Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2a7573-9161-45ba-b93b-5f8b63b11f0b/1/Rii90MjhtQTSlPijkEyNV65jg_Q.mft
File:                     Rii90MjhtQTSlPijkEyNV65jg_Q.mft (raw, json)
Hash identifier:          /dnv1Ni7SHUq6uqQ1oIL16A1novOq28rZsMOOLIKKeI=
Subject key identifier:   B7:67:4B:C1:E9:48:B0:A9:E2:F9:71:9D:BE:6F:19:F8:A3:61:43:A4
Authority key identifier: 46:28:BD:D0:C8:E1:B5:04:D2:94:F8:A3:90:4C:8D:57:AE:63:83:F4
Certificate issuer:       /CN=4628bdd0c8e1b504d294f8a3904c8d57ae6383f4
Certificate serial:       019677FBB1781AAB832E6EA65829E189EC34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Rii90MjhtQTSlPijkEyNV65jg_Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/2a7573-9161-45ba-b93b-5f8b63b11f0b/1/Rii90MjhtQTSlPijkEyNV65jg_Q.mft
Manifest number:          150C
Signing time:             Sun 27 Apr 2025 16:01:45 +0000
Manifest this update:     Sun 27 Apr 2025 16:01:45 +0000
Manifest next update:     Mon 28 Apr 2025 16:01:45 +0000
Files and hashes:         1: Rii90MjhtQTSlPijkEyNV65jg_Q.crl (hash: BsQ9czmG9cIStkeiSoJdfbzIyXsaB4NksveP+3eQP68=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/2a7573-9161-45ba-b93b-5f8b63b11f0b/1/Rii90MjhtQTSlPijkEyNV65jg_Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/2a7573-9161-45ba-b93b-5f8b63b11f0b/1/Rii90MjhtQTSlPijkEyNV65jg_Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Rii90MjhtQTSlPijkEyNV65jg_Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fb:b1:78:1a:ab:83:2e:6e:a6:58:29:e1:89:ec:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4628bdd0c8e1b504d294f8a3904c8d57ae6383f4
        Validity
            Not Before: Apr 27 16:01:45 2025 GMT
            Not After : Apr 28 16:01:45 2025 GMT
        Subject: CN=b7674bc1e948b0a9e2f9719dbe6f19f8a36143a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:23:aa:97:c3:6b:c7:d2:85:ea:dc:4e:ff:f5:
                    e2:36:76:f8:b4:b5:4f:02:94:59:11:e0:ef:81:d5:
                    f0:57:9a:c2:a7:7c:6d:75:00:32:56:6b:55:0e:58:
                    5c:04:ab:77:d0:2d:e2:df:15:f2:dc:09:b9:af:f1:
                    14:1e:ac:56:7d:bb:35:55:6f:1e:39:d0:ad:e4:2a:
                    84:83:ee:8b:05:b7:05:10:55:b2:f1:ca:c4:f4:79:
                    78:23:0d:da:64:43:82:a4:c0:0e:52:17:f8:46:6d:
                    6a:df:04:6a:00:62:c3:d4:fc:5e:a7:c7:81:b0:c0:
                    fa:62:62:2e:34:01:de:39:b3:e5:e6:ef:26:6b:83:
                    bb:55:2f:b1:83:7b:5d:3e:29:ae:05:e8:3b:45:42:
                    fb:78:ea:c1:fb:09:8b:86:24:45:25:a9:5d:86:b0:
                    99:71:f1:de:a7:27:0a:74:2a:73:98:15:76:63:cb:
                    a0:24:eb:ba:ee:ea:69:31:a4:33:53:11:bb:23:87:
                    aa:13:28:4f:e1:a9:57:b2:7e:5a:78:65:b9:66:83:
                    a8:88:3f:8c:de:95:41:db:25:cf:14:bc:e9:9a:70:
                    6e:b3:c4:9b:e8:2f:cf:bb:2d:6d:72:98:23:c4:6e:
                    1f:e0:9b:11:67:c6:87:df:81:26:12:50:84:9b:49:
                    72:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:67:4B:C1:E9:48:B0:A9:E2:F9:71:9D:BE:6F:19:F8:A3:61:43:A4
