Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft
File:                     aiElvfZalVLVuOF6s2FaoQuAWXY.mft (raw, json)
Hash identifier:          sBFQNNkubK4CI0VFIbSc4olOzH6RGIRF57+shADxN40=
Subject key identifier:   8E:C0:23:93:73:7E:22:1C:B5:74:36:09:BE:B9:B1:48:CB:86:A9:7A
Authority key identifier: 6A:21:25:BD:F6:5A:95:52:D5:B8:E1:7A:B3:61:5A:A1:0B:80:59:76
Certificate issuer:       /CN=6a2125bdf65a9552d5b8e17ab3615aa10b805976
Certificate serial:       0196AD3192BE2AE3A7B4B1B9EB8F8946FF80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft
Manifest number:          012D
Signing time:             Thu 08 May 2025 00:00:29 +0000
Manifest this update:     Thu 08 May 2025 00:00:29 +0000
Manifest next update:     Fri 09 May 2025 00:00:29 +0000
Files and hashes:         1: aiElvfZalVLVuOF6s2FaoQuAWXY.crl (hash: tiauZC0PgRlpNjNvNjA9USJ0VfPX9MKmKBM4UEDj5VE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 20:38:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ad:31:92:be:2a:e3:a7:b4:b1:b9:eb:8f:89:46:ff:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a2125bdf65a9552d5b8e17ab3615aa10b805976
        Validity
            Not Before: May  8 00:00:29 2025 GMT
            Not After : May  9 00:00:29 2025 GMT
        Subject: CN=8ec02393737e221cb5743609beb9b148cb86a97a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:39:e6:25:c1:34:28:42:64:85:0b:6f:95:88:
                    49:3d:79:00:65:56:66:1c:76:a0:15:1d:03:54:c8:
                    ed:1d:a9:cc:09:35:dd:25:8a:1d:82:f9:db:91:3e:
                    09:e4:b5:a0:88:27:6f:51:b0:6e:c6:0d:ba:93:ad:
                    ef:a2:d3:89:2f:17:16:55:30:70:6d:cc:25:25:f3:
                    2f:15:4a:e1:27:d3:a3:d0:16:2c:87:3b:78:ab:b0:
                    44:21:0d:90:38:17:0d:31:82:51:50:9e:0a:ac:28:
                    85:ee:41:5e:e3:99:a1:79:fe:db:20:30:38:52:7d:
                    f7:0e:04:e7:ba:ab:a6:a6:3b:e0:e2:79:12:70:44:
                    6c:09:9a:48:76:3c:ca:cc:fe:c1:2f:82:31:82:a4:
                    40:3d:19:05:07:ff:8b:99:50:a1:19:4c:e6:21:81:
                    85:46:f0:24:9d:a7:e7:55:c8:02:17:4a:e8:ce:be:
                    09:17:ce:cf:bc:ee:35:e6:2b:08:27:c6:46:30:2e:
                    a2:9e:3f:60:9b:65:5d:6d:ab:82:06:ff:e1:8a:ec:
                    39:fd:46:b8:b1:2d:c7:60:c4:06:77:c5:35:d8:d4:
                    3a:ea:85:64:32:7c:7c:76:72:97:4c:ff:54:c5:6c:
                    f4:0b:c5:1b:79:a4:24:9a:9b:2e:db:7a:4e:bc:60:
                    c5:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:C0:23:93:73:7E:22:1C:B5:74:36:09:BE:B9:B1:48:CB:86:A9:7A
