Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft
File:                     z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft (raw, json)
Hash identifier:          WL1juNkQhv48zBg+u64PmzYe7RU4XZnGDazlGz5eqNg=
Subject key identifier:   12:AB:40:C3:42:94:41:58:30:06:81:0C:20:2D:EC:32:26:6E:6B:11
Authority key identifier: CF:A5:CE:C1:43:A2:AF:1E:D1:C2:D9:96:96:F1:F1:68:7F:45:86:49
Certificate issuer:       /CN=cfa5cec143a2af1ed1c2d99696f1f1687f458649
Certificate serial:       0196AFFC413F7AA36BE9BF6E2340D707F006
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z6XOwUOirx7RwtmWlvHxaH9Fhkk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft
Manifest number:          152A
Signing time:             Thu 08 May 2025 13:01:06 +0000
Manifest this update:     Thu 08 May 2025 13:01:06 +0000
Manifest next update:     Fri 09 May 2025 13:01:06 +0000
Files and hashes:         1: z6XOwUOirx7RwtmWlvHxaH9Fhkk.crl (hash: zMXWTx6NSeh+FwRglwIPxYspJVZGRgK8gwyLoWBXUL8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z6XOwUOirx7RwtmWlvHxaH9Fhkk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 13:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:af:fc:41:3f:7a:a3:6b:e9:bf:6e:23:40:d7:07:f0:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfa5cec143a2af1ed1c2d99696f1f1687f458649
        Validity
            Not Before: May  8 13:01:06 2025 GMT
            Not After : May  9 13:01:06 2025 GMT
        Subject: CN=12ab40c3429441583006810c202dec32266e6b11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:e7:b9:8c:dd:8e:59:ff:2d:46:85:23:11:d5:
                    70:5d:f7:2e:61:63:a8:ea:b8:53:6b:3d:74:b2:00:
                    dd:1f:ba:d1:08:53:95:28:3a:0a:57:31:88:65:64:
                    60:68:f4:a6:b1:74:1b:df:ba:61:3c:83:dd:7f:94:
                    5d:22:2d:c2:dd:5a:f7:da:d7:ea:48:e9:b3:3c:31:
                    c3:ab:8f:4b:f3:d2:45:08:a9:7c:13:e9:1c:8e:c3:
                    03:04:6d:e7:09:f1:61:52:78:a3:b1:0a:a4:1d:cd:
                    ec:02:5c:b1:e8:d8:7c:db:41:8f:a4:51:ac:b9:d2:
                    24:2d:58:c9:8a:aa:b2:14:5f:5f:d0:0c:46:78:ee:
                    57:91:da:5f:b1:ef:52:df:24:62:a8:e1:31:58:c6:
                    1e:4b:1c:50:ce:cb:22:11:3d:21:e2:38:2a:a2:ab:
                    dd:14:03:08:40:eb:63:ff:d5:a5:b1:1a:70:f3:e6:
                    94:42:f8:dc:1c:bf:6c:8f:d6:45:12:e8:60:af:75:
                    ac:91:f1:8d:c7:b7:c5:2b:28:d1:31:e7:cb:1a:ac:
                    c5:8c:0f:03:e6:3b:aa:d4:da:52:25:58:2e:a4:55:
                    60:69:c0:03:fa:f7:21:e9:ed:62:33:74:69:67:98:
                    06:88:bc:d4:ae:8a:e7:70:0d:48:57:ad:90:8e:9a:
                    62:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:AB:40:C3:42:94:41:58:30:06:81:0C:20:2D:EC:32:26:6E:6B:11
