Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/277154-efba-48ed-bb0c-650b70bad7a9/1/bQ1uHM2JDfL16cFF7LpGiZzOs70.mft
File:                     bQ1uHM2JDfL16cFF7LpGiZzOs70.mft (raw, json)
Hash identifier:          ZEKauJMeIypeNbMiCotOdZd/0SOX+pWyfDB0U+OJ80s=
Subject key identifier:   7F:3E:31:73:01:7C:9B:D9:1B:84:C1:45:4A:F1:E9:BE:89:A7:70:17
Authority key identifier: 6D:0D:6E:1C:CD:89:0D:F2:F5:E9:C1:45:EC:BA:46:89:9C:CE:B3:BD
Certificate issuer:       /CN=6d0d6e1ccd890df2f5e9c145ecba46899cceb3bd
Certificate serial:       0196BDEE2A9C864F6477A3FFC13DAF4F96DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQ1uHM2JDfL16cFF7LpGiZzOs70.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/277154-efba-48ed-bb0c-650b70bad7a9/1/bQ1uHM2JDfL16cFF7LpGiZzOs70.mft
Manifest number:          11C4
Signing time:             Sun 11 May 2025 06:00:24 +0000
Manifest this update:     Sun 11 May 2025 06:00:24 +0000
Manifest next update:     Mon 12 May 2025 06:00:24 +0000
Files and hashes:         1: bQ1uHM2JDfL16cFF7LpGiZzOs70.crl (hash: lAWgo7DTEfT6+XlEO4sHNI9y6z1ezOp1RykGuZ8/bgc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/277154-efba-48ed-bb0c-650b70bad7a9/1/bQ1uHM2JDfL16cFF7LpGiZzOs70.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/277154-efba-48ed-bb0c-650b70bad7a9/1/bQ1uHM2JDfL16cFF7LpGiZzOs70.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bQ1uHM2JDfL16cFF7LpGiZzOs70.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 06:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:ee:2a:9c:86:4f:64:77:a3:ff:c1:3d:af:4f:96:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d0d6e1ccd890df2f5e9c145ecba46899cceb3bd
        Validity
            Not Before: May 11 06:00:24 2025 GMT
            Not After : May 12 06:00:24 2025 GMT
        Subject: CN=7f3e3173017c9bd91b84c1454af1e9be89a77017
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:e0:ff:8f:fa:4d:a9:0a:2b:b1:47:c6:84:3a:
                    6f:c4:76:cc:1c:0b:bc:c9:fa:a9:de:36:b9:b9:d3:
                    6c:91:d3:13:46:71:bd:da:7c:c1:4b:e8:08:e7:38:
                    ba:f4:00:13:a8:c8:9b:6c:eb:31:4f:66:2d:19:89:
                    3e:14:ef:bc:12:a4:12:86:80:bc:b7:98:fa:1c:3f:
                    ea:8d:66:e8:98:5f:41:ae:fc:dc:06:32:a4:f6:4f:
                    f4:3d:3e:9c:9a:7b:fa:28:ac:83:4b:2c:8e:9d:9c:
                    37:73:70:55:96:dd:59:00:93:38:18:bf:c4:0b:e6:
                    8c:7e:d8:12:1e:8d:f6:5d:33:b1:2d:9b:ab:55:c5:
                    96:e5:01:1a:4f:37:d1:ce:cf:68:e9:27:4b:4f:f0:
                    c8:4d:55:9b:b6:19:41:40:90:16:aa:c4:e1:dc:51:
                    f2:9c:12:f0:b8:db:d3:50:b8:af:4b:67:c4:64:a5:
                    af:42:d2:17:83:0d:23:64:72:a9:98:ca:d0:86:ad:
                    78:fc:27:1a:1c:8d:34:91:36:82:6f:c8:bf:05:6c:
                    09:e8:ff:33:0f:cb:12:9b:a9:41:fc:ad:8f:a5:51:
                    5d:11:98:76:d5:a2:63:99:66:3a:8a:26:33:ba:45:
                    98:40:3e:2f:36:21:fe:09:f2:98:33:df:af:b8:78:
                    23:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:3E:31:73:01:7C:9B:D9:1B:84:C1:45:4A:F1:E9:BE:89:A7:70:17