            X509v3 Authority Key Identifier:
                keyid:6A:21:25:BD:F6:5A:95:52:D5:B8:E1:7A:B3:61:5A:A1:0B:80:59:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:e6:c6:15:a2:2b:68:1f:93:e2:fc:a0:17:f5:8e:97:9a:d4:
         86:42:53:8b:61:c8:db:7b:4a:b2:1f:bb:c6:0c:e3:be:68:e7:
         9e:4c:86:65:24:7d:bf:87:a1:c6:10:c6:2b:e2:69:58:7c:e3:
         70:80:40:aa:4a:ab:5b:13:55:ca:ff:46:1a:ec:65:bd:a5:42:
         8f:d9:34:4a:23:e8:fd:52:7d:7f:38:84:3a:f7:03:03:e1:85:
         0c:9f:a0:56:6f:bf:45:90:e3:9c:b8:a0:80:22:80:13:1b:61:
         f0:d5:f1:03:f4:68:a0:d3:06:b9:35:ba:6b:ee:52:9c:a7:f9:
         68:3b:d2:1c:39:22:4f:1b:5c:e2:0f:f7:1b:2e:46:c4:d4:36:
         e9:32:29:09:3b:3c:a0:b9:90:7c:e6:81:19:5b:40:d5:91:ab:
         db:6a:68:bd:5a:31:82:d3:32:96:a8:42:4b:60:e1:2b:79:3c:
         a9:f5:d7:8f:cb:b2:01:7c:6a:73:05:31:9e:42:e9:54:91:cd:
         c2:46:00:be:ca:06:18:7a:7c:a8:3b:0b:a9:6b:a4:0a:c9:cc:
         26:44:70:64:b6:d0:07:9c:30:31:f9:f0:de:74:6e:87:9b:f1:
         e3:51:b4:11:4d:19:ee:e0:c0:3f:b3:f4:e9:ab:60:fc:db:cc:
         34:55:21:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZatMZK+KuOntLG564+JRv+AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMjEyNWJkZjY1YTk1NTJkNWI4ZTE3YWIzNjE1YWExMGI4
MDU5NzYwHhcNMjUwNTA4MDAwMDI5WhcNMjUwNTA5MDAwMDI5WjAzMTEwLwYDVQQD
Eyg4ZWMwMjM5MzczN2UyMjFjYjU3NDM2MDliZWI5YjE0OGNiODZhOTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDnmJcE0KEJkhQtvlYhJPXkAZVZm
HHagFR0DVMjtHanMCTXdJYodgvnbkT4J5LWgiCdvUbBuxg26k63votOJLxcWVTBw
bcwlJfMvFUrhJ9Oj0BYshzt4q7BEIQ2QOBcNMYJRUJ4KrCiF7kFe45mhef7bIDA4
Un33DgTnuqumpjvg4nkScERsCZpIdjzKzP7BL4IxgqRAPRkFB/+LmVChGUzmIYGF
RvAknafnVcgCF0rozr4JF87PvO415isIJ8ZGMC6inj9gm2VdbauCBv/hiuw5/Ua4
sS3HYMQGd8U12NQ66oVkMnx8dnKXTP9UxWz0C8UbeaQkmpsu23pOvGDFFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI7AI5NzfiIctXQ2Cb65sUjLhql6MB8GA1UdIwQY
MBaAFGohJb32WpVS1bjherNhWqELgFl2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9mNWI2OGUtZTA5My00NmQ1LThkMGQt
NjNlZDIyY2FiYzkyLzEvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9mNWI2OGUtZTA5My00NmQ1LThkMGQtNjNlZDIyY2FiYzky
LzEvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASebGFaIr
aB+T4vygF/WOl5rUhkJTi2HI23tKsh+7xgzjvmjnnkyGZSR9v4ehxhDGK+JpWHzj
cIBAqkqrWxNVyv9GGuxlvaVCj9k0SiPo/VJ9fziEOvcDA+GFDJ+gVm+/RZDjnLig
gCKAExth8NXxA/RooNMGuTW6a+5SnKf5aDvSHDkiTxtc4g/3Gy5GxNQ26TIpCTs8
oLmQfOaBGVtA1ZGr22povVoxgtMylqhCS2DhK3k8qfXXj8uyAXxqcwUxnkLpVJHN
wkYAvsoGGHp8qDsLqWukCsnMJkRwZLbQB5wwMfnw3nRuh5vx41G0EU0Z7uDAP7P0
6atg/NvMNFUhYg==
-----END CERTIFICATE-----