Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/5141aa-18d9-4d34-8278-f3096a024e29/1/35qWOAlxTREDtkYNnQ4UoS6FAyU.mft
File:                     35qWOAlxTREDtkYNnQ4UoS6FAyU.mft (raw, json)
Hash identifier:          jn1gzkgqH0KC0hiSRc1JNhRmEFmg5v69ZUXun85hH4U=
Subject key identifier:   68:84:51:62:78:12:DB:36:40:5B:09:D9:32:BF:A1:13:0C:90:C7:08
Authority key identifier: DF:9A:96:38:09:71:4D:11:03:B6:46:0D:9D:0E:14:A1:2E:85:03:25
Certificate issuer:       /CN=df9a963809714d1103b6460d9d0e14a12e850325
Certificate serial:       0196876D62A56ABE710E036BD81EC03DC299
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/35qWOAlxTREDtkYNnQ4UoS6FAyU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/5141aa-18d9-4d34-8278-f3096a024e29/1/35qWOAlxTREDtkYNnQ4UoS6FAyU.mft
Manifest number:          0BFD
Signing time:             Wed 30 Apr 2025 16:00:14 +0000
Manifest this update:     Wed 30 Apr 2025 16:00:14 +0000
Manifest next update:     Thu 01 May 2025 16:00:14 +0000
Files and hashes:         1: 35qWOAlxTREDtkYNnQ4UoS6FAyU.crl (hash: BwhC4c2zmTfSSn7gnWeq1HXKikCvrazpBov0iph4gTI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/5141aa-18d9-4d34-8278-f3096a024e29/1/35qWOAlxTREDtkYNnQ4UoS6FAyU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/5141aa-18d9-4d34-8278-f3096a024e29/1/35qWOAlxTREDtkYNnQ4UoS6FAyU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/35qWOAlxTREDtkYNnQ4UoS6FAyU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 13:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:87:6d:62:a5:6a:be:71:0e:03:6b:d8:1e:c0:3d:c2:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df9a963809714d1103b6460d9d0e14a12e850325
        Validity
            Not Before: Apr 30 16:00:14 2025 GMT
            Not After : May  1 16:00:14 2025 GMT
        Subject: CN=688451627812db36405b09d932bfa1130c90c708
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:9f:00:44:9d:4c:30:bd:bf:cb:7a:4a:37:5e:
                    35:5e:95:e6:b2:7e:3e:bf:c7:ea:9a:0f:57:0b:fc:
                    1d:3a:87:0c:92:ea:b6:37:ab:26:92:c4:dd:25:ed:
                    06:f1:ec:61:58:ee:01:b7:e2:4d:a9:52:9e:d0:22:
                    e8:1b:e2:94:b4:01:87:70:e5:7b:a5:42:38:27:18:
                    f7:7e:06:90:73:63:29:40:86:64:60:04:df:23:ec:
                    c6:6a:4c:44:1f:b1:3c:c1:82:07:4b:52:af:24:1c:
                    af:2d:6c:79:fa:33:6d:fe:e3:3a:f6:6d:c5:b8:d6:
                    2f:d3:92:d4:76:c0:2e:f0:2a:37:e1:cd:25:4e:80:
                    84:02:4c:5f:a0:7a:33:a4:72:02:f9:27:4f:33:aa:
                    be:fb:a7:44:ed:bb:20:51:c2:5e:9c:4c:dd:fd:e1:
                    fa:f1:2c:f1:94:0d:1b:36:d3:fb:96:10:4b:52:47:
                    f3:aa:e4:39:64:55:ee:f9:c1:0c:bf:68:b9:09:33:
                    d2:3e:99:4a:b9:77:9d:67:a0:71:69:a2:77:b4:8c:
                    be:e1:49:2f:4a:78:c1:bf:73:2f:c2:bf:e7:b6:b1:
                    d3:1d:6d:9e:b5:07:cd:5e:40:cd:b7:53:5f:9a:5a:
                    56:5e:1d:b6:e8:b3:dd:83:f6:57:de:8c:6f:79:7a:
                    51:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:84:51:62:78:12:DB:36:40:5B:09:D9:32:BF:A1:13:0C:90:C7:08
