Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft
File:                     R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft (raw, json)
Hash identifier:          NYH6KJKV3NE93sbWxLKOW92jv0CzDfHun+x9PMV/2mg=
Subject key identifier:   AA:A1:18:74:7D:94:B9:B8:F5:8D:16:DE:9F:86:28:51:59:71:3F:9A
Authority key identifier: 47:C6:8E:D5:0B:B5:3D:CA:E8:57:E4:C8:5B:CA:FD:51:3F:27:74:DA
Certificate issuer:       /CN=47c68ed50bb53dcae857e4c85bcafd513f2774da
Certificate serial:       019658DD57C8D367A2B59DE3D9CE1EBEFCDB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft
Manifest number:          14FC
Signing time:             Mon 21 Apr 2025 15:00:23 +0000
Manifest this update:     Mon 21 Apr 2025 15:00:23 +0000
Manifest next update:     Tue 22 Apr 2025 15:00:23 +0000
Files and hashes:         1: R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl (hash: d3irhTcwJXVHfPVWWiBXtVIVAWvmYqgWI3JqOx0+wso=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 15:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:58:dd:57:c8:d3:67:a2:b5:9d:e3:d9:ce:1e:be:fc:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47c68ed50bb53dcae857e4c85bcafd513f2774da
        Validity
            Not Before: Apr 21 15:00:23 2025 GMT
            Not After : Apr 22 15:00:23 2025 GMT
        Subject: CN=aaa118747d94b9b8f58d16de9f86285159713f9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f9:a9:cc:40:e0:be:d8:af:4a:f3:bf:f4:07:
                    3a:a8:a3:d4:4d:e0:ae:7a:68:83:3a:95:32:a6:f3:
                    97:1d:73:0d:29:0a:b8:1e:b0:8e:a4:88:59:40:a0:
                    d2:47:33:a4:67:7c:27:ee:d4:ab:8b:fe:50:23:66:
                    88:55:5f:c6:49:18:b3:cc:74:56:97:45:0b:a2:c6:
                    e6:a8:33:85:d3:19:0f:de:b5:f2:36:30:25:31:f4:
                    89:df:07:34:bd:8d:4b:7e:69:6b:cb:24:46:9a:77:
                    7a:f2:10:7d:ed:06:6d:e2:a5:2d:a6:25:40:39:d4:
                    4c:69:3f:b1:d6:db:26:56:8a:0a:26:e7:a2:af:4d:
                    2e:84:c4:60:95:7c:c9:6c:ea:1f:4f:ef:94:1b:94:
                    c7:32:a3:92:d8:c9:a4:8e:a8:52:46:64:98:54:f2:
                    3f:f7:44:e0:ed:f1:34:e9:8a:72:e9:e1:55:17:cb:
                    a9:2b:20:96:3d:c6:bf:ed:97:89:36:3d:47:b2:9c:
                    35:df:09:92:6b:85:18:17:ba:23:cc:67:10:01:34:
                    91:3c:7d:c8:b0:8d:9e:9f:33:6c:0f:8a:e0:b7:1a:
                    65:0b:0a:3a:65:4a:9d:1f:d1:a6:7f:34:f0:29:97:
                    9f:24:cd:78:16:a8:e5:07:83:e6:1b:33:eb:49:ac:
                    79:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:A1:18:74:7D:94:B9:B8:F5:8D:16:DE:9F:86:28:51:59:71:3F:9A
