Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/5e0e4f-746c-4908-855d-e77e0e21b16a/1/8mH6H-bcCfpU0a9ZwuEAzRQSx_A.mft
File:                     8mH6H-bcCfpU0a9ZwuEAzRQSx_A.mft (raw, json)
Hash identifier:          h3l7B1eyVef6ie018k0uCsvqzFXTUzJP0KT58Xa6H5k=
Subject key identifier:   43:D2:2F:6B:DB:56:04:DA:A0:1F:79:17:63:58:D0:B3:E1:62:C1:13
Authority key identifier: F2:61:FA:1F:E6:DC:09:FA:54:D1:AF:59:C2:E1:00:CD:14:12:C7:F0
Certificate issuer:       /CN=f261fa1fe6dc09fa54d1af59c2e100cd1412c7f0
Certificate serial:       0196A088EFECB062341C92EE04E53AFA94C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8mH6H-bcCfpU0a9ZwuEAzRQSx_A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/5e0e4f-746c-4908-855d-e77e0e21b16a/1/8mH6H-bcCfpU0a9ZwuEAzRQSx_A.mft
Manifest number:          1523
Signing time:             Mon 05 May 2025 13:00:50 +0000
Manifest this update:     Mon 05 May 2025 13:00:50 +0000
Manifest next update:     Tue 06 May 2025 13:00:50 +0000
Files and hashes:         1: 8mH6H-bcCfpU0a9ZwuEAzRQSx_A.crl (hash: q0EWISEFK2j551aXOYhJuQ4vr4gmAx2aSliilhgXrkQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/5e0e4f-746c-4908-855d-e77e0e21b16a/1/8mH6H-bcCfpU0a9ZwuEAzRQSx_A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/5e0e4f-746c-4908-855d-e77e0e21b16a/1/8mH6H-bcCfpU0a9ZwuEAzRQSx_A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8mH6H-bcCfpU0a9ZwuEAzRQSx_A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a0:88:ef:ec:b0:62:34:1c:92:ee:04:e5:3a:fa:94:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f261fa1fe6dc09fa54d1af59c2e100cd1412c7f0
        Validity
            Not Before: May  5 13:00:50 2025 GMT
            Not After : May  6 13:00:50 2025 GMT
        Subject: CN=43d22f6bdb5604daa01f79176358d0b3e162c113
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:07:41:c7:ab:0a:ac:3a:23:67:bc:65:88:5d:
                    2b:28:23:b4:83:4d:1f:f6:1d:9f:55:95:58:7f:1b:
                    9e:44:3f:ab:af:38:b2:e1:00:72:40:58:32:0b:9b:
                    31:7e:16:31:7f:df:b2:e7:c3:27:bc:90:21:1e:86:
                    1d:7b:00:8e:96:27:e6:0c:d4:1b:43:92:98:58:f0:
                    7e:eb:36:4f:85:41:bb:b0:41:df:c2:77:e6:b6:13:
                    6d:58:5d:c2:97:f2:2c:b2:92:46:c0:56:16:83:57:
                    66:66:a6:25:75:36:24:33:0a:c4:9a:9f:77:da:09:
                    03:32:df:46:77:7c:7c:3c:4c:85:87:95:ea:01:c3:
                    05:f7:96:3b:3e:98:8a:ce:2f:14:01:e4:09:5b:6e:
                    1b:36:d0:90:d7:8f:32:80:aa:ef:86:9f:33:5b:92:
                    09:ee:1e:73:1d:fe:8e:4a:e6:b8:40:f9:d1:c0:1a:
                    50:4d:40:2b:75:0f:ea:17:2e:df:8e:bc:44:a0:93:
                    07:23:ba:ab:09:ea:a6:f9:60:20:05:b7:6d:33:4b:
                    1b:e6:d7:1e:fe:94:26:2b:9b:0f:3d:f4:f6:92:5c:
                    2d:19:05:23:f3:91:62:5a:22:5f:b3:c1:b5:95:05:
                    9f:97:49:cc:ad:24:c7:d3:b4:1d:c7:da:65:ea:24:
                    31:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:D2:2F:6B:DB:56:04:DA:A0:1F:79:17:63:58:D0:B3:E1:62:C1:13
