Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
File:                     9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft (raw, json)
Hash identifier:          71TCcMTsfJ8djNJ8QMV8GgzxNE9t4ryk2Hd83IZMXjw=
Subject key identifier:   7E:49:67:FF:B5:13:92:CB:D4:39:09:48:76:67:5D:BE:4D:74:D1:BA
Authority key identifier: F4:ED:5E:5D:BB:A1:EA:B6:D3:95:8E:59:41:82:9C:9D:A1:B2:C6:7F
Certificate issuer:       /CN=f4ed5e5dbba1eab6d3958e5941829c9da1b2c67f
Certificate serial:       01969E9AB9F68CCA516455DCD57632774922
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
Manifest number:          0930
Signing time:             Mon 05 May 2025 04:01:02 +0000
Manifest this update:     Mon 05 May 2025 04:01:02 +0000
Manifest next update:     Tue 06 May 2025 04:01:02 +0000
Files and hashes:         1: 9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl (hash: RqGOHA9/xSlLojmTo04qfDs+QKTSx/jDFwT8TGsC0vk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9e:9a:b9:f6:8c:ca:51:64:55:dc:d5:76:32:77:49:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4ed5e5dbba1eab6d3958e5941829c9da1b2c67f
        Validity
            Not Before: May  5 04:01:02 2025 GMT
            Not After : May  6 04:01:02 2025 GMT
        Subject: CN=7e4967ffb51392cbd439094876675dbe4d74d1ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:de:67:2a:f9:a7:8a:55:c9:9c:11:63:19:06:
                    36:20:5f:83:ae:73:55:2c:17:86:c3:fd:32:45:93:
                    5f:71:9b:99:50:98:1a:b0:58:fb:99:f8:2c:3a:c2:
                    b9:22:36:81:43:bf:4b:57:0b:38:20:17:40:3d:a2:
                    35:e5:2c:b3:7b:6f:2d:00:21:10:36:69:a5:8e:91:
                    f0:70:ff:72:26:9e:12:aa:41:ac:fa:4f:36:94:d5:
                    48:dc:eb:cc:59:16:e6:83:06:b5:63:e1:bf:04:45:
                    a3:c2:bf:8f:44:c2:7e:9e:a5:c7:4a:18:40:3e:74:
                    fb:95:61:02:22:14:77:7f:07:89:f4:4a:62:70:fb:
                    dc:30:b2:d7:0e:ba:bc:63:90:83:e0:4d:55:56:9a:
                    8b:87:6e:38:e1:f7:3e:ea:52:f7:c1:4d:10:e7:3e:
                    fc:60:8b:39:c3:6e:34:18:11:2c:e9:07:aa:0a:1d:
                    ba:cc:7c:ff:d3:dd:f8:d6:9f:e3:01:ea:9c:52:5a:
                    6f:23:44:f1:f0:93:a5:7f:12:0f:da:96:4d:f3:9b:
                    61:e6:71:5b:6c:4d:e7:8a:14:6c:7d:ee:69:95:0c:
                    42:4c:c1:77:92:74:20:29:df:46:ef:b7:15:7f:70:
                    64:6d:89:1a:39:0e:b5:33:53:9c:81:97:eb:b9:85:
                    a1:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:49:67:FF:B5:13:92:CB:D4:39:09:48:76:67:5D:BE:4D:74:D1:BA
