Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.mft
File:                     mCQarJ7ae-9pCJ9ke12Pd0_0OiY.mft (raw, json)
Hash identifier:          6mUHTXDP8An3lhTQQUtykHgN/+uhgN48hxbQ/EyF0xw=
Subject key identifier:   15:6D:FE:60:14:42:18:2E:B7:70:C4:FD:6C:2B:1B:22:17:B4:D1:B2
Authority key identifier: 98:24:1A:AC:9E:DA:7B:EF:69:08:9F:64:7B:5D:8F:77:4F:F4:3A:26
Certificate issuer:       /CN=98241aac9eda7bef69089f647b5d8f774ff43a26
Certificate serial:       0196BECA07A186F57BA0CC9B1F3F99080199
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.mft
Manifest number:          0C69
Signing time:             Sun 11 May 2025 10:00:33 +0000
Manifest this update:     Sun 11 May 2025 10:00:33 +0000
Manifest next update:     Mon 12 May 2025 10:00:33 +0000
Files and hashes:         1: mCQarJ7ae-9pCJ9ke12Pd0_0OiY.crl (hash: TVIRq7WXSKVCJXyfmgCKV+2ABFiP9d51MnqZeKBSyH8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:be:ca:07:a1:86:f5:7b:a0:cc:9b:1f:3f:99:08:01:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=98241aac9eda7bef69089f647b5d8f774ff43a26
        Validity
            Not Before: May 11 10:00:33 2025 GMT
            Not After : May 12 10:00:33 2025 GMT
        Subject: CN=156dfe601442182eb770c4fd6c2b1b2217b4d1b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:96:c0:f9:04:d6:95:b9:46:6f:76:e4:e4:e2:
                    c9:bd:51:de:d0:6d:23:45:63:56:89:84:91:c5:fb:
                    2f:76:cb:fd:5d:95:e8:45:b8:3c:b9:30:6a:08:a4:
                    c8:f8:96:7c:ef:5a:90:f2:88:51:ce:33:a6:c6:69:
                    74:ea:04:f4:c3:c4:09:88:9c:48:18:bd:d2:c4:37:
                    24:09:70:6d:a1:3e:74:a3:65:ce:6c:f4:9a:32:8a:
                    eb:71:fe:59:98:d4:18:03:c2:d7:39:5b:c3:29:6f:
                    ca:c8:25:ba:f3:bd:1d:3d:ac:ce:77:18:ed:f6:36:
                    9a:a2:d3:dd:06:4a:c5:2e:03:0e:f4:3f:bc:d8:4b:
                    89:0a:fa:b2:92:64:47:f4:9c:cf:d9:fc:c4:e8:48:
                    27:62:15:c6:e2:b1:45:21:69:0c:92:28:88:03:7c:
                    1e:67:77:fb:b3:05:ec:15:52:d9:f8:68:93:a1:34:
                    0f:b3:d8:5b:0d:66:5a:5e:dd:b7:03:4d:52:78:98:
                    46:b0:9a:14:4e:82:88:ba:4a:6f:4c:7b:60:d0:3f:
                    65:cd:0c:de:0e:40:e0:31:30:a0:21:8a:34:3d:ba:
                    ed:2d:00:61:9d:ad:3a:c3:47:ba:70:a9:3d:47:ce:
                    ec:0d:c7:97:71:c6:a1:fc:0d:30:65:93:68:1c:a0:
                    2e:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:6D:FE:60:14:42:18:2E:B7:70:C4:FD:6C:2B:1B:22:17:B4:D1:B2
            X509v3 Authority Key Identifier:
