Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
File:                     MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft (raw, json)
Hash identifier:          wGDLNlRrX0+5kgJwwpyNxTQRd+0qmoXIR2qQb6F+EEg=
Subject key identifier:   03:59:CA:A6:AC:D0:4B:83:4A:BD:56:C4:2E:25:32:B3:F4:81:B3:AD
Authority key identifier: 32:50:52:B7:A6:78:FA:A0:97:DC:BE:65:47:17:0C:91:52:B4:6C:F1
Certificate issuer:       /CN=325052b7a678faa097dcbe6547170c9152b46cf1
Certificate serial:       0196767A55E642F51F405EBFF71D5EFD86C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
Manifest number:          149E
Signing time:             Sun 27 Apr 2025 09:00:50 +0000
Manifest this update:     Sun 27 Apr 2025 09:00:50 +0000
Manifest next update:     Mon 28 Apr 2025 09:00:50 +0000
Files and hashes:         1: MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl (hash: AKOkabQLrdRwF83pKwvwt6P6F920DpD3NcWV/12+eqo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:29:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:7a:55:e6:42:f5:1f:40:5e:bf:f7:1d:5e:fd:86:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=325052b7a678faa097dcbe6547170c9152b46cf1
        Validity
            Not Before: Apr 27 09:00:50 2025 GMT
            Not After : Apr 28 09:00:50 2025 GMT
        Subject: CN=0359caa6acd04b834abd56c42e2532b3f481b3ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:eb:c8:d4:a4:ca:b6:85:a9:bd:7b:14:d9:70:
                    78:9c:5b:33:fa:6a:37:53:9b:21:48:7e:05:64:bb:
                    5a:ab:7e:8a:5b:f7:34:63:a9:ce:77:8b:b5:f6:bc:
                    48:cc:8a:73:db:10:10:b5:5f:d4:81:b5:a4:c6:da:
                    fc:f7:af:28:16:c0:6f:1e:7a:20:ad:35:1d:20:7b:
                    7a:f2:02:6c:ce:db:4a:bc:c1:25:70:b4:20:e7:81:
                    16:e8:eb:76:25:8e:b8:6f:34:03:7b:c5:43:8f:68:
                    c5:f7:33:f4:cc:73:21:ff:4d:a2:c6:2f:2e:93:15:
                    3a:64:30:3f:31:0f:19:ba:65:0a:88:e7:37:a6:a5:
                    d9:57:c6:50:f2:1f:a3:68:b8:59:82:4c:67:99:c3:
                    4a:b6:6b:80:f3:04:c5:5e:53:4e:8c:ab:f7:b7:59:
                    48:8c:4c:06:48:b8:84:8b:06:99:b9:ba:f4:cb:0b:
                    0c:d3:68:85:68:a2:a5:99:b4:c3:b9:c5:86:3d:1f:
                    da:b0:06:ab:5d:f0:57:94:3c:d9:7c:95:e0:40:3f:
                    da:51:45:99:e2:95:51:97:3c:a3:89:f1:99:52:c8:
                    57:71:a1:d3:e7:9f:87:4d:6d:11:cb:ae:66:d8:91:
                    7e:5b:20:eb:36:a8:0c:bb:23:c8:31:0f:1e:61:1d:
                    de:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:59:CA:A6:AC:D0:4B:83:4A:BD:56:C4:2E:25:32:B3:F4:81:B3:AD
