Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
File:                     ehKIruzRFJyedF-YZT5okK-iU6s.mft (raw, json)
Hash identifier:          8Clic0jn4golrIdGKjNweczzrJCGwsBQjWX6g+sYU2E=
Subject key identifier:   B3:A7:56:58:3A:2C:BA:D9:E6:53:9F:09:68:E2:76:79:1E:15:7F:2E
Authority key identifier: 7A:12:88:AE:EC:D1:14:9C:9E:74:5F:98:65:3E:68:90:AF:A2:53:AB
Certificate issuer:       /CN=7a1288aeecd1149c9e745f98653e6890afa253ab
Certificate serial:       0196CBA9C0DA34F7F5CDCB7C804D903D08F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
Manifest number:          29
Signing time:             Tue 13 May 2025 22:00:21 +0000
Manifest this update:     Tue 13 May 2025 22:00:21 +0000
Manifest next update:     Wed 14 May 2025 22:00:21 +0000
Files and hashes:         1: ehKIruzRFJyedF-YZT5okK-iU6s.crl (hash: Le14HyLwWnA0zd7PEYTh26rHVmySyQa59mLj+Tdd9YE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cb:a9:c0:da:34:f7:f5:cd:cb:7c:80:4d:90:3d:08:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a1288aeecd1149c9e745f98653e6890afa253ab
        Validity
            Not Before: May 13 22:00:21 2025 GMT
            Not After : May 14 22:00:21 2025 GMT
        Subject: CN=b3a756583a2cbad9e6539f0968e276791e157f2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:3d:56:d7:0f:df:34:02:4e:b3:81:5e:8b:02:
                    fc:98:51:ed:04:ee:60:3d:85:16:09:cd:f3:44:a8:
                    2a:51:55:d1:69:52:3e:9d:c5:4d:08:fa:f0:b9:0a:
                    85:41:e6:10:c2:9a:d5:3c:ff:ca:09:d1:6a:55:59:
                    4a:47:68:da:3f:7a:10:ed:f9:b1:07:cf:27:f5:b3:
                    13:e2:ca:cf:96:a4:00:c6:d3:65:46:a1:63:e9:b4:
                    c0:24:7f:5f:85:16:ff:e2:db:1b:2d:9e:24:d5:e9:
                    d1:29:8d:59:5c:96:fa:c8:d8:35:89:56:61:ac:ea:
                    25:77:dc:61:65:fc:30:f5:2b:cc:6f:86:bc:8b:2e:
                    0d:5d:73:3a:83:60:65:dc:8a:b1:25:db:a1:3c:ad:
                    5a:52:56:47:09:27:19:b3:62:ae:b5:d6:58:01:20:
                    cc:db:12:e3:98:b1:ca:52:46:5a:ee:3a:61:7e:64:
                    0e:9e:63:8c:8f:63:5c:3f:02:f9:ed:32:19:b4:0b:
                    a1:25:26:ec:07:b5:d9:dc:91:9f:93:1d:f5:82:1d:
                    a7:a1:1d:c6:7a:94:e2:3e:32:d8:20:da:a1:e2:4b:
                    1a:60:1f:70:af:99:0c:2a:a2:45:f2:a9:56:da:7d:
                    9d:6d:dd:09:92:c3:48:f4:c6:0d:9f:05:15:f4:55:
                    81:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:A7:56:58:3A:2C:BA:D9:E6:53:9F:09:68:E2:76:79:1E:15:7F:2E
