Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
File:                     gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft (raw, json)
Hash identifier:          824qM8zQtK2bdLoYa/lXcmoSKUFCO9XI3N1/xvjBudg=
Subject key identifier:   C3:BD:20:D8:73:B9:5F:08:5C:73:5E:82:74:12:A9:C0:11:9F:2E:A5
Authority key identifier: 80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68
Certificate issuer:       /CN=80eb71d019a483225c324c88c6c48020ef9f1168
Certificate serial:       019676B0B9E2F098EEE109138A641EDE950C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
Manifest number:          150C
Signing time:             Sun 27 Apr 2025 10:00:15 +0000
Manifest this update:     Sun 27 Apr 2025 10:00:15 +0000
Manifest next update:     Mon 28 Apr 2025 10:00:15 +0000
Files and hashes:         1: gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl (hash: Gp9uE6WBisv+xnfNTpNEd7s18j43HuEDEn7n43dWxMI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:29:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:b0:b9:e2:f0:98:ee:e1:09:13:8a:64:1e:de:95:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80eb71d019a483225c324c88c6c48020ef9f1168
        Validity
            Not Before: Apr 27 10:00:15 2025 GMT
            Not After : Apr 28 10:00:15 2025 GMT
        Subject: CN=c3bd20d873b95f085c735e827412a9c0119f2ea5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:32:cf:e7:da:13:cb:ca:35:18:b8:f3:8e:81:
                    2e:8c:71:d9:f8:74:c0:14:36:91:d0:70:81:4e:31:
                    d1:e9:b7:0e:25:06:07:c7:85:7c:27:dc:3f:98:b6:
                    58:0c:52:29:0c:d6:a8:5d:54:8c:44:b2:c1:19:72:
                    93:62:67:f8:dd:4a:cc:e7:80:dd:2e:c0:cb:1c:e3:
                    6a:06:51:76:b7:60:c1:66:51:72:7d:e3:86:70:78:
                    5a:df:12:f2:9b:c4:b8:b5:71:a7:b0:a6:2b:4c:00:
                    62:04:2a:f1:9d:d4:4d:74:fa:20:a4:67:04:24:28:
                    2b:1b:7e:f8:46:01:29:f2:14:75:c2:33:a6:7c:09:
                    89:cf:9e:c1:ab:7e:e4:ac:f2:03:44:7c:e6:d3:a6:
                    bd:16:55:fc:e9:e1:5f:46:71:1a:d5:1c:75:a0:70:
                    24:c9:50:c5:cd:8f:15:bb:9e:d1:2b:73:81:41:db:
                    16:60:c2:03:e6:cc:94:c4:69:56:82:ad:ba:77:67:
                    44:37:dc:79:c4:22:fc:97:9e:26:07:0f:4e:18:ff:
                    99:bd:da:31:f0:8a:e0:0e:a1:ad:45:69:0f:6a:45:
                    1a:11:c5:36:e7:0d:c8:08:65:62:25:f1:0b:51:0e:
                    4a:b9:4d:f6:c9:d2:3c:7d:88:2e:01:29:f1:e0:3e:
                    f7:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:BD:20:D8:73:B9:5F:08:5C:73:5E:82:74:12:A9:C0:11:9F:2E:A5
            X509v3 Authority Key Identifier:
                keyid:80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:1c:f6:07:cd:de:0b:42:a7:45:ec:d7:da:eb:d7:d2:04:92:
         41:47:46:7e:d1:ab:14:b0:b1:ea:0c:28:08:0d:96:2d:12:d9:
         9f:e0:73:7d:f6:47:d8:d5:af:1f:34:6b:9d:89:e4:2d:71:7c:
         07:58:6c:dc:b3:a4:66:ee:5d:83:ed:70:e7:30:11:4c:18:7a:
         82:fd:20:62:02:bf:54:88:2f:36:b3:67:24:61:8f:46:74:f6:
         77:75:a9:e5:5d:c5:25:f5:da:15:0b:f9:7f:63:52:f7:9f:75:
         d0:a3:c0:9b:b3:f0:c3:fc:5c:0f:08:e5:27:18:fb:7b:f0:75:
         f9:ff:7a:40:e4:0f:4b:e1:61:57:44:8b:59:93:35:77:51:d0:
         0e:c5:1f:9c:ed:7f:20:db:60:5c:4e:aa:bc:40:92:65:78:d9:
         be:79:20:ea:c5:0d:23:ae:d4:38:d6:c3:6a:3e:36:16:d3:a6:
         84:a5:4d:4d:88:2d:b9:b3:bd:58:97:72:93:0d:9b:f3:58:de:
         45:a6:fd:84:15:41:cd:8e:d6:fd:2c:3f:dc:13:44:8e:b0:02:
         0e:eb:70:12:8e:97:53:0f:15:af:1e:21:ea:79:46:4d:68:4e:
         25:da:95:1f:a5:59:52:cb:36:ac:5f:17:f6:db:df:69:89:10:
         62:c7:a5:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2sLni8Jju4QkTimQe3pUMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZWI3MWQwMTlhNDgzMjI1YzMyNGM4OGM2YzQ4MDIwZWY5
ZjExNjgwHhcNMjUwNDI3MTAwMDE1WhcNMjUwNDI4MTAwMDE1WjAzMTEwLwYDVQQD
EyhjM2JkMjBkODczYjk1ZjA4NWM3MzVlODI3NDEyYTljMDExOWYyZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzLP59oTy8o1GLjzjoEujHHZ+HTA
FDaR0HCBTjHR6bcOJQYHx4V8J9w/mLZYDFIpDNaoXVSMRLLBGXKTYmf43UrM54Dd
LsDLHONqBlF2t2DBZlFyfeOGcHha3xLym8S4tXGnsKYrTABiBCrxndRNdPogpGcE
JCgrG374RgEp8hR1wjOmfAmJz57Bq37krPIDRHzm06a9FlX86eFfRnEa1Rx1oHAk
yVDFzY8Vu57RK3OBQdsWYMID5syUxGlWgq26d2dEN9x5xCL8l54mBw9OGP+Zvdox
8IrgDqGtRWkPakUaEcU25w3ICGViJfELUQ5KuU32ydI8fYguASnx4D73YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMO9INhzuV8IXHNegnQSqcARny6lMB8GA1UdIwQY
MBaAFIDrcdAZpIMiXDJMiMbEgCDvnxFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQt
ZmVkODlkMTcwZGE0LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQtZmVkODlkMTcwZGE0
LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeRz2B83e
C0KnRezX2uvX0gSSQUdGftGrFLCx6gwoCA2WLRLZn+BzffZH2NWvHzRrnYnkLXF8
B1hs3LOkZu5dg+1w5zARTBh6gv0gYgK/VIgvNrNnJGGPRnT2d3Wp5V3FJfXaFQv5
f2NS95910KPAm7Pww/xcDwjlJxj7e/B1+f96QOQPS+FhV0SLWZM1d1HQDsUfnO1/
INtgXE6qvECSZXjZvnkg6sUNI67UONbDaj42FtOmhKVNTYgtubO9WJdykw2b81je
Rab9hBVBzY7W/Sw/3BNEjrACDutwEo6XUw8Vrx4h6nlGTWhOJdqVH6VZUss2rF8X
9tvfaYkQYsel/A==
-----END CERTIFICATE-----