Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft
File:                     mtVmfEEoFBE5zKfFBH_BclC_Y68.mft (raw, json)
Hash identifier:          s07Ht+ZLbuUkCJdpQIfEql6ZKVTAAdepABxHfKlWrME=
Subject key identifier:   59:09:2B:B7:D6:58:33:49:84:EE:8A:C7:A3:8B:51:81:69:4E:E1:90
Authority key identifier: 9A:D5:66:7C:41:28:14:11:39:CC:A7:C5:04:7F:C1:72:50:BF:63:AF
Certificate issuer:       /CN=9ad5667c4128141139cca7c5047fc17250bf63af
Certificate serial:       0196767A6C5AAD39983830807276C3847E24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft
Manifest number:          150C
Signing time:             Sun 27 Apr 2025 09:00:56 +0000
Manifest this update:     Sun 27 Apr 2025 09:00:56 +0000
Manifest next update:     Mon 28 Apr 2025 09:00:56 +0000
Files and hashes:         1: mtVmfEEoFBE5zKfFBH_BclC_Y68.crl (hash: iVj0QwP6xCWFDFqPXDjKC314/Xi1pSebKWKAqdrWEzQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:7a:6c:5a:ad:39:98:38:30:80:72:76:c3:84:7e:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ad5667c4128141139cca7c5047fc17250bf63af
        Validity
            Not Before: Apr 27 09:00:56 2025 GMT
            Not After : Apr 28 09:00:56 2025 GMT
        Subject: CN=59092bb7d658334984ee8ac7a38b5181694ee190
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:78:c5:27:93:82:e3:a7:8b:89:a9:f9:2f:a4:
                    72:55:20:5b:66:4f:6b:71:1d:01:99:3d:88:65:8e:
                    da:75:76:f6:b2:8b:32:72:b3:68:3c:7d:1b:d4:3c:
                    30:6d:37:e0:b4:ec:9a:ef:7f:1c:ea:9f:82:b5:cc:
                    a7:39:3c:24:07:fd:98:d1:d9:75:72:02:a1:d7:ff:
                    44:cf:e4:2d:14:24:5d:b5:f7:8f:46:84:21:fe:07:
                    a8:06:67:41:6c:e0:01:5b:49:b8:11:b3:a0:49:34:
                    d8:b9:43:29:3a:af:b1:06:8d:8c:2e:87:00:f9:46:
                    4f:a8:16:3d:1e:41:47:e7:ad:f9:c1:24:43:41:86:
                    17:f0:c4:96:e9:98:97:8a:d5:3f:22:34:05:89:6a:
                    09:02:ed:78:0c:99:f4:61:a7:7d:9c:cc:14:31:5c:
                    88:a6:08:80:79:24:71:e7:12:a6:ea:7a:b5:5a:9a:
                    42:ee:38:9b:60:17:e2:61:61:04:6b:b8:df:3e:41:
                    16:20:66:ea:78:08:0e:fe:3f:b7:2d:a0:6e:35:b9:
                    01:5f:4f:4b:88:88:49:ae:f5:d1:91:6a:31:b2:76:
                    c5:d7:64:c6:06:2f:9f:65:c5:cb:a6:8f:11:1e:c0:
                    3f:40:25:36:85:32:4c:38:4d:c6:f8:9e:8d:93:fc:
                    13:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:09:2B:B7:D6:58:33:49:84:EE:8A:C7:A3:8B:51:81:69:4E:E1:90
