Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/b66986-8f6b-46b9-bccd-f7369f9dcc9c/1/in1zAecVR30mgJu6u0zQMr07Vhg.mft
File:                     in1zAecVR30mgJu6u0zQMr07Vhg.mft (raw, json)
Hash identifier:          9e0a8iI3iTOvR+lnptHLjpq7jHjvtOTJABO6lOVxwDA=
Subject key identifier:   C2:B8:04:28:4D:73:78:0D:4E:08:47:C7:4F:63:07:A3:AD:CD:71:DB
Authority key identifier: 8A:7D:73:01:E7:15:47:7D:26:80:9B:BA:BB:4C:D0:32:BD:3B:56:18
Certificate issuer:       /CN=8a7d7301e715477d26809bbabb4cd032bd3b5618
Certificate serial:       0196C9F2B6F218ACE2744D2C3CDEE2694216
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/in1zAecVR30mgJu6u0zQMr07Vhg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/b66986-8f6b-46b9-bccd-f7369f9dcc9c/1/in1zAecVR30mgJu6u0zQMr07Vhg.mft
Manifest number:          01E9
Signing time:             Tue 13 May 2025 14:00:49 +0000
Manifest this update:     Tue 13 May 2025 14:00:49 +0000
Manifest next update:     Wed 14 May 2025 14:00:49 +0000
Files and hashes:         1: in1zAecVR30mgJu6u0zQMr07Vhg.crl (hash: o4d5zxt/LOlr2Lf7iU8VclLQF8iK8Zt6Gtr+uQwMt1Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/b66986-8f6b-46b9-bccd-f7369f9dcc9c/1/in1zAecVR30mgJu6u0zQMr07Vhg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/b66986-8f6b-46b9-bccd-f7369f9dcc9c/1/in1zAecVR30mgJu6u0zQMr07Vhg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/in1zAecVR30mgJu6u0zQMr07Vhg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 13:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c9:f2:b6:f2:18:ac:e2:74:4d:2c:3c:de:e2:69:42:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a7d7301e715477d26809bbabb4cd032bd3b5618
        Validity
            Not Before: May 13 14:00:49 2025 GMT
            Not After : May 14 14:00:49 2025 GMT
        Subject: CN=c2b804284d73780d4e0847c74f6307a3adcd71db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:c4:0b:0f:20:2c:19:a4:d1:3e:9e:ab:7a:7e:
                    55:ea:cf:2b:1b:ef:7a:9a:73:af:cc:ce:8f:fd:1d:
                    7f:1f:d9:db:d9:41:39:d7:6d:d0:aa:75:f6:f9:a3:
                    36:d9:56:38:c7:34:1d:be:5f:aa:a5:98:ad:fe:34:
                    de:1a:6e:d3:cb:b0:dd:6f:9a:7b:05:7e:e1:df:38:
                    40:a3:be:a1:a6:25:70:d3:98:5b:26:a1:7b:6f:bc:
                    57:78:64:3b:8b:6c:68:a6:ff:7e:32:10:92:14:41:
                    a3:db:9d:94:d0:49:e2:85:4f:a8:aa:08:a6:6f:ee:
                    97:e6:22:28:f3:d6:b0:69:d2:38:36:b2:77:11:8f:
                    e3:fa:be:2b:26:a0:2e:4e:b3:3e:cf:36:ad:f5:14:
                    2f:c3:01:6c:84:88:10:03:cf:8d:2d:bf:91:dd:fb:
                    29:ae:b1:d7:28:b1:97:12:3e:d2:d8:64:67:93:84:
                    79:67:2d:a6:f7:8c:05:16:f7:ac:14:7c:5e:25:3a:
                    40:df:cf:ab:c1:42:41:78:a4:75:73:01:35:fd:b8:
                    fc:8b:2b:09:b0:6b:1f:23:b2:5c:90:80:43:0e:d8:
                    bc:8e:e0:e7:fb:e5:04:84:c3:e2:70:f0:83:b4:18:
                    75:99:19:42:46:e4:fd:39:01:08:fd:bb:68:ca:2b:
                    84:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:B8:04:28:4D:73:78:0D:4E:08:47:C7:4F:63:07:A3:AD:CD:71:DB
