Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/a760f3-0062-4374-8290-e76fd9c9dc8c/1/9aUA85diOrHVYASDVGf8zz0KOw8.mft
File:                     9aUA85diOrHVYASDVGf8zz0KOw8.mft (raw, json)
Hash identifier:          tA/kgD+/IHATn3aGgLi4A/395PTWMlg+QVUdvEOqhHk=
Subject key identifier:   F0:48:A3:5B:01:2E:BD:B3:09:3C:00:40:DF:E1:AB:CC:38:7D:22:14
Authority key identifier: F5:A5:00:F3:97:62:3A:B1:D5:60:04:83:54:67:FC:CF:3D:0A:3B:0F
Certificate issuer:       /CN=f5a500f397623ab1d56004835467fccf3d0a3b0f
Certificate serial:       0196A4654FC0BB0D129A18BC78DB02548A59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9aUA85diOrHVYASDVGf8zz0KOw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/a760f3-0062-4374-8290-e76fd9c9dc8c/1/9aUA85diOrHVYASDVGf8zz0KOw8.mft
Manifest number:          0BBD
Signing time:             Tue 06 May 2025 07:00:24 +0000
Manifest this update:     Tue 06 May 2025 07:00:24 +0000
Manifest next update:     Wed 07 May 2025 07:00:24 +0000
Files and hashes:         1: 9aUA85diOrHVYASDVGf8zz0KOw8.crl (hash: VDn3hTv8NN35Lv9nvxSubgP5e8EMXv2WySYVpUyJ/i4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/a760f3-0062-4374-8290-e76fd9c9dc8c/1/9aUA85diOrHVYASDVGf8zz0KOw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/a760f3-0062-4374-8290-e76fd9c9dc8c/1/9aUA85diOrHVYASDVGf8zz0KOw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9aUA85diOrHVYASDVGf8zz0KOw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a4:65:4f:c0:bb:0d:12:9a:18:bc:78:db:02:54:8a:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a500f397623ab1d56004835467fccf3d0a3b0f
        Validity
            Not Before: May  6 07:00:24 2025 GMT
            Not After : May  7 07:00:24 2025 GMT
        Subject: CN=f048a35b012ebdb3093c0040dfe1abcc387d2214
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:bd:01:b7:ea:8f:1f:12:fb:a1:10:06:97:7b:
                    c6:3f:95:13:6c:eb:5b:b7:94:f5:91:4c:31:b3:68:
                    b1:0b:30:71:30:76:1b:38:e9:12:c8:78:d1:be:13:
                    a9:7e:42:32:a3:f3:56:f5:b1:61:62:a0:e3:04:2c:
                    f7:8a:0d:cf:86:83:de:1f:20:44:d8:07:c5:56:ae:
                    eb:88:9e:28:9a:8f:01:ea:cf:e3:c8:2c:73:84:ca:
                    e1:ad:ba:91:83:a8:84:33:b0:d1:79:c0:8f:e9:3f:
                    63:05:09:ba:77:24:d7:ae:b5:f3:b7:8b:03:20:0c:
                    50:18:5c:3c:6e:b7:e8:1a:c2:14:f5:72:f7:b7:35:
                    97:48:2d:ff:54:c8:f4:6c:2c:43:6f:41:0b:76:d7:
                    be:74:13:3e:fb:90:f2:d3:80:6d:0c:a0:b0:18:80:
                    20:c2:65:2c:80:7f:93:52:fc:91:13:7e:45:91:b3:
                    4b:a5:17:4f:cf:77:f0:a5:28:03:84:6f:5d:f6:34:
                    b3:db:3c:ac:a9:b2:8c:ba:58:05:cc:9c:24:8c:99:
                    6c:94:72:6b:d7:f1:89:df:52:c3:39:c0:a0:37:c5:
                    e1:6e:49:af:d3:3e:85:b3:39:a8:26:33:39:71:de:
                    9c:98:f7:f8:6c:03:0a:78:4a:ea:7d:5b:09:4d:56:
                    62:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:48:A3:5B:01:2E:BD:B3:09:3C:00:40:DF:E1:AB:CC:38:7D:22:14
