8d:76:7f:bf:be:6a:fa:d5:
                    f4:76:c8:4d:6c:bb:a9:01:bb:54:27:b0:1e:2e:69:
                    8b:90:3f:65:74:6a:c0:c8:0d:4e:fe:08:91:f5:93:
                    24:b9:95:66:1a:79:db:73:e0:b7:7b:a9:e9:f6:9e:
                    3c:b3:b7:a1:7a:66:0e:6b:82:73:a9:bb:b2:33:cc:
                    9d:fa:9a:87:01:b9:a0:68:60:e8:32:4e:d7:a9:eb:
                    f8:a9:2e:9b:a0:56:26:09:5c:ac:5f:e3:94:2c:a3:
                    66:5d:bd:c6:b3:a5:54:47:3f:0e:4c:29:8e:ec:25:
                    a9:c9:1c:a9:99:e4:b7:12:ab:1a:0e:c8:b8:f7:1f:
                    b1:e2:31:eb:30:3b:de:82:35:5c:01:8e:92:56:91:
                    d1:2c:5c:ef:a2:51:53:24:b3:14:71:f3:5c:a1:7d:
                    c7:c0:b0:6e:c5:49:69:03:97:10:68:b0:64:00:09:
                    48:5b:61:cf:91:52:a2:74:de:de:fd:cd:b3:4b:0d:
                    76:de:09:30:c0:e7:2c:f2:61:e4:23:83:7c:92:d6:
                    0a:e7:8a:75:39:0d:04:4c:b7:4b:62:10:d8:c8:8d:
                    7f:48:f5:b3:91:79:70:e0:ca:ff:42:fd:bc:d6:94:
                    35:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:0E:3E:32:06:B2:AA:F0:4C:E0:07:79:48:60:D9:AD:11:06:97:AF
            X509v3 Authority Key Identifier:
                keyid:B5:19:BB:60:7E:8E:B7:6E:BB:9C:CB:20:22:CC:64:6C:3C:CE:0B:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRm7YH6Ot267nMsgIsxkbDzOC2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:8c:08:1b:39:b9:fa:a2:cf:8e:1c:ed:15:02:fb:4f:38:46:
         40:54:21:6a:ee:02:8a:0a:ea:c2:13:ce:83:cf:b1:8f:ad:a4:
         25:b1:5c:7b:24:21:89:19:36:71:6a:53:15:c0:9c:16:39:2d:
         e6:6e:97:19:f8:9f:bb:14:e7:79:3a:4f:c0:b5:59:8e:2a:b1:
         bc:96:0f:df:1d:0e:76:32:b4:3a:c0:d9:4b:0f:ec:1d:cf:c0:
         cf:72:bf:ec:eb:30:5a:f3:36:21:9d:2d:5f:5a:0e:d6:05:45:
         00:35:3e:5c:ab:58:93:d0:86:69:98:0a:41:34:2b:33:e5:f0:
         f7:2f:42:2a:d7:aa:28:36:75:8c:60:71:b1:5a:f3:62:5b:ac:
         05:1e:50:a3:d0:01:9a:74:88:9a:d6:c8:e6:a8:0e:92:f5:f6:
         75:fb:27:26:e2:34:43:55:82:27:e5:51:3b:98:77:d4:79:21:
         b4:1e:a0:88:6e:ae:e7:10:2f:a2:3e:b9:c1:3a:31:e5:95:17:
         e2:b0:12:c6:0b:ba:3b:27:2b:a9:6d:0f:29:10:3d:51:4d:05:
         1f:97:86:33:a5:cb:71:cb:08:b6:9d:a3:82:c9:c9:e5:7c:88:
         fa:e9:1d:b8:f8:8b:74:9d:47:9a:a1:fc:db:63:0b:17:f5:87:
         4a:e5:f7:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZauDd5lVkPuIlK98wG3MzIzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MTliYjYwN2U4ZWI3NmViYjljY2IyMDIyY2M2NDZjM2Nj
ZTBiNjAwHhcNMjUwNTA4MDQwMTA2WhcNMjUwNTA5MDQwMTA2WjAzMTEwLwYDVQQD
EygzYTBlM2UzMjA2YjJhYWYwNGNlMDA3Nzk0ODYwZDlhZDExMDY5N2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0Jjf/FjTg+yZ+nGAfedHenDZeaK
jXZ/v75q+tX0dshNbLupAbtUJ7AeLmmLkD9ldGrAyA1O/giR9ZMkuZVmGnnbc+C3
e6np9p48s7ehemYOa4JzqbuyM8yd+pqHAbmgaGDoMk7Xqev4qS6boFYmCVysX+OU
LKNmXb3Gs6VURz8OTCmO7CWpyRypmeS3EqsaDsi49x+x4jHrMDvegjVcAY6SVpHR
LFzvolFTJLMUcfNcoX3HwLBuxUlpA5cQaLBkAAlIW2HPkVKidN7e/c2zSw123gkw
wOcs8mHkI4N8ktYK54p1OQ0ETLdLYhDYyI1/SPWzkXlw4Mr/Qv281pQ1MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDoOPjIGsqrwTOAHeUhg2a0RBpevMB8GA1UdIwQY
MBaAFLUZu2B+jrduu5zLICLMZGw8zgtgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFJtN1lINk90MjY3bk1zZ0lzeGtiRHpPQzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ZTUwNDktODU2ZC00YzA3LTg1NTYt
ZTE4MTg0ZTgwMjU4LzEvdFJtN1lINk90MjY3bk1zZ0lzeGtiRHpPQzJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ZTUwNDktODU2ZC00YzA3LTg1NTYtZTE4MTg0ZTgwMjU4
LzEvdFJtN1lINk90MjY3bk1zZ0lzeGtiRHpPQzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGowIGzm5
+qLPjhztFQL7TzhGQFQhau4CigrqwhPOg8+xj62kJbFceyQhiRk2cWpTFcCcFjkt
5m6XGfifuxTneTpPwLVZjiqxvJYP3x0OdjK0OsDZSw/sHc/Az3K/7OswWvM2IZ0t
X1oO1gVFADU+XKtYk9CGaZgKQTQrM+Xw9y9CKteqKDZ1jGBxsVrzYlusBR5Qo9AB
mnSImtbI5qgOkvX2dfsnJuI0Q1WCJ+VRO5h31HkhtB6giG6u5xAvoj65wTox5ZUX
4rASxgu6OycrqW0PKRA9UU0FH5eGM6XLccsItp2jgsnJ5XyI+ukduPiLdJ1HmqH8
22MLF/WHSuX3Pw==
-----END CERTIFICATE-----