                keyid:98:24:1A:AC:9E:DA:7B:EF:69:08:9F:64:7B:5D:8F:77:4F:F4:3A:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:41:24:dc:9f:a8:91:42:a9:09:80:0d:0f:9b:57:9c:49:db:
         b5:95:79:5a:39:5a:4e:f6:d7:0d:5a:71:60:a9:f4:6f:4e:f6:
         31:0c:31:6c:bf:02:86:dc:98:ff:09:6b:b5:10:d0:ef:66:ea:
         33:4b:6d:4b:3c:41:21:62:db:7d:e0:19:82:ca:c6:67:b0:3f:
         f4:81:bc:19:5b:ca:81:77:7f:a6:cb:8c:90:66:36:ed:b3:54:
         23:c0:b6:3e:db:f1:62:0e:df:a9:40:ec:dd:92:1f:1c:0b:5a:
         c2:f6:38:ff:1f:bd:de:e3:86:38:b6:f6:7e:e9:f9:6e:4b:d5:
         f0:7a:4e:1e:8c:6b:49:8e:ae:ae:44:2e:d2:c0:c2:91:56:ec:
         99:86:d2:7b:87:40:f5:8b:8d:6c:ff:a3:32:bf:e0:88:ec:9a:
         d6:3a:c8:ae:cd:f6:3a:2c:c6:5d:51:cf:59:8b:6c:51:cf:81:
         62:22:50:c3:eb:63:71:68:02:9b:fc:6f:81:ec:e9:d6:90:24:
         e9:76:f5:00:ba:f1:90:1c:b5:8e:9d:54:37:bf:68:d8:15:4c:
         b0:96:b4:95:05:45:5b:05:fc:e9:54:79:a6:dd:5a:7d:31:02:
         fd:21:fb:d1:ee:7a:e3:a5:7d:37:92:8e:43:4c:88:bd:81:8d:
         9c:1b:4e:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+ygehhvV7oMybHz+ZCAGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MjQxYWFjOWVkYTdiZWY2OTA4OWY2NDdiNWQ4Zjc3NGZm
NDNhMjYwHhcNMjUwNTExMTAwMDMzWhcNMjUwNTEyMTAwMDMzWjAzMTEwLwYDVQQD
EygxNTZkZmU2MDE0NDIxODJlYjc3MGM0ZmQ2YzJiMWIyMjE3YjRkMWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpbA+QTWlblGb3bk5OLJvVHe0G0j
RWNWiYSRxfsvdsv9XZXoRbg8uTBqCKTI+JZ871qQ8ohRzjOmxml06gT0w8QJiJxI
GL3SxDckCXBtoT50o2XObPSaMorrcf5ZmNQYA8LXOVvDKW/KyCW6870dPazOdxjt
9jaaotPdBkrFLgMO9D+82EuJCvqykmRH9JzP2fzE6EgnYhXG4rFFIWkMkiiIA3we
Z3f7swXsFVLZ+GiToTQPs9hbDWZaXt23A01SeJhGsJoUToKIukpvTHtg0D9lzQze
DkDgMTCgIYo0PbrtLQBhna06w0e6cKk9R87sDceXccah/A0wZZNoHKAuQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBVt/mAUQhgut3DE/WwrGyIXtNGyMB8GA1UdIwQY
MBaAFJgkGqye2nvvaQifZHtdj3dP9DomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUNRYXJKN2FlLTlwQ0o5a2UxMlBkMF8wT2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9jZGE5NTgtM2NhYi00YjIzLTkxNmMt
MzVkZTM4NGMwOTgyLzEvbUNRYXJKN2FlLTlwQ0o5a2UxMlBkMF8wT2lZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9jZGE5NTgtM2NhYi00YjIzLTkxNmMtMzVkZTM4NGMwOTgy
LzEvbUNRYXJKN2FlLTlwQ0o5a2UxMlBkMF8wT2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfUEk3J+o
kUKpCYAND5tXnEnbtZV5WjlaTvbXDVpxYKn0b072MQwxbL8ChtyY/wlrtRDQ72bq
M0ttSzxBIWLbfeAZgsrGZ7A/9IG8GVvKgXd/psuMkGY27bNUI8C2PtvxYg7fqUDs
3ZIfHAtawvY4/x+93uOGOLb2fun5bkvV8HpOHoxrSY6urkQu0sDCkVbsmYbSe4dA
9YuNbP+jMr/giOya1jrIrs32OizGXVHPWYtsUc+BYiJQw+tjcWgCm/xvgezp1pAk
6Xb1ALrxkBy1jp1UN79o2BVMsJa0lQVFWwX86VR5pt1afTEC/SH70e5646V9N5KO
Q0yIvYGNnBtONg==
-----END CERTIFICATE-----