Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft
File:                     cLqzJoCFMIofjVcIS52qHr-V4Nw.mft (raw, json)
Hash identifier:          lfbdb+/+lT6DblHOYLla/d4Uj6P+rWiq2/FGlONUdAM=
Subject key identifier:   45:90:1E:E9:62:BD:36:86:6B:CB:C2:A4:1C:F1:A6:FF:ED:23:2B:9F
Authority key identifier: 70:BA:B3:26:80:85:30:8A:1F:8D:57:08:4B:9D:AA:1E:BF:95:E0:DC
Certificate issuer:       /CN=70bab3268085308a1f8d57084b9daa1ebf95e0dc
Certificate serial:       019677FB4BC20AFCE73434A6CD6BA135FC59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cLqzJoCFMIofjVcIS52qHr-V4Nw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft
Manifest number:          150A
Signing time:             Sun 27 Apr 2025 16:01:19 +0000
Manifest this update:     Sun 27 Apr 2025 16:01:19 +0000
Manifest next update:     Mon 28 Apr 2025 16:01:19 +0000
Files and hashes:         1: cLqzJoCFMIofjVcIS52qHr-V4Nw.crl (hash: ucFhl/n6p6QbnyiGZv75LHbBPY0YkJvICJcHaReLeG0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cLqzJoCFMIofjVcIS52qHr-V4Nw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fb:4b:c2:0a:fc:e7:34:34:a6:cd:6b:a1:35:fc:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70bab3268085308a1f8d57084b9daa1ebf95e0dc
        Validity
            Not Before: Apr 27 16:01:19 2025 GMT
            Not After : Apr 28 16:01:19 2025 GMT
        Subject: CN=45901ee962bd36866bcbc2a41cf1a6ffed232b9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:38:d5:52:46:92:10:47:68:d9:b1:43:0f:20:
                    1d:97:de:c4:14:fa:df:04:86:77:be:05:d9:97:4e:
                    1b:f2:e1:c3:b0:ea:39:4f:34:29:b3:1d:7d:c8:62:
                    92:bb:af:3c:03:71:ee:b1:aa:85:78:6e:14:5c:cb:
                    ac:2a:da:b0:59:a4:c2:a9:c3:d5:c7:07:d6:ac:fc:
                    f0:a8:8e:a5:72:26:4f:3b:ce:e8:f5:49:3a:e1:a1:
                    3e:9b:eb:69:20:0e:cf:be:bf:af:ce:94:15:17:f7:
                    aa:78:e8:64:1e:69:23:1f:bc:a8:e9:17:9b:44:08:
                    d9:ae:19:c4:3f:05:77:e6:d1:75:59:5a:b8:da:11:
                    63:e9:39:09:2a:01:0e:69:12:49:d5:0e:8c:bf:42:
                    70:6d:14:88:06:cf:64:9b:3a:38:3d:37:59:74:9d:
                    ce:d8:81:b2:14:d0:10:92:81:fa:4f:17:75:a8:92:
                    9e:5c:28:ad:1d:4a:26:e6:23:7b:97:6b:d0:11:97:
                    9c:e7:f2:2b:eb:0f:b1:5c:3c:4f:c0:34:46:01:6b:
                    68:be:76:70:5a:8c:00:76:3a:8f:3c:25:9a:8a:8a:
                    38:37:58:aa:25:e8:d6:97:a9:88:f7:2e:72:c9:3a:
                    a6:ec:6d:2b:de:99:03:c6:b5:74:ef:8b:66:f0:f3:
                    87:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:90:1E:E9:62:BD:36:86:6B:CB:C2:A4:1C:F1:A6:FF:ED:23:2B:9F
            X509v3 Authority Key Identifier:
                keyid:70:BA:B3:26:80:85:30:8A:1F:8D:57:08:4B:9D:AA:1E:BF:95:E0:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLqzJoCFMIofjVcIS52qHr-V4Nw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:c9:f7:c1:b1:eb:7a:68:b3:a9:24:03:a6:2d:58:90:1c:c5:
         51:3a:91:22:2e:cc:9b:7e:98:b2:e1:b5:02:16:07:c5:55:f3:
         07:34:92:ce:50:f2:6c:6e:14:e6:b1:53:6f:8e:c9:8f:7b:5a:
         e1:4a:6e:b8:50:62:fa:25:db:a9:c3:68:94:2f:67:2f:a5:7d:
         fc:7a:17:31:f8:e2:30:1f:b6:2b:4b:ad:35:ef:8c:28:5f:82:
         45:a0:25:4f:1f:b4:3d:55:5d:5e:8a:f4:28:b8:b6:e6:c6:82:
         6a:06:aa:29:6f:1c:01:5c:59:7c:44:98:57:78:ed:ac:f9:94:
         5e:74:08:16:2d:34:16:83:a2:f0:56:fa:db:30:fe:b8:58:c6:
         34:ad:cd:f9:79:12:b1:dd:aa:f0:56:fd:f4:bd:95:c8:4e:9e:
         cb:71:d8:c0:10:40:14:8c:3c:5a:b7:76:bf:32:2d:a6:46:0c:
         35:46:0c:43:1d:97:be:7b:29:62:42:62:3f:eb:ab:9c:e2:3c:
         22:23:6d:d4:02:6b:20:52:29:fe:3c:dc:8b:bf:bf:c5:e1:2b:
         52:51:ad:8a:d0:29:07:f3:ee:e0:74:14:4e:b9:9a:21:29:a6:
         f4:fd:40:b5:21:0e:44:5e:3b:54:5a:5c:e1:a9:5f:e5:e1:67:
         e4:f8:3f:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+0vCCvznNDSmzWuhNfxZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYmFiMzI2ODA4NTMwOGExZjhkNTcwODRiOWRhYTFlYmY5
NWUwZGMwHhcNMjUwNDI3MTYwMTE5WhcNMjUwNDI4MTYwMTE5WjAzMTEwLwYDVQQD
Eyg0NTkwMWVlOTYyYmQzNjg2NmJjYmMyYTQxY2YxYTZmZmVkMjMyYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9jjVUkaSEEdo2bFDDyAdl97EFPrf
BIZ3vgXZl04b8uHDsOo5TzQpsx19yGKSu688A3HusaqFeG4UXMusKtqwWaTCqcPV
xwfWrPzwqI6lciZPO87o9Uk64aE+m+tpIA7Pvr+vzpQVF/eqeOhkHmkjH7yo6Reb
RAjZrhnEPwV35tF1WVq42hFj6TkJKgEOaRJJ1Q6Mv0JwbRSIBs9kmzo4PTdZdJ3O
2IGyFNAQkoH6Txd1qJKeXCitHUom5iN7l2vQEZec5/Ir6w+xXDxPwDRGAWtovnZw
WowAdjqPPCWaioo4N1iqJejWl6mI9y5yyTqm7G0r3pkDxrV074tm8POHuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWQHulivTaGa8vCpBzxpv/tIyufMB8GA1UdIwQY
MBaAFHC6syaAhTCKH41XCEudqh6/leDcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xxekpvQ0ZNSW9malZjSVM1MnFIci1WNE53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82ZmQzZWYtZDU1OC00ZTcwLWEyMTQt
NTJhZWZiNjU2OGFlLzEvY0xxekpvQ0ZNSW9malZjSVM1MnFIci1WNE53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82ZmQzZWYtZDU1OC00ZTcwLWEyMTQtNTJhZWZiNjU2OGFl
LzEvY0xxekpvQ0ZNSW9malZjSVM1MnFIci1WNE53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd8n3wbHr
emizqSQDpi1YkBzFUTqRIi7Mm36YsuG1AhYHxVXzBzSSzlDybG4U5rFTb47Jj3ta
4UpuuFBi+iXbqcNolC9nL6V9/HoXMfjiMB+2K0utNe+MKF+CRaAlTx+0PVVdXor0
KLi25saCagaqKW8cAVxZfESYV3jtrPmUXnQIFi00FoOi8Fb62zD+uFjGNK3N+XkS
sd2q8Fb99L2VyE6ey3HYwBBAFIw8Wrd2vzItpkYMNUYMQx2XvnspYkJiP+urnOI8
IiNt1AJrIFIp/jzci7+/xeErUlGtitApB/Pu4HQUTrmaISmm9P1AtSEORF47VFpc
4alf5eFn5Pg/KA==
-----END CERTIFICATE-----