Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.mft
File:                     aQMR37ZbZZViGO_0cZep65akB9s.mft (raw, json)
Hash identifier:          OMNXvyUwxhn/2FXJNUZgM8loLgzTVja/IxIitt8bh7I=
Subject key identifier:   2E:CF:C9:48:DC:1B:6B:42:13:D2:44:6B:99:74:D4:BA:61:E1:07:60
Authority key identifier: 69:03:11:DF:B6:5B:65:95:62:18:EF:F4:71:97:A9:EB:96:A4:07:DB
Certificate issuer:       /CN=690311dfb65b65956218eff47197a9eb96a407db
Certificate serial:       0196B9A44C24496D68B2F02F606893B2F388
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aQMR37ZbZZViGO_0cZep65akB9s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.mft
Manifest number:          152F
Signing time:             Sat 10 May 2025 10:01:14 +0000
Manifest this update:     Sat 10 May 2025 10:01:14 +0000
Manifest next update:     Sun 11 May 2025 10:01:14 +0000
Files and hashes:         1: aQMR37ZbZZViGO_0cZep65akB9s.crl (hash: 7qAbg78egcOPvHANrxh6zrsYXRTlDqYrLqxM5Yw5+0k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aQMR37ZbZZViGO_0cZep65akB9s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 10:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b9:a4:4c:24:49:6d:68:b2:f0:2f:60:68:93:b2:f3:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=690311dfb65b65956218eff47197a9eb96a407db
        Validity
            Not Before: May 10 10:01:14 2025 GMT
            Not After : May 11 10:01:14 2025 GMT
        Subject: CN=2ecfc948dc1b6b4213d2446b9974d4ba61e10760
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:2c:2a:65:1a:75:5d:be:ce:fb:1e:1c:2f:4b:
                    31:4c:ec:1f:31:e7:75:0d:5b:5c:9f:b6:cd:f4:5f:
                    8c:06:7f:87:52:43:ba:3c:c2:d8:5a:4b:88:e5:a3:
                    14:01:99:bc:5a:5e:5f:c3:55:d1:80:25:d5:ff:cb:
                    f3:60:17:a4:75:6b:91:18:0a:ad:ad:35:a6:f9:af:
                    98:31:79:6c:5e:f4:37:e2:e5:f7:d3:5c:9e:1a:e3:
                    a0:78:b1:68:1d:61:df:62:66:d5:83:9c:d7:ea:fe:
                    1b:36:e4:55:e1:19:2a:8e:6a:45:b8:40:d8:18:68:
                    36:a7:d4:12:2a:44:bc:9f:ca:12:7e:19:5d:d5:ac:
                    5d:c1:c0:d6:14:7c:af:27:32:af:40:4f:57:3d:4c:
                    1c:2d:97:6a:25:6a:79:3c:32:8c:38:2b:f6:80:2b:
                    79:06:53:eb:4a:7c:ed:5c:ec:c6:09:48:67:31:4f:
                    82:f7:6d:4d:0d:07:47:53:cf:5a:a9:c9:a1:51:f2:
                    80:ef:60:da:8a:45:56:fa:7b:b0:63:a0:58:9c:6f:
                    21:fe:96:98:d6:bf:31:7e:b1:e6:7e:ef:2a:91:8e:
                    f3:66:f8:e7:94:c4:7b:53:d5:95:f8:e7:09:77:47:
                    f4:82:2c:b2:08:cd:14:ae:26:51:56:90:1c:6c:12:
                    a5:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:CF:C9:48:DC:1B:6B:42:13:D2:44:6B:99:74:D4:BA:61:E1:07:60
            X509v3 Authority Key Identifier:
