Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/05910b-25d8-413d-ac58-824c77f891c9/1/cNbQfLZOoOgZ46Cyngk_5Bljspo.mft
File:                     cNbQfLZOoOgZ46Cyngk_5Bljspo.mft (raw, json)
Hash identifier:          Ss89TaPYOqUYbYFdDoVoH7jYJrth9Scs4w0jflE+Uf4=
Subject key identifier:   52:48:87:71:1B:47:80:8F:2D:02:66:33:26:D8:71:C8:50:8A:01:D9
Authority key identifier: 70:D6:D0:7C:B6:4E:A0:E8:19:E3:A0:B2:9E:09:3F:E4:19:63:B2:9A
Certificate issuer:       /CN=70d6d07cb64ea0e819e3a0b29e093fe41963b29a
Certificate serial:       01968058ECA48A251F8A801D3A4F3143AB2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cNbQfLZOoOgZ46Cyngk_5Bljspo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/05910b-25d8-413d-ac58-824c77f891c9/1/cNbQfLZOoOgZ46Cyngk_5Bljspo.mft
Manifest number:          1511
Signing time:             Tue 29 Apr 2025 07:00:33 +0000
Manifest this update:     Tue 29 Apr 2025 07:00:33 +0000
Manifest next update:     Wed 30 Apr 2025 07:00:33 +0000
Files and hashes:         1: cNbQfLZOoOgZ46Cyngk_5Bljspo.crl (hash: JtiReF7C7pRNHlUEv4FwwFkjTp4kFWC0Y+nR5Mktqg8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/96/05910b-25d8-413d-ac58-824c77f891c9/1/cNbQfLZOoOgZ46Cyngk_5Bljspo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/96/05910b-25d8-413d-ac58-824c77f891c9/1/cNbQfLZOoOgZ46Cyngk_5Bljspo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cNbQfLZOoOgZ46Cyngk_5Bljspo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 07:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:80:58:ec:a4:8a:25:1f:8a:80:1d:3a:4f:31:43:ab:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70d6d07cb64ea0e819e3a0b29e093fe41963b29a
        Validity
            Not Before: Apr 29 07:00:33 2025 GMT
            Not After : Apr 30 07:00:33 2025 GMT
        Subject: CN=524887711b47808f2d02663326d871c8508a01d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:3e:1e:c9:e3:44:bd:96:66:ac:44:e2:53:f7:
                    5a:31:18:6c:e2:86:ea:ea:a4:f8:a0:6d:ef:17:48:
                    4c:67:c6:d9:15:f1:d5:9c:07:e0:53:55:d0:af:c5:
                    11:cb:4d:90:94:4e:16:08:3e:1c:74:46:af:78:25:
                    48:5a:b4:6b:b9:cf:bb:7a:49:4b:36:fd:14:9a:a7:
                    8a:85:d2:0f:39:bb:4f:c1:7a:a8:88:fb:dc:0c:05:
                    a5:89:1e:83:5a:85:5c:c6:38:0f:b9:1a:8d:2b:11:
                    fc:09:9e:72:99:f5:80:80:5d:5e:bc:5e:14:d3:77:
                    9e:74:d7:45:f4:fa:c2:e9:1b:d6:ae:dd:03:ce:9b:
                    9f:c8:40:03:b9:72:96:e9:02:cf:ed:1d:c8:ac:9f:
                    e8:36:26:79:6e:b8:b2:38:22:e3:e2:15:d1:d2:27:
                    0d:11:d5:66:6f:90:d1:62:4e:b2:21:5c:45:c7:32:
                    a8:32:46:ef:1c:6e:b4:0b:58:49:5e:83:10:1b:56:
                    1e:c6:b5:9f:65:03:e1:9c:56:51:bb:fe:c4:31:98:
                    67:cd:91:35:0b:47:0c:1e:fd:89:9c:9d:72:65:fd:
                    1e:57:db:40:20:36:6a:60:80:ea:d2:73:e1:bf:6d:
                    3e:af:47:ae:d2:9d:88:a3:92:b1:1b:14:a2:04:81:
                    9c:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:48:87:71:1B:47:80:8F:2D:02:66:33:26:D8:71:C8:50:8A:01:D9
