Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
File:                     U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft (raw, json)
Hash identifier:          IdsyKfnkmx5hFyhWzlFkK5owIDRlVghFjqydfFNE79I=
Subject key identifier:   3D:68:3F:06:D3:0E:B4:5F:23:53:AC:24:2E:98:AF:87:EB:D3:AF:AD
Authority key identifier: 53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E
Certificate issuer:       /CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
Certificate serial:       0196BB91C696BD2945C97FEABEE1A440656D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
Manifest number:          1530
Signing time:             Sat 10 May 2025 19:00:15 +0000
Manifest this update:     Sat 10 May 2025 19:00:15 +0000
Manifest next update:     Sun 11 May 2025 19:00:15 +0000
Files and hashes:         1: U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl (hash: N23/90CyDTcjfkRJpS+vuI3wdyMZYmaSmIeAMiwsOVM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 14:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:91:c6:96:bd:29:45:c9:7f:ea:be:e1:a4:40:65:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
        Validity
            Not Before: May 10 19:00:15 2025 GMT
            Not After : May 11 19:00:15 2025 GMT
        Subject: CN=3d683f06d30eb45f2353ac242e98af87ebd3afad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:0b:fd:1a:73:10:f1:86:74:12:37:00:1d:50:
                    c1:18:fd:27:39:c1:e7:e1:12:6f:e7:df:d2:f5:3d:
                    bf:b9:6e:27:4d:9d:98:d0:28:1e:e9:ff:4a:cf:45:
                    af:1f:e7:4d:81:17:e1:9f:2a:b2:6b:54:d5:c7:aa:
                    84:9d:a8:b5:00:a9:81:7c:8c:ce:9f:31:84:43:32:
                    a1:67:87:04:94:5e:9d:22:9a:c7:7a:86:3b:83:2c:
                    a2:e2:53:99:3b:31:de:38:ce:4f:14:81:a0:ee:c5:
                    dd:91:73:43:31:31:a4:b7:e3:c0:d0:64:fe:fe:28:
                    54:25:7b:56:72:66:97:1a:6f:e0:9f:c3:ad:61:61:
                    aa:69:03:9e:cb:5e:1c:52:3d:7a:81:66:ab:8f:01:
                    00:93:bd:09:5d:ed:26:2c:ec:2f:e4:fe:b6:5c:0c:
                    8c:50:65:d9:61:aa:b2:c7:aa:16:41:ab:eb:04:71:
                    7d:5f:67:e6:80:aa:db:82:a3:10:61:f1:d1:e0:c6:
                    d4:13:b1:e5:4a:ed:85:a2:c3:75:dc:bb:38:18:67:
                    4d:3f:ec:52:ae:da:3c:3c:16:6d:05:7c:a1:d0:f9:
                    73:0b:4e:e3:1d:2d:b2:33:f8:01:07:92:5b:6b:83:
                    8f:09:70:67:43:a4:03:b9:6b:8a:62:b5:a8:68:07:
                    b7:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:68:3F:06:D3:0E:B4:5F:23:53:AC:24:2E:98:AF:87:EB:D3:AF:AD
            X509v3 Authority Key Identifier:
                keyid:53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:7b:e5:13:2d:55:1c:97:fd:f8:24:fc:0e:53:3a:b0:de:71:
         59:82:e6:d3:44:ee:c6:3e:ab:82:a0:b6:0d:89:72:21:43:70:
         4f:76:27:8d:81:7f:86:3f:cd:9f:63:f7:0d:5e:46:5d:8a:1a:
         b1:b0:e8:27:9e:a2:aa:fe:c2:c9:37:44:c3:e9:d8:f0:ca:20:
         90:f7:29:ff:79:3b:02:9d:8e:a7:c4:43:a4:4a:52:df:20:2c:
         f2:29:f5:98:85:a7:e2:c2:bb:be:92:ac:89:bb:eb:c3:88:b7:
         c7:99:05:f0:e9:be:f3:13:59:20:47:78:31:6e:f4:5e:61:86:
         07:a3:fd:09:ba:ac:c9:93:04:22:9f:33:b9:50:4a:99:c6:12:
         38:32:8c:5d:15:84:29:d8:68:8b:cc:3c:57:33:2f:8e:d0:95:
         b1:6a:6b:2a:fd:9a:8a:61:35:f2:de:75:b2:18:2d:f9:19:fa:
         59:98:f5:6b:ea:83:a8:79:2f:5f:11:b0:be:9d:89:8f:9a:3b:
         03:bc:38:24:35:6a:b8:08:49:30:43:02:f3:e9:85:d1:18:51:
         b1:a1:f8:be:e0:b2:27:72:47:25:a2:f5:d9:4e:ce:87:de:78:
         1b:b5:be:39:27:42:f3:73:95:28:82:8c:ec:c1:79:8d:ad:f1:
         49:3d:a1:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7kcaWvSlFyX/qvuGkQGVtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOGIwNjJjYjU0MjZmMDBlNjUzNzNlZWY0ZTRjZDhhMWMy
N2Y2OGUwHhcNMjUwNTEwMTkwMDE1WhcNMjUwNTExMTkwMDE1WjAzMTEwLwYDVQQD
EygzZDY4M2YwNmQzMGViNDVmMjM1M2FjMjQyZTk4YWY4N2ViZDNhZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQv9GnMQ8YZ0EjcAHVDBGP0nOcHn
4RJv59/S9T2/uW4nTZ2Y0Cge6f9Kz0WvH+dNgRfhnyqya1TVx6qEnai1AKmBfIzO
nzGEQzKhZ4cElF6dIprHeoY7gyyi4lOZOzHeOM5PFIGg7sXdkXNDMTGkt+PA0GT+
/ihUJXtWcmaXGm/gn8OtYWGqaQOey14cUj16gWarjwEAk70JXe0mLOwv5P62XAyM
UGXZYaqyx6oWQavrBHF9X2fmgKrbgqMQYfHR4MbUE7HlSu2FosN13Ls4GGdNP+xS
rto8PBZtBXyh0PlzC07jHS2yM/gBB5Jba4OPCXBnQ6QDuWuKYrWoaAe3LQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD1oPwbTDrRfI1OsJC6Yr4fr06+tMB8GA1UdIwQY
MBaAFFOLBiy1Qm8A5lNz7vTkzYocJ/aOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUt
MjBjOGFiOTI2OTZmLzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUtMjBjOGFiOTI2OTZm
LzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnHvlEy1V
HJf9+CT8DlM6sN5xWYLm00Tuxj6rgqC2DYlyIUNwT3YnjYF/hj/Nn2P3DV5GXYoa
sbDoJ56iqv7CyTdEw+nY8MogkPcp/3k7Ap2Op8RDpEpS3yAs8in1mIWn4sK7vpKs
ibvrw4i3x5kF8Om+8xNZIEd4MW70XmGGB6P9CbqsyZMEIp8zuVBKmcYSODKMXRWE
Kdhoi8w8VzMvjtCVsWprKv2aimE18t51shgt+Rn6WZj1a+qDqHkvXxGwvp2Jj5o7
A7w4JDVquAhJMEMC8+mF0RhRsaH4vuCyJ3JHJaL12U7Oh954G7W+OSdC83OVKIKM
7MF5ja3xST2hoA==
-----END CERTIFICATE-----