Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
File:                     aEdQ3w66d01LTWROyOM1CPj1OP4.mft (raw, json)
Hash identifier:          8TTaMsBynxOBu1DGIcPYjGTF30JprCHT+H56jkgODgM=
Subject key identifier:   77:D8:5D:88:75:4E:6A:CE:FA:71:49:04:F3:85:B0:40:62:DC:BE:11
Authority key identifier: 68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE
Certificate issuer:       /CN=684750df0eba774d4b4d644ec8e33508f8f538fe
Certificate serial:       01967C7C10CD0A1A6B9BEBAB9D35E631BDA7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
Manifest number:          05BB
Signing time:             Mon 28 Apr 2025 13:00:27 +0000
Manifest this update:     Mon 28 Apr 2025 13:00:27 +0000
Manifest next update:     Tue 29 Apr 2025 13:00:27 +0000
Files and hashes:         1: aEdQ3w66d01LTWROyOM1CPj1OP4.crl (hash: CF/kwt9m5n8anDybHYXcNT9duk1FRyKEfq/jFeFoFQg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 13:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7c:7c:10:cd:0a:1a:6b:9b:eb:ab:9d:35:e6:31:bd:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=684750df0eba774d4b4d644ec8e33508f8f538fe
        Validity
            Not Before: Apr 28 13:00:27 2025 GMT
            Not After : Apr 29 13:00:27 2025 GMT
        Subject: CN=77d85d88754e6acefa714904f385b04062dcbe11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:5a:c3:f2:18:a8:39:74:cf:88:f2:75:40:41:
                    05:35:c6:8f:da:c3:13:8b:fa:99:72:72:bb:98:9f:
                    64:e1:55:fd:d7:f9:b5:f0:bf:b4:40:4d:7d:99:00:
                    16:05:40:ee:37:00:c5:fc:54:92:41:b0:73:c5:7d:
                    82:04:9b:06:17:89:2a:ed:43:aa:c3:92:5e:1d:d1:
                    48:f1:a7:f3:23:ca:e0:0f:be:e6:81:39:7f:ec:44:
                    37:38:cf:c1:80:9f:03:a4:73:f9:c3:f1:06:9d:e4:
                    72:69:e2:de:f9:28:72:14:de:f9:14:92:6b:8a:43:
                    2a:3a:9a:23:88:6c:d6:25:33:49:f6:20:ef:37:f4:
                    a2:87:c4:17:76:ec:e8:c2:af:4e:88:e1:eb:61:eb:
                    8f:f6:7a:f0:2f:89:e4:34:6e:0f:ab:89:70:d7:ca:
                    88:1b:cd:91:56:89:9e:db:12:78:0a:77:44:ec:78:
                    a9:77:16:37:da:61:77:a9:de:3e:f5:74:62:88:23:
                    fe:72:36:ae:19:ef:dd:8f:4f:1c:c5:cc:65:35:83:
                    b7:22:c2:7f:82:fe:f5:d8:55:da:32:c9:ee:23:43:
                    44:2c:9d:55:1b:04:4c:b3:b4:ee:f2:f3:a7:fb:b9:
                    43:8e:52:17:6c:b3:5a:33:ba:42:ff:b4:25:c2:aa:
                    7d:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:D8:5D:88:75:4E:6A:CE:FA:71:49:04:F3:85:B0:40:62:DC:BE:11
            X509v3 Authority Key Identifier:
                keyid:68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:1b:60:c6:5a:1c:2e:27:f5:4a:f4:06:22:2d:e3:32:54:ab:
         26:e3:0f:de:48:60:d0:08:f2:5b:ef:83:a2:cb:94:18:7e:78:
         5b:c2:28:1b:bb:4b:6c:a3:74:11:2c:d3:7f:45:b3:2b:3b:f0:
         ba:92:d1:29:82:47:6e:00:6d:cb:ce:bf:54:90:7e:e1:85:3a:
         14:18:6a:b2:ce:0e:8a:02:91:2e:68:b7:3f:d8:d3:04:61:d6:
         18:e3:87:18:19:36:92:8b:94:9d:de:23:f9:5d:ea:f5:5d:27:
         20:c6:da:9d:fb:87:fd:e8:a6:03:9a:69:f4:ce:77:49:91:3e:
         a2:4b:05:48:bc:06:a4:31:c7:c9:c1:f0:91:35:a0:9f:6e:76:
         0b:6c:79:77:f4:94:11:a3:06:78:2b:74:86:ef:c9:80:83:a5:
         51:2f:f0:aa:8a:ea:df:31:e1:d3:d1:48:72:c4:cb:1e:15:76:
         1d:56:8a:8e:26:80:a1:bb:50:2f:fd:cc:8b:39:a5:57:1a:cd:
         81:e2:18:86:86:91:9a:b1:1a:aa:13:e4:3b:06:04:8a:d7:06:
         72:38:9d:d1:74:ac:1c:76:1e:e5:b1:7e:2c:8c:d6:ab:57:35:
         ba:57:bd:be:6b:fa:64:90:bd:3d:77:7a:79:12:d4:0e:1c:f6:
         80:c9:06:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ8fBDNChprm+urnTXmMb2nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDc1MGRmMGViYTc3NGQ0YjRkNjQ0ZWM4ZTMzNTA4Zjhm
NTM4ZmUwHhcNMjUwNDI4MTMwMDI3WhcNMjUwNDI5MTMwMDI3WjAzMTEwLwYDVQQD
Eyg3N2Q4NWQ4ODc1NGU2YWNlZmE3MTQ5MDRmMzg1YjA0MDYyZGNiZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlrD8hioOXTPiPJ1QEEFNcaP2sMT
i/qZcnK7mJ9k4VX91/m18L+0QE19mQAWBUDuNwDF/FSSQbBzxX2CBJsGF4kq7UOq
w5JeHdFI8afzI8rgD77mgTl/7EQ3OM/BgJ8DpHP5w/EGneRyaeLe+ShyFN75FJJr
ikMqOpojiGzWJTNJ9iDvN/Sih8QXduzowq9OiOHrYeuP9nrwL4nkNG4Pq4lw18qI
G82RVome2xJ4CndE7HipdxY32mF3qd4+9XRiiCP+cjauGe/dj08cxcxlNYO3IsJ/
gv712FXaMsnuI0NELJ1VGwRMs7Tu8vOn+7lDjlIXbLNaM7pC/7Qlwqp9SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHfYXYh1TmrO+nFJBPOFsEBi3L4RMB8GA1UdIwQY
MBaAFGhHUN8OundNS01kTsjjNQj49Tj+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYt
ZDMyNWY2ODYzMzQzLzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYtZDMyNWY2ODYzMzQz
LzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzRtgxloc
Lif1SvQGIi3jMlSrJuMP3khg0AjyW++DosuUGH54W8IoG7tLbKN0ESzTf0WzKzvw
upLRKYJHbgBty86/VJB+4YU6FBhqss4OigKRLmi3P9jTBGHWGOOHGBk2kouUnd4j
+V3q9V0nIMbanfuH/eimA5pp9M53SZE+oksFSLwGpDHHycHwkTWgn252C2x5d/SU
EaMGeCt0hu/JgIOlUS/wqorq3zHh09FIcsTLHhV2HVaKjiaAobtQL/3MizmlVxrN
geIYhoaRmrEaqhPkOwYEitcGcjid0XSsHHYe5bF+LIzWq1c1ule9vmv6ZJC9PXd6
eRLUDhz2gMkGhg==
-----END CERTIFICATE-----