            X509v3 Authority Key Identifier:
                keyid:8A:7D:73:01:E7:15:47:7D:26:80:9B:BA:BB:4C:D0:32:BD:3B:56:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/in1zAecVR30mgJu6u0zQMr07Vhg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b66986-8f6b-46b9-bccd-f7369f9dcc9c/1/in1zAecVR30mgJu6u0zQMr07Vhg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b66986-8f6b-46b9-bccd-f7369f9dcc9c/1/in1zAecVR30mgJu6u0zQMr07Vhg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:36:c1:15:62:23:9a:fe:37:93:63:28:6c:ca:57:9e:60:8f:
         e6:bc:cc:d6:5a:e1:1c:52:e4:69:40:b6:fa:5c:d8:87:7e:03:
         f7:93:8d:f7:d8:64:8b:1b:a3:68:03:9e:4d:c0:e4:48:a8:1a:
         df:10:c8:b3:54:65:2a:56:cd:81:c5:e4:31:0d:8e:df:8b:79:
         5d:d5:22:ec:e8:cf:ee:88:ae:95:e9:e0:f3:a8:eb:b7:27:60:
         c7:c2:26:f3:a8:25:1b:e7:77:00:85:9f:c1:60:9d:3e:f7:77:
         01:5b:34:8b:73:ee:37:f7:b4:3c:8d:c7:44:56:ea:79:70:91:
         59:20:0c:d4:4c:12:6d:27:c1:94:18:52:48:c8:cd:96:f7:46:
         80:7c:dd:4f:41:4b:5a:ae:16:e2:e4:26:96:bc:7b:9a:5b:1d:
         b4:ce:53:50:dd:97:08:6f:f1:31:7f:67:df:31:d4:18:4d:65:
         c5:58:9e:b2:46:8c:e3:75:bb:af:2e:2a:b4:f1:7b:9a:c6:ab:
         92:91:84:a7:29:16:dc:08:4d:89:03:d9:00:c3:79:f9:e2:a4:
         96:ec:31:37:f2:fd:cf:12:97:22:b5:7e:80:f8:ae:7f:9a:ee:
         8e:9a:c8:8c:be:1b:04:50:dc:05:10:c5:26:89:71:aa:b2:50:
         0e:0c:8b:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbJ8rbyGKzidE0sPN7iaUIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhN2Q3MzAxZTcxNTQ3N2QyNjgwOWJiYWJiNGNkMDMyYmQz
YjU2MTgwHhcNMjUwNTEzMTQwMDQ5WhcNMjUwNTE0MTQwMDQ5WjAzMTEwLwYDVQQD
EyhjMmI4MDQyODRkNzM3ODBkNGUwODQ3Yzc0ZjYzMDdhM2FkY2Q3MWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8QLDyAsGaTRPp6ren5V6s8rG+96
mnOvzM6P/R1/H9nb2UE5123QqnX2+aM22VY4xzQdvl+qpZit/jTeGm7Ty7Ddb5p7
BX7h3zhAo76hpiVw05hbJqF7b7xXeGQ7i2xopv9+MhCSFEGj252U0EnihU+oqgim
b+6X5iIo89awadI4NrJ3EY/j+r4rJqAuTrM+zzat9RQvwwFshIgQA8+NLb+R3fsp
rrHXKLGXEj7S2GRnk4R5Zy2m94wFFvesFHxeJTpA38+rwUJBeKR1cwE1/bj8iysJ
sGsfI7JckIBDDti8juDn++UEhMPicPCDtBh1mRlCRuT9OQEI/btoyiuEGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMK4BChNc3gNTghHx09jB6OtzXHbMB8GA1UdIwQY
MBaAFIp9cwHnFUd9JoCburtM0DK9O1YYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW4xekFlY1ZSMzBtZ0p1NnUwelFNcjA3VmhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9iNjY5ODYtOGY2Yi00NmI5LWJjY2Qt
ZjczNjlmOWRjYzljLzEvaW4xekFlY1ZSMzBtZ0p1NnUwelFNcjA3VmhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9iNjY5ODYtOGY2Yi00NmI5LWJjY2QtZjczNjlmOWRjYzlj
LzEvaW4xekFlY1ZSMzBtZ0p1NnUwelFNcjA3VmhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsTbBFWIj
mv43k2MobMpXnmCP5rzM1lrhHFLkaUC2+lzYh34D95ON99hkixujaAOeTcDkSKga
3xDIs1RlKlbNgcXkMQ2O34t5XdUi7OjP7oiuleng86jrtydgx8Im86glG+d3AIWf
wWCdPvd3AVs0i3PuN/e0PI3HRFbqeXCRWSAM1EwSbSfBlBhSSMjNlvdGgHzdT0FL
Wq4W4uQmlrx7mlsdtM5TUN2XCG/xMX9n3zHUGE1lxVieskaM43W7ry4qtPF7msar
kpGEpykW3AhNiQPZAMN5+eKkluwxN/L9zxKXIrV+gPiuf5rujprIjL4bBFDcBRDF
JolxqrJQDgyLGQ==
-----END CERTIFICATE-----