            X509v3 Authority Key Identifier:
                keyid:47:C6:8E:D5:0B:B5:3D:CA:E8:57:E4:C8:5B:CA:FD:51:3F:27:74:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:c3:18:f2:07:e8:7d:19:39:11:5f:07:48:47:ef:24:74:88:
         82:c7:af:f8:2b:55:fb:33:7f:96:b8:b1:fe:4c:d4:1e:d0:60:
         1b:28:ab:7d:49:d7:9c:a2:aa:7a:98:89:7e:ea:fc:2c:26:4a:
         43:bf:6d:ff:52:d1:5d:2a:95:aa:c2:c0:db:37:25:30:38:93:
         f1:9f:b4:6e:1b:90:b1:fe:ad:b6:a8:74:e3:70:57:68:22:ac:
         21:1a:26:1c:12:ba:e2:17:c2:fc:ff:23:3e:a4:f2:a5:71:82:
         53:f9:09:d8:10:fd:fd:8c:33:4b:d8:e7:d6:51:9e:57:62:66:
         ba:32:59:08:54:22:8f:37:61:4d:b4:d0:be:7d:27:92:28:da:
         b4:e9:ae:49:62:65:e4:a8:bb:e3:d8:14:34:16:c6:fa:43:df:
         86:c3:73:40:c1:45:f3:d2:b0:cd:bf:78:3b:8b:2b:49:33:d0:
         70:e6:34:4c:46:0d:80:0f:ad:b6:ce:8a:bb:9f:4c:bd:b6:a6:
         b5:6c:7f:74:65:12:5a:df:ff:99:78:f1:4f:49:3d:bc:6b:02:
         5e:f0:9d:02:f7:e5:df:a4:fd:c4:ba:a4:57:0e:b6:dd:a9:e4:
         88:87:91:86:73:26:65:57:e3:e7:ae:bf:d8:59:03:de:9c:75:
         a1:ab:76:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZY3VfI02eitZ3j2c4evvzbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YzY4ZWQ1MGJiNTNkY2FlODU3ZTRjODViY2FmZDUxM2Yy
Nzc0ZGEwHhcNMjUwNDIxMTUwMDIzWhcNMjUwNDIyMTUwMDIzWjAzMTEwLwYDVQQD
EyhhYWExMTg3NDdkOTRiOWI4ZjU4ZDE2ZGU5Zjg2Mjg1MTU5NzEzZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvmpzEDgvtivSvO/9Ac6qKPUTeCu
emiDOpUypvOXHXMNKQq4HrCOpIhZQKDSRzOkZ3wn7tSri/5QI2aIVV/GSRizzHRW
l0ULosbmqDOF0xkP3rXyNjAlMfSJ3wc0vY1LfmlryyRGmnd68hB97QZt4qUtpiVA
OdRMaT+x1tsmVooKJueir00uhMRglXzJbOofT++UG5THMqOS2MmkjqhSRmSYVPI/
90Tg7fE06Ypy6eFVF8upKyCWPca/7ZeJNj1Hspw13wmSa4UYF7ojzGcQATSRPH3I
sI2enzNsD4rgtxplCwo6ZUqdH9GmfzTwKZefJM14FqjlB4PmGzPrSax50wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKqhGHR9lLm49Y0W3p+GKFFZcT+aMB8GA1UdIwQY
MBaAFEfGjtULtT3K6FfkyFvK/VE/J3TaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9mZmNhMTgtOWQ3Ni00MDljLWEwZWMt
N2M0NTA0OTgyMDMwLzEvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9mZmNhMTgtOWQ3Ni00MDljLWEwZWMtN2M0NTA0OTgyMDMw
LzEvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIsMY8gfo
fRk5EV8HSEfvJHSIgsev+CtV+zN/lrix/kzUHtBgGyirfUnXnKKqepiJfur8LCZK
Q79t/1LRXSqVqsLA2zclMDiT8Z+0bhuQsf6ttqh043BXaCKsIRomHBK64hfC/P8j
PqTypXGCU/kJ2BD9/YwzS9jn1lGeV2JmujJZCFQijzdhTbTQvn0nkijatOmuSWJl
5Ki749gUNBbG+kPfhsNzQMFF89Kwzb94O4srSTPQcOY0TEYNgA+tts6Ku59Mvbam
tWx/dGUSWt//mXjxT0k9vGsCXvCdAvfl36T9xLqkVw623ankiIeRhnMmZVfj566/
2FkD3px1oat2eg==
-----END CERTIFICATE-----