Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
File:                     dqIj-utMXd95nTyiqWDAbB1tHZY.mft (raw, json)
Hash identifier:          4yvzSzUMKl3FbuuY0uei7HwtGsglsi0EkrTnkp+M8JI=
Subject key identifier:   94:E5:CF:19:EC:B4:71:3B:8C:01:71:C0:14:3E:FA:27:DF:7B:BB:8F
Authority key identifier: 76:A2:23:FA:EB:4C:5D:DF:79:9D:3C:A2:A9:60:C0:6C:1D:6D:1D:96
Certificate issuer:       /CN=76a223faeb4c5ddf799d3ca2a960c06c1d6d1d96
Certificate serial:       0196BE935B37147153848F0AFD252DB9BB06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
Manifest number:          0AE3
Signing time:             Sun 11 May 2025 09:00:50 +0000
Manifest this update:     Sun 11 May 2025 09:00:50 +0000
Manifest next update:     Mon 12 May 2025 09:00:50 +0000
Files and hashes:         1: dqIj-utMXd95nTyiqWDAbB1tHZY.crl (hash: 28uIkWy1oiS18EbmHkN7097QLy13ChwK2+cH6qAxpok=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:be:93:5b:37:14:71:53:84:8f:0a:fd:25:2d:b9:bb:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76a223faeb4c5ddf799d3ca2a960c06c1d6d1d96
        Validity
            Not Before: May 11 09:00:50 2025 GMT
            Not After : May 12 09:00:50 2025 GMT
        Subject: CN=94e5cf19ecb4713b8c0171c0143efa27df7bbb8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:8c:7f:ce:f9:e7:b6:5f:2c:1e:43:76:76:14:
                    b9:f4:ee:9b:7f:26:a6:9d:00:03:6c:fd:1e:55:af:
                    86:1d:f1:77:27:e0:da:f0:7e:72:71:ed:fa:38:85:
                    96:dc:67:0b:44:c4:c0:71:e7:c7:bc:08:64:40:f3:
                    45:a5:49:f9:b4:6f:81:85:01:ae:7d:49:c7:56:1c:
                    36:54:6b:85:ea:44:13:b7:8b:ff:9e:08:bf:0d:cb:
                    db:d5:22:1e:6b:1a:8b:d2:da:26:e0:90:6d:18:82:
                    b5:60:bd:bb:5b:28:9a:d3:4e:21:d6:cc:7c:d4:d1:
                    1b:3d:fb:62:84:23:9e:d4:54:d1:72:1f:c2:db:d2:
                    36:d7:df:e8:e0:82:20:11:e4:de:61:e3:f1:49:71:
                    4b:11:a2:a5:0f:22:0e:49:ff:f1:a2:b4:9c:02:b3:
                    44:78:19:e3:50:21:76:94:21:a7:33:5b:dc:03:69:
                    6d:5a:a4:8b:e5:f4:4c:25:9e:7f:16:0d:91:c2:c5:
                    b5:81:ea:46:bf:5d:48:d4:5b:9f:68:b4:19:e5:bf:
                    81:7a:43:ef:5f:ba:2b:f1:fa:f2:a3:b5:19:91:ee:
                    c1:29:1d:8e:5e:e1:1d:28:8e:a9:ee:76:4e:00:b3:
                    ea:02:9d:6f:2f:3f:51:20:a8:bb:f5:fa:a5:41:e8:
                    2f:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:E5:CF:19:EC:B4:71:3B:8C:01:71:C0:14:3E:FA:27:DF:7B:BB:8F
