Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/75213d-01a4-4b61-b594-6268cedabd84/1/AxyOjMB1wtBDE7kR2T1h_iqa3qI.mft
File:                     AxyOjMB1wtBDE7kR2T1h_iqa3qI.mft (raw, json)
Hash identifier:          oaa44wILs15LrUyTipOEmc+M+1p4hwKiU+HxFhkM+/I=
Subject key identifier:   18:56:4F:24:A3:A6:D4:D9:21:2D:32:0B:B7:8B:52:60:89:8A:87:7D
Authority key identifier: 03:1C:8E:8C:C0:75:C2:D0:43:13:B9:11:D9:3D:61:FE:2A:9A:DE:A2
Certificate issuer:       /CN=031c8e8cc075c2d04313b911d93d61fe2a9adea2
Certificate serial:       019679E8FB23F7A5B4080A0129E93083CB78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AxyOjMB1wtBDE7kR2T1h_iqa3qI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/75213d-01a4-4b61-b594-6268cedabd84/1/AxyOjMB1wtBDE7kR2T1h_iqa3qI.mft
Manifest number:          0490
Signing time:             Mon 28 Apr 2025 01:00:33 +0000
Manifest this update:     Mon 28 Apr 2025 01:00:33 +0000
Manifest next update:     Tue 29 Apr 2025 01:00:33 +0000
Files and hashes:         1: AxyOjMB1wtBDE7kR2T1h_iqa3qI.crl (hash: clTECLA+O/aT7buzmNVLXxS0k0X1HRT5YnN4Iv4aR3o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/75213d-01a4-4b61-b594-6268cedabd84/1/AxyOjMB1wtBDE7kR2T1h_iqa3qI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/75213d-01a4-4b61-b594-6268cedabd84/1/AxyOjMB1wtBDE7kR2T1h_iqa3qI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AxyOjMB1wtBDE7kR2T1h_iqa3qI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:79:e8:fb:23:f7:a5:b4:08:0a:01:29:e9:30:83:cb:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=031c8e8cc075c2d04313b911d93d61fe2a9adea2
        Validity
            Not Before: Apr 28 01:00:33 2025 GMT
            Not After : Apr 29 01:00:33 2025 GMT
        Subject: CN=18564f24a3a6d4d9212d320bb78b5260898a877d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e8:66:24:7a:13:44:0a:03:1c:3f:d2:d6:c5:
                    e3:5f:bb:84:ba:fe:a0:2a:db:11:d5:47:69:c5:f4:
                    5a:0c:e4:d6:3a:a7:38:b5:56:10:f4:3f:75:34:c0:
                    c2:af:f8:e3:f8:81:99:3b:27:50:01:b6:6a:b1:c2:
                    f8:c6:74:67:32:92:b6:2e:8a:fb:ee:d1:9d:18:7b:
                    cc:71:f0:68:98:48:6c:56:89:a3:08:dd:a4:08:a6:
                    63:61:0e:44:f0:d6:6a:e0:8c:53:dc:6f:8e:1b:29:
                    3b:18:6a:36:27:47:99:57:5e:dd:d1:b8:13:6f:bb:
                    3e:9c:12:c7:86:a0:f8:97:2d:49:ae:9a:1e:61:39:
                    02:11:ab:7e:fa:13:a0:20:5c:82:9f:9d:1a:19:62:
                    79:42:e7:58:59:f5:0d:e0:43:ae:de:93:8f:df:06:
                    91:b5:c0:3a:d0:2b:7d:ed:f2:53:83:90:2f:95:39:
                    64:d7:61:7b:10:b7:1e:a4:8b:fd:65:93:82:91:bd:
                    0a:1b:24:0e:32:34:cf:f8:4c:8a:16:c5:e5:af:1d:
                    59:4c:fe:e1:21:a7:04:45:27:11:ce:50:3a:22:49:
                    35:6f:26:7d:13:af:81:34:d8:76:2d:a8:7f:0e:f8:
                    af:f2:24:25:9f:4b:d0:d6:f5:40:63:e2:77:2c:84:
                    8f:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:56:4F:24:A3:A6:D4:D9:21:2D:32:0B:B7:8B:52:60:89:8A:87:7D