            X509v3 Authority Key Identifier:
                keyid:70:D6:D0:7C:B6:4E:A0:E8:19:E3:A0:B2:9E:09:3F:E4:19:63:B2:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cNbQfLZOoOgZ46Cyngk_5Bljspo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/05910b-25d8-413d-ac58-824c77f891c9/1/cNbQfLZOoOgZ46Cyngk_5Bljspo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/05910b-25d8-413d-ac58-824c77f891c9/1/cNbQfLZOoOgZ46Cyngk_5Bljspo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:c6:19:bf:f2:19:b4:34:b4:25:08:31:28:26:0e:dd:71:c9:
         9e:ad:eb:44:1d:cf:9a:62:d7:d2:b6:3c:24:a5:0a:0e:1c:1c:
         0c:58:22:7c:05:94:74:ee:a4:38:e7:33:c4:0c:2e:d9:b1:05:
         2b:50:c0:21:c8:11:2c:27:1a:d0:76:e1:c7:2a:77:c9:43:45:
         3e:10:be:0a:dc:6d:77:7d:65:c1:f8:91:8e:b3:57:cb:6d:eb:
         63:97:35:ec:69:0d:e1:75:7e:15:c7:c8:78:d6:eb:8a:69:a3:
         e2:61:d7:56:cd:42:9f:df:20:ce:50:9a:f2:36:2d:88:3b:b9:
         f7:74:13:be:21:6c:b9:08:eb:7b:a5:01:77:d5:7c:77:11:a9:
         05:2e:90:df:e5:2a:c2:3e:e2:f3:25:bd:14:f2:78:ae:69:05:
         08:a3:7a:80:2b:c9:29:72:5c:8a:c3:41:dd:29:bf:db:fd:fa:
         c1:2a:88:29:74:01:ea:4f:af:be:7b:40:54:f4:21:c1:a4:28:
         78:35:00:ef:99:1c:7f:ba:e0:01:c2:4b:5a:2d:92:82:b0:05:
         27:5b:71:12:91:80:a8:3d:f6:5c:bb:0c:cd:fb:7e:7d:0a:01:
         ce:dd:3a:ae:3f:08:10:3f:de:12:9b:61:44:ac:eb:f7:3c:14:
         07:3a:31:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAWOykiiUfioAdOk8xQ6stMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZDZkMDdjYjY0ZWEwZTgxOWUzYTBiMjllMDkzZmU0MTk2
M2IyOWEwHhcNMjUwNDI5MDcwMDMzWhcNMjUwNDMwMDcwMDMzWjAzMTEwLwYDVQQD
Eyg1MjQ4ODc3MTFiNDc4MDhmMmQwMjY2MzMyNmQ4NzFjODUwOGEwMWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyD4eyeNEvZZmrETiU/daMRhs4obq
6qT4oG3vF0hMZ8bZFfHVnAfgU1XQr8URy02QlE4WCD4cdEaveCVIWrRruc+7eklL
Nv0UmqeKhdIPObtPwXqoiPvcDAWliR6DWoVcxjgPuRqNKxH8CZ5ymfWAgF1evF4U
03eedNdF9PrC6RvWrt0DzpufyEADuXKW6QLP7R3IrJ/oNiZ5briyOCLj4hXR0icN
EdVmb5DRYk6yIVxFxzKoMkbvHG60C1hJXoMQG1YexrWfZQPhnFZRu/7EMZhnzZE1
C0cMHv2JnJ1yZf0eV9tAIDZqYIDq0nPhv20+r0eu0p2Io5KxGxSiBIGc4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFJIh3EbR4CPLQJmMybYcchQigHZMB8GA1UdIwQY
MBaAFHDW0Hy2TqDoGeOgsp4JP+QZY7KaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY05iUWZMWk9vT2daNDZDeW5na181Qmxqc3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8wNTkxMGItMjVkOC00MTNkLWFjNTgt
ODI0Yzc3Zjg5MWM5LzEvY05iUWZMWk9vT2daNDZDeW5na181Qmxqc3BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8wNTkxMGItMjVkOC00MTNkLWFjNTgtODI0Yzc3Zjg5MWM5
LzEvY05iUWZMWk9vT2daNDZDeW5na181Qmxqc3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATMYZv/IZ
tDS0JQgxKCYO3XHJnq3rRB3PmmLX0rY8JKUKDhwcDFgifAWUdO6kOOczxAwu2bEF
K1DAIcgRLCca0Hbhxyp3yUNFPhC+Ctxtd31lwfiRjrNXy23rY5c17GkN4XV+FcfI
eNbrimmj4mHXVs1Cn98gzlCa8jYtiDu593QTviFsuQjre6UBd9V8dxGpBS6Q3+Uq
wj7i8yW9FPJ4rmkFCKN6gCvJKXJcisNB3Sm/2/36wSqIKXQB6k+vvntAVPQhwaQo
eDUA75kcf7rgAcJLWi2SgrAFJ1txEpGAqD32XLsMzft+fQoBzt06rj8IED/eEpth
RKzr9zwUBzoxUQ==
-----END CERTIFICATE-----