            X509v3 Authority Key Identifier:
                keyid:76:A2:23:FA:EB:4C:5D:DF:79:9D:3C:A2:A9:60:C0:6C:1D:6D:1D:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:d7:cd:04:cd:b1:d0:48:56:de:d2:08:ac:3f:86:26:2e:a0:
         1d:dd:40:aa:cd:08:f5:e7:56:b9:b8:59:67:eb:17:da:5d:56:
         9b:fb:2e:f6:91:fe:4e:13:2c:a1:23:2b:4b:5f:0b:a1:dc:74:
         55:cd:c0:b6:03:bb:1e:bf:f1:31:b6:04:ba:b1:53:4a:e7:26:
         8e:6a:91:85:ef:78:ab:56:ee:9a:74:69:88:67:4f:3f:33:b5:
         0c:42:d3:df:27:0a:84:f3:3c:e7:b3:11:e1:a7:99:f0:45:c6:
         5a:38:61:58:d2:73:89:b9:1e:94:da:58:3c:0e:db:61:47:3b:
         ea:e1:df:b0:b3:39:bc:6d:c2:87:c2:39:d1:3c:b3:3d:ea:ed:
         0c:00:7a:3e:f5:ff:6a:a9:bf:6f:55:23:ce:d2:23:78:7f:31:
         c5:59:86:e7:b1:24:02:6a:40:77:db:b6:51:22:94:94:6c:2f:
         4a:10:8b:8e:cc:1a:a5:2b:00:f0:3f:0e:ec:91:5f:cc:4a:56:
         f2:11:9e:c3:d3:10:41:5a:02:2e:b5:90:36:f2:6e:3c:7b:92:
         a1:b8:ee:c8:84:c3:18:84:f9:22:82:9d:6b:04:0a:df:e5:97:
         ad:5c:e3:bb:50:44:96:f0:b1:e1:d3:3a:a6:8b:be:d3:46:19:
         b5:a5:2f:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+k1s3FHFThI8K/SUtubsGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTIyM2ZhZWI0YzVkZGY3OTlkM2NhMmE5NjBjMDZjMWQ2
ZDFkOTYwHhcNMjUwNTExMDkwMDUwWhcNMjUwNTEyMDkwMDUwWjAzMTEwLwYDVQQD
Eyg5NGU1Y2YxOWVjYjQ3MTNiOGMwMTcxYzAxNDNlZmEyN2RmN2JiYjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA54x/zvnntl8sHkN2dhS59O6bfyam
nQADbP0eVa+GHfF3J+Da8H5yce36OIWW3GcLRMTAcefHvAhkQPNFpUn5tG+BhQGu
fUnHVhw2VGuF6kQTt4v/ngi/Dcvb1SIeaxqL0tom4JBtGIK1YL27Wyia004h1sx8
1NEbPftihCOe1FTRch/C29I219/o4IIgEeTeYePxSXFLEaKlDyIOSf/xorScArNE
eBnjUCF2lCGnM1vcA2ltWqSL5fRMJZ5/Fg2RwsW1gepGv11I1FufaLQZ5b+BekPv
X7or8fryo7UZke7BKR2OXuEdKI6p7nZOALPqAp1vLz9RIKi79fqlQegvmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJTlzxnstHE7jAFxwBQ++iffe7uPMB8GA1UdIwQY
MBaAFHaiI/rrTF3feZ08oqlgwGwdbR2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81ZjBhYjEtMjM1Yy00Y2RhLWI1Mzgt
MWRkZWU4NTVjZGY4LzEvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81ZjBhYjEtMjM1Yy00Y2RhLWI1MzgtMWRkZWU4NTVjZGY4
LzEvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOtfNBM2x
0EhW3tIIrD+GJi6gHd1Aqs0I9edWubhZZ+sX2l1Wm/su9pH+ThMsoSMrS18Lodx0
Vc3AtgO7Hr/xMbYEurFTSucmjmqRhe94q1bumnRpiGdPPzO1DELT3ycKhPM857MR
4aeZ8EXGWjhhWNJzibkelNpYPA7bYUc76uHfsLM5vG3Ch8I50TyzPertDAB6PvX/
aqm/b1UjztIjeH8xxVmG57EkAmpAd9u2USKUlGwvShCLjswapSsA8D8O7JFfzEpW
8hGew9MQQVoCLrWQNvJuPHuSobjuyITDGIT5IoKdawQK3+WXrVzju1BElvCx4dM6
pou+00YZtaUvNQ==
-----END CERTIFICATE-----