Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
File:                     ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft (raw, json)
Hash identifier:          cygSnAp5XB3eLhWt1Jfg/KDKPtqMI0+3KQ3we6bMrBU=
Subject key identifier:   A0:01:F7:BF:19:00:9D:84:65:1C:DD:48:48:8F:1A:BB:39:72:AF:6A
Authority key identifier: 8A:41:E2:F2:D1:45:2E:7C:4C:C0:7D:BF:A7:83:9D:58:DF:57:F2:18
Certificate issuer:       /CN=8a41e2f2d1452e7c4cc07dbfa7839d58df57f218
Certificate serial:       0196741E62ECB5A588E90EDA8308E4994120
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
Manifest number:          150A
Signing time:             Sat 26 Apr 2025 22:01:10 +0000
Manifest this update:     Sat 26 Apr 2025 22:01:10 +0000
Manifest next update:     Sun 27 Apr 2025 22:01:10 +0000
Files and hashes:         1: ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl (hash: QoK54KU/xLB561BmfGQbbYkBQ25LJ3JKbdZF8bZrnBg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 22:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:1e:62:ec:b5:a5:88:e9:0e:da:83:08:e4:99:41:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a41e2f2d1452e7c4cc07dbfa7839d58df57f218
        Validity
            Not Before: Apr 26 22:01:10 2025 GMT
            Not After : Apr 27 22:01:10 2025 GMT
        Subject: CN=a001f7bf19009d84651cdd48488f1abb3972af6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:8d:90:e9:e0:3a:46:3b:b1:bd:b4:24:fe:5f:
                    43:cc:37:6f:56:40:d7:a4:04:11:a6:41:12:8b:38:
                    85:9c:8b:0b:a7:98:5d:54:78:00:43:fd:1c:6e:c9:
                    c2:d2:26:d3:c9:f2:bf:f5:3e:84:c4:47:f0:b2:42:
                    de:07:97:03:8c:7a:03:4a:e5:d7:fe:95:0a:a0:d0:
                    e6:f7:92:df:24:ff:00:1c:99:e1:8b:71:37:a7:0f:
                    af:50:ca:3c:a0:41:65:57:7a:95:80:6f:87:ce:cd:
                    14:ec:65:d9:a3:f0:44:4d:d5:ff:87:fa:97:fd:53:
                    72:b1:b8:55:d8:d8:7d:40:57:bc:12:76:d5:0c:09:
                    38:55:11:d6:d1:6e:00:c6:92:3f:43:1c:f4:00:a4:
                    3d:8f:3d:68:80:9a:8a:84:91:c2:76:a8:4e:d4:30:
                    73:c5:86:55:bc:0f:e8:f0:1a:19:25:2f:0f:25:26:
                    e2:6a:16:f5:7b:62:0b:4c:16:35:1f:f8:68:94:34:
                    ba:df:33:21:d5:33:89:0c:59:e0:29:51:3d:e4:ff:
                    3e:98:3d:b5:ff:3d:c4:3a:8b:33:09:4c:85:20:c9:
                    ef:d6:a8:9c:68:74:79:89:d0:c6:47:06:b8:73:c3:
                    d5:dd:59:7d:0c:5b:bd:ad:fc:68:34:06:06:16:36:
                    bf:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:01:F7:BF:19:00:9D:84:65:1C:DD:48:48:8F:1A:BB:39:72:AF:6A
