Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
File:                     Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft (raw, json)
Hash identifier:          s43BquCTJiIDLYsArqmYNEM697S/XPdkcxCkwYQ1f70=
Subject key identifier:   BC:77:22:62:64:DA:D9:B8:80:1D:7A:8C:58:CC:41:41:85:17:1F:16
Authority key identifier: 03:2D:39:CE:91:BE:86:7C:F5:CE:1B:60:09:D5:26:2C:28:B6:52:09
Certificate issuer:       /CN=032d39ce91be867cf5ce1b6009d5262c28b65209
Certificate serial:       0196DBC1E9C1D2CC59FEECC4F01F52A8997A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
Manifest number:          1540
Signing time:             Sat 17 May 2025 01:00:40 +0000
Manifest this update:     Sat 17 May 2025 01:00:40 +0000
Manifest next update:     Sun 18 May 2025 01:00:40 +0000
Files and hashes:         1: Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl (hash: ggAcL3E1ktNh+V5/04FrXTQp4hH53PtJk642e5VyX1I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 18 May 2025 01:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:db:c1:e9:c1:d2:cc:59:fe:ec:c4:f0:1f:52:a8:99:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=032d39ce91be867cf5ce1b6009d5262c28b65209
        Validity
            Not Before: May 17 01:00:40 2025 GMT
            Not After : May 18 01:00:40 2025 GMT
        Subject: CN=bc77226264dad9b8801d7a8c58cc414185171f16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:82:86:e1:8d:d8:a2:44:b1:1a:ce:25:8a:21:
                    d9:61:52:0e:3f:e4:29:66:c2:07:37:85:5f:7d:64:
                    38:69:0d:2b:6e:62:6c:90:8f:17:7c:3f:b1:52:91:
                    de:1b:1b:dd:be:df:fc:fb:5e:e9:ae:9f:38:51:09:
                    f4:f4:01:59:79:c4:9b:64:cf:5c:e3:94:e7:c7:22:
                    90:81:63:3a:7c:61:b2:e2:75:64:f2:7c:12:9a:77:
                    fa:dc:df:1a:9b:66:67:63:0d:80:6d:fe:dd:dc:79:
                    83:3a:60:14:f1:ae:16:33:33:7b:ad:55:8b:91:10:
                    15:b1:5a:89:e0:93:2f:5a:f7:fe:0d:d0:a0:02:39:
                    78:73:41:43:7b:8a:ef:d4:c2:53:97:9c:5b:7a:2e:
                    29:3d:1a:27:9f:32:4f:0a:8e:c3:48:bc:70:c0:c4:
                    dc:1a:6f:8d:dd:04:d3:02:30:76:75:5c:c7:bb:9b:
                    4b:e6:f7:66:92:25:da:a0:e5:45:c1:fb:55:de:6b:
                    51:30:a8:b7:cc:d6:40:fb:3d:4f:37:d1:32:ac:2b:
                    d3:90:6e:e5:0c:f9:95:e7:f2:88:58:07:10:fe:ac:
                    93:00:47:5c:b1:e7:a3:3b:72:76:b7:c0:31:4e:1e:
                    d2:42:9b:50:62:c8:bb:54:a5:2e:aa:1b:f8:65:87:
                    c9:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:77:22:62:64:DA:D9:B8:80:1D:7A:8C:58:CC:41:41:85:17:1F:16