            X509v3 Authority Key Identifier:
                keyid:03:1C:8E:8C:C0:75:C2:D0:43:13:B9:11:D9:3D:61:FE:2A:9A:DE:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AxyOjMB1wtBDE7kR2T1h_iqa3qI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/75213d-01a4-4b61-b594-6268cedabd84/1/AxyOjMB1wtBDE7kR2T1h_iqa3qI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/75213d-01a4-4b61-b594-6268cedabd84/1/AxyOjMB1wtBDE7kR2T1h_iqa3qI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:9d:a6:6f:50:9d:73:37:1c:a1:e2:b2:0a:c7:30:41:61:e3:
         2a:69:e4:c8:64:64:fb:89:7d:c0:62:f4:d2:cd:40:09:09:90:
         0e:42:5f:8c:31:47:69:3a:37:b9:66:28:bb:f3:65:ca:a3:7c:
         90:1c:36:12:f0:4e:62:f0:b2:83:32:48:44:66:dc:26:aa:19:
         47:3e:df:cb:2f:46:62:f1:57:e7:b1:17:6c:eb:18:ea:ca:a6:
         c8:11:58:1b:ed:00:e7:47:76:08:f8:87:35:6e:a1:92:f0:48:
         7f:dd:d4:cb:1a:45:b0:0a:74:54:89:14:fc:a5:84:6a:17:4f:
         17:b9:a0:65:49:74:71:27:b3:c1:8a:ec:02:c2:6b:e0:99:00:
         90:4c:82:62:32:10:ba:20:e1:15:9e:66:a9:a8:e5:c6:a7:18:
         01:43:97:b3:a1:05:7d:0e:e9:2c:75:f7:44:31:dd:f5:a7:80:
         57:3c:db:90:8e:3b:d0:2a:99:6a:dd:35:16:0f:87:93:7a:16:
         d4:95:b9:b6:a5:b5:94:51:a0:2f:da:24:41:3e:a0:41:10:8d:
         42:17:8f:d1:8b:04:75:a8:58:c8:d0:e0:bc:97:91:15:37:e3:
         33:74:87:58:be:48:6b:b7:30:72:40:7a:f4:35:ed:9b:c2:f0:
         92:5d:df:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ56Psj96W0CAoBKekwg8t4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMWM4ZThjYzA3NWMyZDA0MzEzYjkxMWQ5M2Q2MWZlMmE5
YWRlYTIwHhcNMjUwNDI4MDEwMDMzWhcNMjUwNDI5MDEwMDMzWjAzMTEwLwYDVQQD
EygxODU2NGYyNGEzYTZkNGQ5MjEyZDMyMGJiNzhiNTI2MDg5OGE4NzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOhmJHoTRAoDHD/S1sXjX7uEuv6g
KtsR1UdpxfRaDOTWOqc4tVYQ9D91NMDCr/jj+IGZOydQAbZqscL4xnRnMpK2Lor7
7tGdGHvMcfBomEhsVomjCN2kCKZjYQ5E8NZq4IxT3G+OGyk7GGo2J0eZV17d0bgT
b7s+nBLHhqD4ly1JrpoeYTkCEat++hOgIFyCn50aGWJ5QudYWfUN4EOu3pOP3waR
tcA60Ct97fJTg5AvlTlk12F7ELcepIv9ZZOCkb0KGyQOMjTP+EyKFsXlrx1ZTP7h
IacERScRzlA6Ikk1byZ9E6+BNNh2Lah/Dviv8iQln0vQ1vVAY+J3LISPywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBhWTySjptTZIS0yC7eLUmCJiod9MB8GA1UdIwQY
MBaAFAMcjozAdcLQQxO5Edk9Yf4qmt6iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXh5T2pNQjF3dEJERTdrUjJUMWhfaXFhM3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy83NTIxM2QtMDFhNC00YjYxLWI1OTQt
NjI2OGNlZGFiZDg0LzEvQXh5T2pNQjF3dEJERTdrUjJUMWhfaXFhM3FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy83NTIxM2QtMDFhNC00YjYxLWI1OTQtNjI2OGNlZGFiZDg0
LzEvQXh5T2pNQjF3dEJERTdrUjJUMWhfaXFhM3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkp2mb1Cd
czccoeKyCscwQWHjKmnkyGRk+4l9wGL00s1ACQmQDkJfjDFHaTo3uWYou/NlyqN8
kBw2EvBOYvCygzJIRGbcJqoZRz7fyy9GYvFX57EXbOsY6sqmyBFYG+0A50d2CPiH
NW6hkvBIf93UyxpFsAp0VIkU/KWEahdPF7mgZUl0cSezwYrsAsJr4JkAkEyCYjIQ
uiDhFZ5mqajlxqcYAUOXs6EFfQ7pLHX3RDHd9aeAVzzbkI470CqZat01Fg+Hk3oW
1JW5tqW1lFGgL9okQT6gQRCNQheP0YsEdahYyNDgvJeRFTfjM3SHWL5Ia7cwckB6
9DXtm8Lwkl3fVg==
-----END CERTIFICATE-----