                keyid:69:03:11:DF:B6:5B:65:95:62:18:EF:F4:71:97:A9:EB:96:A4:07:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQMR37ZbZZViGO_0cZep65akB9s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/8266a6-39f2-4a9f-a4dd-a456e364cb0e/1/aQMR37ZbZZViGO_0cZep65akB9s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:92:f5:93:f7:22:d1:dd:5e:21:80:3e:12:7e:a3:e6:9f:f1:
         7d:37:a2:2e:0c:51:4b:cb:39:48:8b:21:f2:0c:be:8b:8a:14:
         a7:ae:20:8d:b4:5a:a3:56:dc:34:3a:1d:e4:b0:13:50:7e:bc:
         ed:6f:61:45:64:95:65:ae:8e:02:9a:8e:81:d7:c7:b1:87:f0:
         71:27:73:5e:a1:e9:39:ac:ee:04:4c:4c:9d:f6:9d:1e:4d:e0:
         a1:86:46:67:83:24:3c:09:3b:7f:ce:1f:a1:a6:31:ea:d3:c4:
         b8:22:eb:ac:07:f0:02:2a:ea:82:74:58:86:0f:c1:f0:8e:13:
         26:82:e4:5b:c1:bd:63:ce:2d:49:f9:2e:2f:cb:c7:c7:6e:a8:
         47:8c:c1:9d:db:93:01:89:13:db:2e:16:f1:cc:a8:fe:6d:09:
         55:65:da:98:51:81:70:91:14:65:3c:af:c8:bd:bb:e0:3d:18:
         b9:db:66:70:77:e4:56:c7:6a:ba:93:e0:66:b7:aa:dd:bf:00:
         de:0a:a5:1e:be:03:48:51:46:eb:45:2e:18:04:b1:5c:2a:3d:
         19:00:4c:7a:28:18:27:09:28:f3:71:9f:76:1a:30:0f:3c:da:
         30:30:71:92:ed:61:e0:54:2a:f2:5e:fd:2c:c8:b9:a0:08:22:
         70:8e:76:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa5pEwkSW1osvAvYGiTsvOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MDMxMWRmYjY1YjY1OTU2MjE4ZWZmNDcxOTdhOWViOTZh
NDA3ZGIwHhcNMjUwNTEwMTAwMTE0WhcNMjUwNTExMTAwMTE0WjAzMTEwLwYDVQQD
EygyZWNmYzk0OGRjMWI2YjQyMTNkMjQ0NmI5OTc0ZDRiYTYxZTEwNzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySwqZRp1Xb7O+x4cL0sxTOwfMed1
DVtcn7bN9F+MBn+HUkO6PMLYWkuI5aMUAZm8Wl5fw1XRgCXV/8vzYBekdWuRGAqt
rTWm+a+YMXlsXvQ34uX301yeGuOgeLFoHWHfYmbVg5zX6v4bNuRV4RkqjmpFuEDY
GGg2p9QSKkS8n8oSfhld1axdwcDWFHyvJzKvQE9XPUwcLZdqJWp5PDKMOCv2gCt5
BlPrSnztXOzGCUhnMU+C921NDQdHU89aqcmhUfKA72DaikVW+nuwY6BYnG8h/paY
1r8xfrHmfu8qkY7zZvjnlMR7U9WV+OcJd0f0giyyCM0UriZRVpAcbBKloQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC7PyUjcG2tCE9JEa5l01Lph4QdgMB8GA1UdIwQY
MBaAFGkDEd+2W2WVYhjv9HGXqeuWpAfbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFNUjM3WmJaWlZpR09fMGNaZXA2NWFrQjlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS84MjY2YTYtMzlmMi00YTlmLWE0ZGQt
YTQ1NmUzNjRjYjBlLzEvYVFNUjM3WmJaWlZpR09fMGNaZXA2NWFrQjlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS84MjY2YTYtMzlmMi00YTlmLWE0ZGQtYTQ1NmUzNjRjYjBl
LzEvYVFNUjM3WmJaWlZpR09fMGNaZXA2NWFrQjlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqpL1k/ci
0d1eIYA+En6j5p/xfTeiLgxRS8s5SIsh8gy+i4oUp64gjbRao1bcNDod5LATUH68
7W9hRWSVZa6OApqOgdfHsYfwcSdzXqHpOazuBExMnfadHk3goYZGZ4MkPAk7f84f
oaYx6tPEuCLrrAfwAirqgnRYhg/B8I4TJoLkW8G9Y84tSfkuL8vHx26oR4zBnduT
AYkT2y4W8cyo/m0JVWXamFGBcJEUZTyvyL274D0YudtmcHfkVsdqupPgZreq3b8A
3gqlHr4DSFFG60UuGASxXCo9GQBMeigYJwko83GfdhowDzzaMDBxku1h4FQq8l79
LMi5oAgicI528A==
-----END CERTIFICATE-----