            X509v3 Authority Key Identifier:
                keyid:F5:A5:00:F3:97:62:3A:B1:D5:60:04:83:54:67:FC:CF:3D:0A:3B:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9aUA85diOrHVYASDVGf8zz0KOw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/a760f3-0062-4374-8290-e76fd9c9dc8c/1/9aUA85diOrHVYASDVGf8zz0KOw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/a760f3-0062-4374-8290-e76fd9c9dc8c/1/9aUA85diOrHVYASDVGf8zz0KOw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:23:74:a9:31:dc:8d:87:55:7e:97:fe:42:01:43:ff:f1:85:
         2e:2f:4c:79:5f:ca:12:52:15:4a:d4:b0:6a:56:18:df:28:c5:
         e9:01:7d:1b:5c:51:26:f8:8b:2a:73:9b:61:ef:3a:02:78:3e:
         71:8b:f8:a0:56:62:fd:26:82:55:72:57:2c:c3:87:82:d5:22:
         56:2a:db:8c:7e:13:7e:a4:07:7d:22:7e:61:7e:d5:f0:3b:ea:
         61:67:04:b8:08:a7:66:a2:9f:9a:75:cb:41:46:6a:3c:af:c7:
         ad:12:89:88:0a:d1:8e:45:f8:12:c6:6b:85:bc:b9:01:ef:5f:
         0f:e6:2f:9a:05:73:2e:32:34:aa:a7:39:30:f5:6e:68:cd:a1:
         36:54:26:87:bd:95:ed:c8:73:1d:5f:9e:68:c2:77:75:a3:68:
         d6:56:ae:e6:3c:5f:ff:a2:92:fd:50:ee:35:ce:7d:93:ca:55:
         62:5f:27:05:ab:f6:f4:20:dd:d2:95:66:b1:34:05:64:ed:6f:
         55:5a:d0:a3:71:f0:03:81:d3:da:08:ff:f1:46:1b:ea:95:15:
         ec:ee:0a:22:08:95:09:88:4f:1f:bf:1b:01:df:15:3d:a2:05:
         e3:f7:43:2b:da:29:72:25:17:86:44:f5:10:6c:51:e6:78:3a:
         81:3a:e9:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZakZU/Auw0Smhi8eNsCVIpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YTUwMGYzOTc2MjNhYjFkNTYwMDQ4MzU0NjdmY2NmM2Qw
YTNiMGYwHhcNMjUwNTA2MDcwMDI0WhcNMjUwNTA3MDcwMDI0WjAzMTEwLwYDVQQD
EyhmMDQ4YTM1YjAxMmViZGIzMDkzYzAwNDBkZmUxYWJjYzM4N2QyMjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0L0Bt+qPHxL7oRAGl3vGP5UTbOtb
t5T1kUwxs2ixCzBxMHYbOOkSyHjRvhOpfkIyo/NW9bFhYqDjBCz3ig3PhoPeHyBE
2AfFVq7riJ4omo8B6s/jyCxzhMrhrbqRg6iEM7DRecCP6T9jBQm6dyTXrrXzt4sD
IAxQGFw8brfoGsIU9XL3tzWXSC3/VMj0bCxDb0ELdte+dBM++5Dy04BtDKCwGIAg
wmUsgH+TUvyRE35FkbNLpRdPz3fwpSgDhG9d9jSz2zysqbKMulgFzJwkjJlslHJr
1/GJ31LDOcCgN8Xhbkmv0z6FszmoJjM5cd6cmPf4bAMKeErqfVsJTVZi4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPBIo1sBLr2zCTwAQN/hq8w4fSIUMB8GA1UdIwQY
MBaAFPWlAPOXYjqx1WAEg1Rn/M89CjsPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWFVQTg1ZGlPckhWWUFTRFZHZjh6ejBLT3c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hNzYwZjMtMDA2Mi00Mzc0LTgyOTAt
ZTc2ZmQ5YzlkYzhjLzEvOWFVQTg1ZGlPckhWWUFTRFZHZjh6ejBLT3c4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9hNzYwZjMtMDA2Mi00Mzc0LTgyOTAtZTc2ZmQ5YzlkYzhj
LzEvOWFVQTg1ZGlPckhWWUFTRFZHZjh6ejBLT3c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtiN0qTHc
jYdVfpf+QgFD//GFLi9MeV/KElIVStSwalYY3yjF6QF9G1xRJviLKnObYe86Ang+
cYv4oFZi/SaCVXJXLMOHgtUiVirbjH4TfqQHfSJ+YX7V8DvqYWcEuAinZqKfmnXL
QUZqPK/HrRKJiArRjkX4EsZrhby5Ae9fD+YvmgVzLjI0qqc5MPVuaM2hNlQmh72V
7chzHV+eaMJ3daNo1lau5jxf/6KS/VDuNc59k8pVYl8nBav29CDd0pVmsTQFZO1v
VVrQo3HwA4HT2gj/8UYb6pUV7O4KIgiVCYhPH78bAd8VPaIF4/dDK9opciUXhkT1
EGxR5ng6gTrplA==
-----END CERTIFICATE-----