Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
File:                     h16pmc28YATHGlRwyg7HrnOCCPo.mft (raw, json)
Hash identifier:          pIJI/JUHZWmrYrvhvvD6ePuAQZCzWADiehlJtr/SJTQ=
Subject key identifier:   90:A4:2E:79:B7:72:54:BF:9B:6E:06:5F:40:57:FE:B4:12:40:C7:B2
Authority key identifier: 87:5E:A9:99:CD:BC:60:04:C7:1A:54:70:CA:0E:C7:AE:73:82:08:FA
Certificate issuer:       /CN=875ea999cdbc6004c71a5470ca0ec7ae738208fa
Certificate serial:       0196CD61971006E8F7DAFA4440E064291E41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
Manifest number:          049D
Signing time:             Wed 14 May 2025 06:00:47 +0000
Manifest this update:     Wed 14 May 2025 06:00:47 +0000
Manifest next update:     Thu 15 May 2025 06:00:47 +0000
Files and hashes:         1: h16pmc28YATHGlRwyg7HrnOCCPo.crl (hash: o5g/MM3VA5lgjGtDJEq0Zw2WQb8vrndWI0EWNTEqcCw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cd:61:97:10:06:e8:f7:da:fa:44:40:e0:64:29:1e:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=875ea999cdbc6004c71a5470ca0ec7ae738208fa
        Validity
            Not Before: May 14 06:00:47 2025 GMT
            Not After : May 15 06:00:47 2025 GMT
        Subject: CN=90a42e79b77254bf9b6e065f4057feb41240c7b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:c4:95:df:82:98:a7:b4:87:b4:6d:44:3c:79:
                    b0:6c:7e:e0:ef:44:76:8c:f6:f6:83:6e:45:b3:b5:
                    5f:d3:3a:a5:26:05:08:98:55:d5:5a:1a:62:43:0c:
                    d1:bf:13:59:50:0f:ad:99:b5:d8:c4:f5:57:57:8b:
                    fb:a2:d4:99:13:36:07:c2:1a:99:a8:d1:4c:92:e2:
                    93:1e:5e:d9:cd:d3:45:91:de:6e:ae:b6:37:6b:fd:
                    10:b5:11:a8:1c:41:20:4a:cf:61:77:45:3e:5c:85:
                    22:5b:c5:a8:06:bb:3a:44:43:02:2a:fa:ff:09:11:
                    6c:2b:d0:7f:90:33:39:37:35:d3:c2:b6:d5:f3:08:
                    2c:5d:f8:ef:d6:e7:b7:a1:c5:28:28:e4:a0:43:63:
                    42:83:22:ab:c1:9f:a1:86:c3:6e:3b:4d:df:82:c5:
                    df:6f:9e:d2:b2:6f:9d:d5:ba:62:17:ea:9f:fb:38:
                    d2:bf:c4:a2:33:22:b1:b8:78:13:ff:8a:ad:c8:43:
                    6b:01:ef:58:23:e7:10:cd:c8:a8:7c:f8:be:4b:a6:
                    d0:2f:de:1f:24:4e:d7:f0:87:89:8e:68:15:a4:53:
                    0c:db:91:90:ba:75:97:f4:19:45:a0:cd:d7:31:ca:
                    30:c3:54:98:bd:01:0d:94:60:03:56:c3:52:a3:f0:
                    c2:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:A4:2E:79:B7:72:54:BF:9B:6E:06:5F:40:57:FE:B4:12:40:C7:B2
