Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
File:                     0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft (raw, json)
Hash identifier:          2x2jezKCZq6eTW0UBR3XiQL84Vx4nd+Cz5frigphvj8=
Subject key identifier:   6F:24:77:34:1E:22:86:40:68:3D:D9:23:F8:39:A0:00:5A:1A:9B:53
Authority key identifier: D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D
Certificate issuer:       /CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
Certificate serial:       01968A00C23496E58D3E4AE50A3DD17DE5D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
Manifest number:          1455
Signing time:             Thu 01 May 2025 04:00:27 +0000
Manifest this update:     Thu 01 May 2025 04:00:27 +0000
Manifest next update:     Fri 02 May 2025 04:00:27 +0000
Files and hashes:         1: 0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl (hash: GltePT9OsyxlZTTaty0YC6cfi4A68VWKBmQpSzjChSc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8a:00:c2:34:96:e5:8d:3e:4a:e5:0a:3d:d1:7d:e5:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
        Validity
            Not Before: May  1 04:00:27 2025 GMT
            Not After : May  2 04:00:27 2025 GMT
        Subject: CN=6f2477341e228640683dd923f839a0005a1a9b53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:cb:0a:d7:98:c0:fd:40:f9:7e:9c:e8:fd:f0:
                    25:20:89:3b:c9:46:c3:83:3c:2c:5a:75:f5:05:e8:
                    2f:b6:43:ea:49:c5:d5:87:a0:4a:9e:0e:9a:a3:b7:
                    dc:80:3d:3f:69:89:2d:07:d8:ca:e3:f5:40:92:af:
                    bb:cb:eb:56:7c:dd:85:ea:6c:05:27:42:13:12:ba:
                    39:68:4f:d4:2b:09:90:88:14:ae:1d:bf:17:70:40:
                    58:47:a3:16:2a:ad:36:b6:45:f3:cf:b4:9b:be:bd:
                    c9:9b:fc:77:a8:4d:dc:d5:e6:80:c6:bd:f2:e7:2d:
                    79:3a:f5:8c:df:ac:8a:37:ce:68:19:14:cb:a0:22:
                    2a:36:bc:29:e3:92:e1:04:fb:4d:83:f6:3a:61:50:
                    69:6d:59:c4:40:a0:9c:f9:b7:94:9b:81:d6:18:bf:
                    09:29:ef:0c:47:ce:46:26:c7:1b:f5:36:7d:6d:b0:
                    3b:ca:cb:52:57:12:30:25:68:4c:c6:86:e1:57:31:
                    69:9c:dc:36:18:d5:c4:3f:da:d8:4c:45:c3:45:06:
                    93:7e:84:59:29:df:2d:82:fb:6c:f5:aa:31:01:a8:
                    3d:94:ad:d6:aa:7a:5a:00:c5:de:91:7c:66:11:9b:
                    67:3e:a5:ec:37:be:f0:ff:a6:c7:61:27:dd:f8:c7:
                    85:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:24:77:34:1E:22:86:40:68:3D:D9:23:F8:39:A0:00:5A:1A:9B:53
            X509v3 Authority Key Identifier:
                keyid:D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:d7:03:bc:81:b2:f3:45:e4:c4:b2:0b:72:80:f9:32:ef:db:
         31:6e:fa:c5:5f:c0:2a:17:29:a7:14:b6:79:6f:a9:5c:b6:6c:
         8e:c9:ad:f1:ef:a8:68:1c:e5:37:cc:93:7c:58:b1:9a:dd:40:
         19:cd:33:b7:e7:b5:62:3b:a3:f9:0d:bc:0e:fb:a5:0f:4b:8b:
         58:0e:a1:95:7b:30:9f:70:40:0f:bf:78:d5:bd:c1:8a:79:25:
         2a:69:9c:6b:fd:85:fa:ea:b9:a7:d5:08:36:71:67:20:30:a8:
         cf:20:58:ed:39:23:4a:08:51:de:eb:0c:ba:2a:d7:0c:c0:c6:
         aa:a2:5f:70:3a:45:51:dd:f9:35:57:de:d3:43:ba:91:85:88:
         3f:48:5c:b5:a7:47:17:02:42:d6:25:09:b6:76:7a:0b:d1:35:
         3b:73:cf:2c:80:41:5f:cd:8d:66:a3:dc:d4:2f:a3:9f:89:87:
         ae:10:bd:80:85:46:59:5a:83:15:dd:65:d4:ba:5e:b4:9b:9a:
         2b:cc:3e:da:c5:af:ee:be:8e:59:4a:cf:b5:9f:4a:2c:0b:10:
         dd:a2:19:ff:99:26:bc:2e:49:54:25:75:d9:68:3d:22:97:01:
         a4:75:45:c6:19:e7:67:07:78:7a:73:78:c9:b5:ec:d6:ef:92:
         f0:47:49:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaKAMI0luWNPkrlCj3RfeXXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGJkNGQ1NjgyY2U2MDhlMjdjYmUyMjFhMjY3N2VjYjUw
NzQ5N2QwHhcNMjUwNTAxMDQwMDI3WhcNMjUwNTAyMDQwMDI3WjAzMTEwLwYDVQQD
Eyg2ZjI0NzczNDFlMjI4NjQwNjgzZGQ5MjNmODM5YTAwMDVhMWE5YjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAussK15jA/UD5fpzo/fAlIIk7yUbD
gzwsWnX1BegvtkPqScXVh6BKng6ao7fcgD0/aYktB9jK4/VAkq+7y+tWfN2F6mwF
J0ITEro5aE/UKwmQiBSuHb8XcEBYR6MWKq02tkXzz7Sbvr3Jm/x3qE3c1eaAxr3y
5y15OvWM36yKN85oGRTLoCIqNrwp45LhBPtNg/Y6YVBpbVnEQKCc+beUm4HWGL8J
Ke8MR85GJscb9TZ9bbA7ystSVxIwJWhMxobhVzFpnNw2GNXEP9rYTEXDRQaTfoRZ
Kd8tgvts9aoxAag9lK3WqnpaAMXekXxmEZtnPqXsN77w/6bHYSfd+MeFYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG8kdzQeIoZAaD3ZI/g5oABaGptTMB8GA1UdIwQY
MBaAFNAL1NVoLOYI4ny+Ihomd+y1B0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2Qt
ZWI5MzAwNjcyYWU0LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2QtZWI5MzAwNjcyYWU0
LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEtcDvIGy
80XkxLILcoD5Mu/bMW76xV/AKhcppxS2eW+pXLZsjsmt8e+oaBzlN8yTfFixmt1A
Gc0zt+e1Yjuj+Q28DvulD0uLWA6hlXswn3BAD7941b3BinklKmmca/2F+uq5p9UI
NnFnIDCozyBY7TkjSghR3usMuirXDMDGqqJfcDpFUd35NVfe00O6kYWIP0hctadH
FwJC1iUJtnZ6C9E1O3PPLIBBX82NZqPc1C+jn4mHrhC9gIVGWVqDFd1l1LpetJua
K8w+2sWv7r6OWUrPtZ9KLAsQ3aIZ/5kmvC5JVCV12Wg9IpcBpHVFxhnnZwd4enN4
ybXs1u+S8EdJMw==
-----END CERTIFICATE-----