Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
File:                     EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft (raw, json)
Hash identifier:          f3BGOXEm7U9/TGzWh5FBhjXgaudh30LeoCrd709rIzk=
Subject key identifier:   AA:B7:59:C0:56:DE:CC:55:A0:E6:C5:ED:6A:A8:2D:07:C8:94:F7:C8
Authority key identifier: 10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0
Certificate issuer:       /CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
Certificate serial:       01968210273853D69E88A046940686302933
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
Manifest number:          1511
Signing time:             Tue 29 Apr 2025 15:00:18 +0000
Manifest this update:     Tue 29 Apr 2025 15:00:18 +0000
Manifest next update:     Wed 30 Apr 2025 15:00:18 +0000
Files and hashes:         1: EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl (hash: HjTdfiRGPv8LHKHdJKeK3Fqj3gaNmJCNZ9Wv+soq67g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:82:10:27:38:53:d6:9e:88:a0:46:94:06:86:30:29:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
        Validity
            Not Before: Apr 29 15:00:18 2025 GMT
            Not After : Apr 30 15:00:18 2025 GMT
        Subject: CN=aab759c056decc55a0e6c5ed6aa82d07c894f7c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:b6:11:ed:3e:05:6b:6e:4e:90:55:2a:b6:6a:
                    ab:70:63:18:79:28:dc:10:e0:b9:f9:7b:f1:c7:5f:
                    89:7b:49:49:95:63:bf:68:11:d3:42:4e:4d:d8:47:
                    7a:37:9d:54:f1:19:e2:33:8c:51:07:e6:65:06:fc:
                    0f:35:83:98:e0:ed:22:ba:27:24:ab:3e:b4:32:e7:
                    21:02:8b:53:a3:ac:dd:82:c2:eb:d2:f2:b9:50:a1:
                    f7:e1:2f:13:ca:e1:12:bf:bb:c5:5c:1d:c9:9b:8e:
                    a4:7a:c0:77:9c:1d:4d:45:6c:6f:18:63:db:f1:eb:
                    98:21:e8:42:bc:63:0a:68:26:4b:e4:ff:f9:14:96:
                    95:20:c6:c6:ca:3d:a2:96:4a:9d:dd:16:96:e7:03:
                    49:f2:02:79:92:c5:0e:1f:19:03:96:58:34:82:ae:
                    df:c8:30:70:1f:d9:dd:cb:11:47:4c:c4:3c:85:4e:
                    f1:90:05:ba:ec:f5:fe:58:a7:00:a4:bc:76:47:cb:
                    b6:58:f2:0e:74:b9:8d:43:c5:4d:5b:31:b7:a5:a8:
                    03:72:08:e3:e6:6d:13:8c:68:57:22:20:a5:7b:7c:
                    7d:68:48:2e:71:15:b2:66:54:fd:ba:15:d4:92:ff:
                    a7:ec:fd:5a:6f:26:e2:8d:45:d9:af:a3:31:b0:95:
                    28:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:B7:59:C0:56:DE:CC:55:A0:E6:C5:ED:6A:A8:2D:07:C8:94:F7:C8
            X509v3 Authority Key Identifier:
                keyid:10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:16:7b:dd:42:99:0f:a5:53:c5:ce:68:c5:d7:b7:cb:ed:4b:
         73:ff:9c:d6:69:14:14:66:7a:5f:4d:ff:65:5a:1f:df:2a:fe:
         c0:21:1f:0e:c1:53:0e:c9:8c:0f:05:a1:12:4a:af:9a:41:81:
         76:d8:fe:da:d6:55:2b:8f:a0:1b:30:60:65:c7:5d:56:4b:f2:
         48:62:0a:76:cb:ca:ec:46:e6:28:93:1a:68:e3:67:31:ab:4d:
         df:e1:57:65:25:00:24:24:8f:a0:f9:a1:85:4d:9c:0c:f7:72:
         c5:9f:e4:d1:d2:e5:90:21:fc:33:db:ac:7c:59:02:ed:30:1f:
         79:b8:5d:bd:f9:f8:56:69:82:e6:53:a8:5f:b6:a2:e0:9d:12:
         7b:98:e9:6c:a9:e9:6c:2f:d9:aa:f5:fd:22:1f:12:7e:f3:23:
         32:71:9b:e5:ae:04:f7:18:ba:43:ba:d4:8a:49:e4:6b:f6:16:
         5f:bd:fe:e6:d9:c2:f2:20:8a:e2:a1:3a:f3:e8:6b:16:92:87:
         85:19:f8:7f:4c:6d:10:22:9b:e2:a7:b3:10:83:67:a6:8e:db:
         7d:38:f0:e0:14:70:1a:c9:a4:d9:d4:52:76:f4:e9:d1:5b:43:
         43:4d:11:50:b1:81:ae:87:46:58:88:cb:ba:d5:c7:3a:98:84:
         19:fe:27:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCECc4U9aeiKBGlAaGMCkzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzk3ZWI1ZjlhYTlhYmU1MjAwOGNlN2YyMWFiNDRhZmRl
ZWEwZDAwHhcNMjUwNDI5MTUwMDE4WhcNMjUwNDMwMTUwMDE4WjAzMTEwLwYDVQQD
EyhhYWI3NTljMDU2ZGVjYzU1YTBlNmM1ZWQ2YWE4MmQwN2M4OTRmN2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbYR7T4Fa25OkFUqtmqrcGMYeSjc
EOC5+Xvxx1+Je0lJlWO/aBHTQk5N2Ed6N51U8RniM4xRB+ZlBvwPNYOY4O0iuick
qz60MuchAotTo6zdgsLr0vK5UKH34S8TyuESv7vFXB3Jm46kesB3nB1NRWxvGGPb
8euYIehCvGMKaCZL5P/5FJaVIMbGyj2ilkqd3RaW5wNJ8gJ5ksUOHxkDllg0gq7f
yDBwH9ndyxFHTMQ8hU7xkAW67PX+WKcApLx2R8u2WPIOdLmNQ8VNWzG3pagDcgjj
5m0TjGhXIiCle3x9aEgucRWyZlT9uhXUkv+n7P1abybijUXZr6MxsJUobwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKq3WcBW3sxVoObF7WqoLQfIlPfIMB8GA1UdIwQY
MBaAFBB5frX5qpq+UgCM5/IatEr97qDQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEt
OGRiNzA4MzQ3NDM4LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEtOGRiNzA4MzQ3NDM4
LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaxZ73UKZ
D6VTxc5oxde3y+1Lc/+c1mkUFGZ6X03/ZVof3yr+wCEfDsFTDsmMDwWhEkqvmkGB
dtj+2tZVK4+gGzBgZcddVkvySGIKdsvK7EbmKJMaaONnMatN3+FXZSUAJCSPoPmh
hU2cDPdyxZ/k0dLlkCH8M9usfFkC7TAfebhdvfn4VmmC5lOoX7ai4J0Se5jpbKnp
bC/ZqvX9Ih8SfvMjMnGb5a4E9xi6Q7rUiknka/YWX73+5tnC8iCK4qE68+hrFpKH
hRn4f0xtECKb4qezEINnpo7bfTjw4BRwGsmk2dRSdvTp0VtDQ00RULGBrodGWIjL
utXHOpiEGf4nfQ==
-----END CERTIFICATE-----