Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/523988-5a00-40a6-b044-a27e74f75d26/1/C1XbSaXB_JAcoahcjSXxPxhuL_o.mft
File:                     C1XbSaXB_JAcoahcjSXxPxhuL_o.mft (raw, json)
Hash identifier:          SH1D0Z7xiebX2za4LIyVLGVDBz7SgRZpyRT8ih4VEnc=
Subject key identifier:   09:8F:0A:7D:35:52:E2:64:CF:09:94:82:8A:83:D4:E9:92:FF:73:AB
Authority key identifier: 0B:55:DB:49:A5:C1:FC:90:1C:A1:A8:5C:8D:25:F1:3F:18:6E:2F:FA
Certificate issuer:       /CN=0b55db49a5c1fc901ca1a85c8d25f13f186e2ffa
Certificate serial:       01967679C32BAA95836984114D15D1F57D89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C1XbSaXB_JAcoahcjSXxPxhuL_o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/523988-5a00-40a6-b044-a27e74f75d26/1/C1XbSaXB_JAcoahcjSXxPxhuL_o.mft
Manifest number:          150C
Signing time:             Sun 27 Apr 2025 09:00:13 +0000
Manifest this update:     Sun 27 Apr 2025 09:00:13 +0000
Manifest next update:     Mon 28 Apr 2025 09:00:13 +0000
Files and hashes:         1: C1XbSaXB_JAcoahcjSXxPxhuL_o.crl (hash: n0yUzuBQDUa6rJD3s+xcmZ1r5XFIWz4FsVoCxkhF3vQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/523988-5a00-40a6-b044-a27e74f75d26/1/C1XbSaXB_JAcoahcjSXxPxhuL_o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/523988-5a00-40a6-b044-a27e74f75d26/1/C1XbSaXB_JAcoahcjSXxPxhuL_o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/C1XbSaXB_JAcoahcjSXxPxhuL_o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 09:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:79:c3:2b:aa:95:83:69:84:11:4d:15:d1:f5:7d:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b55db49a5c1fc901ca1a85c8d25f13f186e2ffa
        Validity
            Not Before: Apr 27 09:00:13 2025 GMT
            Not After : Apr 28 09:00:13 2025 GMT
        Subject: CN=098f0a7d3552e264cf0994828a83d4e992ff73ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:2f:2e:8f:fa:be:ea:f5:b1:31:d4:94:08:ed:
                    9c:68:bc:52:c5:18:b3:85:e0:80:3f:70:70:85:f9:
                    75:5b:3b:6d:e4:80:1a:1c:61:6a:04:b1:86:04:e5:
                    4c:b4:5a:2a:bc:22:0a:2b:7e:c2:98:af:02:3c:26:
                    fc:d0:a1:44:a0:04:be:fb:2d:9e:85:72:e0:d0:bc:
                    6a:06:17:91:90:b1:84:4d:47:b2:3e:1a:e3:a2:5c:
                    09:ae:40:bd:a0:a8:43:bb:d2:7f:4d:46:1d:0f:c3:
                    f7:6a:b0:f6:f1:51:6a:dc:dc:9d:5e:2b:3d:1d:2b:
                    8d:57:74:59:9c:28:49:33:a7:c2:55:6a:f0:e9:38:
                    19:85:58:3c:51:e1:c8:0c:f6:4c:58:f0:18:7e:21:
                    86:90:9c:49:7e:79:a4:63:c2:e0:30:9a:e6:c1:1f:
                    c2:88:06:86:97:6c:fd:dc:8c:e7:1c:e5:04:4c:27:
                    65:38:0c:9a:50:83:2a:0f:6d:5c:35:ab:09:97:ab:
                    03:e7:f0:df:bf:85:0c:38:55:97:cd:9e:6c:e9:13:
                    76:34:a7:46:96:8a:d2:81:ec:1c:f7:39:77:c9:13:
                    08:db:dc:b3:d0:9b:30:83:7d:6f:01:1c:42:8d:ad:
                    f0:2b:f4:2e:f0:19:e9:e1:fd:32:8f:66:ba:73:83:
                    46:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:8F:0A:7D:35:52:E2:64:CF:09:94:82:8A:83:D4:E9:92:FF:73:AB
