Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/173894-20d5-4d04-be70-cd03741d26b5/1/9l95H50M9str44nJRWjId0BeUUQ.mft
File:                     9l95H50M9str44nJRWjId0BeUUQ.mft (raw, json)
Hash identifier:          /s6qmDTXw/S8JPoZuPSCdtvVCLtM+SGE6yYxvBN4CnQ=
Subject key identifier:   2D:F0:66:B2:42:58:C8:5D:72:71:8E:BE:A0:C2:52:AB:82:2E:F5:D5
Authority key identifier: F6:5F:79:1F:9D:0C:F6:CB:6B:E3:89:C9:45:68:C8:77:40:5E:51:44
Certificate issuer:       /CN=f65f791f9d0cf6cb6be389c94568c877405e5144
Certificate serial:       0196D51AAE48529329DBA4606A5215E0729D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9l95H50M9str44nJRWjId0BeUUQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/173894-20d5-4d04-be70-cd03741d26b5/1/9l95H50M9str44nJRWjId0BeUUQ.mft
Manifest number:          04AA
Signing time:             Thu 15 May 2025 18:00:17 +0000
Manifest this update:     Thu 15 May 2025 18:00:17 +0000
Manifest next update:     Fri 16 May 2025 18:00:17 +0000
Files and hashes:         1: 9l95H50M9str44nJRWjId0BeUUQ.crl (hash: xEPxc4nkUbMxB5RDbw0kTaWmLCtM3wc46eGuvNnW8Vo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/173894-20d5-4d04-be70-cd03741d26b5/1/9l95H50M9str44nJRWjId0BeUUQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/173894-20d5-4d04-be70-cd03741d26b5/1/9l95H50M9str44nJRWjId0BeUUQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9l95H50M9str44nJRWjId0BeUUQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 16 May 2025 14:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d5:1a:ae:48:52:93:29:db:a4:60:6a:52:15:e0:72:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f65f791f9d0cf6cb6be389c94568c877405e5144
        Validity
            Not Before: May 15 18:00:17 2025 GMT
            Not After : May 16 18:00:17 2025 GMT
        Subject: CN=2df066b24258c85d72718ebea0c252ab822ef5d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:46:78:aa:c9:23:9e:a9:e7:00:5a:1a:c3:19:
                    d3:6e:52:25:bf:ad:53:6c:31:ed:4c:89:8e:00:39:
                    75:46:96:cd:7a:0d:69:0a:59:45:93:a2:d3:96:39:
                    97:7c:aa:6d:16:5e:99:f6:2d:a8:f5:ce:52:e7:0b:
                    55:75:c0:92:17:b9:23:14:0a:7a:63:f5:f3:1e:66:
                    46:dd:a4:92:25:af:ef:f3:18:bf:94:73:52:2c:ab:
                    13:61:7d:3e:78:e3:f2:94:f8:9f:a0:bc:96:22:0d:
                    9f:ac:c8:a2:b2:d8:d7:15:3c:73:7a:41:40:a7:21:
                    db:c3:cb:a2:ed:91:08:e3:e6:48:b2:72:e8:a4:e2:
                    d2:64:c9:a5:4e:ec:46:ae:1b:6e:a9:0a:e5:e5:4d:
                    02:14:66:8f:53:24:5e:ac:3b:47:2a:55:8c:00:7d:
                    70:f7:fc:69:96:15:01:98:3e:46:d6:66:bd:b5:e9:
                    90:d8:3a:a2:f4:8a:50:8b:0c:06:f7:15:9c:f5:a4:
                    9f:62:11:4f:26:68:62:35:34:fc:08:51:9f:5c:64:
                    65:5f:29:31:15:03:3f:01:a6:a1:b4:15:0c:88:5c:
                    b2:47:ff:d7:d5:b2:37:79:3f:28:16:4d:4a:14:2a:
                    0d:07:58:15:5e:a1:c8:3a:ea:80:5e:4d:7c:58:a3:
                    58:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:F0:66:B2:42:58:C8:5D:72:71:8E:BE:A0:C2:52:AB:82:2E:F5:D5