            X509v3 Authority Key Identifier:
                keyid:46:28:BD:D0:C8:E1:B5:04:D2:94:F8:A3:90:4C:8D:57:AE:63:83:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rii90MjhtQTSlPijkEyNV65jg_Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2a7573-9161-45ba-b93b-5f8b63b11f0b/1/Rii90MjhtQTSlPijkEyNV65jg_Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2a7573-9161-45ba-b93b-5f8b63b11f0b/1/Rii90MjhtQTSlPijkEyNV65jg_Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:71:1e:0d:20:9a:61:c4:bd:50:e9:e8:bd:1c:32:c7:16:c8:
         56:a9:43:05:68:cc:71:a0:cf:3a:ab:a8:b3:5c:d4:53:97:af:
         6e:7d:a4:87:09:34:50:21:8c:eb:d1:29:f0:4b:a5:fe:4b:cc:
         94:10:7b:3c:f9:96:24:47:02:4f:ab:18:84:c8:e7:a7:f0:e6:
         4d:d0:fc:16:ce:c9:3a:1b:bb:b8:5a:bd:c4:7a:58:ae:47:07:
         72:a7:37:63:dd:30:cb:e8:11:13:e1:73:67:93:91:10:b1:d2:
         bf:ad:93:f9:ac:7f:68:02:99:6e:2e:a7:bc:22:2b:7c:77:a4:
         6d:6e:6c:ed:18:65:69:5c:8e:78:89:33:36:2f:ef:8c:76:ed:
         13:55:de:83:b2:e8:0c:07:2c:26:82:cc:6a:04:1c:cb:33:f6:
         2e:4e:e1:b5:3e:87:0f:87:df:42:85:f1:1d:02:a4:ce:c8:b8:
         27:1d:d0:6f:05:ed:5b:de:79:f1:bb:a8:e5:f0:d8:b2:8f:18:
         5d:16:e1:68:89:5c:d6:55:d5:17:4f:d3:d3:1d:8a:81:0a:58:
         85:3c:78:ab:1d:b0:90:ed:73:0e:b1:27:bd:89:91:f4:40:57:
         31:39:9d:1a:4e:d0:da:7c:eb:cf:b3:18:b2:72:b7:4d:d6:ef:
         dd:72:5a:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+7F4GquDLm6mWCnhiew0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2MjhiZGQwYzhlMWI1MDRkMjk0ZjhhMzkwNGM4ZDU3YWU2
MzgzZjQwHhcNMjUwNDI3MTYwMTQ1WhcNMjUwNDI4MTYwMTQ1WjAzMTEwLwYDVQQD
EyhiNzY3NGJjMWU5NDhiMGE5ZTJmOTcxOWRiZTZmMTlmOGEzNjE0M2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSOql8Nrx9KF6txO//XiNnb4tLVP
ApRZEeDvgdXwV5rCp3xtdQAyVmtVDlhcBKt30C3i3xXy3Am5r/EUHqxWfbs1VW8e
OdCt5CqEg+6LBbcFEFWy8crE9Hl4Iw3aZEOCpMAOUhf4Rm1q3wRqAGLD1Pxep8eB
sMD6YmIuNAHeObPl5u8ma4O7VS+xg3tdPimuBeg7RUL7eOrB+wmLhiRFJaldhrCZ
cfHepycKdCpzmBV2Y8ugJOu67uppMaQzUxG7I4eqEyhP4alXsn5aeGW5ZoOoiD+M
3pVB2yXPFLzpmnBus8Sb6C/Puy1tcpgjxG4f4JsRZ8aH34EmElCEm0lylQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLdnS8HpSLCp4vlxnb5vGfijYUOkMB8GA1UdIwQY
MBaAFEYovdDI4bUE0pT4o5BMjVeuY4P0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmlpOTBNamh0UVRTbFBpamtFeU5WNjVqZ19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYTc1NzMtOTE2MS00NWJhLWI5M2It
NWY4YjYzYjExZjBiLzEvUmlpOTBNamh0UVRTbFBpamtFeU5WNjVqZ19RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYTc1NzMtOTE2MS00NWJhLWI5M2ItNWY4YjYzYjExZjBi
LzEvUmlpOTBNamh0UVRTbFBpamtFeU5WNjVqZ19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALHEeDSCa
YcS9UOnovRwyxxbIVqlDBWjMcaDPOquos1zUU5evbn2khwk0UCGM69Ep8Eul/kvM
lBB7PPmWJEcCT6sYhMjnp/DmTdD8Fs7JOhu7uFq9xHpYrkcHcqc3Y90wy+gRE+Fz
Z5ORELHSv62T+ax/aAKZbi6nvCIrfHekbW5s7RhlaVyOeIkzNi/vjHbtE1Xeg7Lo
DAcsJoLMagQcyzP2Lk7htT6HD4ffQoXxHQKkzsi4Jx3QbwXtW9558buo5fDYso8Y
XRbhaIlc1lXVF0/T0x2KgQpYhTx4qx2wkO1zDrEnvYmR9EBXMTmdGk7Q2nzrz7MY
snK3Tdbv3XJa9w==
-----END CERTIFICATE-----