Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft
File:                     0NxXC8HJZLq37VbGc6pAUY-FRXg.mft (raw, json)
Hash identifier:          ytzwKnQjCF+cODe9BRl+UzE3IRvzR39qOCBxSAtI2IM=
Subject key identifier:   46:8E:B7:24:4A:70:F1:79:65:73:82:16:77:16:4C:3C:E7:0E:11:8E
Authority key identifier: D0:DC:57:0B:C1:C9:64:BA:B7:ED:56:C6:73:AA:40:51:8F:85:45:78
Certificate issuer:       /CN=d0dc570bc1c964bab7ed56c673aa40518f854578
Certificate serial:       019677FBA7684C8CF42D9E2CD6DFB005E314
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0NxXC8HJZLq37VbGc6pAUY-FRXg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft
Manifest number:          150E
Signing time:             Sun 27 Apr 2025 16:01:43 +0000
Manifest this update:     Sun 27 Apr 2025 16:01:43 +0000
Manifest next update:     Mon 28 Apr 2025 16:01:43 +0000
Files and hashes:         1: 0NxXC8HJZLq37VbGc6pAUY-FRXg.crl (hash: m9HZmKYqJmI/QQ2KMgplzPoI/5G8IdDYxhHiVqy7L0c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0NxXC8HJZLq37VbGc6pAUY-FRXg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fb:a7:68:4c:8c:f4:2d:9e:2c:d6:df:b0:05:e3:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d0dc570bc1c964bab7ed56c673aa40518f854578
        Validity
            Not Before: Apr 27 16:01:43 2025 GMT
            Not After : Apr 28 16:01:43 2025 GMT
        Subject: CN=468eb7244a70f1796573821677164c3ce70e118e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e8:d6:55:59:b6:47:f8:3b:cd:37:7b:86:77:
                    49:8f:eb:a2:66:57:ff:9c:a8:35:c0:41:69:13:7b:
                    3f:b4:30:51:fc:ed:7e:7d:e7:7d:b3:23:f2:ad:8e:
                    c7:11:99:ff:0f:b8:a3:b9:93:5a:ed:ef:9a:cc:92:
                    0a:71:18:b6:7b:0f:76:b7:a1:2f:f3:d0:3d:4f:95:
                    27:eb:a6:02:c8:89:a0:b6:ba:7c:29:1a:d4:26:ba:
                    69:e3:26:71:4f:43:e4:86:f9:71:62:86:8e:96:aa:
                    97:b5:c7:00:3e:b6:86:ba:13:28:ed:58:90:05:c3:
                    9c:7e:fd:2f:92:8c:5e:d9:a3:c3:d4:1b:09:61:76:
                    91:10:0a:1f:d4:90:4d:0d:06:14:6a:e2:9d:02:71:
                    c0:39:84:af:d0:84:cd:59:98:71:6f:6c:6a:e4:1a:
                    28:cb:92:c6:92:b1:06:64:d5:91:ea:6b:1d:93:be:
                    cd:60:27:7b:df:87:59:c5:0f:18:0c:3e:f9:58:9e:
                    0b:0b:f4:9a:bc:d4:e1:df:29:1b:28:10:55:d8:68:
                    fe:fc:72:a6:86:15:3d:42:4c:06:02:c8:0f:a8:0c:
                    30:7e:40:35:f2:81:89:45:99:2f:60:19:35:f0:c5:
                    04:81:7f:b0:9b:54:7b:13:fe:1d:eb:f3:70:95:d4:
                    a1:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:8E:B7:24:4A:70:F1:79:65:73:82:16:77:16:4C:3C:E7:0E:11:8E
            X509v3 Authority Key Identifier:
                keyid:D0:DC:57:0B:C1:C9:64:BA:B7:ED:56:C6:73:AA:40:51:8F:85:45:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0NxXC8HJZLq37VbGc6pAUY-FRXg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:06:d7:fa:fb:ca:cb:79:13:9b:5b:8f:70:0f:a8:46:35:dd:
         8e:6f:1c:8c:e3:62:6e:55:66:1b:e5:a2:8c:03:c3:6d:3d:11:
         1c:f8:75:25:ba:f8:a8:20:21:5b:bd:d0:a3:c6:51:20:d4:a2:
         3d:51:35:56:a0:46:fa:00:e3:9e:06:28:14:90:3c:32:7a:16:
         4d:ab:9a:98:5e:bb:20:aa:eb:97:27:94:7e:8a:a1:62:48:3c:
         ac:bc:b9:a4:d5:41:1e:86:8d:a4:7c:d5:10:15:be:8a:f0:d6:
         01:47:90:98:b3:2f:e2:2e:cc:3b:51:ff:16:3b:30:79:80:73:
         c7:44:5e:3e:5a:e6:3a:00:3a:c9:f9:b4:a1:1a:bd:50:39:43:
         c2:61:e1:4d:13:68:a2:10:30:8a:c4:b8:85:79:a5:66:bd:01:
         0d:44:ed:3b:00:2a:34:0b:b3:f7:bd:d0:7d:6a:98:e1:4d:61:
         03:8b:ff:30:d6:73:71:1b:01:5d:d8:be:6d:96:e8:73:f9:04:
         b3:a4:29:80:90:03:d3:62:93:3f:65:dd:be:ae:b1:9a:40:4a:
         75:ba:9b:05:a8:f7:b4:de:4c:c0:9e:5b:56:30:1e:82:38:13:
         c2:e8:cd:68:74:f5:68:23:c4:40:00:36:d2:27:c0:09:f6:d7:
         41:eb:e2:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+6doTIz0LZ4s1t+wBeMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZGM1NzBiYzFjOTY0YmFiN2VkNTZjNjczYWE0MDUxOGY4
NTQ1NzgwHhcNMjUwNDI3MTYwMTQzWhcNMjUwNDI4MTYwMTQzWjAzMTEwLwYDVQQD
Eyg0NjhlYjcyNDRhNzBmMTc5NjU3MzgyMTY3NzE2NGMzY2U3MGUxMThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+jWVVm2R/g7zTd7hndJj+uiZlf/
nKg1wEFpE3s/tDBR/O1+fed9syPyrY7HEZn/D7ijuZNa7e+azJIKcRi2ew92t6Ev
89A9T5Un66YCyImgtrp8KRrUJrpp4yZxT0PkhvlxYoaOlqqXtccAPraGuhMo7ViQ
BcOcfv0vkoxe2aPD1BsJYXaREAof1JBNDQYUauKdAnHAOYSv0ITNWZhxb2xq5Boo
y5LGkrEGZNWR6msdk77NYCd734dZxQ8YDD75WJ4LC/SavNTh3ykbKBBV2Gj+/HKm
hhU9QkwGAsgPqAwwfkA18oGJRZkvYBk18MUEgX+wm1R7E/4d6/NwldShzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEaOtyRKcPF5ZXOCFncWTDznDhGOMB8GA1UdIwQY
MBaAFNDcVwvByWS6t+1WxnOqQFGPhUV4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME54WEM4SEpaTHEzN1ZiR2M2cEFVWS1GUlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80N2Q2OTItZGQ0MC00YmYyLTg5M2Yt
ZDM4ZGQwYjc4OTA5LzEvME54WEM4SEpaTHEzN1ZiR2M2cEFVWS1GUlhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80N2Q2OTItZGQ0MC00YmYyLTg5M2YtZDM4ZGQwYjc4OTA5
LzEvME54WEM4SEpaTHEzN1ZiR2M2cEFVWS1GUlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJwbX+vvK
y3kTm1uPcA+oRjXdjm8cjONiblVmG+WijAPDbT0RHPh1Jbr4qCAhW73Qo8ZRINSi
PVE1VqBG+gDjngYoFJA8MnoWTauamF67IKrrlyeUfoqhYkg8rLy5pNVBHoaNpHzV
EBW+ivDWAUeQmLMv4i7MO1H/FjsweYBzx0RePlrmOgA6yfm0oRq9UDlDwmHhTRNo
ohAwisS4hXmlZr0BDUTtOwAqNAuz973QfWqY4U1hA4v/MNZzcRsBXdi+bZboc/kE
s6QpgJAD02KTP2Xdvq6xmkBKdbqbBaj3tN5MwJ5bVjAegjgTwujNaHT1aCPEQAA2
0ifACfbXQeviLQ==
-----END CERTIFICATE-----