Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft
File:                     rrlJQmajhxkETYKaSgqPF6QHBOg.mft (raw, json)
Hash identifier:          JFIMxyTeB7lEoTOUWvy8Wx5obx/IPi3hpBqgjCSXWYY=
Subject key identifier:   43:E2:8A:63:23:17:32:20:A4:BE:AF:49:D8:43:B8:C2:69:65:00:52
Authority key identifier: AE:B9:49:42:66:A3:87:19:04:4D:82:9A:4A:0A:8F:17:A4:07:04:E8
Certificate issuer:       /CN=aeb9494266a38719044d829a4a0a8f17a40704e8
Certificate serial:       01968F27C5FFB641B5A8E49F4BB6CEAC856B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rrlJQmajhxkETYKaSgqPF6QHBOg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft
Manifest number:          1519
Signing time:             Fri 02 May 2025 04:01:10 +0000
Manifest this update:     Fri 02 May 2025 04:01:10 +0000
Manifest next update:     Sat 03 May 2025 04:01:10 +0000
Files and hashes:         1: rrlJQmajhxkETYKaSgqPF6QHBOg.crl (hash: tC3RakjaM/KNmuJahLtI6/NRtmlsv40CmNMjNIEqQyw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rrlJQmajhxkETYKaSgqPF6QHBOg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8f:27:c5:ff:b6:41:b5:a8:e4:9f:4b:b6:ce:ac:85:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aeb9494266a38719044d829a4a0a8f17a40704e8
        Validity
            Not Before: May  2 04:01:10 2025 GMT
            Not After : May  3 04:01:10 2025 GMT
        Subject: CN=43e28a6323173220a4beaf49d843b8c269650052
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:bc:d2:6e:52:fe:3b:24:77:30:ab:37:56:55:
                    04:8f:0e:bd:3c:4a:5d:e4:f5:fe:34:8f:f0:ff:ff:
                    df:a5:64:42:37:b5:14:ee:fe:4e:60:40:02:45:25:
                    a0:3c:37:6e:6f:ac:39:6b:55:c9:18:02:08:d9:fb:
                    8e:1a:01:9a:e0:d5:4d:35:13:4a:35:1b:9f:00:2b:
                    99:7d:ef:22:2b:00:d5:bd:b1:9e:d7:b6:bf:64:51:
                    40:6a:8b:43:a5:c2:72:c5:b7:6a:96:12:18:3d:50:
                    6a:99:7e:49:b0:06:c2:09:0f:98:36:fc:22:8e:36:
                    a7:e9:56:e4:49:12:b9:aa:fe:cf:5f:f6:8e:a9:8e:
                    29:40:44:f9:4d:74:52:a9:c3:b2:5a:00:93:f8:3a:
                    06:0a:8f:b5:48:4a:74:95:20:3b:79:3c:73:e5:c3:
                    e8:db:2c:d7:c2:0c:0f:82:a3:71:1d:0b:b8:b7:a6:
                    b7:63:2b:2a:28:e9:2f:9f:75:3a:90:c5:2d:a9:0f:
                    ea:5f:e2:0e:ce:7c:e8:4f:d4:45:ee:17:6d:4b:cd:
                    bc:36:dd:43:35:7f:d9:1b:f0:4e:2c:2d:9e:45:dc:
                    c8:70:2e:48:16:29:be:56:4c:6e:2d:cd:60:f5:27:
                    64:91:61:06:ee:cc:1e:d5:f5:d8:00:6f:fc:00:65:
                    74:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:E2:8A:63:23:17:32:20:A4:BE:AF:49:D8:43:B8:C2:69:65:00:52
            X509v3 Authority Key Identifier:
                keyid:AE:B9:49:42:66:A3:87:19:04:4D:82:9A:4A:0A:8F:17:A4:07:04:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrlJQmajhxkETYKaSgqPF6QHBOg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:21:de:e9:cd:fb:f5:b8:5a:12:fc:48:0b:64:58:69:9c:18:
         9e:c0:c6:1f:4d:4c:57:89:5f:f7:57:f7:b7:8d:66:75:a0:1f:
         73:c2:58:25:8b:b7:12:bf:bd:bc:b4:c8:7b:70:29:f3:eb:36:
         59:cd:fb:55:bf:b6:4d:46:bc:de:c5:0d:a7:2b:fd:14:13:d3:
         bc:e4:f1:85:31:4b:66:68:3e:c9:9f:92:67:fa:c9:99:20:64:
         08:ce:ec:e8:9d:88:74:d5:4c:45:9a:e0:51:19:be:16:43:50:
         e1:54:ed:dc:ca:a0:ce:f3:a8:90:14:95:d6:ba:62:00:56:ce:
         12:d5:ee:82:42:f5:e5:49:d0:f5:9b:57:8b:b1:c4:be:fb:a9:
         07:a1:e1:86:b2:d3:a3:a1:b6:62:cd:d7:98:4b:cf:10:ea:86:
         9b:1e:90:69:fd:3a:ce:b3:49:4b:f1:97:4e:4d:65:6f:94:81:
         69:a7:a8:b6:2b:58:87:6a:3e:83:6f:67:05:b9:20:26:ea:9c:
         18:82:a0:47:8c:94:0b:04:46:31:e1:3d:d9:53:36:ac:79:15:
         a9:42:36:2b:97:8e:c1:01:db:83:8f:36:1d:5c:80:db:12:64:
         dd:3d:b5:94:c3:49:c3:8f:86:7a:29:33:6d:6f:d3:19:c9:a9:
         ea:ea:41:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaPJ8X/tkG1qOSfS7bOrIVrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjk0OTQyNjZhMzg3MTkwNDRkODI5YTRhMGE4ZjE3YTQw
NzA0ZTgwHhcNMjUwNTAyMDQwMTEwWhcNMjUwNTAzMDQwMTEwWjAzMTEwLwYDVQQD
Eyg0M2UyOGE2MzIzMTczMjIwYTRiZWFmNDlkODQzYjhjMjY5NjUwMDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rzSblL+OyR3MKs3VlUEjw69PEpd
5PX+NI/w///fpWRCN7UU7v5OYEACRSWgPDdub6w5a1XJGAII2fuOGgGa4NVNNRNK
NRufACuZfe8iKwDVvbGe17a/ZFFAaotDpcJyxbdqlhIYPVBqmX5JsAbCCQ+YNvwi
jjan6VbkSRK5qv7PX/aOqY4pQET5TXRSqcOyWgCT+DoGCo+1SEp0lSA7eTxz5cPo
2yzXwgwPgqNxHQu4t6a3YysqKOkvn3U6kMUtqQ/qX+IOznzoT9RF7hdtS828Nt1D
NX/ZG/BOLC2eRdzIcC5IFim+VkxuLc1g9SdkkWEG7swe1fXYAG/8AGV08wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPiimMjFzIgpL6vSdhDuMJpZQBSMB8GA1UdIwQY
MBaAFK65SUJmo4cZBE2CmkoKjxekBwToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJsSlFtYWpoeGtFVFlLYVNncVBGNlFIQk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9lN2FkYWItODA1NS00Nzg1LThkZjUt
MmE3YjU4YmRmOTQ1LzEvcnJsSlFtYWpoeGtFVFlLYVNncVBGNlFIQk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9lN2FkYWItODA1NS00Nzg1LThkZjUtMmE3YjU4YmRmOTQ1
LzEvcnJsSlFtYWpoeGtFVFlLYVNncVBGNlFIQk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAICHe6c37
9bhaEvxIC2RYaZwYnsDGH01MV4lf91f3t41mdaAfc8JYJYu3Er+9vLTIe3Ap8+s2
Wc37Vb+2TUa83sUNpyv9FBPTvOTxhTFLZmg+yZ+SZ/rJmSBkCM7s6J2IdNVMRZrg
URm+FkNQ4VTt3MqgzvOokBSV1rpiAFbOEtXugkL15UnQ9ZtXi7HEvvupB6HhhrLT
o6G2Ys3XmEvPEOqGmx6Qaf06zrNJS/GXTk1lb5SBaaeotitYh2o+g29nBbkgJuqc
GIKgR4yUCwRGMeE92VM2rHkVqUI2K5eOwQHbg482HVyA2xJk3T21lMNJw4+Geikz
bW/TGcmp6upBqQ==
-----END CERTIFICATE-----