Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
File:                     aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft (raw, json)
Hash identifier:          vvUCX08upvACs8RLDmfLwCXtMG4Fr5sDT50YH5B4ERo=
Subject key identifier:   FB:56:0F:63:A0:37:0B:55:C8:20:B4:81:83:D5:C2:B4:58:01:25:EB
Authority key identifier: 68:E1:E6:EA:52:7D:C3:85:A7:9A:3E:08:82:7D:BF:69:0C:91:C4:C2
Certificate issuer:       /CN=68e1e6ea527dc385a79a3e08827dbf690c91c4c2
Certificate serial:       0196C34C4632C3080D44967EA0623646F6B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
Manifest number:          151B
Signing time:             Mon 12 May 2025 07:01:17 +0000
Manifest this update:     Mon 12 May 2025 07:01:17 +0000
Manifest next update:     Tue 13 May 2025 07:01:17 +0000
Files and hashes:         1: aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl (hash: XJEOZmtUX+Lovq7614DnH50jx+XbaoVewrf7N1y6SKU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:4c:46:32:c3:08:0d:44:96:7e:a0:62:36:46:f6:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68e1e6ea527dc385a79a3e08827dbf690c91c4c2
        Validity
            Not Before: May 12 07:01:17 2025 GMT
            Not After : May 13 07:01:17 2025 GMT
        Subject: CN=fb560f63a0370b55c820b48183d5c2b4580125eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:40:31:ac:88:26:f7:fd:a9:46:6f:e1:1f:d8:
                    73:c5:f8:54:a8:f2:7a:20:99:ba:7f:2a:b7:5b:6a:
                    61:f1:0f:a7:2a:be:de:84:f4:91:9b:71:f0:47:aa:
                    1d:fe:b3:18:0a:fc:12:59:d9:ee:61:43:f4:83:84:
                    0a:e1:9d:3d:09:80:ab:a9:5c:b3:d8:b7:25:1f:72:
                    88:27:a6:3a:55:db:2e:f4:ef:f5:3a:72:30:ac:14:
                    22:63:0c:49:18:c6:19:ed:17:56:3f:1c:c6:63:f9:
                    0b:40:38:b0:be:d5:36:d1:51:61:9b:82:41:71:5d:
                    dc:7c:ce:83:77:c3:a4:75:90:7a:31:a5:72:5c:af:
                    03:0a:7a:ae:cf:c6:e6:23:ab:e3:f9:03:35:1d:11:
                    4d:08:f0:2f:e5:7d:bb:be:fb:d1:e8:19:6a:68:f8:
                    9a:25:c4:fb:65:14:16:ea:ab:3f:5d:b8:9f:fd:89:
                    c6:c6:51:23:f1:6f:7d:8a:24:5c:62:11:3e:de:7d:
                    de:28:87:b6:68:1c:7e:ce:64:0b:34:32:cc:82:9c:
                    48:6d:0b:52:a0:96:e4:1f:68:c7:ca:6b:ad:85:97:
                    fb:d7:0a:88:f8:88:9c:50:70:a3:ca:47:2a:d7:0e:
                    00:1c:00:74:3c:20:2b:8d:9b:4d:e5:e9:7c:b6:7c:
                    2a:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:56:0F:63:A0:37:0B:55:C8:20:B4:81:83:D5:C2:B4:58:01:25:EB