            X509v3 Authority Key Identifier:
                keyid:9A:D5:66:7C:41:28:14:11:39:CC:A7:C5:04:7F:C1:72:50:BF:63:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:ac:29:4d:f2:a2:77:c8:61:eb:09:8e:c0:d0:32:aa:5b:3f:
         83:1f:70:42:6a:d0:58:a8:8a:f3:c4:fe:c7:36:c7:d3:16:99:
         45:7c:44:3c:67:6f:28:13:e9:42:14:fd:00:d3:c0:f2:1b:b0:
         22:af:87:ef:45:d3:c4:4d:88:8b:10:02:69:dc:9c:b4:2d:b5:
         99:05:59:fa:65:af:f3:da:3d:50:49:6e:2e:5d:80:2f:84:0d:
         09:e3:1b:c9:8e:68:7f:46:b1:d0:4a:f8:85:e7:24:e1:f7:f1:
         f7:0e:ae:fc:a2:44:64:40:24:2a:9d:13:db:73:db:c0:64:0a:
         66:8c:93:c3:a3:00:e5:b1:f2:46:f6:0a:c4:d0:d1:2b:49:f0:
         b3:4d:bf:16:dd:ac:5a:b8:0c:d7:c5:7e:56:0a:c8:da:62:93:
         58:20:5a:28:f4:1d:df:bb:56:23:59:9d:7f:38:87:5e:0d:2a:
         da:46:2b:b2:c3:7f:f5:a4:99:2f:dd:1d:49:b3:1c:a0:6f:9a:
         43:24:ce:bb:b8:ca:e5:38:85:76:7a:b1:ab:2b:cf:e5:bc:95:
         dc:29:9f:ef:e3:4e:2b:78:37:86:d8:b4:23:ad:51:ea:8c:dc:
         59:80:b4:ba:10:81:b6:56:cc:c8:08:e8:b2:56:f8:03:af:09:
         7b:70:fc:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2emxarTmYODCAcnbDhH4kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZDU2NjdjNDEyODE0MTEzOWNjYTdjNTA0N2ZjMTcyNTBi
ZjYzYWYwHhcNMjUwNDI3MDkwMDU2WhcNMjUwNDI4MDkwMDU2WjAzMTEwLwYDVQQD
Eyg1OTA5MmJiN2Q2NTgzMzQ5ODRlZThhYzdhMzhiNTE4MTY5NGVlMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3jFJ5OC46eLian5L6RyVSBbZk9r
cR0BmT2IZY7adXb2sosycrNoPH0b1DwwbTfgtOya738c6p+CtcynOTwkB/2Y0dl1
cgKh1/9Ez+QtFCRdtfePRoQh/geoBmdBbOABW0m4EbOgSTTYuUMpOq+xBo2MLocA
+UZPqBY9HkFH5635wSRDQYYX8MSW6ZiXitU/IjQFiWoJAu14DJn0Yad9nMwUMVyI
pgiAeSRx5xKm6nq1WppC7jibYBfiYWEEa7jfPkEWIGbqeAgO/j+3LaBuNbkBX09L
iIhJrvXRkWoxsnbF12TGBi+fZcXLpo8RHsA/QCU2hTJMOE3G+J6Nk/wTKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFkJK7fWWDNJhO6Kx6OLUYFpTuGQMB8GA1UdIwQY
MBaAFJrVZnxBKBQROcynxQR/wXJQv2OvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NzlmMGYtMDcwZS00NDNkLThlY2Qt
Njg3MjM1NTgzOGEyLzEvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NzlmMGYtMDcwZS00NDNkLThlY2QtNjg3MjM1NTgzOGEy
LzEvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW6wpTfKi
d8hh6wmOwNAyqls/gx9wQmrQWKiK88T+xzbH0xaZRXxEPGdvKBPpQhT9ANPA8huw
Iq+H70XTxE2IixACadyctC21mQVZ+mWv89o9UEluLl2AL4QNCeMbyY5of0ax0Er4
heck4ffx9w6u/KJEZEAkKp0T23PbwGQKZoyTw6MA5bHyRvYKxNDRK0nws02/Ft2s
WrgM18V+VgrI2mKTWCBaKPQd37tWI1mdfziHXg0q2kYrssN/9aSZL90dSbMcoG+a
QyTOu7jK5TiFdnqxqyvP5byV3Cmf7+NOK3g3hti0I61R6ozcWYC0uhCBtlbMyAjo
slb4A68Je3D8bQ==
-----END CERTIFICATE-----