Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/264ad4-aa1b-46e3-94b2-e35afa36a428/1/SwGEomKzUJ4aumGpC-yrMrACVUw.mft
File:                     SwGEomKzUJ4aumGpC-yrMrACVUw.mft (raw, json)
Hash identifier:          3GDiRym2cYxCDCkpB/znSTl0Rc1XjwfKzrZDP7QSIlw=
Subject key identifier:   20:FA:54:4C:79:C1:BE:0D:5E:BB:0D:0A:76:AC:3A:01:54:8D:A2:4C
Authority key identifier: 4B:01:84:A2:62:B3:50:9E:1A:BA:61:A9:0B:EC:AB:32:B0:02:55:4C
Certificate issuer:       /CN=4b0184a262b3509e1aba61a90becab32b002554c
Certificate serial:       01965537BE0600BE79D816C120C18B2743E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SwGEomKzUJ4aumGpC-yrMrACVUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/264ad4-aa1b-46e3-94b2-e35afa36a428/1/SwGEomKzUJ4aumGpC-yrMrACVUw.mft
Manifest number:          148D
Signing time:             Sun 20 Apr 2025 22:00:38 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:38 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:38 +0000
Files and hashes:         1: SwGEomKzUJ4aumGpC-yrMrACVUw.crl (hash: M4oL8PWfN7R0/aPlsU1jRrxDsTyqMgBWF67O2zJunKU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/264ad4-aa1b-46e3-94b2-e35afa36a428/1/SwGEomKzUJ4aumGpC-yrMrACVUw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/264ad4-aa1b-46e3-94b2-e35afa36a428/1/SwGEomKzUJ4aumGpC-yrMrACVUw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SwGEomKzUJ4aumGpC-yrMrACVUw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:be:06:00:be:79:d8:16:c1:20:c1:8b:27:43:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b0184a262b3509e1aba61a90becab32b002554c
        Validity
            Not Before: Apr 20 22:00:38 2025 GMT
            Not After : Apr 21 22:00:38 2025 GMT
        Subject: CN=20fa544c79c1be0d5ebb0d0a76ac3a01548da24c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:fd:dc:06:99:48:e4:f7:5e:71:66:66:fb:50:
                    d7:b0:4a:e9:cf:ac:46:c6:41:65:8c:6f:56:f9:b0:
                    b0:1b:ee:72:43:a8:a1:a9:e8:ed:92:7e:a9:79:4f:
                    68:40:ce:b5:eb:5a:2b:3e:ec:c0:82:5f:bd:1d:ed:
                    46:51:7a:cb:0d:44:42:7f:35:9f:b0:0b:98:71:62:
                    4d:11:c1:9b:0f:c8:e6:66:c6:7b:19:15:26:09:62:
                    57:25:3d:5c:f1:14:d4:bd:d8:b5:e8:a6:a5:3b:54:
                    1a:9d:f4:0e:27:1f:bc:71:ec:bb:bc:4e:70:f0:04:
                    60:35:b6:2c:c9:df:70:34:92:e6:f7:e6:f2:15:fa:
                    8a:78:73:05:31:12:60:56:07:3b:a5:23:00:7e:d8:
                    97:35:2c:57:98:c5:b6:4b:5f:0a:e7:fe:0c:d1:71:
                    61:cc:6b:a3:74:cc:20:7f:b2:02:a0:40:02:ed:f3:
                    79:a6:4e:6f:f3:a6:ef:8d:b2:f4:25:9b:7f:77:28:
                    dd:60:79:e3:8d:6e:f6:dd:26:22:10:af:5f:34:c9:
                    69:d5:c4:0e:3a:aa:51:f3:94:15:55:13:d5:70:6d:
                    60:fe:cb:02:c7:c9:20:4b:38:c2:f0:5d:e2:07:f2:
                    84:b1:1f:fe:36:2f:69:0c:aa:1a:ec:a1:bd:79:56:
                    c7:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:FA:54:4C:79:C1:BE:0D:5E:BB:0D:0A:76:AC:3A:01:54:8D:A2:4C