            X509v3 Authority Key Identifier:
                keyid:87:5E:A9:99:CD:BC:60:04:C7:1A:54:70:CA:0E:C7:AE:73:82:08:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:ab:c3:43:eb:6d:bf:bb:47:16:d4:0d:35:e3:82:8c:00:23:
         14:b7:97:fd:cf:0e:cc:11:e2:42:25:ff:12:fa:ff:57:e6:7e:
         f8:56:57:8c:23:d2:18:8e:2f:5e:09:ea:fc:c2:68:0f:81:98:
         e0:78:7e:7a:e7:8f:0c:0f:5b:95:71:fd:84:20:c7:34:e8:d0:
         b6:3c:42:f5:67:20:ed:84:40:07:f8:4c:3e:8b:4b:71:b3:71:
         1b:92:1f:df:33:89:f6:ca:a6:9f:ff:e5:18:f9:75:46:94:bb:
         99:34:43:69:1e:6b:07:a7:cd:fd:fb:65:ba:17:b5:6f:a1:46:
         71:eb:08:c2:1f:89:79:57:d6:74:c8:81:57:aa:e9:6f:f9:0f:
         63:f8:3c:e0:c9:76:60:b2:e1:04:76:8b:09:f7:cf:75:4d:83:
         ef:cb:11:f0:53:3f:21:d0:51:62:5b:dd:4c:8e:9b:43:b0:3a:
         2a:16:03:34:a9:3f:df:d5:0e:3f:26:ea:66:5f:17:71:1f:bc:
         33:87:e8:80:42:ec:bb:2c:5a:83:99:1d:ed:64:82:55:b5:f4:
         8f:7d:39:f1:55:ce:03:b0:45:9c:50:85:84:57:0c:93:63:ab:
         39:4f:af:68:80:3a:68:c5:1f:7d:c0:bf:29:ff:b8:ec:48:ea:
         24:89:19:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbNYZcQBuj32vpEQOBkKR5BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NWVhOTk5Y2RiYzYwMDRjNzFhNTQ3MGNhMGVjN2FlNzM4
MjA4ZmEwHhcNMjUwNTE0MDYwMDQ3WhcNMjUwNTE1MDYwMDQ3WjAzMTEwLwYDVQQD
Eyg5MGE0MmU3OWI3NzI1NGJmOWI2ZTA2NWY0MDU3ZmViNDEyNDBjN2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMSV34KYp7SHtG1EPHmwbH7g70R2
jPb2g25Fs7Vf0zqlJgUImFXVWhpiQwzRvxNZUA+tmbXYxPVXV4v7otSZEzYHwhqZ
qNFMkuKTHl7ZzdNFkd5urrY3a/0QtRGoHEEgSs9hd0U+XIUiW8WoBrs6REMCKvr/
CRFsK9B/kDM5NzXTwrbV8wgsXfjv1ue3ocUoKOSgQ2NCgyKrwZ+hhsNuO03fgsXf
b57Ssm+d1bpiF+qf+zjSv8SiMyKxuHgT/4qtyENrAe9YI+cQzciofPi+S6bQL94f
JE7X8IeJjmgVpFMM25GQunWX9BlFoM3XMcoww1SYvQENlGADVsNSo/DCfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJCkLnm3clS/m24GX0BX/rQSQMeyMB8GA1UdIwQY
MBaAFIdeqZnNvGAExxpUcMoOx65zggj6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS82ODdmMTAtMTc0NC00OWRmLWJkN2Ut
NGQxMmZkMjVkOTc4LzEvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS82ODdmMTAtMTc0NC00OWRmLWJkN2UtNGQxMmZkMjVkOTc4
LzEvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEqvDQ+tt
v7tHFtQNNeOCjAAjFLeX/c8OzBHiQiX/Evr/V+Z++FZXjCPSGI4vXgnq/MJoD4GY
4Hh+euePDA9blXH9hCDHNOjQtjxC9Wcg7YRAB/hMPotLcbNxG5If3zOJ9sqmn//l
GPl1RpS7mTRDaR5rB6fN/ftluhe1b6FGcesIwh+JeVfWdMiBV6rpb/kPY/g84Ml2
YLLhBHaLCffPdU2D78sR8FM/IdBRYlvdTI6bQ7A6KhYDNKk/39UOPybqZl8XcR+8
M4fogELsuyxag5kd7WSCVbX0j3058VXOA7BFnFCFhFcMk2OrOU+vaIA6aMUffcC/
Kf+47EjqJIkZNQ==
-----END CERTIFICATE-----