Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
File:                     aUSJSM9NjazkdxjA9yWe3usJPns.mft (raw, json)
Hash identifier:          yf7fkwFZ1yhaTPw+JOGn4eH4UE2Vh00rsOYKnWoIO9U=
Subject key identifier:   24:3D:D5:D6:08:39:3E:B3:48:0B:66:37:25:FD:93:00:3A:25:3E:57
Authority key identifier: 69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B
Certificate issuer:       /CN=69448948cf4d8dace47718c0f7259edeeb093e7b
Certificate serial:       01967B325F57C60FDB9CDF1B3F3E214C031B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
Manifest number:          150F
Signing time:             Mon 28 Apr 2025 07:00:20 +0000
Manifest this update:     Mon 28 Apr 2025 07:00:20 +0000
Manifest next update:     Tue 29 Apr 2025 07:00:20 +0000
Files and hashes:         1: aUSJSM9NjazkdxjA9yWe3usJPns.crl (hash: uDpx8RuNrWHKu+Z/PR26M383gLmn+/YbdkopBqZwLB8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7b:32:5f:57:c6:0f:db:9c:df:1b:3f:3e:21:4c:03:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69448948cf4d8dace47718c0f7259edeeb093e7b
        Validity
            Not Before: Apr 28 07:00:20 2025 GMT
            Not After : Apr 29 07:00:20 2025 GMT
        Subject: CN=243dd5d608393eb3480b663725fd93003a253e57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:79:d8:7a:ad:a3:26:45:2a:62:9c:1c:23:d3:
                    ca:90:a2:2d:69:71:8d:92:ee:61:5b:1f:12:03:63:
                    80:8d:39:c7:2d:f3:cd:0e:e0:ab:89:7a:e5:ba:15:
                    0b:1b:b9:69:84:cc:fa:a2:ec:ed:69:e9:0a:26:e5:
                    54:d6:c3:76:be:57:ca:fd:a6:54:0b:a3:c4:e9:be:
                    fa:af:ff:86:b7:28:d6:55:db:7e:25:8c:19:6c:cd:
                    74:67:de:07:7a:b0:a5:99:8c:6e:2a:32:c7:3b:bc:
                    b4:6f:8e:ca:e7:52:90:92:0a:f5:16:cf:c0:f9:70:
                    1e:73:f0:46:ae:94:0a:79:51:0c:e9:81:5a:5a:28:
                    20:38:f3:07:40:cb:fc:46:b7:19:7a:28:85:4e:b2:
                    7d:eb:dc:1f:e8:05:25:c7:38:2c:48:33:f9:31:0f:
                    ee:a4:40:cc:38:d4:81:7f:78:a5:cf:8a:4b:7b:60:
                    84:fc:6e:27:c5:cc:51:69:01:08:6e:47:02:06:83:
                    66:bc:20:0d:52:de:f8:d0:73:43:61:d4:7f:c0:72:
                    59:29:33:21:81:42:49:a6:64:59:df:ba:02:a5:e4:
                    e0:43:f6:50:9d:dc:f6:d4:ad:f0:b0:f3:fa:5d:bd:
                    d0:a4:23:97:7b:05:a3:72:fe:21:6e:16:79:ad:7b:
                    25:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:3D:D5:D6:08:39:3E:B3:48:0B:66:37:25:FD:93:00:3A:25:3E:57
            X509v3 Authority Key Identifier:
                keyid:69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:6d:07:a8:22:7e:03:a8:7d:ad:76:4e:64:c9:24:75:8b:0f:
         a3:9e:95:8f:1a:19:a7:74:0a:0a:e3:65:eb:bb:d2:c4:9c:6d:
         73:69:37:03:1a:27:23:6c:d2:b8:ae:c7:9e:d0:aa:0d:2e:eb:
         c3:21:58:67:f0:a4:07:49:37:8d:71:58:d1:9d:6f:6b:f1:70:
         9b:da:26:fd:15:5a:5f:43:92:7a:8c:cf:3a:9b:01:11:c6:5a:
         0a:3a:58:92:1d:02:82:b9:07:88:95:5f:75:55:b3:f1:84:77:
         fe:ae:31:74:f4:d4:8f:a1:e6:3e:a0:8b:79:62:3b:4e:bc:f1:
         4c:e3:a6:f1:0d:8e:36:4d:79:d3:cd:76:cb:6c:36:fe:9f:d5:
         ee:d6:1c:ae:b6:93:e4:be:dc:b2:7f:9f:4d:b8:64:10:d8:ba:
         e2:00:73:0d:d9:c2:37:6b:ee:69:af:9e:88:25:11:ea:2c:7c:
         4f:94:36:61:ac:a5:58:18:3d:e0:34:8b:d9:f1:16:65:a9:56:
         ae:85:84:23:c0:b8:b4:37:9f:f3:ce:74:5d:29:65:d8:95:09:
         b6:58:2b:eb:c0:8b:3a:e3:48:dd:30:5c:b4:2a:e9:a3:79:bc:
         b1:a5:63:f3:65:9e:2e:e5:e0:8c:62:ff:b2:0b:0c:e1:6f:81:
         bf:a0:8d:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ7Ml9Xxg/bnN8bPz4hTAMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NDQ4OTQ4Y2Y0ZDhkYWNlNDc3MThjMGY3MjU5ZWRlZWIw
OTNlN2IwHhcNMjUwNDI4MDcwMDIwWhcNMjUwNDI5MDcwMDIwWjAzMTEwLwYDVQQD
EygyNDNkZDVkNjA4MzkzZWIzNDgwYjY2MzcyNWZkOTMwMDNhMjUzZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXnYeq2jJkUqYpwcI9PKkKItaXGN
ku5hWx8SA2OAjTnHLfPNDuCriXrluhULG7lphMz6ouztaekKJuVU1sN2vlfK/aZU
C6PE6b76r/+GtyjWVdt+JYwZbM10Z94HerClmYxuKjLHO7y0b47K51KQkgr1Fs/A
+XAec/BGrpQKeVEM6YFaWiggOPMHQMv8RrcZeiiFTrJ969wf6AUlxzgsSDP5MQ/u
pEDMONSBf3ilz4pLe2CE/G4nxcxRaQEIbkcCBoNmvCANUt740HNDYdR/wHJZKTMh
gUJJpmRZ37oCpeTgQ/ZQndz21K3wsPP6Xb3QpCOXewWjcv4hbhZ5rXsl4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCQ91dYIOT6zSAtmNyX9kwA6JT5XMB8GA1UdIwQY
MBaAFGlEiUjPTY2s5HcYwPclnt7rCT57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYt
NGIxMzdhNGRiYzZlLzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYtNGIxMzdhNGRiYzZl
LzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW20HqCJ+
A6h9rXZOZMkkdYsPo56VjxoZp3QKCuNl67vSxJxtc2k3AxonI2zSuK7HntCqDS7r
wyFYZ/CkB0k3jXFY0Z1va/Fwm9om/RVaX0OSeozPOpsBEcZaCjpYkh0CgrkHiJVf
dVWz8YR3/q4xdPTUj6HmPqCLeWI7TrzxTOOm8Q2ONk150812y2w2/p/V7tYcrraT
5L7csn+fTbhkENi64gBzDdnCN2vuaa+eiCUR6ix8T5Q2YaylWBg94DSL2fEWZalW
roWEI8C4tDef8850XSll2JUJtlgr68CLOuNI3TBctCrpo3m8saVj82WeLuXgjGL/
sgsM4W+Bv6CNcg==
-----END CERTIFICATE-----