            X509v3 Authority Key Identifier:
                keyid:6D:0D:6E:1C:CD:89:0D:F2:F5:E9:C1:45:EC:BA:46:89:9C:CE:B3:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQ1uHM2JDfL16cFF7LpGiZzOs70.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/277154-efba-48ed-bb0c-650b70bad7a9/1/bQ1uHM2JDfL16cFF7LpGiZzOs70.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/277154-efba-48ed-bb0c-650b70bad7a9/1/bQ1uHM2JDfL16cFF7LpGiZzOs70.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:c7:f4:8b:9a:b6:27:b3:0a:f4:bf:a1:24:60:43:69:a3:10:
         b5:8b:32:b5:3c:ee:a3:0d:41:75:f8:0a:0b:60:23:a7:72:17:
         e8:36:a8:d3:5c:16:13:53:2a:0a:e9:dc:25:36:e6:66:1a:11:
         e2:44:35:47:36:d6:55:13:0f:2d:2c:42:c2:f5:5a:13:f9:30:
         5b:27:cd:e9:63:6e:88:d2:77:90:16:bb:c1:a6:3d:98:ee:41:
         44:e5:fa:b6:bc:26:6c:50:33:42:fd:7e:d0:90:f7:1c:b5:a7:
         70:eb:d6:90:81:c6:a3:a8:36:80:5d:c8:9d:13:9a:72:50:d1:
         4e:91:d6:e3:22:da:fa:32:4e:4f:2a:83:bb:55:bc:4b:25:14:
         12:d6:9d:af:b5:47:c5:08:c3:b6:91:8c:b9:1a:1f:5d:47:87:
         49:e8:e5:2d:ba:2b:a6:85:df:98:0d:f4:09:1f:92:41:06:c8:
         ec:23:d7:fe:59:86:1e:93:24:51:df:b0:cf:6f:c7:40:5c:e5:
         45:01:29:3f:f2:11:0a:b7:b9:b1:ca:ce:7f:2f:e7:aa:70:4e:
         f1:9a:c0:37:ac:46:6f:b6:a9:05:67:79:51:db:70:e6:cc:0d:
         eb:a5:7b:94:9a:8e:a5:02:2c:0f:8c:46:59:d0:65:ad:21:d4:
         64:9e:e7:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa97iqchk9kd6P/wT2vT5beMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMGQ2ZTFjY2Q4OTBkZjJmNWU5YzE0NWVjYmE0Njg5OWNj
ZWIzYmQwHhcNMjUwNTExMDYwMDI0WhcNMjUwNTEyMDYwMDI0WjAzMTEwLwYDVQQD
Eyg3ZjNlMzE3MzAxN2M5YmQ5MWI4NGMxNDU0YWYxZTliZTg5YTc3MDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uD/j/pNqQorsUfGhDpvxHbMHAu8
yfqp3ja5udNskdMTRnG92nzBS+gI5zi69AATqMibbOsxT2YtGYk+FO+8EqQShoC8
t5j6HD/qjWbomF9BrvzcBjKk9k/0PT6cmnv6KKyDSyyOnZw3c3BVlt1ZAJM4GL/E
C+aMftgSHo32XTOxLZurVcWW5QEaTzfRzs9o6SdLT/DITVWbthlBQJAWqsTh3FHy
nBLwuNvTULivS2fEZKWvQtIXgw0jZHKpmMrQhq14/CcaHI00kTaCb8i/BWwJ6P8z
D8sSm6lB/K2PpVFdEZh21aJjmWY6iiYzukWYQD4vNiH+CfKYM9+vuHgjXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH8+MXMBfJvZG4TBRUrx6b6Jp3AXMB8GA1UdIwQY
MBaAFG0NbhzNiQ3y9enBRey6RomczrO9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlExdUhNMkpEZkwxNmNGRjdMcEdpWnpPczcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8yNzcxNTQtZWZiYS00OGVkLWJiMGMt
NjUwYjcwYmFkN2E5LzEvYlExdUhNMkpEZkwxNmNGRjdMcEdpWnpPczcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8yNzcxNTQtZWZiYS00OGVkLWJiMGMtNjUwYjcwYmFkN2E5
LzEvYlExdUhNMkpEZkwxNmNGRjdMcEdpWnpPczcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL8f0i5q2
J7MK9L+hJGBDaaMQtYsytTzuow1BdfgKC2Ajp3IX6Dao01wWE1MqCuncJTbmZhoR
4kQ1RzbWVRMPLSxCwvVaE/kwWyfN6WNuiNJ3kBa7waY9mO5BROX6trwmbFAzQv1+
0JD3HLWncOvWkIHGo6g2gF3InROaclDRTpHW4yLa+jJOTyqDu1W8SyUUEtadr7VH
xQjDtpGMuRofXUeHSejlLborpoXfmA30CR+SQQbI7CPX/lmGHpMkUd+wz2/HQFzl
RQEpP/IRCre5scrOfy/nqnBO8ZrAN6xGb7apBWd5Udtw5swN66V7lJqOpQIsD4xG
WdBlrSHUZJ7n1Q==
-----END CERTIFICATE-----