            X509v3 Authority Key Identifier:
                keyid:F4:ED:5E:5D:BB:A1:EA:B6:D3:95:8E:59:41:82:9C:9D:A1:B2:C6:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:f8:05:10:da:6b:b7:47:5b:76:55:7a:f6:d0:a0:ea:1f:e7:
         65:23:3f:0e:2e:3a:8f:8a:91:41:a9:67:7d:1f:8e:db:b0:b1:
         34:ac:22:2c:a0:8e:96:02:88:63:69:78:dd:a9:5e:18:44:1b:
         67:e3:aa:cd:20:7a:1c:c0:0e:da:86:7a:b6:c2:c3:42:c3:38:
         62:f0:ee:1b:1b:8a:f8:b0:df:dc:81:7c:c8:55:99:9a:d7:40:
         35:c5:55:e4:77:0d:9d:76:cb:d2:8a:7a:c4:21:89:97:26:cf:
         33:a4:26:f6:73:b8:fe:7a:6d:70:cb:31:31:10:11:db:29:89:
         c2:56:c0:e5:34:c4:db:c4:fe:03:33:e3:2e:64:7b:70:cd:87:
         21:6d:61:9d:15:91:5d:38:6a:4a:b3:31:a2:eb:20:fa:cd:57:
         3f:2b:b9:cc:1c:8b:ee:e3:3c:fc:f8:00:ee:c3:01:82:99:aa:
         41:d1:75:72:14:c6:fb:2a:50:a8:f7:89:56:71:4d:2e:29:8a:
         64:fc:a4:3b:5e:4b:dc:8b:5b:75:7e:03:51:48:23:69:4e:36:
         6d:1f:5f:68:a2:36:8e:57:3e:b9:01:16:cf:9e:e3:79:10:dd:
         ec:6c:0f:e3:0f:c1:df:c6:63:ce:f8:cf:a8:e5:e2:ac:68:b8:
         ca:4a:54:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaemrn2jMpRZFXc1XYyd0kiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZWQ1ZTVkYmJhMWVhYjZkMzk1OGU1OTQxODI5YzlkYTFi
MmM2N2YwHhcNMjUwNTA1MDQwMTAyWhcNMjUwNTA2MDQwMTAyWjAzMTEwLwYDVQQD
Eyg3ZTQ5NjdmZmI1MTM5MmNiZDQzOTA5NDg3NjY3NWRiZTRkNzRkMWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs95nKvmnilXJnBFjGQY2IF+DrnNV
LBeGw/0yRZNfcZuZUJgasFj7mfgsOsK5IjaBQ79LVws4IBdAPaI15Syze28tACEQ
NmmljpHwcP9yJp4SqkGs+k82lNVI3OvMWRbmgwa1Y+G/BEWjwr+PRMJ+nqXHShhA
PnT7lWECIhR3fweJ9EpicPvcMLLXDrq8Y5CD4E1VVpqLh2444fc+6lL3wU0Q5z78
YIs5w240GBEs6QeqCh26zHz/09341p/jAeqcUlpvI0Tx8JOlfxIP2pZN85th5nFb
bE3nihRsfe5plQxCTMF3knQgKd9G77cVf3BkbYkaOQ61M1OcgZfruYWhSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH5JZ/+1E5LL1DkJSHZnXb5NdNG6MB8GA1UdIwQY
MBaAFPTtXl27oeq205WOWUGCnJ2hssZ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9hZmM4NmMtMjViMC00NzRjLWE1YzQt
ZGIxYTZiYmNiYjcyLzEvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9hZmM4NmMtMjViMC00NzRjLWE1YzQtZGIxYTZiYmNiYjcy
LzEvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgvgFENpr
t0dbdlV69tCg6h/nZSM/Di46j4qRQalnfR+O27CxNKwiLKCOlgKIY2l43aleGEQb
Z+OqzSB6HMAO2oZ6tsLDQsM4YvDuGxuK+LDf3IF8yFWZmtdANcVV5HcNnXbL0op6
xCGJlybPM6Qm9nO4/nptcMsxMRAR2ymJwlbA5TTE28T+AzPjLmR7cM2HIW1hnRWR
XThqSrMxousg+s1XPyu5zByL7uM8/PgA7sMBgpmqQdF1chTG+ypQqPeJVnFNLimK
ZPykO15L3ItbdX4DUUgjaU42bR9faKI2jlc+uQEWz57jeRDd7GwP4w/B38ZjzvjP
qOXirGi4ykpUcQ==
-----END CERTIFICATE-----