Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
File:                     a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json)
Hash identifier:          Hv8jLjOssDt/uWeBQAF0D98dVwq4msOPRhphX3U62GI=
Subject key identifier:   8C:2F:19:34:22:96:94:FA:C9:DB:62:82:64:8D:F4:18:F1:33:75:C8
Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61
Certificate issuer:       /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
Certificate serial:       0196925F230F8E1279AE87CE17A7A16B1648
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
Manifest number:          08DD
Signing time:             Fri 02 May 2025 19:00:30 +0000
Manifest this update:     Fri 02 May 2025 19:00:30 +0000
Manifest next update:     Sat 03 May 2025 19:00:30 +0000
Files and hashes:         1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: 8hQJjDaUSQEcES1MhVro8+Z8tCCCVeTYxW2JH+8QbEA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 14:24:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:92:5f:23:0f:8e:12:79:ae:87:ce:17:a7:a1:6b:16:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
        Validity
            Not Before: May  2 19:00:30 2025 GMT
            Not After : May  3 19:00:30 2025 GMT
        Subject: CN=8c2f1934229694fac9db6282648df418f13375c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:ae:f1:50:5f:1f:fb:d6:b6:5e:11:5c:55:70:
                    fe:36:62:60:2d:a9:f4:a3:ed:8d:c7:5b:3a:1e:c2:
                    95:46:fb:1d:7c:a6:89:7d:84:72:63:dd:58:fd:51:
                    88:d4:a6:c2:43:c0:f8:12:1b:ae:fb:ef:05:50:28:
                    fa:d2:ec:b0:40:8c:37:9b:ea:5a:46:72:bd:69:fa:
                    15:33:51:32:d8:88:19:d2:08:98:9a:96:20:02:ac:
                    7c:ee:c0:12:e3:cd:b5:2d:b3:af:63:33:aa:81:d3:
                    1f:b8:60:71:68:2c:ab:6e:e9:aa:f3:31:16:2d:21:
                    04:3e:c6:57:f6:39:32:cd:c0:0a:3b:90:1d:0b:a3:
                    c0:e1:ea:2b:b8:a6:44:16:fe:de:7d:6a:f0:a7:8c:
                    04:c4:40:c5:d4:94:13:57:af:20:8a:7a:1b:98:3c:
                    56:85:c3:2d:93:a5:de:25:2d:44:71:ac:1d:71:b8:
                    7f:10:65:17:52:c5:f1:b5:ef:73:bb:c3:c6:e6:0b:
                    23:12:fa:68:62:f7:30:af:1f:a3:1f:c4:82:82:4c:
                    51:b9:e8:0f:b9:9c:b1:7d:d0:76:95:70:28:79:50:
                    e3:63:22:c5:91:97:af:30:7e:a3:c3:8c:5c:9e:cd:
                    22:26:bd:55:d8:0e:6e:a0:9e:13:be:b5:4f:2d:98:
                    47:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:2F:19:34:22:96:94:FA:C9:DB:62:82:64:8D:F4:18:F1:33:75:C8
            X509v3 Authority Key Identifier:
                keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:16:af:2e:f7:df:9d:a4:f2:7d:dc:e5:cf:20:e9:01:39:c7:
         50:de:7d:4c:ab:75:5d:4d:bd:3c:db:5c:93:da:3d:47:4c:68:
         bd:a7:2d:c5:c9:90:1d:ed:8d:69:bc:47:4d:f4:4a:ca:f8:6a:
         8c:52:fc:5e:ec:74:e1:92:63:c3:cd:fb:40:13:5e:86:17:f5:
         17:63:f5:ff:19:05:b3:16:29:9d:62:87:8e:8b:e0:33:a8:5a:
         29:be:27:5e:91:c4:4f:aa:3f:01:49:d7:91:47:c3:77:5b:86:
         ae:34:93:9b:d4:6a:96:c0:01:b0:8c:de:f2:93:67:f7:50:4e:
         54:85:a7:2b:c7:f0:44:53:b9:26:b5:fb:cd:d9:d9:dc:95:cd:
         8c:16:1b:63:ba:15:cc:59:5e:a2:44:ab:5a:ea:9d:cf:c0:e2:
         4e:56:e8:07:72:8f:b5:af:ef:ba:fa:b4:2c:da:6b:e4:0d:5c:
         68:f6:91:78:0b:28:49:c1:cb:4b:2a:13:07:3e:3d:38:ee:ea:
         30:e6:53:7f:4e:31:21:95:f5:67:0b:f9:fb:56:09:0e:c7:9e:
         6a:6d:f7:0a:3c:e0:4c:67:70:1a:28:db:aa:85:cc:41:50:0a:
         0e:0f:0f:d2:84:1c:68:a7:4f:e9:95:74:e0:b0:ab:1e:30:48:
         51:a5:0f:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaSXyMPjhJ5rofOF6ehaxZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj
ZmFkNjEwHhcNMjUwNTAyMTkwMDMwWhcNMjUwNTAzMTkwMDMwWjAzMTEwLwYDVQQD
Eyg4YzJmMTkzNDIyOTY5NGZhYzlkYjYyODI2NDhkZjQxOGYxMzM3NWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxa7xUF8f+9a2XhFcVXD+NmJgLan0
o+2Nx1s6HsKVRvsdfKaJfYRyY91Y/VGI1KbCQ8D4Ehuu++8FUCj60uywQIw3m+pa
RnK9afoVM1Ey2IgZ0giYmpYgAqx87sAS4821LbOvYzOqgdMfuGBxaCyrbumq8zEW
LSEEPsZX9jkyzcAKO5AdC6PA4eoruKZEFv7efWrwp4wExEDF1JQTV68ginobmDxW
hcMtk6XeJS1Ecawdcbh/EGUXUsXxte9zu8PG5gsjEvpoYvcwrx+jH8SCgkxRuegP
uZyxfdB2lXAoeVDjYyLFkZevMH6jw4xcns0iJr1V2A5uoJ4TvrVPLZhHPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIwvGTQilpT6ydtigmSN9BjxM3XIMB8GA1UdIwQY
MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt
MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5
LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcRavLvff
naTyfdzlzyDpATnHUN59TKt1XU29PNtck9o9R0xovactxcmQHe2NabxHTfRKyvhq
jFL8Xux04ZJjw837QBNehhf1F2P1/xkFsxYpnWKHjovgM6haKb4nXpHET6o/AUnX
kUfDd1uGrjSTm9RqlsABsIze8pNn91BOVIWnK8fwRFO5JrX7zdnZ3JXNjBYbY7oV
zFleokSrWuqdz8DiTlboB3KPta/vuvq0LNpr5A1caPaReAsoScHLSyoTBz49OO7q
MOZTf04xIZX1Zwv5+1YJDseeam33CjzgTGdwGijbqoXMQVAKDg8P0oQcaKdP6ZV0
4LCrHjBIUaUPCw==
-----END CERTIFICATE-----