Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/e4753c-658b-4d7c-8b3c-b13829a98c57/1/biMhBwGL_QMoH3lexopxGcWA7CU.mft
File:                     biMhBwGL_QMoH3lexopxGcWA7CU.mft (raw, json)
Hash identifier:          PH/MvS0YIl2ZAt5/igmnf3ZM4+JIdXJLjDjiCnPZ5BI=
Subject key identifier:   28:77:A9:E7:7A:A5:A6:9E:76:A1:64:BE:41:22:4C:C2:AB:32:90:5B
Authority key identifier: 6E:23:21:07:01:8B:FD:03:28:1F:79:5E:C6:8A:71:19:C5:80:EC:25
Certificate issuer:       /CN=6e232107018bfd03281f795ec68a7119c580ec25
Certificate serial:       019676E833FCAAFE136F768959B3998B0C83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/biMhBwGL_QMoH3lexopxGcWA7CU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/e4753c-658b-4d7c-8b3c-b13829a98c57/1/biMhBwGL_QMoH3lexopxGcWA7CU.mft
Manifest number:          150C
Signing time:             Sun 27 Apr 2025 11:00:51 +0000
Manifest this update:     Sun 27 Apr 2025 11:00:51 +0000
Manifest next update:     Mon 28 Apr 2025 11:00:51 +0000
Files and hashes:         1: biMhBwGL_QMoH3lexopxGcWA7CU.crl (hash: 1/etVb39wG1ovj7LzulJ8RJaKLh8R+W8N992N9KM3cI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/e4753c-658b-4d7c-8b3c-b13829a98c57/1/biMhBwGL_QMoH3lexopxGcWA7CU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/e4753c-658b-4d7c-8b3c-b13829a98c57/1/biMhBwGL_QMoH3lexopxGcWA7CU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/biMhBwGL_QMoH3lexopxGcWA7CU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:29:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:e8:33:fc:aa:fe:13:6f:76:89:59:b3:99:8b:0c:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e232107018bfd03281f795ec68a7119c580ec25
        Validity
            Not Before: Apr 27 11:00:51 2025 GMT
            Not After : Apr 28 11:00:51 2025 GMT
        Subject: CN=2877a9e77aa5a69e76a164be41224cc2ab32905b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:8b:46:74:cf:9b:ac:56:58:c8:72:b7:e2:a5:
                    d2:23:e5:d1:23:9f:5e:7b:58:de:4e:bf:63:e7:44:
                    07:37:d8:ad:8b:0c:4c:83:82:4f:07:a6:c3:48:3d:
                    69:19:6d:9f:5f:32:72:ac:6f:0b:a8:3b:99:2d:41:
                    00:4d:dc:12:d3:d9:cd:88:f3:56:c4:b8:7a:60:4e:
                    db:af:3b:f3:17:61:80:33:ea:7e:70:d4:dc:35:af:
                    f0:85:5f:4a:2f:1c:1f:80:c1:85:d4:22:82:bf:3e:
                    c9:37:c8:18:bc:27:3f:99:74:1b:0d:7a:7d:9c:34:
                    2f:99:ad:ec:63:37:0b:29:29:f5:ee:7b:bd:ef:5e:
                    7d:cc:79:a4:88:a6:c1:6e:a3:a9:14:eb:f8:25:1e:
                    95:27:49:ea:f9:dd:c9:88:81:b2:0e:20:19:99:5a:
                    b1:2e:14:72:62:3d:a7:62:09:bf:5d:a0:0a:7a:f8:
                    e5:bc:ce:be:ef:99:db:da:71:4d:1e:e5:88:b8:0e:
                    e2:7f:50:e3:65:3c:e8:28:c6:8b:cf:31:b6:a8:5b:
                    4c:01:93:f9:5d:f7:03:60:1e:b8:cf:05:e1:4e:38:
                    7b:d5:c3:8e:ab:63:65:f0:88:fa:5b:b4:69:81:3c:
                    86:02:5f:50:a4:09:35:2c:47:3b:6c:35:53:ee:9f:
                    30:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:77:A9:E7:7A:A5:A6:9E:76:A1:64:BE:41:22:4C:C2:AB:32:90:5B
