Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
File:                     352lG6cnhKBORBIPne1HhWd5TBs.mft (raw, json)
Hash identifier:          KyNWKNHdO7d9dVwpAKHczu7u46ZFY7bgath2S40xlfo=
Subject key identifier:   AC:5A:CF:4D:7B:F1:66:78:76:70:71:A9:70:43:09:11:EE:68:D7:5F
Authority key identifier: DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B
Certificate issuer:       /CN=df9da51ba72784a04e44120f9ded478567794c1b
Certificate serial:       019688B76252B27ABD686D093BED6644B856
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
Manifest number:          0901
Signing time:             Wed 30 Apr 2025 22:00:41 +0000
Manifest this update:     Wed 30 Apr 2025 22:00:41 +0000
Manifest next update:     Thu 01 May 2025 22:00:41 +0000
Files and hashes:         1: 352lG6cnhKBORBIPne1HhWd5TBs.crl (hash: Msqc5KRqN9O6x3BdTi2cd5AX6bkobzoDrhIYN1E/TeU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 21:27:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:88:b7:62:52:b2:7a:bd:68:6d:09:3b:ed:66:44:b8:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df9da51ba72784a04e44120f9ded478567794c1b
        Validity
            Not Before: Apr 30 22:00:41 2025 GMT
            Not After : May  1 22:00:41 2025 GMT
        Subject: CN=ac5acf4d7bf16678767071a970430911ee68d75f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:42:ba:99:36:49:56:8a:30:e2:d5:c5:4c:43:
                    01:0b:bd:8d:12:10:8b:f5:d5:6b:11:6f:41:8f:bf:
                    b0:37:ce:83:e5:16:2c:9c:05:9c:12:9c:5f:63:31:
                    ae:81:db:0f:8e:82:93:d2:a5:be:f1:20:26:d6:1b:
                    ab:a8:3d:ad:e0:2e:e3:49:1e:ae:ed:d2:d6:2d:c4:
                    e9:f7:b9:37:38:1a:db:e5:45:f8:d0:4b:9d:ee:04:
                    08:e1:4e:89:ea:1e:c2:3a:4f:bd:85:58:eb:00:e1:
                    74:c4:12:37:94:79:98:ba:b2:08:34:4a:20:b2:13:
                    ce:38:e6:57:84:c2:48:d9:4e:35:ec:aa:95:5b:bf:
                    0b:97:57:3d:ad:39:bd:29:02:b5:8f:65:2a:49:fa:
                    c4:55:f7:5f:75:4c:e2:15:fa:a0:15:d1:ac:9c:fb:
                    2b:97:77:6c:1b:33:f9:c0:3d:04:79:e2:b5:17:3b:
                    ad:6d:b8:ec:c4:c3:c5:d9:8f:ab:f5:e6:f7:1d:2d:
                    ad:dc:0d:5c:81:35:ea:f1:22:89:4d:45:3d:9c:11:
                    18:bf:dc:f7:b5:09:c2:88:92:ab:9e:2b:b2:38:93:
                    33:4b:bc:a7:76:ad:03:cc:92:61:b7:ae:e0:82:b8:
                    61:26:7f:2a:b7:25:d7:4b:c3:51:0e:20:64:0b:86:
                    03:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:5A:CF:4D:7B:F1:66:78:76:70:71:A9:70:43:09:11:EE:68:D7:5F
            X509v3 Authority Key Identifier:
                keyid:DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:d1:a7:70:e3:35:34:99:89:3b:73:0a:b8:7f:9b:20:f6:9a:
         03:d9:b3:80:37:18:66:35:79:e5:6b:1a:c8:fe:7b:8a:06:13:
         d6:63:3a:58:5d:84:6f:af:7c:70:25:44:68:09:cd:4a:90:34:
         3f:6c:bf:86:f6:7c:1a:11:f5:b8:43:d9:63:38:89:55:ce:d9:
         6c:65:b5:ba:36:bd:ed:9a:ad:da:0c:8a:eb:d7:d8:e7:2c:86:
         06:dc:9d:27:00:a7:40:fe:60:79:d0:7b:75:5a:84:c3:74:8c:
         d6:b8:c5:2a:50:58:ba:b0:57:65:d3:3c:b0:79:93:f7:53:c4:
         ba:ba:59:4d:27:15:8a:71:c8:a2:08:ba:aa:ad:7f:8c:71:87:
         1c:33:9f:9b:76:fd:c0:fa:8d:1b:78:ed:10:17:39:b7:7c:e8:
         5c:62:67:43:91:b8:cb:2c:ad:5f:c2:57:a3:28:d4:40:69:66:
         9a:01:1c:55:66:7e:19:52:ef:e7:41:18:a0:42:50:82:21:a7:
         d1:b1:8a:30:97:a9:28:e0:9b:2e:16:ed:ad:87:2e:ff:51:b7:
         1a:6b:3b:66:76:0c:af:fb:34:30:3d:8d:05:54:09:47:81:78:
         6b:9d:79:05:ec:ee:aa:5e:d0:77:eb:8d:eb:dc:44:c5:04:e0:
         84:bb:f6:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaIt2JSsnq9aG0JO+1mRLhWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWRhNTFiYTcyNzg0YTA0ZTQ0MTIwZjlkZWQ0Nzg1Njc3
OTRjMWIwHhcNMjUwNDMwMjIwMDQxWhcNMjUwNTAxMjIwMDQxWjAzMTEwLwYDVQQD
EyhhYzVhY2Y0ZDdiZjE2Njc4NzY3MDcxYTk3MDQzMDkxMWVlNjhkNzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00K6mTZJVoow4tXFTEMBC72NEhCL
9dVrEW9Bj7+wN86D5RYsnAWcEpxfYzGugdsPjoKT0qW+8SAm1hurqD2t4C7jSR6u
7dLWLcTp97k3OBrb5UX40Eud7gQI4U6J6h7COk+9hVjrAOF0xBI3lHmYurIINEog
shPOOOZXhMJI2U417KqVW78Ll1c9rTm9KQK1j2UqSfrEVfdfdUziFfqgFdGsnPsr
l3dsGzP5wD0EeeK1FzutbbjsxMPF2Y+r9eb3HS2t3A1cgTXq8SKJTUU9nBEYv9z3
tQnCiJKrniuyOJMzS7yndq0DzJJht67ggrhhJn8qtyXXS8NRDiBkC4YD4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKxaz0178WZ4dnBxqXBDCRHuaNdfMB8GA1UdIwQY
MBaAFN+dpRunJ4SgTkQSD53tR4VneUwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYt
YmM2OTc1NTYxMDc4LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYtYmM2OTc1NTYxMDc4
LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAadGncOM1
NJmJO3MKuH+bIPaaA9mzgDcYZjV55WsayP57igYT1mM6WF2Eb698cCVEaAnNSpA0
P2y/hvZ8GhH1uEPZYziJVc7ZbGW1uja97Zqt2gyK69fY5yyGBtydJwCnQP5gedB7
dVqEw3SM1rjFKlBYurBXZdM8sHmT91PEurpZTScVinHIogi6qq1/jHGHHDOfm3b9
wPqNG3jtEBc5t3zoXGJnQ5G4yyytX8JXoyjUQGlmmgEcVWZ+GVLv50EYoEJQgiGn
0bGKMJepKOCbLhbtrYcu/1G3Gms7ZnYMr/s0MD2NBVQJR4F4a515Bezuql7Qd+uN
69xExQTghLv2Rw==
-----END CERTIFICATE-----