            X509v3 Authority Key Identifier:
                keyid:4B:01:84:A2:62:B3:50:9E:1A:BA:61:A9:0B:EC:AB:32:B0:02:55:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SwGEomKzUJ4aumGpC-yrMrACVUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/264ad4-aa1b-46e3-94b2-e35afa36a428/1/SwGEomKzUJ4aumGpC-yrMrACVUw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/264ad4-aa1b-46e3-94b2-e35afa36a428/1/SwGEomKzUJ4aumGpC-yrMrACVUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:60:ec:a6:4e:97:28:8d:68:e9:3a:23:4b:12:e7:50:b1:42:
         47:5b:e3:44:12:d0:41:78:10:a7:4b:da:ae:bf:6e:0e:18:15:
         22:94:1e:b3:37:74:ea:ad:48:c9:35:8c:82:5a:37:73:6a:ef:
         3c:8a:de:26:99:77:55:5e:c1:09:00:13:08:85:f4:2b:55:68:
         f9:a5:2e:44:6c:f3:e8:c4:fd:c8:34:4f:67:c2:fb:55:eb:a7:
         0b:e0:0f:b9:c9:8d:24:4c:bb:7c:9b:7d:09:8f:da:b6:66:d4:
         10:ae:16:ed:77:5a:a5:11:9d:c9:58:c4:4f:58:5d:b1:a4:5c:
         54:16:57:14:84:40:5f:f4:0b:f5:66:6d:f2:88:37:2c:35:d8:
         99:7c:d1:55:e9:5a:f6:27:a0:e6:fa:de:ea:b4:7e:46:c8:17:
         e2:c6:ff:f3:53:d3:2a:66:0e:74:1b:a1:1b:e1:94:25:50:93:
         a2:97:b5:b8:d5:96:9b:83:c6:43:39:9a:9f:49:30:8c:f6:ba:
         7b:1b:0e:80:73:1a:a3:92:2e:e9:79:30:8e:5f:98:7f:ac:ac:
         85:a0:48:c2:b1:72:f3:e9:a6:b2:ac:40:ca:2d:0d:08:88:99:
         da:3c:83:c6:8f:f1:4c:2f:54:40:19:18:1b:7e:69:a4:1c:39:
         e1:75:7a:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN74GAL552BbBIMGLJ0PnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMDE4NGEyNjJiMzUwOWUxYWJhNjFhOTBiZWNhYjMyYjAw
MjU1NGMwHhcNMjUwNDIwMjIwMDM4WhcNMjUwNDIxMjIwMDM4WjAzMTEwLwYDVQQD
EygyMGZhNTQ0Yzc5YzFiZTBkNWViYjBkMGE3NmFjM2EwMTU0OGRhMjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuf3cBplI5PdecWZm+1DXsErpz6xG
xkFljG9W+bCwG+5yQ6ihqejtkn6peU9oQM6161orPuzAgl+9He1GUXrLDURCfzWf
sAuYcWJNEcGbD8jmZsZ7GRUmCWJXJT1c8RTUvdi16KalO1QanfQOJx+8cey7vE5w
8ARgNbYsyd9wNJLm9+byFfqKeHMFMRJgVgc7pSMAftiXNSxXmMW2S18K5/4M0XFh
zGujdMwgf7ICoEAC7fN5pk5v86bvjbL0JZt/dyjdYHnjjW723SYiEK9fNMlp1cQO
OqpR85QVVRPVcG1g/ssCx8kgSzjC8F3iB/KEsR/+Ni9pDKoa7KG9eVbH6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCD6VEx5wb4NXrsNCnasOgFUjaJMMB8GA1UdIwQY
MBaAFEsBhKJis1CeGrphqQvsqzKwAlVMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3dHRW9tS3pVSjRhdW1HcEMteXJNckFDVlV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yNjRhZDQtYWExYi00NmUzLTk0YjIt
ZTM1YWZhMzZhNDI4LzEvU3dHRW9tS3pVSjRhdW1HcEMteXJNckFDVlV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8yNjRhZDQtYWExYi00NmUzLTk0YjItZTM1YWZhMzZhNDI4
LzEvU3dHRW9tS3pVSjRhdW1HcEMteXJNckFDVlV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX2Dspk6X
KI1o6TojSxLnULFCR1vjRBLQQXgQp0varr9uDhgVIpQeszd06q1IyTWMglo3c2rv
PIreJpl3VV7BCQATCIX0K1Vo+aUuRGzz6MT9yDRPZ8L7VeunC+APucmNJEy7fJt9
CY/atmbUEK4W7XdapRGdyVjET1hdsaRcVBZXFIRAX/QL9WZt8og3LDXYmXzRVela
9ieg5vre6rR+RsgX4sb/81PTKmYOdBuhG+GUJVCTope1uNWWm4PGQzman0kwjPa6
exsOgHMao5Iu6Xkwjl+Yf6yshaBIwrFy8+mmsqxAyi0NCIiZ2jyDxo/xTC9UQBkY
G35ppBw54XV6tg==
-----END CERTIFICATE-----