Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
File:                     oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft (raw, json)
Hash identifier:          RLD3KUa61QcD7D1zTklq378a3hO8qajbMkRwhHeKc3Y=
Subject key identifier:   1E:4D:30:2E:51:59:99:59:01:2F:77:AE:33:63:F8:C4:B5:2F:D1:CA
Authority key identifier: A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB
Certificate issuer:       /CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
Certificate serial:       0196BCDBC4B65F43D433675ED058027D13ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
Manifest number:          0453
Signing time:             Sun 11 May 2025 01:00:41 +0000
Manifest this update:     Sun 11 May 2025 01:00:41 +0000
Manifest next update:     Mon 12 May 2025 01:00:41 +0000
Files and hashes:         1: oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl (hash: 8sGs1h/9CORW4S48tkrn95/yDrdQ0YUqnUydbv4MFGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bc:db:c4:b6:5f:43:d4:33:67:5e:d0:58:02:7d:13:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
        Validity
            Not Before: May 11 01:00:41 2025 GMT
            Not After : May 12 01:00:41 2025 GMT
        Subject: CN=1e4d302e51599959012f77ae3363f8c4b52fd1ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:e3:36:7b:09:9c:74:a4:22:a9:a5:34:8c:67:
                    97:94:65:17:94:2e:da:43:e7:24:dd:06:bc:c4:02:
                    c0:c5:b6:07:d3:eb:ea:79:46:73:4c:b9:2c:d4:af:
                    bb:93:12:1e:5d:2f:0a:45:ee:cd:af:6d:ac:7b:a3:
                    9e:e0:8e:e2:21:f2:30:f8:e2:23:b3:52:bb:69:4c:
                    f4:98:8f:83:a0:9c:91:61:fd:93:68:13:28:5f:0a:
                    7b:a8:a9:6d:a8:40:7e:9d:22:dd:7b:6d:f3:3d:07:
                    6c:47:16:dd:3c:ee:52:26:76:b5:c0:a6:a1:b2:b2:
                    4b:be:b1:2c:d1:72:de:51:6b:cc:f1:c4:14:65:78:
                    49:93:f5:2f:a0:cf:fc:0c:bd:7c:e1:88:9f:01:b2:
                    27:52:b8:2f:61:92:09:4b:82:9d:ff:59:19:eb:9d:
                    c0:ca:a0:c7:cb:7d:a3:13:14:ac:c5:40:0b:0c:f3:
                    0e:39:92:bc:21:ed:a8:f6:c7:a9:18:48:1c:7a:10:
                    3d:ab:e6:63:d1:41:12:e0:2e:29:2a:82:00:ae:b5:
                    f0:cb:f1:6b:1a:b0:f2:5d:d4:9d:13:6c:37:a5:e1:
                    cb:93:39:f3:73:de:d7:9b:a8:50:ad:d6:fe:99:bc:
                    9f:56:da:3c:64:03:db:3d:a9:a5:0f:e1:a5:2f:d6:
                    de:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:4D:30:2E:51:59:99:59:01:2F:77:AE:33:63:F8:C4:B5:2F:D1:CA
            X509v3 Authority Key Identifier:
                keyid:A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:4f:c9:e7:b2:13:b0:a9:46:6d:9c:82:02:b5:e3:f5:c2:e4:
         22:8d:fa:a2:e2:15:3e:af:52:c3:1b:e4:1a:bc:f9:8e:a9:6e:
         28:b7:ca:2b:a1:da:55:64:53:5d:6e:fe:ea:90:f5:0a:68:c0:
         b2:09:0b:27:c1:b8:56:ae:57:6a:42:49:8c:f4:9c:3b:61:c8:
         40:91:5b:65:d5:16:c4:95:5e:9d:51:96:93:45:ba:67:7c:18:
         d0:53:df:d2:05:05:3b:5b:7b:78:6d:f4:35:c6:31:51:cc:ee:
         e7:3c:b2:66:98:74:fd:9d:19:21:8c:cc:4c:a6:df:0a:e6:2c:
         b3:a6:c4:19:78:78:46:45:b3:e5:7f:a1:43:6c:84:4e:79:10:
         41:f4:4e:72:b5:bb:d1:88:02:21:12:55:5c:bd:05:46:92:f7:
         e8:ac:31:4c:64:09:b3:28:d1:0f:c2:a6:78:38:74:08:fb:bb:
         c0:33:9d:12:4c:b7:e1:c2:28:2f:0f:9a:42:05:a3:57:87:48:
         2d:32:f9:5b:96:b4:78:20:28:1a:f7:cb:c2:5f:fc:b4:8a:d4:
         ae:b8:f6:c9:e9:ec:b5:cf:be:32:3e:f5:bd:ac:b4:b7:8e:a6:
         f7:46:5d:b4:1b:74:af:36:88:e0:34:c4:14:43:5e:da:cd:67:
         67:37:6d:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa828S2X0PUM2de0FgCfRPtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMThhYWZkYmJjYThkNGUwMDYzYzMxMTk1ZmE2YzE5NGMz
OTQzY2IwHhcNMjUwNTExMDEwMDQxWhcNMjUwNTEyMDEwMDQxWjAzMTEwLwYDVQQD
EygxZTRkMzAyZTUxNTk5OTU5MDEyZjc3YWUzMzYzZjhjNGI1MmZkMWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleM2ewmcdKQiqaU0jGeXlGUXlC7a
Q+ck3Qa8xALAxbYH0+vqeUZzTLks1K+7kxIeXS8KRe7Nr22se6Oe4I7iIfIw+OIj
s1K7aUz0mI+DoJyRYf2TaBMoXwp7qKltqEB+nSLde23zPQdsRxbdPO5SJna1wKah
srJLvrEs0XLeUWvM8cQUZXhJk/UvoM/8DL184YifAbInUrgvYZIJS4Kd/1kZ653A
yqDHy32jExSsxUALDPMOOZK8Ie2o9sepGEgcehA9q+Zj0UES4C4pKoIArrXwy/Fr
GrDyXdSdE2w3peHLkznzc97Xm6hQrdb+mbyfVto8ZAPbPamlD+GlL9beTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB5NMC5RWZlZAS93rjNj+MS1L9HKMB8GA1UdIwQY
MBaAFKEYqv27yo1OAGPDEZX6bBlMOUPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUt
NzJmMjFlNjQ2ZThlLzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUtNzJmMjFlNjQ2ZThl
LzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdk/J57IT
sKlGbZyCArXj9cLkIo36ouIVPq9SwxvkGrz5jqluKLfKK6HaVWRTXW7+6pD1CmjA
sgkLJ8G4Vq5XakJJjPScO2HIQJFbZdUWxJVenVGWk0W6Z3wY0FPf0gUFO1t7eG30
NcYxUczu5zyyZph0/Z0ZIYzMTKbfCuYss6bEGXh4RkWz5X+hQ2yETnkQQfROcrW7
0YgCIRJVXL0FRpL36KwxTGQJsyjRD8KmeDh0CPu7wDOdEky34cIoLw+aQgWjV4dI
LTL5W5a0eCAoGvfLwl/8tIrUrrj2yenstc++Mj71vay0t46m90ZdtBt0rzaI4DTE
FENe2s1nZzdtLA==
-----END CERTIFICATE-----