Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
File:                     VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft (raw, json)
Hash identifier:          RKBPMwT3xf9x/Hh9Txr9xH5Q3Ksz3axZdWtJVtTGDAw=
Subject key identifier:   54:8A:E4:CD:60:B9:CC:75:C9:1F:EB:13:E4:15:56:F2:27:24:DE:57
Authority key identifier: 54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70
Certificate issuer:       /CN=5476e09001c3186526190d1f35d2a5b99fcaa270
Certificate serial:       019698CEF4432859D598A1AABA0A4C5D96B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
Manifest number:          151F
Signing time:             Sun 04 May 2025 01:00:21 +0000
Manifest this update:     Sun 04 May 2025 01:00:21 +0000
Manifest next update:     Mon 05 May 2025 01:00:21 +0000
Files and hashes:         1: VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl (hash: iOycTrx4Os2HpdOH0NF0NhrocMG0ls9+bnvI4v+qJtk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 01:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:98:ce:f4:43:28:59:d5:98:a1:aa:ba:0a:4c:5d:96:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5476e09001c3186526190d1f35d2a5b99fcaa270
        Validity
            Not Before: May  4 01:00:21 2025 GMT
            Not After : May  5 01:00:21 2025 GMT
        Subject: CN=548ae4cd60b9cc75c91feb13e41556f22724de57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:73:89:79:43:15:bf:19:8d:00:5e:f7:17:2b:
                    9e:68:89:18:44:2b:4d:21:5b:83:bf:3c:79:0b:21:
                    b1:2f:0c:21:b5:5a:4f:de:0b:ab:b3:05:88:6f:1f:
                    74:55:5c:ce:6b:79:6e:68:ec:f5:91:0a:55:e0:7f:
                    1b:db:aa:c0:bb:ab:a2:b1:91:57:86:38:69:70:fe:
                    30:9e:4e:3c:f3:6f:e8:26:1d:f6:94:1c:1c:47:7c:
                    dd:7d:91:ea:66:15:4b:8b:d8:b1:c7:8b:01:98:03:
                    c6:d7:60:d6:ad:fc:e1:2a:a6:95:f2:7a:67:20:17:
                    57:30:61:fe:09:ae:e5:2e:a2:fc:ea:e4:4c:17:04:
                    12:94:17:94:39:50:2d:33:3a:87:6e:85:35:05:ad:
                    5f:db:ad:b4:01:56:2e:9c:65:31:0d:69:2c:28:8b:
                    a6:d3:76:45:a9:7f:26:37:b2:bb:d9:1f:8b:f0:f9:
                    87:7c:91:31:ed:e4:71:5f:e4:b9:50:fa:bd:ef:20:
                    a6:11:78:81:da:1d:ce:d1:d6:9c:af:4d:37:22:b7:
                    1f:5d:7b:a0:61:21:13:6e:b5:de:92:c0:c0:48:58:
                    b7:b5:76:e0:26:89:13:1a:6c:c7:fc:04:cf:77:b2:
                    5e:5b:71:ea:24:cf:16:84:42:05:01:a0:ad:2d:c7:
                    08:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:8A:E4:CD:60:B9:CC:75:C9:1F:EB:13:E4:15:56:F2:27:24:DE:57
            X509v3 Authority Key Identifier:
                keyid:54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:e9:54:ab:61:35:1f:c9:44:96:ef:14:0a:17:1b:2a:92:5f:
         62:6e:76:f2:c9:b8:50:9c:11:f0:5f:e0:a7:c3:b0:49:91:fa:
         28:16:75:61:e2:f7:dc:6b:03:82:cb:a4:49:96:29:7b:5c:75:
         b3:6a:b2:f9:d4:6b:d5:1f:13:0d:48:36:28:d3:1e:fc:86:d9:
         79:51:62:99:fb:55:6f:4f:45:b7:53:05:fb:0d:4d:25:5e:7f:
         9f:99:bb:d3:7f:bf:d9:9f:40:73:bf:82:6c:07:e3:8a:f2:6f:
         11:23:b9:d6:32:96:04:3c:6d:b4:d3:c5:34:e3:99:f2:2d:c1:
         b8:54:9e:8a:d4:b1:ad:b1:85:e1:25:f4:96:10:23:44:c3:c4:
         e3:3a:1b:43:57:49:4a:3d:60:84:e7:2d:11:bc:88:d3:1b:21:
         88:1f:aa:fc:84:77:3b:2e:8a:a6:7e:40:58:1c:15:2b:e8:10:
         a1:26:69:18:88:53:00:94:fb:2d:5a:56:1c:3e:93:b0:bf:c7:
         e2:a7:8b:9d:a3:34:9a:8b:bf:8b:4d:79:9c:43:f1:ab:cb:ed:
         c1:1b:02:b8:c9:79:2d:3f:86:16:c0:c6:e3:66:8c:1b:1e:28:
         3a:a0:be:78:ff:48:99:66:c1:09:53:69:20:ab:f3:7a:7c:b9:
         e7:1f:0c:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaYzvRDKFnVmKGqugpMXZawMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzZlMDkwMDFjMzE4NjUyNjE5MGQxZjM1ZDJhNWI5OWZj
YWEyNzAwHhcNMjUwNTA0MDEwMDIxWhcNMjUwNTA1MDEwMDIxWjAzMTEwLwYDVQQD
Eyg1NDhhZTRjZDYwYjljYzc1YzkxZmViMTNlNDE1NTZmMjI3MjRkZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXOJeUMVvxmNAF73FyueaIkYRCtN
IVuDvzx5CyGxLwwhtVpP3gurswWIbx90VVzOa3luaOz1kQpV4H8b26rAu6uisZFX
hjhpcP4wnk4882/oJh32lBwcR3zdfZHqZhVLi9ixx4sBmAPG12DWrfzhKqaV8npn
IBdXMGH+Ca7lLqL86uRMFwQSlBeUOVAtMzqHboU1Ba1f2620AVYunGUxDWksKIum
03ZFqX8mN7K72R+L8PmHfJEx7eRxX+S5UPq97yCmEXiB2h3O0dacr003IrcfXXug
YSETbrXeksDASFi3tXbgJokTGmzH/ATPd7JeW3HqJM8WhEIFAaCtLccInwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFSK5M1gucx1yR/rE+QVVvInJN5XMB8GA1UdIwQY
MBaAFFR24JABwxhlJhkNHzXSpbmfyqJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMt
ODkwMWU4ODEzYWFjLzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMtODkwMWU4ODEzYWFj
LzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmelUq2E1
H8lElu8UChcbKpJfYm528sm4UJwR8F/gp8OwSZH6KBZ1YeL33GsDgsukSZYpe1x1
s2qy+dRr1R8TDUg2KNMe/IbZeVFimftVb09Ft1MF+w1NJV5/n5m703+/2Z9Ac7+C
bAfjivJvESO51jKWBDxttNPFNOOZ8i3BuFSeitSxrbGF4SX0lhAjRMPE4zobQ1dJ
Sj1ghOctEbyI0xshiB+q/IR3Oy6Kpn5AWBwVK+gQoSZpGIhTAJT7LVpWHD6TsL/H
4qeLnaM0mou/i015nEPxq8vtwRsCuMl5LT+GFsDG42aMGx4oOqC+eP9ImWbBCVNp
IKvzeny55x8MTw==
-----END CERTIFICATE-----