Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft
File:                     sCnHJ8biLu2PvNHot2k5V40Nygo.mft (raw, json)
Hash identifier:          1J6IzO4nEc4nVczgD3csoQ/0graHCXuuPRRdbw8FeJI=
Subject key identifier:   D0:67:BE:25:4B:B2:FB:AB:5C:7E:2E:9B:F1:88:16:9C:7B:61:D4:B0
Authority key identifier: B0:29:C7:27:C6:E2:2E:ED:8F:BC:D1:E8:B7:69:39:57:8D:0D:CA:0A
Certificate issuer:       /CN=b029c727c6e22eed8fbcd1e8b76939578d0dca0a
Certificate serial:       0196760CE2D04FADA68E8E24529A035D48A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sCnHJ8biLu2PvNHot2k5V40Nygo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft
Manifest number:          150A
Signing time:             Sun 27 Apr 2025 07:01:18 +0000
Manifest this update:     Sun 27 Apr 2025 07:01:18 +0000
Manifest next update:     Mon 28 Apr 2025 07:01:18 +0000
Files and hashes:         1: sCnHJ8biLu2PvNHot2k5V40Nygo.crl (hash: Vdyx+aTP/OtCgtv3BQhtedUm45PqrtZ4TIbK6P+wNzQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sCnHJ8biLu2PvNHot2k5V40Nygo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:e2:d0:4f:ad:a6:8e:8e:24:52:9a:03:5d:48:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b029c727c6e22eed8fbcd1e8b76939578d0dca0a
        Validity
            Not Before: Apr 27 07:01:18 2025 GMT
            Not After : Apr 28 07:01:18 2025 GMT
        Subject: CN=d067be254bb2fbab5c7e2e9bf188169c7b61d4b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:d2:90:af:12:d6:8b:2d:e9:24:e1:71:91:71:
                    05:d8:e4:0a:d3:a5:88:63:79:73:03:1a:15:9f:05:
                    45:c6:23:90:be:bd:2c:28:9a:19:0f:7e:46:ac:f6:
                    d4:1e:6f:ed:4e:28:8f:af:92:ac:d8:90:f4:47:a5:
                    2a:dc:bc:56:79:e0:f6:62:8d:01:c2:7c:df:a5:f6:
                    b4:4d:47:fc:76:25:b7:bf:81:d9:2e:59:3f:c6:64:
                    9d:32:ce:3f:50:f6:e5:2f:bc:5b:83:aa:9d:f2:b9:
                    67:51:39:ed:0f:30:34:2a:fb:f9:b1:93:cd:bf:5c:
                    5d:54:15:e7:d4:b8:fa:39:30:00:63:12:23:b7:92:
                    dd:d7:c9:69:dc:24:b1:38:78:64:c7:ad:74:22:81:
                    16:ed:e3:54:c0:75:42:dd:33:f6:c4:d7:61:f4:9b:
                    d8:b3:1a:ae:1a:ec:6c:ab:d2:ca:df:47:ee:f6:42:
                    95:0b:82:fe:ae:67:86:97:b3:89:1a:01:4d:c8:d0:
                    25:82:23:38:1b:9c:39:70:14:04:96:2c:76:bd:35:
                    2e:a6:41:2f:c4:78:6e:59:24:3f:4d:f4:57:48:c0:
                    8e:2b:39:16:7a:96:da:dd:d4:57:7b:61:e7:06:99:
                    ef:90:81:e2:e3:d3:bd:fa:33:e1:bc:e9:f1:37:48:
                    d3:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:67:BE:25:4B:B2:FB:AB:5C:7E:2E:9B:F1:88:16:9C:7B:61:D4:B0
            X509v3 Authority Key Identifier:
                keyid:B0:29:C7:27:C6:E2:2E:ED:8F:BC:D1:E8:B7:69:39:57:8D:0D:CA:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCnHJ8biLu2PvNHot2k5V40Nygo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:6b:8f:b4:82:c2:58:2d:97:fc:e4:b6:7d:cd:a8:66:0a:39:
         15:96:ea:b0:76:ff:9d:76:8d:9f:65:40:f0:31:49:29:ff:03:
         c7:a9:d9:5e:d5:c9:9c:31:7e:74:9e:49:fa:62:67:04:a6:53:
         c1:9b:48:cc:e7:09:af:55:da:8c:b9:5d:f6:f9:0c:6e:8a:02:
         32:72:1c:dd:8a:00:31:c1:39:c9:a0:b6:1e:ee:17:24:73:ae:
         b8:24:18:34:d7:3e:bb:2e:9f:ce:4f:6a:7c:27:73:8d:c2:3b:
         cb:71:84:08:28:52:af:61:f2:1a:17:ca:ca:19:a1:34:38:bb:
         28:62:48:c2:9c:2c:d9:29:5b:15:fb:17:1f:1e:28:18:1d:4a:
         18:f2:df:cf:fb:cb:41:ea:62:6a:23:b7:a9:80:8c:6b:75:57:
         70:a9:0c:8c:ce:08:34:57:76:de:7d:4b:44:de:d3:85:70:f4:
         8e:ff:90:cd:ab:26:88:51:91:82:f8:38:0c:32:e1:62:ab:ae:
         1d:7d:d3:74:67:62:74:18:a2:a4:34:9a:41:cc:e9:c3:45:c3:
         09:33:1f:69:9d:cd:7f:0f:e8:5e:6e:11:94:d3:46:eb:ae:27:
         ca:51:95:1f:a0:c9:c6:f7:30:61:9f:7d:f8:5d:a8:53:b4:a5:
         ec:1b:fb:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DOLQT62mjo4kUpoDXUilMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMjljNzI3YzZlMjJlZWQ4ZmJjZDFlOGI3NjkzOTU3OGQw
ZGNhMGEwHhcNMjUwNDI3MDcwMTE4WhcNMjUwNDI4MDcwMTE4WjAzMTEwLwYDVQQD
EyhkMDY3YmUyNTRiYjJmYmFiNWM3ZTJlOWJmMTg4MTY5YzdiNjFkNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdKQrxLWiy3pJOFxkXEF2OQK06WI
Y3lzAxoVnwVFxiOQvr0sKJoZD35GrPbUHm/tTiiPr5Ks2JD0R6Uq3LxWeeD2Yo0B
wnzfpfa0TUf8diW3v4HZLlk/xmSdMs4/UPblL7xbg6qd8rlnUTntDzA0Kvv5sZPN
v1xdVBXn1Lj6OTAAYxIjt5Ld18lp3CSxOHhkx610IoEW7eNUwHVC3TP2xNdh9JvY
sxquGuxsq9LK30fu9kKVC4L+rmeGl7OJGgFNyNAlgiM4G5w5cBQElix2vTUupkEv
xHhuWSQ/TfRXSMCOKzkWepba3dRXe2HnBpnvkIHi49O9+jPhvOnxN0jTAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBnviVLsvurXH4um/GIFpx7YdSwMB8GA1UdIwQY
MBaAFLApxyfG4i7tj7zR6LdpOVeNDcoKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0NuSEo4YmlMdTJQdk5Ib3QyazVWNDBOeWdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80NjE1YTEtOTA1Mi00MGM2LWExOGQt
YTBkNzk5MjRkYjZjLzEvc0NuSEo4YmlMdTJQdk5Ib3QyazVWNDBOeWdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC80NjE1YTEtOTA1Mi00MGM2LWExOGQtYTBkNzk5MjRkYjZj
LzEvc0NuSEo4YmlMdTJQdk5Ib3QyazVWNDBOeWdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAmuPtILC
WC2X/OS2fc2oZgo5FZbqsHb/nXaNn2VA8DFJKf8Dx6nZXtXJnDF+dJ5J+mJnBKZT
wZtIzOcJr1XajLld9vkMbooCMnIc3YoAMcE5yaC2Hu4XJHOuuCQYNNc+uy6fzk9q
fCdzjcI7y3GECChSr2HyGhfKyhmhNDi7KGJIwpws2SlbFfsXHx4oGB1KGPLfz/vL
QepiaiO3qYCMa3VXcKkMjM4INFd23n1LRN7ThXD0jv+QzasmiFGRgvg4DDLhYquu
HX3TdGdidBiipDSaQczpw0XDCTMfaZ3Nfw/oXm4RlNNG664nylGVH6DJxvcwYZ99
+F2oU7Sl7Bv71g==
-----END CERTIFICATE-----