            X509v3 Authority Key Identifier:
                keyid:7A:12:88:AE:EC:D1:14:9C:9E:74:5F:98:65:3E:68:90:AF:A2:53:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:6f:3b:b3:c2:eb:90:59:22:71:8d:a9:21:82:ca:71:34:45:
         e6:30:f2:2e:ba:a2:08:dc:84:ae:25:e0:1e:8c:d9:55:7e:e3:
         a2:6d:1d:8e:be:b8:d5:23:b4:0a:3a:b7:59:ce:fa:32:32:ec:
         86:ab:bc:39:51:92:f6:14:ba:35:ab:17:eb:6a:6a:6f:1d:60:
         11:ff:23:e6:c6:34:99:4c:e3:b4:03:53:0b:f5:1b:27:c5:ad:
         f4:92:6a:93:60:cb:75:63:e9:b3:eb:17:f1:65:fa:16:71:f3:
         b4:c0:9b:dd:d6:d7:ef:47:20:64:9a:9f:e4:5c:64:df:05:ad:
         1f:9a:93:a3:a0:2d:2a:81:df:6c:b8:0e:7c:69:65:b4:45:e9:
         95:bd:fd:ad:e7:69:ab:cf:55:31:4b:c1:fa:59:c8:1e:60:28:
         6e:d2:2e:89:88:7d:fa:09:c9:86:9c:9f:3d:75:0c:bb:6d:61:
         27:ee:0b:65:f7:03:b9:5f:1e:57:8c:23:60:3f:88:ca:80:a3:
         7c:b3:70:6f:e2:1c:d3:b3:a0:60:2e:89:7c:95:6a:bb:ec:a6:
         7d:89:69:18:c6:a6:fc:b4:ad:0a:52:56:a6:a1:ce:9a:aa:85:
         e5:aa:ef:72:91:6e:97:18:b8:46:eb:04:03:35:73:33:20:c0:
         60:5f:8d:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbLqcDaNPf1zct8gE2QPQjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMTI4OGFlZWNkMTE0OWM5ZTc0NWY5ODY1M2U2ODkwYWZh
MjUzYWIwHhcNMjUwNTEzMjIwMDIxWhcNMjUwNTE0MjIwMDIxWjAzMTEwLwYDVQQD
EyhiM2E3NTY1ODNhMmNiYWQ5ZTY1MzlmMDk2OGUyNzY3OTFlMTU3ZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8T1W1w/fNAJOs4FeiwL8mFHtBO5g
PYUWCc3zRKgqUVXRaVI+ncVNCPrwuQqFQeYQwprVPP/KCdFqVVlKR2jaP3oQ7fmx
B88n9bMT4srPlqQAxtNlRqFj6bTAJH9fhRb/4tsbLZ4k1enRKY1ZXJb6yNg1iVZh
rOold9xhZfww9SvMb4a8iy4NXXM6g2Bl3IqxJduhPK1aUlZHCScZs2KutdZYASDM
2xLjmLHKUkZa7jphfmQOnmOMj2NcPwL57TIZtAuhJSbsB7XZ3JGfkx31gh2noR3G
epTiPjLYINqh4ksaYB9wr5kMKqJF8qlW2n2dbd0JksNI9MYNnwUV9FWByQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLOnVlg6LLrZ5lOfCWjidnkeFX8uMB8GA1UdIwQY
MBaAFHoSiK7s0RScnnRfmGU+aJCvolOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iNGYzZDAtYjFkMS00NmJlLWExOTAt
OGUyMDI3Njk1ZDA3LzEvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iNGYzZDAtYjFkMS00NmJlLWExOTAtOGUyMDI3Njk1ZDA3
LzEvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl287s8Lr
kFkicY2pIYLKcTRF5jDyLrqiCNyEriXgHozZVX7jom0djr641SO0Cjq3Wc76MjLs
hqu8OVGS9hS6NasX62pqbx1gEf8j5sY0mUzjtANTC/UbJ8Wt9JJqk2DLdWPps+sX
8WX6FnHztMCb3dbX70cgZJqf5Fxk3wWtH5qTo6AtKoHfbLgOfGlltEXplb39redp
q89VMUvB+lnIHmAobtIuiYh9+gnJhpyfPXUMu21hJ+4LZfcDuV8eV4wjYD+IyoCj
fLNwb+Ic07OgYC6JfJVqu+ymfYlpGMam/LStClJWpqHOmqqF5arvcpFulxi4RusE
AzVzMyDAYF+NsQ==
-----END CERTIFICATE-----