            X509v3 Authority Key Identifier:
                keyid:0B:55:DB:49:A5:C1:FC:90:1C:A1:A8:5C:8D:25:F1:3F:18:6E:2F:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1XbSaXB_JAcoahcjSXxPxhuL_o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/523988-5a00-40a6-b044-a27e74f75d26/1/C1XbSaXB_JAcoahcjSXxPxhuL_o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/523988-5a00-40a6-b044-a27e74f75d26/1/C1XbSaXB_JAcoahcjSXxPxhuL_o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:09:f9:a8:7b:d1:60:2a:0f:5f:fa:c1:73:5e:ff:5a:2a:13:
         a3:00:0d:f3:52:59:e8:16:60:1e:95:f8:15:e3:7e:a4:b7:68:
         ca:cd:32:3f:99:99:20:a2:70:bb:94:44:ac:3a:d0:96:e2:11:
         3a:7d:e9:40:17:e9:46:af:a4:0e:a1:7f:69:e7:2a:d1:e6:d1:
         30:29:af:c8:0a:f6:19:cd:7f:aa:9f:50:fd:15:19:08:7f:df:
         d9:98:07:78:65:09:0d:21:49:e4:a1:1d:88:3f:a7:0f:15:c1:
         e4:60:6d:cc:90:bf:fd:4f:22:74:5d:72:a5:90:a7:86:3d:54:
         3f:ee:a5:b1:67:0c:ef:6b:17:8a:f0:db:d7:be:a3:de:e9:24:
         17:b1:4a:36:04:a7:86:71:ab:80:84:70:5d:97:a1:fe:f4:ba:
         a0:6e:5c:94:31:4f:0d:01:50:20:09:72:3f:de:95:6e:a1:80:
         5d:11:b5:18:fd:b9:b0:ba:05:05:f7:5a:9d:93:4b:48:c7:c0:
         1d:47:e7:ef:a9:b8:4f:9c:89:22:0c:50:2a:f6:10:25:b1:6a:
         d6:9a:f2:5d:50:cb:d7:a1:13:9b:96:d1:c6:2c:19:bb:ca:08:
         ed:49:df:69:19:86:4e:3a:7f:9d:b8:17:e7:d0:9d:a9:69:b0:
         4d:78:ea:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2ecMrqpWDaYQRTRXR9X2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTVkYjQ5YTVjMWZjOTAxY2ExYTg1YzhkMjVmMTNmMTg2
ZTJmZmEwHhcNMjUwNDI3MDkwMDEzWhcNMjUwNDI4MDkwMDEzWjAzMTEwLwYDVQQD
EygwOThmMGE3ZDM1NTJlMjY0Y2YwOTk0ODI4YTgzZDRlOTkyZmY3M2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzi8uj/q+6vWxMdSUCO2caLxSxRiz
heCAP3Bwhfl1Wztt5IAaHGFqBLGGBOVMtFoqvCIKK37CmK8CPCb80KFEoAS++y2e
hXLg0LxqBheRkLGETUeyPhrjolwJrkC9oKhDu9J/TUYdD8P3arD28VFq3NydXis9
HSuNV3RZnChJM6fCVWrw6TgZhVg8UeHIDPZMWPAYfiGGkJxJfnmkY8LgMJrmwR/C
iAaGl2z93IznHOUETCdlOAyaUIMqD21cNasJl6sD5/Dfv4UMOFWXzZ5s6RN2NKdG
lorSgewc9zl3yRMI29yz0Jswg31vARxCja3wK/Qu8Bnp4f0yj2a6c4NGvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAmPCn01UuJkzwmUgoqD1OmS/3OrMB8GA1UdIwQY
MBaAFAtV20mlwfyQHKGoXI0l8T8Ybi/6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFYYlNhWEJfSkFjb2FoY2pTWHhQeGh1TF9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC81MjM5ODgtNWEwMC00MGE2LWIwNDQt
YTI3ZTc0Zjc1ZDI2LzEvQzFYYlNhWEJfSkFjb2FoY2pTWHhQeGh1TF9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC81MjM5ODgtNWEwMC00MGE2LWIwNDQtYTI3ZTc0Zjc1ZDI2
LzEvQzFYYlNhWEJfSkFjb2FoY2pTWHhQeGh1TF9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnQn5qHvR
YCoPX/rBc17/WioTowAN81JZ6BZgHpX4FeN+pLdoys0yP5mZIKJwu5RErDrQluIR
On3pQBfpRq+kDqF/aecq0ebRMCmvyAr2Gc1/qp9Q/RUZCH/f2ZgHeGUJDSFJ5KEd
iD+nDxXB5GBtzJC//U8idF1ypZCnhj1UP+6lsWcM72sXivDb176j3ukkF7FKNgSn
hnGrgIRwXZeh/vS6oG5clDFPDQFQIAlyP96VbqGAXRG1GP25sLoFBfdanZNLSMfA
HUfn76m4T5yJIgxQKvYQJbFq1pryXVDL16ETm5bRxiwZu8oI7UnfaRmGTjp/nbgX
59CdqWmwTXjqPA==
-----END CERTIFICATE-----