Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft
File:                     Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft (raw, json)
Hash identifier:          ibKpbUo+kxXBG5uhf1XzHHjVgXCWMdJ/aHlBMsa+xIY=
Subject key identifier:   08:60:7D:40:7C:B6:4F:6F:6E:3D:A2:84:AB:93:83:61:14:AA:DE:E8
Authority key identifier: 31:FD:40:17:41:E6:69:E9:20:B0:3C:6C:76:AA:3A:78:71:40:3F:54
Certificate issuer:       /CN=31fd401741e669e920b03c6c76aa3a7871403f54
Certificate serial:       01968359E3BD5A332F7D6B9614BC572A7F05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft
Manifest number:          037D
Signing time:             Tue 29 Apr 2025 21:00:28 +0000
Manifest this update:     Tue 29 Apr 2025 21:00:28 +0000
Manifest next update:     Wed 30 Apr 2025 21:00:28 +0000
Files and hashes:         1: Mf1AF0HmaekgsDxsdqo6eHFAP1Q.crl (hash: Xsi1JUqBv5JdCAhYCd0G65mexDK5QKAQvcZP6SArfuQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:59:e3:bd:5a:33:2f:7d:6b:96:14:bc:57:2a:7f:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31fd401741e669e920b03c6c76aa3a7871403f54
        Validity
            Not Before: Apr 29 21:00:28 2025 GMT
            Not After : Apr 30 21:00:28 2025 GMT
        Subject: CN=08607d407cb64f6f6e3da284ab93836114aadee8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:cc:19:c9:82:8f:de:bc:e0:85:2f:02:d9:c6:
                    af:66:51:a4:43:a3:bd:94:2f:e3:bf:88:5b:05:b4:
                    43:b9:8d:c6:46:69:35:22:db:1a:ee:f7:08:2c:9a:
                    81:9a:f9:71:45:ae:81:ca:d9:f1:5b:d2:01:c3:32:
                    bd:d5:86:28:8d:1d:fc:a8:5f:8b:53:a7:9e:06:ee:
                    b0:a1:04:50:1c:e2:6b:01:04:29:33:50:8c:92:34:
                    26:57:85:25:72:cd:5c:b9:7c:6c:d3:bd:c7:17:e5:
                    a4:5f:df:b2:95:a0:83:67:5e:5a:75:72:19:c8:d3:
                    e4:88:ad:e0:ff:a4:03:e2:d3:87:4a:24:62:76:06:
                    88:5b:c8:03:66:52:06:fd:37:65:bc:13:82:6d:16:
                    f6:a7:a9:c1:8f:f2:bb:60:f2:a1:1a:d5:da:31:78:
                    c8:58:f5:e9:b9:6c:aa:15:18:6e:2e:16:77:a9:73:
                    de:9e:4d:6d:b4:07:47:75:80:b0:18:2d:94:5d:2c:
                    c6:b4:d2:71:b1:aa:bc:31:e6:ae:81:a2:45:69:23:
                    70:77:47:8d:e5:7e:4a:d6:53:c5:b4:8e:f6:61:f2:
                    77:e7:bc:1e:81:02:54:57:30:ce:a7:d9:0b:04:57:
                    45:8a:15:e5:35:f5:09:be:57:1c:9d:32:41:52:e7:
                    8c:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:60:7D:40:7C:B6:4F:6F:6E:3D:A2:84:AB:93:83:61:14:AA:DE:E8
            X509v3 Authority Key Identifier:
                keyid:31:FD:40:17:41:E6:69:E9:20:B0:3C:6C:76:AA:3A:78:71:40:3F:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:38:a6:ef:de:e4:ce:da:51:27:5d:11:51:02:4f:04:3b:4a:
         0d:36:7e:4d:4d:93:8e:fd:89:68:b7:d4:99:36:3d:8e:99:c1:
         cb:e1:50:f5:4a:15:f5:7f:0f:76:6c:76:aa:f0:b0:ca:89:53:
         95:f6:aa:41:8f:a6:6e:71:f9:84:cc:1b:15:08:c8:68:69:4c:
         65:1f:0d:67:9d:dd:f6:fd:b4:40:4b:5e:a3:00:bc:8f:82:d5:
         9b:d7:8f:38:0a:f8:46:dd:62:4e:61:7d:33:34:08:86:38:34:
         87:a6:87:ee:c1:b1:82:cc:dc:9a:f4:56:29:6b:b7:30:e1:1e:
         6d:ca:81:35:fc:9f:da:98:73:42:d1:ad:4d:0d:ec:38:98:94:
         d5:9c:a2:42:6e:5a:0e:23:88:5d:1b:2f:a5:34:91:48:f6:63:
         20:0a:a9:cf:b5:51:fb:d1:43:f0:1b:37:bc:0b:59:d9:c0:bc:
         84:9c:0c:bc:7a:45:da:7f:41:e7:0a:2b:5e:6c:39:c9:39:a6:
         c4:a6:3b:6b:71:44:9f:02:8c:4b:55:ae:b2:83:49:e0:6a:32:
         28:3f:14:1b:4a:fd:6a:f1:cb:fa:3a:29:1e:1c:43:8c:ab:ef:
         df:83:9b:f9:fd:9e:79:68:7d:78:4b:be:23:4b:25:ce:53:fc:
         5a:ce:8a:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaDWeO9WjMvfWuWFLxXKn8FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZmQ0MDE3NDFlNjY5ZTkyMGIwM2M2Yzc2YWEzYTc4NzE0
MDNmNTQwHhcNMjUwNDI5MjEwMDI4WhcNMjUwNDMwMjEwMDI4WjAzMTEwLwYDVQQD
EygwODYwN2Q0MDdjYjY0ZjZmNmUzZGEyODRhYjkzODM2MTE0YWFkZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cwZyYKP3rzghS8C2cavZlGkQ6O9
lC/jv4hbBbRDuY3GRmk1Itsa7vcILJqBmvlxRa6BytnxW9IBwzK91YYojR38qF+L
U6eeBu6woQRQHOJrAQQpM1CMkjQmV4Ulcs1cuXxs073HF+WkX9+ylaCDZ15adXIZ
yNPkiK3g/6QD4tOHSiRidgaIW8gDZlIG/TdlvBOCbRb2p6nBj/K7YPKhGtXaMXjI
WPXpuWyqFRhuLhZ3qXPenk1ttAdHdYCwGC2UXSzGtNJxsaq8MeaugaJFaSNwd0eN
5X5K1lPFtI72YfJ357wegQJUVzDOp9kLBFdFihXlNfUJvlccnTJBUueMIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAhgfUB8tk9vbj2ihKuTg2EUqt7oMB8GA1UdIwQY
MBaAFDH9QBdB5mnpILA8bHaqOnhxQD9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWYxQUYwSG1hZWtnc0R4c2RxbzZlSEZBUDFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9iYTM2NWItNjk0Yi00ZmJhLTg2NTMt
ZGUzNmJmMjBiYTRmLzEvTWYxQUYwSG1hZWtnc0R4c2RxbzZlSEZBUDFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9iYTM2NWItNjk0Yi00ZmJhLTg2NTMtZGUzNmJmMjBiYTRm
LzEvTWYxQUYwSG1hZWtnc0R4c2RxbzZlSEZBUDFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkTim797k
ztpRJ10RUQJPBDtKDTZ+TU2Tjv2JaLfUmTY9jpnBy+FQ9UoV9X8Pdmx2qvCwyolT
lfaqQY+mbnH5hMwbFQjIaGlMZR8NZ53d9v20QEteowC8j4LVm9ePOAr4Rt1iTmF9
MzQIhjg0h6aH7sGxgszcmvRWKWu3MOEebcqBNfyf2phzQtGtTQ3sOJiU1ZyiQm5a
DiOIXRsvpTSRSPZjIAqpz7VR+9FD8Bs3vAtZ2cC8hJwMvHpF2n9B5worXmw5yTmm
xKY7a3FEnwKMS1WusoNJ4GoyKD8UG0r9avHL+jopHhxDjKvv34Ob+f2eeWh9eEu+
I0slzlP8Ws6Knw==
-----END CERTIFICATE-----