Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/cdc2ec-d0ee-436a-8d11-f5d6b492394b/1/8z9sz1fxxI8RwU_QBUBazONtA7g.mft
File:                     8z9sz1fxxI8RwU_QBUBazONtA7g.mft (raw, json)
Hash identifier:          5ed6YBKcZh5lA/zdMTAfNuEr7M0C6NsQhcIRU1TIhD4=
Subject key identifier:   EB:4A:F4:B6:E3:03:61:64:4F:DD:7C:08:92:48:0C:A7:AA:32:26:02
Authority key identifier: F3:3F:6C:CF:57:F1:C4:8F:11:C1:4F:D0:05:40:5A:CC:E3:6D:03:B8
Certificate issuer:       /CN=f33f6ccf57f1c48f11c14fd005405acce36d03b8
Certificate serial:       0196B4467D1F4F9FB03D4C6F3A1ACD03233B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8z9sz1fxxI8RwU_QBUBazONtA7g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/cdc2ec-d0ee-436a-8d11-f5d6b492394b/1/8z9sz1fxxI8RwU_QBUBazONtA7g.mft
Manifest number:          152A
Signing time:             Fri 09 May 2025 09:00:40 +0000
Manifest this update:     Fri 09 May 2025 09:00:40 +0000
Manifest next update:     Sat 10 May 2025 09:00:40 +0000
Files and hashes:         1: 8z9sz1fxxI8RwU_QBUBazONtA7g.crl (hash: NVD3NHCbZeS3bGv8keC7w1Dq9y/J7KgO6jE06WiP6Bs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/cdc2ec-d0ee-436a-8d11-f5d6b492394b/1/8z9sz1fxxI8RwU_QBUBazONtA7g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/cdc2ec-d0ee-436a-8d11-f5d6b492394b/1/8z9sz1fxxI8RwU_QBUBazONtA7g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8z9sz1fxxI8RwU_QBUBazONtA7g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 09:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b4:46:7d:1f:4f:9f:b0:3d:4c:6f:3a:1a:cd:03:23:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f33f6ccf57f1c48f11c14fd005405acce36d03b8
        Validity
            Not Before: May  9 09:00:40 2025 GMT
            Not After : May 10 09:00:40 2025 GMT
        Subject: CN=eb4af4b6e30361644fdd7c0892480ca7aa322602
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:22:f2:3d:00:bc:95:8a:33:49:aa:95:9e:6c:
                    6b:04:c2:a4:8d:6e:50:20:b9:f6:16:34:07:b3:4f:
                    ee:57:da:86:41:08:ce:e0:f9:b6:f2:a0:76:d8:69:
                    85:0a:4a:e7:2e:36:0a:38:81:b7:f5:1b:d2:cf:a3:
                    0f:d0:04:c7:68:0d:d0:d9:25:ef:50:7b:97:bf:a5:
                    d3:a7:31:aa:33:d8:62:7b:d7:a9:0c:42:38:f1:87:
                    29:af:fc:2f:4c:f4:40:55:42:40:4d:de:26:72:c8:
                    67:7b:67:5b:30:d6:98:14:39:a4:36:ed:b4:2b:01:
                    44:0a:37:17:cf:ea:e7:8b:f5:24:83:7b:25:f4:09:
                    fd:04:08:64:f1:47:3a:59:0b:da:06:a8:9c:91:83:
                    d4:f8:0f:12:3c:90:17:49:ff:b7:90:3a:1c:63:eb:
                    0d:18:79:74:df:20:81:ed:7d:7e:36:d4:05:f5:af:
                    99:44:f9:59:8d:c4:2a:bf:35:b3:76:39:f6:10:82:
                    b8:ad:3e:76:ee:32:98:fe:26:cc:24:0e:0f:29:84:
                    5c:d2:5b:41:f1:70:16:87:ac:fe:2b:92:37:60:d6:
                    5b:ed:a8:8e:04:5a:6f:15:c9:54:1b:70:a3:7b:1f:
                    53:34:61:d5:98:16:7f:17:6f:ce:30:63:1e:6c:fb:
                    62:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:4A:F4:B6:E3:03:61:64:4F:DD:7C:08:92:48:0C:A7:AA:32:26:02