            X509v3 Authority Key Identifier:
                keyid:03:2D:39:CE:91:BE:86:7C:F5:CE:1B:60:09:D5:26:2C:28:B6:52:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:0f:6c:3f:db:23:5e:df:cc:50:b9:bf:9f:5a:77:f8:85:cc:
         e8:18:69:1d:79:03:3b:4a:ef:d4:e0:80:f4:12:6a:3b:9f:5d:
         83:00:e9:8f:00:42:e9:ca:50:15:31:f8:12:9a:1b:52:ae:8c:
         d7:e0:e8:ed:80:cc:42:96:45:39:85:14:a3:33:e9:b8:9b:c9:
         65:36:12:89:55:c7:19:a9:3b:47:74:90:0d:37:e2:ec:1b:dd:
         32:9e:11:e3:52:32:bd:fd:95:f3:58:02:9c:43:cc:b9:48:5f:
         e3:fe:c4:a7:2a:e3:ed:b1:3e:7a:1b:32:8a:b2:9a:76:8f:90:
         a2:36:05:79:fe:98:d5:5e:4e:1e:a3:74:f1:9e:97:07:6c:fd:
         bb:28:b7:54:8c:2a:a1:61:9e:6e:19:d7:89:9b:d5:6b:98:f9:
         48:2f:89:e8:31:ae:a4:1c:3c:4b:c8:ca:74:51:d7:fd:8b:eb:
         8c:f9:57:96:a3:99:f4:1f:de:e1:bf:fb:85:49:8f:dd:ca:ba:
         28:22:a2:a7:d8:f2:0a:09:ae:38:fc:27:4a:a2:8c:5f:76:84:
         62:e3:3c:44:03:b7:cb:e8:19:b8:e6:ac:4a:f8:86:91:b3:89:
         f9:73:9d:c5:a3:ae:da:6d:c6:8e:99:f9:27:c1:dd:aa:d4:51:
         28:25:fb:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbbwenB0sxZ/uzE8B9SqJl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmQzOWNlOTFiZTg2N2NmNWNlMWI2MDA5ZDUyNjJjMjhi
NjUyMDkwHhcNMjUwNTE3MDEwMDQwWhcNMjUwNTE4MDEwMDQwWjAzMTEwLwYDVQQD
EyhiYzc3MjI2MjY0ZGFkOWI4ODAxZDdhOGM1OGNjNDE0MTg1MTcxZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IKG4Y3YokSxGs4liiHZYVIOP+Qp
ZsIHN4VffWQ4aQ0rbmJskI8XfD+xUpHeGxvdvt/8+17prp84UQn09AFZecSbZM9c
45TnxyKQgWM6fGGy4nVk8nwSmnf63N8am2ZnYw2Abf7d3HmDOmAU8a4WMzN7rVWL
kRAVsVqJ4JMvWvf+DdCgAjl4c0FDe4rv1MJTl5xbei4pPRonnzJPCo7DSLxwwMTc
Gm+N3QTTAjB2dVzHu5tL5vdmkiXaoOVFwftV3mtRMKi3zNZA+z1PN9EyrCvTkG7l
DPmV5/KIWAcQ/qyTAEdcseejO3J2t8AxTh7SQptQYsi7VKUuqhv4ZYfJKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLx3ImJk2tm4gB16jFjMQUGFFx8WMB8GA1UdIwQY
MBaAFAMtOc6RvoZ89c4bYAnVJiwotlIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jYmU4ZTctNWE3OC00NTU4LTk5NTEt
ODRhY2NlY2M1MWYwLzEvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jYmU4ZTctNWE3OC00NTU4LTk5NTEtODRhY2NlY2M1MWYw
LzEvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHw9sP9sj
Xt/MULm/n1p3+IXM6BhpHXkDO0rv1OCA9BJqO59dgwDpjwBC6cpQFTH4EpobUq6M
1+Do7YDMQpZFOYUUozPpuJvJZTYSiVXHGak7R3SQDTfi7BvdMp4R41Iyvf2V81gC
nEPMuUhf4/7Epyrj7bE+ehsyirKado+QojYFef6Y1V5OHqN08Z6XB2z9uyi3VIwq
oWGebhnXiZvVa5j5SC+J6DGupBw8S8jKdFHX/YvrjPlXlqOZ9B/e4b/7hUmP3cq6
KCKip9jyCgmuOPwnSqKMX3aEYuM8RAO3y+gZuOasSviGkbOJ+XOdxaOu2m3Gjpn5
J8HdqtRRKCX7FQ==
-----END CERTIFICATE-----