Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft
File:                     BaQevhJyohyuDqGzXcCD-taKXX0.mft (raw, json)
Hash identifier:          A9ZTBLxW/6CXc6edQakoIdh0qRMmIvvh5hMs83aC/jg=
Subject key identifier:   7B:85:C6:25:A0:C5:8A:AC:05:12:1A:32:B6:A1:7F:6B:28:E6:B4:BE
Authority key identifier: 05:A4:1E:BE:12:72:A2:1C:AE:0E:A1:B3:5D:C0:83:FA:D6:8A:5D:7D
Certificate issuer:       /CN=05a41ebe1272a21cae0ea1b35dc083fad68a5d7d
Certificate serial:       0196741D7FC4D607D8E07D027756166DD688
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BaQevhJyohyuDqGzXcCD-taKXX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft
Manifest number:          150B
Signing time:             Sat 26 Apr 2025 22:00:12 +0000
Manifest this update:     Sat 26 Apr 2025 22:00:12 +0000
Manifest next update:     Sun 27 Apr 2025 22:00:12 +0000
Files and hashes:         1: BaQevhJyohyuDqGzXcCD-taKXX0.crl (hash: IAHJ8lvL8D/jGZRdoP+KKiy1Gt/v8f3oJrFLbSFE54c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BaQevhJyohyuDqGzXcCD-taKXX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 20:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:1d:7f:c4:d6:07:d8:e0:7d:02:77:56:16:6d:d6:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05a41ebe1272a21cae0ea1b35dc083fad68a5d7d
        Validity
            Not Before: Apr 26 22:00:12 2025 GMT
            Not After : Apr 27 22:00:12 2025 GMT
        Subject: CN=7b85c625a0c58aac05121a32b6a17f6b28e6b4be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:ad:a1:1b:f1:a5:7a:b8:22:fb:a1:ed:f6:c7:
                    b4:ab:6f:42:28:2f:ea:a7:74:94:b3:05:4d:e3:ad:
                    b4:d7:61:3e:1b:0c:a5:43:c0:ae:b7:f7:6f:f0:ae:
                    20:44:25:6b:c5:bf:12:8b:c5:dc:05:4d:f1:58:8f:
                    d9:b3:80:04:f9:26:3f:09:3d:51:d1:e0:40:0e:49:
                    29:58:78:10:86:b5:ed:03:50:29:5c:02:de:c5:b6:
                    73:31:40:b5:87:61:76:93:da:41:25:bf:5f:65:9f:
                    fa:14:2a:6b:ea:c5:90:82:26:be:dd:36:d2:2b:9d:
                    35:0c:a3:7c:58:3c:d1:9d:cd:e4:03:73:4a:b3:0c:
                    9f:bb:6a:53:ec:fc:4b:13:a9:47:78:bb:29:99:65:
                    1b:b3:7c:9d:34:0b:81:f7:74:51:c2:00:e8:e2:2f:
                    cf:94:5f:3f:0d:09:85:9d:98:0a:d0:5a:aa:8c:65:
                    a5:a9:b8:15:58:17:8f:d6:7b:8f:3f:04:aa:39:71:
                    11:0a:87:34:d4:e5:9d:5a:89:c7:65:77:0d:b6:ae:
                    bb:d7:9b:dd:a9:ac:45:52:96:d5:5d:15:96:cd:74:
                    81:7a:8b:d5:4a:6e:94:cf:aa:3f:d0:a8:5a:4a:6c:
                    11:ca:79:19:bd:c7:83:d2:41:9f:4a:33:cf:1b:d6:
                    8c:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:85:C6:25:A0:C5:8A:AC:05:12:1A:32:B6:A1:7F:6B:28:E6:B4:BE
