Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
File:                     249r9UNKqjLT5fETsAxbsUAvZ_Y.mft (raw, json)
Hash identifier:          sDpeX7V7F1k85Pu1GN/hbEAv6CvRCJe6r+9kH+p2aig=
Subject key identifier:   97:C8:CA:34:CC:81:AE:BD:BB:F2:31:82:61:36:9E:A2:05:FD:5F:AF
Authority key identifier: DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6
Certificate issuer:       /CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
Certificate serial:       01968E827846A9777E17C965C4F3D1C00AD7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
Manifest number:          0610
Signing time:             Fri 02 May 2025 01:00:37 +0000
Manifest this update:     Fri 02 May 2025 01:00:37 +0000
Manifest next update:     Sat 03 May 2025 01:00:37 +0000
Files and hashes:         1: 249r9UNKqjLT5fETsAxbsUAvZ_Y.crl (hash: rdTiMl48HUTy5DIwIj5XBE4SLlYIUdzPcFVoahIyfN4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8e:82:78:46:a9:77:7e:17:c9:65:c4:f3:d1:c0:0a:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
        Validity
            Not Before: May  2 01:00:37 2025 GMT
            Not After : May  3 01:00:37 2025 GMT
        Subject: CN=97c8ca34cc81aebdbbf2318261369ea205fd5faf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:71:34:4a:b2:91:8f:7e:9a:b4:6e:06:f4:6b:
                    1d:eb:45:70:9b:bd:7d:f4:de:cf:83:3b:ca:63:6d:
                    ce:19:df:9c:0f:59:9f:98:66:bd:27:7c:be:2b:02:
                    d0:b4:f8:18:e5:a1:ed:48:e8:24:6f:b1:a9:52:f8:
                    e0:3b:9c:51:b5:27:e9:e5:84:ef:b6:e5:12:c5:61:
                    c7:20:17:38:52:ec:d0:cf:7c:10:b6:3f:a0:c0:1c:
                    76:6b:10:03:3a:dc:cd:30:01:1a:be:c1:1b:35:1f:
                    10:17:3a:14:31:c8:8c:7b:2a:77:ec:77:82:a8:c7:
                    1b:3b:8c:ae:7f:85:a9:a7:de:07:03:1c:f2:88:65:
                    d9:ca:b5:23:c0:9b:1e:21:b0:2f:ce:d7:69:8b:93:
                    7e:62:62:29:62:64:bb:1f:69:03:ae:6c:ce:08:d8:
                    b4:64:86:e0:e7:49:83:0a:64:de:14:ff:a6:81:cf:
                    02:2f:f1:7a:64:4c:43:38:cc:bb:69:21:6d:67:4a:
                    40:ec:0c:0a:a2:a6:65:bf:88:1f:32:8c:de:90:c5:
                    3d:9f:52:dc:84:ae:48:9d:08:75:c3:30:ef:4e:28:
                    80:ac:d9:11:70:bb:1f:a6:c9:bf:fa:21:0d:de:5f:
                    e5:84:c6:86:17:90:0f:c1:0c:57:29:23:ac:c7:3d:
                    7d:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:C8:CA:34:CC:81:AE:BD:BB:F2:31:82:61:36:9E:A2:05:FD:5F:AF
            X509v3 Authority Key Identifier:
                keyid:DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:d0:b6:d2:8f:35:ab:79:bf:24:25:cd:6a:2e:b3:ac:c1:69:
         89:9b:5c:12:be:4e:b6:61:14:64:c6:1b:f1:e6:d6:d0:e3:6f:
         da:f1:85:10:9d:aa:81:8b:cd:ff:55:34:91:0f:83:c6:0e:96:
         8e:bd:85:00:1e:f0:0d:4b:74:30:17:be:17:5d:b5:e6:cd:3a:
         76:c8:62:1b:e4:76:2b:f5:6d:34:a0:59:4d:01:35:42:b5:bb:
         38:c8:fc:9b:80:c3:d3:c2:86:64:a2:db:7d:52:0b:7b:a4:d9:
         6b:37:95:15:9d:bd:66:18:06:7b:cf:21:4e:13:46:78:6a:16:
         36:fd:8e:be:ae:6a:06:fc:31:40:ee:c5:91:95:eb:6d:34:7e:
         66:fd:b6:52:50:4e:4c:b8:9c:8f:d2:e6:cc:44:92:b7:82:45:
         1e:c7:d6:c2:9f:11:0d:16:90:e5:47:fb:72:71:ed:38:f9:a9:
         67:6a:0c:e2:fd:e9:0a:f5:56:04:da:77:95:0d:53:00:2a:9d:
         37:af:4f:d1:e1:cb:da:77:0f:98:2a:ce:25:cd:e4:34:23:bc:
         a0:d2:5a:5f:cc:d6:42:a8:f2:43:da:36:3b:55:e1:a7:b5:e7:
         7b:98:bd:29:7b:c8:e6:d8:72:59:f8:51:b1:da:3c:0d:2e:a7:
         9b:59:24:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaOgnhGqXd+F8llxPPRwArXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOGY2YmY1NDM0YWFhMzJkM2U1ZjExM2IwMGM1YmIxNDAy
ZjY3ZjYwHhcNMjUwNTAyMDEwMDM3WhcNMjUwNTAzMDEwMDM3WjAzMTEwLwYDVQQD
Eyg5N2M4Y2EzNGNjODFhZWJkYmJmMjMxODI2MTM2OWVhMjA1ZmQ1ZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHE0SrKRj36atG4G9Gsd60Vwm719
9N7PgzvKY23OGd+cD1mfmGa9J3y+KwLQtPgY5aHtSOgkb7GpUvjgO5xRtSfp5YTv
tuUSxWHHIBc4UuzQz3wQtj+gwBx2axADOtzNMAEavsEbNR8QFzoUMciMeyp37HeC
qMcbO4yuf4Wpp94HAxzyiGXZyrUjwJseIbAvztdpi5N+YmIpYmS7H2kDrmzOCNi0
ZIbg50mDCmTeFP+mgc8CL/F6ZExDOMy7aSFtZ0pA7AwKoqZlv4gfMozekMU9n1Lc
hK5InQh1wzDvTiiArNkRcLsfpsm/+iEN3l/lhMaGF5APwQxXKSOsxz190wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJfIyjTMga69u/IxgmE2nqIF/V+vMB8GA1UdIwQY
MBaAFNuPa/VDSqoy0+XxE7AMW7FAL2f2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEt
ZDk3OTY3OTRjNjFjLzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEtZDk3OTY3OTRjNjFj
LzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAidC20o81
q3m/JCXNai6zrMFpiZtcEr5OtmEUZMYb8ebW0ONv2vGFEJ2qgYvN/1U0kQ+Dxg6W
jr2FAB7wDUt0MBe+F1215s06dshiG+R2K/VtNKBZTQE1QrW7OMj8m4DD08KGZKLb
fVILe6TZazeVFZ29ZhgGe88hThNGeGoWNv2Ovq5qBvwxQO7FkZXrbTR+Zv22UlBO
TLicj9LmzESSt4JFHsfWwp8RDRaQ5Uf7cnHtOPmpZ2oM4v3pCvVWBNp3lQ1TACqd
N69P0eHL2ncPmCrOJc3kNCO8oNJaX8zWQqjyQ9o2O1Xhp7Xne5i9KXvI5thyWfhR
sdo8DS6nm1kkNg==
-----END CERTIFICATE-----