            X509v3 Authority Key Identifier:
                keyid:8A:41:E2:F2:D1:45:2E:7C:4C:C0:7D:BF:A7:83:9D:58:DF:57:F2:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:e0:2f:7d:90:10:0f:9b:2d:0e:b9:6f:06:5c:47:91:7a:5f:
         43:c6:8e:ef:63:ed:12:72:76:2b:f6:0c:bb:2b:44:6d:22:31:
         2a:bd:3c:93:46:76:db:fa:6a:74:bf:fb:74:18:75:9b:4d:d7:
         08:04:0c:9e:85:b4:ab:dc:17:2e:fd:82:90:63:ea:77:f6:ed:
         90:d0:4b:6e:42:78:1f:fb:14:a6:b4:90:19:06:15:01:c4:1a:
         27:7d:e8:05:b0:57:78:25:9c:75:6a:7c:fa:b1:5e:b8:9f:45:
         07:48:d2:83:e7:9c:9c:fa:4f:bf:fb:a8:b7:c4:b2:62:1a:1a:
         7a:73:40:2d:ec:95:47:fa:5d:48:d6:a0:f8:f6:4c:e1:89:51:
         79:6d:ba:dc:94:c5:5d:d4:f4:6e:d2:67:76:c6:42:47:5d:09:
         a0:31:e2:3a:2b:9b:85:0a:b9:b0:cf:7b:64:cc:df:cf:81:86:
         8b:82:63:ef:b4:b2:36:fd:17:8f:32:6e:8b:1d:fc:c1:33:cd:
         b9:60:62:d2:b9:40:63:ba:37:6b:30:33:64:92:34:df:cc:5c:
         32:b3:cf:34:09:e0:47:fa:e7:23:68:cf:20:63:3b:89:c4:7b:
         c0:fb:d4:37:18:8c:c8:64:ca:03:70:4e:c7:a0:ef:bd:8b:eb:
         43:94:4d:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0HmLstaWI6Q7agwjkmUEgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNDFlMmYyZDE0NTJlN2M0Y2MwN2RiZmE3ODM5ZDU4ZGY1
N2YyMTgwHhcNMjUwNDI2MjIwMTEwWhcNMjUwNDI3MjIwMTEwWjAzMTEwLwYDVQQD
EyhhMDAxZjdiZjE5MDA5ZDg0NjUxY2RkNDg0ODhmMWFiYjM5NzJhZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmo2Q6eA6RjuxvbQk/l9DzDdvVkDX
pAQRpkESiziFnIsLp5hdVHgAQ/0cbsnC0ibTyfK/9T6ExEfwskLeB5cDjHoDSuXX
/pUKoNDm95LfJP8AHJnhi3E3pw+vUMo8oEFlV3qVgG+Hzs0U7GXZo/BETdX/h/qX
/VNysbhV2Nh9QFe8EnbVDAk4VRHW0W4AxpI/Qxz0AKQ9jz1ogJqKhJHCdqhO1DBz
xYZVvA/o8BoZJS8PJSbiahb1e2ILTBY1H/holDS63zMh1TOJDFngKVE95P8+mD21
/z3EOoszCUyFIMnv1qicaHR5idDGRwa4c8PV3Vl9DFu9rfxoNAYGFja/gQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAB978ZAJ2EZRzdSEiPGrs5cq9qMB8GA1UdIwQY
MBaAFIpB4vLRRS58TMB9v6eDnVjfV/IYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iZjY5YzQtZDY0YS00MzQwLTliZjEt
MzY0ODU0Y2JjMGU4LzEvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iZjY5YzQtZDY0YS00MzQwLTliZjEtMzY0ODU0Y2JjMGU4
LzEvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmeAvfZAQ
D5stDrlvBlxHkXpfQ8aO72PtEnJ2K/YMuytEbSIxKr08k0Z22/pqdL/7dBh1m03X
CAQMnoW0q9wXLv2CkGPqd/btkNBLbkJ4H/sUprSQGQYVAcQaJ33oBbBXeCWcdWp8
+rFeuJ9FB0jSg+ecnPpPv/uot8SyYhoaenNALeyVR/pdSNag+PZM4YlReW263JTF
XdT0btJndsZCR10JoDHiOiubhQq5sM97ZMzfz4GGi4Jj77SyNv0XjzJuix38wTPN
uWBi0rlAY7o3azAzZJI038xcMrPPNAngR/rnI2jPIGM7icR7wPvUNxiMyGTKA3BO
x6DvvYvrQ5RNew==
-----END CERTIFICATE-----