Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
File:                     DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json)
Hash identifier:          JgDKy+5p00/AsQ3zX8oX3PmBv1cv0B7dzD6023wFoy4=
Subject key identifier:   C4:EC:50:09:3E:64:46:CB:71:4C:A6:FE:96:2A:1B:E7:2B:52:A3:1D
Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90
Certificate issuer:       /CN=0e85fd3c9f9558b218022ff409fc554faee79090
Certificate serial:       019676B0D8E87773215A7F223988C26C1375
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
Manifest number:          150C
Signing time:             Sun 27 Apr 2025 10:00:23 +0000
Manifest this update:     Sun 27 Apr 2025 10:00:23 +0000
Manifest next update:     Mon 28 Apr 2025 10:00:23 +0000
Files and hashes:         1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: 6hIRyiI1Pc4k8bPL8ukniDlTYtC54euvLIrFkTnZ/JU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 10:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:b0:d8:e8:77:73:21:5a:7f:22:39:88:c2:6c:13:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090
        Validity
            Not Before: Apr 27 10:00:23 2025 GMT
            Not After : Apr 28 10:00:23 2025 GMT
        Subject: CN=c4ec50093e6446cb714ca6fe962a1be72b52a31d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:4c:6b:29:77:eb:d1:e4:f6:b2:f4:72:f4:97:
                    23:09:06:e6:22:b1:d9:50:ba:9b:77:88:37:b3:21:
                    73:4b:2c:35:e0:32:73:d3:4c:d8:ac:f0:b8:3a:d2:
                    a1:8e:70:1b:1b:c7:e4:21:14:75:e8:3b:16:6e:21:
                    b2:41:26:ac:1a:24:7c:9c:d6:1c:3b:61:4e:ea:eb:
                    03:90:3b:7f:ce:29:82:f8:c6:3d:93:14:92:63:59:
                    05:a2:f4:cd:da:96:a7:15:3f:6e:7f:1b:65:3c:8e:
                    fd:e9:d7:f7:04:82:18:4b:88:57:48:29:1c:49:8c:
                    52:97:81:85:5a:56:85:3e:49:a1:d5:3b:93:f7:24:
                    d7:fb:99:df:46:b4:51:48:35:d6:a3:74:94:ce:4d:
                    7f:3e:71:7a:65:cf:40:83:2e:10:54:d7:54:cf:5b:
                    cd:77:69:47:74:a6:94:39:96:74:f4:a3:1f:45:99:
                    ce:36:dd:a7:07:c9:73:3c:ba:8b:0e:6b:28:33:ae:
                    c9:82:a6:0e:4b:c1:15:56:10:a4:69:09:e6:ce:6b:
                    4a:60:17:14:02:42:9c:52:8b:b6:18:ce:ed:d2:16:
                    d4:06:fb:ef:05:ce:62:82:47:fe:df:77:77:1e:8d:
                    0c:1a:19:39:3f:b9:cb:eb:06:4f:81:14:22:cd:3d:
                    a1:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:EC:50:09:3E:64:46:CB:71:4C:A6:FE:96:2A:1B:E7:2B:52:A3:1D
            X509v3 Authority Key Identifier:
                keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:0f:90:f2:ba:ba:9e:1e:ea:75:e9:78:78:6d:bc:c8:55:87:
         a4:45:b8:ca:6d:29:d5:fa:e6:f3:b9:b2:3e:de:62:00:b8:5a:
         f9:08:bc:b3:d9:41:6c:1a:48:e4:28:33:40:29:ac:1b:7d:4f:
         79:38:59:a6:55:fc:68:18:df:76:a8:45:ad:50:88:9e:0d:6c:
         8d:4f:21:a8:38:5f:4b:3c:2c:85:94:2a:7f:b3:f2:82:b2:67:
         e4:e0:0b:07:bf:13:5d:b4:70:2f:c1:c1:0d:03:3d:92:27:cf:
         0b:4f:42:50:7d:2d:6f:ec:1e:92:77:41:9c:0b:7d:03:a1:24:
         95:21:50:6d:27:11:f0:da:e3:58:4a:76:81:e9:b1:b6:e5:9f:
         9b:1f:ce:4e:58:3b:40:3f:18:b6:b8:96:7b:eb:f9:d3:94:70:
         d8:c9:f4:f7:61:95:43:d2:d7:74:fb:a2:bb:29:d8:e4:12:c4:
         89:3e:3e:ee:29:d7:4b:da:89:14:81:33:36:c7:57:68:f4:42:
         a8:33:fa:a8:cb:d0:58:bf:6f:fa:5b:fc:44:ce:08:c4:c8:66:
         1f:47:b7:a8:fb:b9:ac:18:75:7c:e2:69:67:3a:20:3c:94:85:
         c3:bb:ea:86:ac:aa:f2:81:c7:5f:a2:b0:85:a3:7b:ef:2c:04:
         59:59:5a:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2sNjod3MhWn8iOYjCbBN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl
NzkwOTAwHhcNMjUwNDI3MTAwMDIzWhcNMjUwNDI4MTAwMDIzWjAzMTEwLwYDVQQD
EyhjNGVjNTAwOTNlNjQ0NmNiNzE0Y2E2ZmU5NjJhMWJlNzJiNTJhMzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkxrKXfr0eT2svRy9JcjCQbmIrHZ
ULqbd4g3syFzSyw14DJz00zYrPC4OtKhjnAbG8fkIRR16DsWbiGyQSasGiR8nNYc
O2FO6usDkDt/zimC+MY9kxSSY1kFovTN2panFT9ufxtlPI796df3BIIYS4hXSCkc
SYxSl4GFWlaFPkmh1TuT9yTX+5nfRrRRSDXWo3SUzk1/PnF6Zc9Agy4QVNdUz1vN
d2lHdKaUOZZ09KMfRZnONt2nB8lzPLqLDmsoM67JgqYOS8EVVhCkaQnmzmtKYBcU
AkKcUou2GM7t0hbUBvvvBc5igkf+33d3Ho0MGhk5P7nL6wZPgRQizT2hcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMTsUAk+ZEbLcUym/pYqG+crUqMdMB8GA1UdIwQY
MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt
MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli
LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkA+Q8rq6
nh7qdel4eG28yFWHpEW4ym0p1frm87myPt5iALha+Qi8s9lBbBpI5CgzQCmsG31P
eThZplX8aBjfdqhFrVCIng1sjU8hqDhfSzwshZQqf7PygrJn5OALB78TXbRwL8HB
DQM9kifPC09CUH0tb+wekndBnAt9A6EklSFQbScR8NrjWEp2gemxtuWfmx/OTlg7
QD8YtriWe+v505Rw2Mn092GVQ9LXdPuiuynY5BLEiT4+7inXS9qJFIEzNsdXaPRC
qDP6qMvQWL9v+lv8RM4IxMhmH0e3qPu5rBh1fOJpZzogPJSFw7vqhqyq8oHHX6Kw
haN77ywEWVlaOg==
-----END CERTIFICATE-----