            X509v3 Authority Key Identifier:
                keyid:CF:A5:CE:C1:43:A2:AF:1E:D1:C2:D9:96:96:F1:F1:68:7F:45:86:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z6XOwUOirx7RwtmWlvHxaH9Fhkk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:77:84:a5:b8:bc:2b:78:71:e5:15:02:83:28:e7:a1:8b:a7:
         b6:be:6e:c9:17:81:c8:53:8c:a0:44:19:6e:c4:e1:f9:13:ca:
         36:f3:78:7f:50:1c:9f:f3:17:df:20:f0:0d:3e:64:38:8d:ec:
         f5:e7:d9:0f:ec:1c:d1:9b:4e:c6:34:ca:26:42:24:5a:96:16:
         bd:ab:31:7e:20:d1:1d:6b:da:da:7f:41:79:1a:d9:f7:e8:ad:
         0e:ab:fe:60:a9:45:c6:52:db:a6:52:33:eb:09:52:40:13:87:
         fb:1b:50:0c:93:d2:cc:65:22:9b:ee:79:4b:f7:cf:bc:ec:14:
         fa:62:31:d1:2b:27:7c:38:e8:27:bb:d1:32:fa:3b:2a:bb:db:
         32:b6:fb:c6:43:f7:8b:b1:d2:19:01:a1:0a:38:be:c3:80:9f:
         85:ba:f5:99:d3:a7:d0:99:1d:a6:20:8a:0d:04:ab:91:f7:2a:
         7a:ee:03:36:d0:4a:78:cc:96:12:79:fc:f3:6d:3a:f9:db:64:
         11:86:78:e6:a0:bd:29:3c:7b:37:65:94:74:6a:a4:0d:ed:d1:
         9b:8f:1f:1a:2f:78:a2:cf:e3:71:fb:a4:95:46:55:50:ae:24:
         86:b5:46:d5:7a:76:3f:06:13:4d:45:90:be:d3:d8:ec:a2:48:
         ec:87:92:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZav/EE/eqNr6b9uI0DXB/AGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYTVjZWMxNDNhMmFmMWVkMWMyZDk5Njk2ZjFmMTY4N2Y0
NTg2NDkwHhcNMjUwNTA4MTMwMTA2WhcNMjUwNTA5MTMwMTA2WjAzMTEwLwYDVQQD
EygxMmFiNDBjMzQyOTQ0MTU4MzAwNjgxMGMyMDJkZWMzMjI2NmU2YjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ee5jN2OWf8tRoUjEdVwXfcuYWOo
6rhTaz10sgDdH7rRCFOVKDoKVzGIZWRgaPSmsXQb37phPIPdf5RdIi3C3Vr32tfq
SOmzPDHDq49L89JFCKl8E+kcjsMDBG3nCfFhUnijsQqkHc3sAlyx6Nh820GPpFGs
udIkLVjJiqqyFF9f0AxGeO5Xkdpfse9S3yRiqOExWMYeSxxQzssiET0h4jgqoqvd
FAMIQOtj/9WlsRpw8+aUQvjcHL9sj9ZFEuhgr3WskfGNx7fFKyjRMefLGqzFjA8D
5juq1NpSJVgupFVgacAD+vch6e1iM3RpZ5gGiLzUrorncA1IV62Qjppi+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBKrQMNClEFYMAaBDCAt7DImbmsRMB8GA1UdIwQY
MBaAFM+lzsFDoq8e0cLZlpbx8Wh/RYZJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejZYT3dVT2lyeDdSd3RtV2x2SHhhSDlGaGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOWUwZDktNTJhMi00MzdjLTg5NWYt
NGM1ODJjMjhmYmEzLzEvejZYT3dVT2lyeDdSd3RtV2x2SHhhSDlGaGtrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOWUwZDktNTJhMi00MzdjLTg5NWYtNGM1ODJjMjhmYmEz
LzEvejZYT3dVT2lyeDdSd3RtV2x2SHhhSDlGaGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiXeEpbi8
K3hx5RUCgyjnoYuntr5uyReByFOMoEQZbsTh+RPKNvN4f1Acn/MX3yDwDT5kOI3s
9efZD+wc0ZtOxjTKJkIkWpYWvasxfiDRHWva2n9BeRrZ9+itDqv+YKlFxlLbplIz
6wlSQBOH+xtQDJPSzGUim+55S/fPvOwU+mIx0SsnfDjoJ7vRMvo7KrvbMrb7xkP3
i7HSGQGhCji+w4Cfhbr1mdOn0JkdpiCKDQSrkfcqeu4DNtBKeMyWEnn88206+dtk
EYZ45qC9KTx7N2WUdGqkDe3Rm48fGi94os/jcfuklUZVUK4khrVG1Xp2PwYTTUWQ
vtPY7KJI7IeSyA==
-----END CERTIFICATE-----