            X509v3 Authority Key Identifier:
                keyid:68:E1:E6:EA:52:7D:C3:85:A7:9A:3E:08:82:7D:BF:69:0C:91:C4:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:aa:3d:98:be:3d:cb:f9:58:b8:b9:ef:c4:61:78:26:2a:7d:
         72:cb:19:b2:74:45:8c:ad:27:4e:70:22:28:d6:4c:83:56:32:
         a4:08:7f:34:2d:fa:cc:1b:49:a0:4a:12:a1:df:ae:52:69:5a:
         9d:19:df:f3:4d:b3:4b:b7:ee:d3:d0:cd:f1:b5:0c:2e:2d:f8:
         ed:39:81:88:03:e6:8d:ec:09:cb:48:09:17:ff:62:09:ec:12:
         2a:86:b6:7c:5f:15:4d:4c:72:ad:e5:0b:d8:fc:d0:33:4c:1d:
         d4:3b:4f:e9:09:83:a6:a7:2c:74:72:52:4a:f8:95:cb:f3:2e:
         77:e2:e2:2e:b8:38:e3:a6:76:23:09:26:46:2f:dd:25:2f:8f:
         67:81:e0:eb:06:a8:f7:3b:43:85:7f:11:9e:17:09:eb:24:b6:
         3b:73:3b:54:39:23:3a:a6:07:ae:22:55:39:bd:c7:2b:af:78:
         a5:11:30:13:74:62:4b:97:7e:41:da:38:6c:b6:df:dd:60:3c:
         8e:b9:39:d8:80:9a:e4:b1:30:08:56:0a:b2:26:8c:2a:2c:8a:
         78:f4:7c:97:ce:4a:e4:da:3a:76:67:cd:ee:85:8d:54:a5:99:
         e2:8d:c0:76:56:e5:51:51:b3:d3:ba:c1:64:ca:f3:eb:8b:14:
         61:14:1b:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDTEYywwgNRJZ+oGI2RvayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZTFlNmVhNTI3ZGMzODVhNzlhM2UwODgyN2RiZjY5MGM5
MWM0YzIwHhcNMjUwNTEyMDcwMTE3WhcNMjUwNTEzMDcwMTE3WjAzMTEwLwYDVQQD
EyhmYjU2MGY2M2EwMzcwYjU1YzgyMGI0ODE4M2Q1YzJiNDU4MDEyNWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykAxrIgm9/2pRm/hH9hzxfhUqPJ6
IJm6fyq3W2ph8Q+nKr7ehPSRm3HwR6od/rMYCvwSWdnuYUP0g4QK4Z09CYCrqVyz
2LclH3KIJ6Y6Vdsu9O/1OnIwrBQiYwxJGMYZ7RdWPxzGY/kLQDiwvtU20VFhm4JB
cV3cfM6Dd8OkdZB6MaVyXK8DCnquz8bmI6vj+QM1HRFNCPAv5X27vvvR6BlqaPia
JcT7ZRQW6qs/Xbif/YnGxlEj8W99iiRcYhE+3n3eKIe2aBx+zmQLNDLMgpxIbQtS
oJbkH2jHymuthZf71wqI+IicUHCjykcq1w4AHAB0PCArjZtN5el8tnwqqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPtWD2OgNwtVyCC0gYPVwrRYASXrMB8GA1UdIwQY
MBaAFGjh5upSfcOFp5o+CIJ9v2kMkcTCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS85MzMxYzktZTE2NC00ZDJlLWI4Mzkt
MTdkMDk3ZmY4OWMyLzEvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS85MzMxYzktZTE2NC00ZDJlLWI4MzktMTdkMDk3ZmY4OWMy
LzEvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeao9mL49
y/lYuLnvxGF4Jip9cssZsnRFjK0nTnAiKNZMg1YypAh/NC36zBtJoEoSod+uUmla
nRnf802zS7fu09DN8bUMLi347TmBiAPmjewJy0gJF/9iCewSKoa2fF8VTUxyreUL
2PzQM0wd1DtP6QmDpqcsdHJSSviVy/Mud+LiLrg446Z2IwkmRi/dJS+PZ4Hg6wao
9ztDhX8RnhcJ6yS2O3M7VDkjOqYHriJVOb3HK694pREwE3RiS5d+Qdo4bLbf3WA8
jrk52ICa5LEwCFYKsiaMKiyKePR8l85K5No6dmfN7oWNVKWZ4o3AdlblUVGz07rB
ZMrz64sUYRQbvg==
-----END CERTIFICATE-----