            X509v3 Authority Key Identifier:
                keyid:F3:3F:6C:CF:57:F1:C4:8F:11:C1:4F:D0:05:40:5A:CC:E3:6D:03:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8z9sz1fxxI8RwU_QBUBazONtA7g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/cdc2ec-d0ee-436a-8d11-f5d6b492394b/1/8z9sz1fxxI8RwU_QBUBazONtA7g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/cdc2ec-d0ee-436a-8d11-f5d6b492394b/1/8z9sz1fxxI8RwU_QBUBazONtA7g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:03:bf:78:4f:c4:68:19:da:81:91:3c:0d:13:fc:4b:41:0f:
         ec:0d:76:d1:d9:9f:92:9d:c0:ad:97:88:ec:96:40:e6:de:71:
         30:29:f4:93:47:ed:f2:8d:c7:ff:c0:3c:46:cd:25:13:d8:e4:
         7b:b8:bd:72:a6:73:7a:67:0c:a5:e3:3b:32:e3:fc:c2:d0:15:
         5c:38:be:18:ed:8b:85:c5:83:68:67:72:29:a3:37:a2:8b:1c:
         50:78:c6:70:f0:ba:46:2f:38:a2:98:8b:4c:c6:4b:f0:1c:a8:
         f2:95:9c:e4:67:e4:40:0d:09:a4:4e:11:2e:46:61:1e:18:e2:
         0d:7c:f0:08:f2:f4:b9:d9:ce:9b:ea:2e:05:84:9a:4e:45:76:
         a9:f0:09:36:ae:63:e0:23:40:29:60:a7:11:3d:1f:cb:19:e3:
         59:a3:b4:0a:65:05:d9:1a:64:9d:b2:2e:87:d8:fb:18:59:c3:
         33:86:ad:95:b4:33:5e:83:71:a9:a8:ad:98:94:f5:6b:e0:f9:
         e5:19:3b:40:6b:0f:ff:3a:96:ac:1f:23:d1:20:cd:2c:05:a9:
         dd:e4:20:b1:4f:cd:93:29:a4:d4:23:50:2f:d0:e8:54:d3:95:
         20:05:eb:09:8d:29:c0:0a:6b:0e:db:fd:18:ef:28:3d:3f:79:
         15:73:96:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa0Rn0fT5+wPUxvOhrNAyM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzM2Y2Y2NmNTdmMWM0OGYxMWMxNGZkMDA1NDA1YWNjZTM2
ZDAzYjgwHhcNMjUwNTA5MDkwMDQwWhcNMjUwNTEwMDkwMDQwWjAzMTEwLwYDVQQD
EyhlYjRhZjRiNmUzMDM2MTY0NGZkZDdjMDg5MjQ4MGNhN2FhMzIyNjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriLyPQC8lYozSaqVnmxrBMKkjW5Q
ILn2FjQHs0/uV9qGQQjO4Pm28qB22GmFCkrnLjYKOIG39RvSz6MP0ATHaA3Q2SXv
UHuXv6XTpzGqM9hie9epDEI48Ycpr/wvTPRAVUJATd4mcshne2dbMNaYFDmkNu20
KwFECjcXz+rni/Ukg3sl9An9BAhk8Uc6WQvaBqickYPU+A8SPJAXSf+3kDocY+sN
GHl03yCB7X1+NtQF9a+ZRPlZjcQqvzWzdjn2EIK4rT527jKY/ibMJA4PKYRc0ltB
8XAWh6z+K5I3YNZb7aiOBFpvFclUG3Cjex9TNGHVmBZ/F2/OMGMebPtiswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOtK9LbjA2FkT918CJJIDKeqMiYCMB8GA1UdIwQY
MBaAFPM/bM9X8cSPEcFP0AVAWszjbQO4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHo5c3oxZnh4SThSd1VfUUJVQmF6T050QTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9jZGMyZWMtZDBlZS00MzZhLThkMTEt
ZjVkNmI0OTIzOTRiLzEvOHo5c3oxZnh4SThSd1VfUUJVQmF6T050QTdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9jZGMyZWMtZDBlZS00MzZhLThkMTEtZjVkNmI0OTIzOTRi
LzEvOHo5c3oxZnh4SThSd1VfUUJVQmF6T050QTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApwO/eE/E
aBnagZE8DRP8S0EP7A120dmfkp3ArZeI7JZA5t5xMCn0k0ft8o3H/8A8Rs0lE9jk
e7i9cqZzemcMpeM7MuP8wtAVXDi+GO2LhcWDaGdyKaM3ooscUHjGcPC6Ri84opiL
TMZL8Byo8pWc5GfkQA0JpE4RLkZhHhjiDXzwCPL0udnOm+ouBYSaTkV2qfAJNq5j
4CNAKWCnET0fyxnjWaO0CmUF2RpknbIuh9j7GFnDM4atlbQzXoNxqaitmJT1a+D5
5Rk7QGsP/zqWrB8j0SDNLAWp3eQgsU/Nkymk1CNQL9DoVNOVIAXrCY0pwAprDtv9
GO8oPT95FXOWYw==
-----END CERTIFICATE-----