            X509v3 Authority Key Identifier:
                keyid:F2:61:FA:1F:E6:DC:09:FA:54:D1:AF:59:C2:E1:00:CD:14:12:C7:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8mH6H-bcCfpU0a9ZwuEAzRQSx_A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5e0e4f-746c-4908-855d-e77e0e21b16a/1/8mH6H-bcCfpU0a9ZwuEAzRQSx_A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5e0e4f-746c-4908-855d-e77e0e21b16a/1/8mH6H-bcCfpU0a9ZwuEAzRQSx_A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:eb:bc:dd:74:76:4f:40:13:b1:49:e1:d4:cf:d6:44:ef:b6:
         99:7c:e0:89:4c:5c:e1:20:91:93:37:a3:e9:6f:12:1a:df:0a:
         4a:07:7a:8c:bd:4a:8d:16:09:bb:7d:46:36:3c:69:95:43:62:
         05:e0:da:b1:dc:3d:7f:34:ed:4a:65:47:a0:9a:73:53:ac:e1:
         52:d5:f6:05:6f:e8:b9:6c:94:cd:06:2e:d1:93:b7:3c:11:4f:
         a8:a8:04:77:35:f4:03:d7:64:6c:d9:66:25:4b:fa:81:46:a4:
         cd:25:2a:93:fa:a7:70:bb:88:f1:a7:62:cf:e5:da:81:7a:14:
         f0:ee:db:36:f0:7e:1e:96:f9:c7:7d:7f:ca:6c:32:b1:94:68:
         a2:84:a1:2a:81:11:b1:98:f1:4a:72:7b:c0:ec:c0:83:d0:da:
         f7:68:8f:c6:6f:1c:f6:b1:88:df:11:6a:32:5c:ae:5c:51:ea:
         2d:d7:fb:81:61:a8:a0:aa:a0:be:40:63:02:70:c6:b5:13:2d:
         14:31:c7:d3:26:a5:39:20:f8:e5:38:28:5d:6e:6d:7a:7c:7a:
         8d:ff:34:3a:ca:fd:b8:0b:0b:4a:99:ec:0b:d7:dd:ae:98:70:
         08:2a:55:28:ed:b9:bb:28:1d:1c:30:c0:a2:f4:96:a2:30:3c:
         2f:36:ca:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZagiO/ssGI0HJLuBOU6+pTCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNjFmYTFmZTZkYzA5ZmE1NGQxYWY1OWMyZTEwMGNkMTQx
MmM3ZjAwHhcNMjUwNTA1MTMwMDUwWhcNMjUwNTA2MTMwMDUwWjAzMTEwLwYDVQQD
Eyg0M2QyMmY2YmRiNTYwNGRhYTAxZjc5MTc2MzU4ZDBiM2UxNjJjMTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgdBx6sKrDojZ7xliF0rKCO0g00f
9h2fVZVYfxueRD+rrziy4QByQFgyC5sxfhYxf9+y58MnvJAhHoYdewCOlifmDNQb
Q5KYWPB+6zZPhUG7sEHfwnfmthNtWF3Cl/IsspJGwFYWg1dmZqYldTYkMwrEmp93
2gkDMt9Gd3x8PEyFh5XqAcMF95Y7PpiKzi8UAeQJW24bNtCQ148ygKrvhp8zW5IJ
7h5zHf6OSua4QPnRwBpQTUArdQ/qFy7fjrxEoJMHI7qrCeqm+WAgBbdtM0sb5tce
/pQmK5sPPfT2klwtGQUj85FiWiJfs8G1lQWfl0nMrSTH07Qdx9pl6iQxxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPSL2vbVgTaoB95F2NY0LPhYsETMB8GA1UdIwQY
MBaAFPJh+h/m3An6VNGvWcLhAM0UEsfwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG1INkgtYmNDZnBVMGE5Wnd1RUF6UlFTeF9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi81ZTBlNGYtNzQ2Yy00OTA4LTg1NWQt
ZTc3ZTBlMjFiMTZhLzEvOG1INkgtYmNDZnBVMGE5Wnd1RUF6UlFTeF9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi81ZTBlNGYtNzQ2Yy00OTA4LTg1NWQtZTc3ZTBlMjFiMTZh
LzEvOG1INkgtYmNDZnBVMGE5Wnd1RUF6UlFTeF9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH+u83XR2
T0ATsUnh1M/WRO+2mXzgiUxc4SCRkzej6W8SGt8KSgd6jL1KjRYJu31GNjxplUNi
BeDasdw9fzTtSmVHoJpzU6zhUtX2BW/ouWyUzQYu0ZO3PBFPqKgEdzX0A9dkbNlm
JUv6gUakzSUqk/qncLuI8adiz+XagXoU8O7bNvB+Hpb5x31/ymwysZRoooShKoER
sZjxSnJ7wOzAg9Da92iPxm8c9rGI3xFqMlyuXFHqLdf7gWGooKqgvkBjAnDGtRMt
FDHH0yalOSD45TgoXW5tenx6jf80Osr9uAsLSpnsC9fdrphwCCpVKO25uygdHDDA
ovSWojA8LzbKTg==
-----END CERTIFICATE-----