            X509v3 Authority Key Identifier:
                keyid:F6:5F:79:1F:9D:0C:F6:CB:6B:E3:89:C9:45:68:C8:77:40:5E:51:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9l95H50M9str44nJRWjId0BeUUQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/173894-20d5-4d04-be70-cd03741d26b5/1/9l95H50M9str44nJRWjId0BeUUQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/173894-20d5-4d04-be70-cd03741d26b5/1/9l95H50M9str44nJRWjId0BeUUQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:be:ef:1a:50:ab:4c:f1:66:a1:b8:6b:c3:bd:67:62:3f:78:
         93:54:97:32:90:03:50:a0:8e:8a:cb:c5:58:0f:09:e5:92:8b:
         b0:10:0e:50:b0:8c:cd:bf:46:45:a9:4d:65:27:f3:f1:e5:32:
         fc:94:a8:04:a5:43:16:e6:8e:98:f0:75:86:04:a5:cf:94:7e:
         24:2c:7d:32:6a:66:a5:38:e9:6b:d3:4c:f0:bc:2c:fc:0d:c4:
         06:71:09:94:d0:93:fb:82:c0:0e:98:01:4e:a2:f8:69:e4:fd:
         2b:49:3c:eb:ce:ef:6d:eb:e6:45:01:0a:1e:43:91:2f:f4:08:
         ac:51:3f:61:45:f0:c2:23:e6:22:84:c9:ab:c5:59:a8:b5:9c:
         a8:fe:a0:06:36:08:20:1b:da:ff:5c:35:f2:ce:f6:6c:5f:a9:
         3c:39:60:95:5e:38:62:7d:ee:42:44:0e:f0:8f:9a:d4:0d:53:
         fd:b4:ba:3e:bb:1e:f3:7d:35:f2:c0:3c:bf:0c:c6:23:d0:05:
         2b:ba:15:63:6e:d0:6c:4a:cc:fa:9b:9d:e4:46:fa:84:e0:a4:
         cf:88:dd:51:6e:28:ac:a6:0a:88:8e:de:99:4d:6d:97:bb:90:
         f8:7d:77:b7:cd:8a:c2:45:b7:3f:ed:2d:07:11:75:91:61:23:
         80:b9:8c:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbVGq5IUpMp26RgalIV4HKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NWY3OTFmOWQwY2Y2Y2I2YmUzODljOTQ1NjhjODc3NDA1
ZTUxNDQwHhcNMjUwNTE1MTgwMDE3WhcNMjUwNTE2MTgwMDE3WjAzMTEwLwYDVQQD
EygyZGYwNjZiMjQyNThjODVkNzI3MThlYmVhMGMyNTJhYjgyMmVmNWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60Z4qskjnqnnAFoawxnTblIlv61T
bDHtTImOADl1RpbNeg1pCllFk6LTljmXfKptFl6Z9i2o9c5S5wtVdcCSF7kjFAp6
Y/XzHmZG3aSSJa/v8xi/lHNSLKsTYX0+eOPylPifoLyWIg2frMiistjXFTxzekFA
pyHbw8ui7ZEI4+ZIsnLopOLSZMmlTuxGrhtuqQrl5U0CFGaPUyRerDtHKlWMAH1w
9/xplhUBmD5G1ma9temQ2Dqi9IpQiwwG9xWc9aSfYhFPJmhiNTT8CFGfXGRlXykx
FQM/AaahtBUMiFyyR//X1bI3eT8oFk1KFCoNB1gVXqHIOuqAXk18WKNYrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC3wZrJCWMhdcnGOvqDCUquCLvXVMB8GA1UdIwQY
MBaAFPZfeR+dDPbLa+OJyUVoyHdAXlFEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWw5NUg1ME05c3RyNDRuSlJXaklkMEJlVVVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xNzM4OTQtMjBkNS00ZDA0LWJlNzAt
Y2QwMzc0MWQyNmI1LzEvOWw5NUg1ME05c3RyNDRuSlJXaklkMEJlVVVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xNzM4OTQtMjBkNS00ZDA0LWJlNzAtY2QwMzc0MWQyNmI1
LzEvOWw5NUg1ME05c3RyNDRuSlJXaklkMEJlVVVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAL7vGlCr
TPFmobhrw71nYj94k1SXMpADUKCOisvFWA8J5ZKLsBAOULCMzb9GRalNZSfz8eUy
/JSoBKVDFuaOmPB1hgSlz5R+JCx9MmpmpTjpa9NM8Lws/A3EBnEJlNCT+4LADpgB
TqL4aeT9K0k8687vbevmRQEKHkORL/QIrFE/YUXwwiPmIoTJq8VZqLWcqP6gBjYI
IBva/1w18s72bF+pPDlglV44Yn3uQkQO8I+a1A1T/bS6Prse83018sA8vwzGI9AF
K7oVY27QbErM+pud5Eb6hOCkz4jdUW4orKYKiI7emU1tl7uQ+H13t82KwkW3P+0t
BxF1kWEjgLmMzQ==
-----END CERTIFICATE-----