Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.mft
File:                     mD8bE53ySgXC5SVgUrAhJRfkc1E.mft (raw, json)
Hash identifier:          3l+kXEP1G/6VznVeEWVFjAC++6W9BljkTE1E78pBXpQ=
Subject key identifier:   03:82:62:3B:70:39:72:8B:27:AE:D1:1A:FB:15:AA:13:91:5F:58:C5
Authority key identifier: 98:3F:1B:13:9D:F2:4A:05:C2:E5:25:60:52:B0:21:25:17:E4:73:51
Certificate issuer:       /CN=983f1b139df24a05c2e5256052b0212517e47351
Certificate serial:       01969071538C9773534D445B7745CE677474
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mD8bE53ySgXC5SVgUrAhJRfkc1E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.mft
Manifest number:          011E
Signing time:             Fri 02 May 2025 10:01:08 +0000
Manifest this update:     Fri 02 May 2025 10:01:08 +0000
Manifest next update:     Sat 03 May 2025 10:01:08 +0000
Files and hashes:         1: mD8bE53ySgXC5SVgUrAhJRfkc1E.crl (hash: 1wB0tI/4mPDLOCsxXLnnk2PqttDWscHbnVfNGGFh5Ms=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mD8bE53ySgXC5SVgUrAhJRfkc1E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:90:71:53:8c:97:73:53:4d:44:5b:77:45:ce:67:74:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=983f1b139df24a05c2e5256052b0212517e47351
        Validity
            Not Before: May  2 10:01:08 2025 GMT
            Not After : May  3 10:01:08 2025 GMT
        Subject: CN=0382623b7039728b27aed11afb15aa13915f58c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:6d:9d:f8:02:81:45:25:54:79:29:e5:85:24:
                    f2:89:d8:ce:81:49:5b:be:0e:d2:91:2a:15:d6:97:
                    38:7e:ef:b4:82:52:c0:41:0f:5e:3a:d5:39:57:d4:
                    b4:c1:15:1f:9d:a8:c0:2b:8b:08:01:38:b9:84:d8:
                    fa:0b:50:92:03:e9:cc:17:5a:36:eb:bb:c0:d4:a3:
                    34:8d:81:a1:aa:23:5a:00:02:f0:5f:16:83:e7:91:
                    af:94:59:85:bb:af:d9:1f:ac:25:6b:89:72:73:a6:
                    6a:55:16:b0:62:b9:e5:ac:bc:36:30:1c:01:93:e6:
                    91:b3:a6:46:1f:49:4c:8a:a0:66:3c:ce:b5:ff:ca:
                    09:2c:7a:58:67:7f:16:d4:76:cd:e5:45:75:5b:50:
                    58:a3:27:85:00:1b:76:12:21:01:91:74:b6:b4:20:
                    6b:2b:35:56:fb:ad:a8:90:cf:93:84:fe:e0:dc:e5:
                    93:94:c6:49:93:f6:6b:f1:71:50:61:e1:f3:a8:20:
                    d0:30:a9:42:f8:f1:c3:c3:ec:d8:43:2f:38:0b:7c:
                    27:31:bc:fe:97:c5:48:1e:0a:ad:66:54:e7:79:8d:
                    a6:2d:45:db:5a:5f:85:3a:e3:6c:b1:e5:15:6f:db:
                    b1:8a:a3:4d:75:34:a6:9f:b8:a4:44:77:e5:8b:aa:
                    66:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:82:62:3B:70:39:72:8B:27:AE:D1:1A:FB:15:AA:13:91:5F:58:C5
            X509v3 Authority Key Identifier:
                keyid:98:3F:1B:13:9D:F2:4A:05:C2:E5:25:60:52:B0:21:25:17:E4:73:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mD8bE53ySgXC5SVgUrAhJRfkc1E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:6d:f8:4c:b2:62:ca:82:59:ce:e1:14:36:40:9c:10:b6:ae:
         a1:e6:a4:7d:3d:f0:df:90:6b:e2:b2:f0:59:4d:4b:08:f3:7a:
         47:d0:09:61:a5:ff:63:bc:59:5a:f0:7a:50:1e:fd:82:0a:9b:
         66:e3:8c:d7:0d:61:6c:ca:02:1b:0a:d3:49:e4:61:af:84:32:
         d9:e3:00:04:9a:64:df:be:8c:4c:fe:b6:03:4d:54:00:41:34:
         53:ab:85:74:7b:f7:f8:7e:68:ad:43:8f:dc:01:8a:10:c0:95:
         26:69:a1:17:44:2b:af:65:9f:2c:d8:6a:d8:c4:8b:eb:fe:11:
         73:ad:4c:eb:a6:5b:5a:2b:ee:70:38:e6:30:1c:4a:ce:83:d3:
         36:f2:f4:a5:cd:80:f6:2c:65:db:2c:96:6e:a6:89:98:bb:c6:
         7a:3a:e2:50:96:d5:3e:ae:d5:c8:c7:61:71:bc:a2:20:98:88:
         53:4b:e1:59:aa:25:3a:a9:c9:90:a1:b4:6d:dc:08:c6:62:8b:
         0f:db:f4:ba:fe:4e:c9:89:66:2f:85:93:79:a1:d4:04:57:34:
         8c:af:ec:13:e0:17:ac:6f:76:63:9d:74:b3:d9:87:b3:83:1d:
         9e:41:f4:79:aa:63:c5:39:2e:dc:9a:d3:c8:ee:92:60:b4:8b:
         89:f1:4a:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaQcVOMl3NTTURbd0XOZ3R0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4M2YxYjEzOWRmMjRhMDVjMmU1MjU2MDUyYjAyMTI1MTdl
NDczNTEwHhcNMjUwNTAyMTAwMTA4WhcNMjUwNTAzMTAwMTA4WjAzMTEwLwYDVQQD
EygwMzgyNjIzYjcwMzk3MjhiMjdhZWQxMWFmYjE1YWExMzkxNWY1OGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt22d+AKBRSVUeSnlhSTyidjOgUlb
vg7SkSoV1pc4fu+0glLAQQ9eOtU5V9S0wRUfnajAK4sIATi5hNj6C1CSA+nMF1o2
67vA1KM0jYGhqiNaAALwXxaD55GvlFmFu6/ZH6wla4lyc6ZqVRawYrnlrLw2MBwB
k+aRs6ZGH0lMiqBmPM61/8oJLHpYZ38W1HbN5UV1W1BYoyeFABt2EiEBkXS2tCBr
KzVW+62okM+ThP7g3OWTlMZJk/Zr8XFQYeHzqCDQMKlC+PHDw+zYQy84C3wnMbz+
l8VIHgqtZlTneY2mLUXbWl+FOuNsseUVb9uxiqNNdTSmn7ikRHfli6pm4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAOCYjtwOXKLJ67RGvsVqhORX1jFMB8GA1UdIwQY
MBaAFJg/GxOd8koFwuUlYFKwISUX5HNRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUQ4YkU1M3lTZ1hDNVNWZ1VyQWhKUmZrYzFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9jMmNjNWYtMjVhNi00MmJiLWE5NzAt
ZWY5NjQ0MzEyZGRiLzEvbUQ4YkU1M3lTZ1hDNVNWZ1VyQWhKUmZrYzFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9jMmNjNWYtMjVhNi00MmJiLWE5NzAtZWY5NjQ0MzEyZGRi
LzEvbUQ4YkU1M3lTZ1hDNVNWZ1VyQWhKUmZrYzFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQG34TLJi
yoJZzuEUNkCcELauoeakfT3w35Br4rLwWU1LCPN6R9AJYaX/Y7xZWvB6UB79ggqb
ZuOM1w1hbMoCGwrTSeRhr4Qy2eMABJpk376MTP62A01UAEE0U6uFdHv3+H5orUOP
3AGKEMCVJmmhF0Qrr2WfLNhq2MSL6/4Rc61M66ZbWivucDjmMBxKzoPTNvL0pc2A
9ixl2yyWbqaJmLvGejriUJbVPq7VyMdhcbyiIJiIU0vhWaolOqnJkKG0bdwIxmKL
D9v0uv5OyYlmL4WTeaHUBFc0jK/sE+AXrG92Y510s9mHs4MdnkH0eapjxTku3JrT
yO6SYLSLifFKwg==
-----END CERTIFICATE-----