            X509v3 Authority Key Identifier:
                keyid:05:A4:1E:BE:12:72:A2:1C:AE:0E:A1:B3:5D:C0:83:FA:D6:8A:5D:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BaQevhJyohyuDqGzXcCD-taKXX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:8a:9a:e6:bd:67:14:40:59:6b:5e:5a:cc:bf:c5:49:77:a0:
         90:fa:73:1a:eb:8d:6e:2c:20:11:90:e9:35:48:c5:31:7f:cf:
         45:3d:3a:13:58:9b:ca:61:93:6d:e1:28:df:e6:90:fd:b5:e0:
         b0:22:ab:7f:a1:25:96:42:0f:04:aa:45:2b:13:6b:c7:10:a6:
         98:7b:c6:c0:63:9d:a9:04:84:bb:24:d3:fe:eb:25:03:c5:40:
         2c:ea:4c:78:a2:d7:60:36:e0:11:4a:75:8b:23:d2:0e:16:08:
         fd:cb:81:c2:5c:b8:4b:b2:d9:7a:28:26:50:b4:07:8e:a7:84:
         d4:6e:ad:f6:bb:97:49:69:f9:e6:cc:2f:49:36:a1:3b:36:b7:
         e4:31:08:c2:b2:69:56:16:d8:ed:cf:ce:92:22:8d:3a:70:3f:
         62:f2:0c:f4:45:30:6e:9f:e9:ee:65:f8:f8:c5:fd:2f:05:59:
         29:47:ff:54:03:8b:ee:be:39:0f:9a:1c:d2:78:b4:42:73:53:
         89:8a:77:5e:2c:16:2b:7b:bd:b3:9b:1e:66:f3:e8:90:47:d2:
         b1:a3:d5:d6:3b:8e:64:59:cb:f3:a0:24:d4:e6:31:76:e9:20:
         c7:4b:5d:ce:80:1c:8e:5d:6a:bd:5e:69:dc:7c:4c:9f:cd:97:
         a4:23:42:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0HX/E1gfY4H0Cd1YWbdaIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YTQxZWJlMTI3MmEyMWNhZTBlYTFiMzVkYzA4M2ZhZDY4
YTVkN2QwHhcNMjUwNDI2MjIwMDEyWhcNMjUwNDI3MjIwMDEyWjAzMTEwLwYDVQQD
Eyg3Yjg1YzYyNWEwYzU4YWFjMDUxMjFhMzJiNmExN2Y2YjI4ZTZiNGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8K2hG/Glergi+6Ht9se0q29CKC/q
p3SUswVN462012E+GwylQ8Cut/dv8K4gRCVrxb8Si8XcBU3xWI/Zs4AE+SY/CT1R
0eBADkkpWHgQhrXtA1ApXALexbZzMUC1h2F2k9pBJb9fZZ/6FCpr6sWQgia+3TbS
K501DKN8WDzRnc3kA3NKswyfu2pT7PxLE6lHeLspmWUbs3ydNAuB93RRwgDo4i/P
lF8/DQmFnZgK0FqqjGWlqbgVWBeP1nuPPwSqOXERCoc01OWdWonHZXcNtq6715vd
qaxFUpbVXRWWzXSBeovVSm6Uz6o/0KhaSmwRynkZvceD0kGfSjPPG9aMwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHuFxiWgxYqsBRIaMrahf2so5rS+MB8GA1UdIwQY
MBaAFAWkHr4ScqIcrg6hs13Ag/rWil19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmFRZXZoSnlvaHl1RHFHelhjQ0QtdGFLWFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi85NTYwMmUtOWViMy00MThiLWJjMDAt
MTY3ODMxNjEzMTQ1LzEvQmFRZXZoSnlvaHl1RHFHelhjQ0QtdGFLWFgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi85NTYwMmUtOWViMy00MThiLWJjMDAtMTY3ODMxNjEzMTQ1
LzEvQmFRZXZoSnlvaHl1RHFHelhjQ0QtdGFLWFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj4qa5r1n
FEBZa15azL/FSXegkPpzGuuNbiwgEZDpNUjFMX/PRT06E1ibymGTbeEo3+aQ/bXg
sCKrf6EllkIPBKpFKxNrxxCmmHvGwGOdqQSEuyTT/uslA8VALOpMeKLXYDbgEUp1
iyPSDhYI/cuBwly4S7LZeigmULQHjqeE1G6t9ruXSWn55swvSTahOza35DEIwrJp
VhbY7c/OkiKNOnA/YvIM9EUwbp/p7mX4+MX9LwVZKUf/VAOL7r45D5oc0ni0QnNT
iYp3XiwWK3u9s5seZvPokEfSsaPV1juOZFnL86Ak1OYxdukgx0tdzoAcjl1qvV5p
3HxMn82XpCNCKQ==
-----END CERTIFICATE-----