            X509v3 Authority Key Identifier:
                keyid:6E:23:21:07:01:8B:FD:03:28:1F:79:5E:C6:8A:71:19:C5:80:EC:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/biMhBwGL_QMoH3lexopxGcWA7CU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/e4753c-658b-4d7c-8b3c-b13829a98c57/1/biMhBwGL_QMoH3lexopxGcWA7CU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/e4753c-658b-4d7c-8b3c-b13829a98c57/1/biMhBwGL_QMoH3lexopxGcWA7CU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:b0:4c:3f:e6:08:c2:89:ab:88:00:e2:b3:f5:55:5d:93:92:
         e3:4b:b4:63:27:6c:61:87:dc:f4:f7:f8:c8:c8:86:98:f5:8b:
         94:2d:cb:dd:11:a9:63:d9:66:fc:ae:c4:a9:37:d7:63:1d:55:
         79:db:16:94:f5:41:4b:fb:5b:00:68:05:96:b4:48:61:39:b4:
         4b:d7:af:9e:75:79:24:b5:22:37:83:ab:12:8c:8b:4d:76:c8:
         b0:3e:e6:8f:34:43:ca:19:c1:62:15:6b:ee:31:eb:89:ba:02:
         8f:30:a6:0a:ea:00:99:d9:e0:1c:89:08:7c:56:34:cb:da:0e:
         7d:79:a3:15:6a:98:2a:bd:ce:2b:1b:a8:82:d9:87:aa:31:bd:
         43:46:41:85:5c:54:0f:4a:c6:51:89:ce:85:79:29:ed:c1:49:
         bc:81:5f:72:6d:e7:f6:9b:6d:3b:d0:ff:fc:91:0a:07:df:f5:
         f4:18:5e:23:f7:8e:db:b1:e0:0a:43:dc:01:5a:7a:8b:c4:5d:
         2a:53:66:45:44:8d:8c:84:6d:68:87:9f:fb:89:cc:d3:3e:05:
         ef:d6:f7:f5:a3:36:70:da:20:d4:2d:ad:f1:e7:41:42:0a:b4:
         1b:25:38:98:76:4f:b6:74:de:c6:d1:3e:1e:2e:44:28:01:29:
         d8:09:b0:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ26DP8qv4Tb3aJWbOZiwyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMjMyMTA3MDE4YmZkMDMyODFmNzk1ZWM2OGE3MTE5YzU4
MGVjMjUwHhcNMjUwNDI3MTEwMDUxWhcNMjUwNDI4MTEwMDUxWjAzMTEwLwYDVQQD
EygyODc3YTllNzdhYTVhNjllNzZhMTY0YmU0MTIyNGNjMmFiMzI5MDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhotGdM+brFZYyHK34qXSI+XRI59e
e1jeTr9j50QHN9itiwxMg4JPB6bDSD1pGW2fXzJyrG8LqDuZLUEATdwS09nNiPNW
xLh6YE7brzvzF2GAM+p+cNTcNa/whV9KLxwfgMGF1CKCvz7JN8gYvCc/mXQbDXp9
nDQvma3sYzcLKSn17nu97159zHmkiKbBbqOpFOv4JR6VJ0nq+d3JiIGyDiAZmVqx
LhRyYj2nYgm/XaAKevjlvM6+75nb2nFNHuWIuA7if1DjZTzoKMaLzzG2qFtMAZP5
XfcDYB64zwXhTjh71cOOq2Nl8Ij6W7RpgTyGAl9QpAk1LEc7bDVT7p8wjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCh3qed6paaedqFkvkEiTMKrMpBbMB8GA1UdIwQY
MBaAFG4jIQcBi/0DKB95XsaKcRnFgOwlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmlNaEJ3R0xfUU1vSDNsZXhvcHhHY1dBN0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9lNDc1M2MtNjU4Yi00ZDdjLThiM2Mt
YjEzODI5YTk4YzU3LzEvYmlNaEJ3R0xfUU1vSDNsZXhvcHhHY1dBN0NVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9lNDc1M2MtNjU4Yi00ZDdjLThiM2MtYjEzODI5YTk4YzU3
LzEvYmlNaEJ3R0xfUU1vSDNsZXhvcHhHY1dBN0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhLBMP+YI
womriADis/VVXZOS40u0YydsYYfc9Pf4yMiGmPWLlC3L3RGpY9lm/K7EqTfXYx1V
edsWlPVBS/tbAGgFlrRIYTm0S9evnnV5JLUiN4OrEoyLTXbIsD7mjzRDyhnBYhVr
7jHriboCjzCmCuoAmdngHIkIfFY0y9oOfXmjFWqYKr3OKxuogtmHqjG9Q0ZBhVxU
D0rGUYnOhXkp7cFJvIFfcm3n9pttO9D//JEKB9/19BheI/eO27HgCkPcAVp6i8Rd
KlNmRUSNjIRtaIef+4nM0z4F79b39aM2cNog1C2t8edBQgq0GyU4mHZPtnTextE+
Hi5EKAEp2AmwIA==
-----END CERTIFICATE-----