            X509v3 Authority Key Identifier:
                keyid:32:50:52:B7:A6:78:FA:A0:97:DC:BE:65:47:17:0C:91:52:B4:6C:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:3e:d9:bc:a0:89:99:ea:a4:36:1e:75:2d:84:8f:9f:18:da:
         45:38:aa:a9:cb:c3:29:4f:f7:0a:03:b6:90:07:b8:77:68:98:
         58:69:03:14:35:c0:2b:6a:9d:e8:37:61:e9:9a:1d:e0:ad:66:
         eb:01:f6:d8:20:0d:36:17:34:30:4d:b8:6b:3e:72:64:e4:46:
         30:fe:95:da:f6:77:19:7f:c3:04:a9:30:b9:fe:c8:41:7f:19:
         5d:5a:da:d8:ed:c0:41:49:13:8b:a7:45:0c:b4:99:8d:e1:8b:
         aa:6c:f3:b8:c5:40:3a:f6:01:fb:d7:9e:e4:bc:19:0c:a8:eb:
         05:16:e0:1d:f6:eb:ea:77:74:66:92:6f:1e:b8:fe:e8:17:08:
         94:a4:94:7e:51:41:87:c9:e4:62:83:7c:b8:e7:6c:41:16:1d:
         e3:55:46:80:c1:4f:eb:25:16:bb:b4:47:09:4e:2d:3c:1d:9b:
         80:6f:18:7e:86:fa:9c:d1:ba:58:89:ff:95:a8:04:a1:60:f4:
         74:84:75:0b:03:55:91:e5:98:65:63:13:35:3b:2f:58:5d:37:
         48:58:82:a8:01:f4:98:57:da:e7:78:55:9c:ab:65:51:88:5e:
         c3:79:f2:5a:5e:71:1e:9b:a3:58:d9:7f:9f:19:6c:f6:cb:3a:
         1a:00:df:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2elXmQvUfQF6/9x1e/YbCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTA1MmI3YTY3OGZhYTA5N2RjYmU2NTQ3MTcwYzkxNTJi
NDZjZjEwHhcNMjUwNDI3MDkwMDUwWhcNMjUwNDI4MDkwMDUwWjAzMTEwLwYDVQQD
EygwMzU5Y2FhNmFjZDA0YjgzNGFiZDU2YzQyZTI1MzJiM2Y0ODFiM2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOvI1KTKtoWpvXsU2XB4nFsz+mo3
U5shSH4FZLtaq36KW/c0Y6nOd4u19rxIzIpz2xAQtV/UgbWkxtr8968oFsBvHnog
rTUdIHt68gJszttKvMElcLQg54EW6Ot2JY64bzQDe8VDj2jF9zP0zHMh/02ixi8u
kxU6ZDA/MQ8ZumUKiOc3pqXZV8ZQ8h+jaLhZgkxnmcNKtmuA8wTFXlNOjKv3t1lI
jEwGSLiEiwaZubr0ywsM02iFaKKlmbTDucWGPR/asAarXfBXlDzZfJXgQD/aUUWZ
4pVRlzyjifGZUshXcaHT55+HTW0Ry65m2JF+WyDrNqgMuyPIMQ8eYR3elwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFANZyqas0EuDSr1WxC4lMrP0gbOtMB8GA1UdIwQY
MBaAFDJQUremePqgl9y+ZUcXDJFStGzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZmQwMjMtZTY0Ni00MDZhLTg0YTUt
YmI2OTQ1YTE2ZmU3LzEvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZmQwMjMtZTY0Ni00MDZhLTg0YTUtYmI2OTQ1YTE2ZmU3
LzEvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARj7ZvKCJ
meqkNh51LYSPnxjaRTiqqcvDKU/3CgO2kAe4d2iYWGkDFDXAK2qd6Ddh6Zod4K1m
6wH22CANNhc0ME24az5yZORGMP6V2vZ3GX/DBKkwuf7IQX8ZXVra2O3AQUkTi6dF
DLSZjeGLqmzzuMVAOvYB+9ee5LwZDKjrBRbgHfbr6nd0ZpJvHrj+6BcIlKSUflFB
h8nkYoN8uOdsQRYd41VGgMFP6yUWu7RHCU4tPB2bgG8Yfob6nNG6WIn/lagEoWD0
dIR1CwNVkeWYZWMTNTsvWF03SFiCqAH0mFfa53hVnKtlUYhew3nyWl5xHpujWNl/
nxls9ss6GgDfmg==
-----END CERTIFICATE-----