            X509v3 Authority Key Identifier:
                keyid:DF:9A:96:38:09:71:4D:11:03:B6:46:0D:9D:0E:14:A1:2E:85:03:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/35qWOAlxTREDtkYNnQ4UoS6FAyU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/5141aa-18d9-4d34-8278-f3096a024e29/1/35qWOAlxTREDtkYNnQ4UoS6FAyU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/5141aa-18d9-4d34-8278-f3096a024e29/1/35qWOAlxTREDtkYNnQ4UoS6FAyU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:17:e5:06:24:66:5e:a7:5e:99:47:69:33:90:ec:58:00:7d:
         ed:63:58:bf:52:fb:e1:0c:bb:d2:00:c5:a8:a6:99:bd:dd:5a:
         9a:9a:9e:f5:ba:48:09:9e:8e:5b:53:46:d9:00:d5:93:f3:6b:
         b5:95:4d:ec:c9:6c:78:2e:59:e7:5a:3d:c2:b8:b5:33:34:1c:
         f3:89:6e:eb:2b:cb:7b:51:ac:ce:a7:02:64:80:4d:43:2b:05:
         8b:55:48:a2:73:d7:9c:97:9a:b9:32:3b:36:98:4f:98:75:eb:
         d7:61:5d:18:06:21:c8:cd:6b:f1:f8:9e:6b:fb:4f:df:c0:81:
         3f:29:66:ea:6e:7c:2c:da:0e:e6:e6:36:a7:93:ec:9c:9c:37:
         20:90:c0:0f:da:2b:5e:45:96:bf:d7:90:1e:97:e9:79:ca:2c:
         cb:f0:f1:f2:2f:88:fb:fe:ab:7f:9a:5c:3e:be:ad:0a:c8:5f:
         88:86:45:b8:67:34:2f:fe:d3:92:56:e9:34:6f:c1:de:66:93:
         42:10:6a:43:44:01:97:77:b4:4c:63:aa:84:1e:cf:0e:5c:8d:
         c9:25:a8:c5:57:56:28:d4:3d:28:8c:73:39:95:ea:3e:71:3c:
         0a:73:c5:44:cc:c2:cb:4a:88:aa:34:92:69:9a:5e:f0:ee:26:
         c4:48:90:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaHbWKlar5xDgNr2B7APcKZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWE5NjM4MDk3MTRkMTEwM2I2NDYwZDlkMGUxNGExMmU4
NTAzMjUwHhcNMjUwNDMwMTYwMDE0WhcNMjUwNTAxMTYwMDE0WjAzMTEwLwYDVQQD
Eyg2ODg0NTE2Mjc4MTJkYjM2NDA1YjA5ZDkzMmJmYTExMzBjOTBjNzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJ8ARJ1MML2/y3pKN141XpXmsn4+
v8fqmg9XC/wdOocMkuq2N6smksTdJe0G8exhWO4Bt+JNqVKe0CLoG+KUtAGHcOV7
pUI4Jxj3fgaQc2MpQIZkYATfI+zGakxEH7E8wYIHS1KvJByvLWx5+jNt/uM69m3F
uNYv05LUdsAu8Co34c0lToCEAkxfoHozpHIC+SdPM6q++6dE7bsgUcJenEzd/eH6
8SzxlA0bNtP7lhBLUkfzquQ5ZFXu+cEMv2i5CTPSPplKuXedZ6BxaaJ3tIy+4Ukv
SnjBv3Mvwr/ntrHTHW2etQfNXkDNt1NfmlpWXh226LPdg/ZX3oxveXpRywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGiEUWJ4Ets2QFsJ2TK/oRMMkMcIMB8GA1UdIwQY
MBaAFN+aljgJcU0RA7ZGDZ0OFKEuhQMlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzVxV09BbHhUUkVEdGtZTm5RNFVvUzZGQXlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC81MTQxYWEtMThkOS00ZDM0LTgyNzgt
ZjMwOTZhMDI0ZTI5LzEvMzVxV09BbHhUUkVEdGtZTm5RNFVvUzZGQXlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC81MTQxYWEtMThkOS00ZDM0LTgyNzgtZjMwOTZhMDI0ZTI5
LzEvMzVxV09BbHhUUkVEdGtZTm5RNFVvUzZGQXlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIxflBiRm
XqdemUdpM5DsWAB97WNYv1L74Qy70gDFqKaZvd1ampqe9bpICZ6OW1NG2QDVk/Nr
tZVN7MlseC5Z51o9wri1MzQc84lu6yvLe1GszqcCZIBNQysFi1VIonPXnJeauTI7
NphPmHXr12FdGAYhyM1r8fiea/tP38CBPylm6m58LNoO5uY2p5PsnJw3IJDAD9or
XkWWv9eQHpfpecosy/Dx8i+I+/6rf5pcPr6tCshfiIZFuGc0L/7TklbpNG/B3maT
QhBqQ0QBl3e0TGOqhB7PDlyNySWoxVdWKNQ9KIxzOZXqPnE8CnPFRMzCy0qIqjSS
aZpe8O4mxEiQOA==
-----END CERTIFICATE-----