Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/11fa44-8879-4d19-b468-5b5d98f5361e/1/f0rlfubgqcUQH8FKh6UzQVC7q0Y.mft
File:                     f0rlfubgqcUQH8FKh6UzQVC7q0Y.mft (raw, json)
Hash identifier:          pkRYxEDudJq4uONFSVJuyD14cyXPoDaCzRt1renr3Zw=
Subject key identifier:   08:2B:C8:D3:A1:37:B6:B9:D3:A4:6E:D2:51:48:49:87:48:A9:47:52
Authority key identifier: 7F:4A:E5:7E:E6:E0:A9:C5:10:1F:C1:4A:87:A5:33:41:50:BB:AB:46
Certificate issuer:       /CN=7f4ae57ee6e0a9c5101fc14a87a5334150bbab46
Certificate serial:       01965DCD4890EFD19DFF372F3AEF451F52D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f0rlfubgqcUQH8FKh6UzQVC7q0Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/11fa44-8879-4d19-b468-5b5d98f5361e/1/f0rlfubgqcUQH8FKh6UzQVC7q0Y.mft
Manifest number:          0451
Signing time:             Tue 22 Apr 2025 14:00:56 +0000
Manifest this update:     Tue 22 Apr 2025 14:00:56 +0000
Manifest next update:     Wed 23 Apr 2025 14:00:56 +0000
Files and hashes:         1: f0rlfubgqcUQH8FKh6UzQVC7q0Y.crl (hash: eiV5bUuXztanxBigGl5VNhtxVbz2iS0HFwTxRN1H8jo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/11fa44-8879-4d19-b468-5b5d98f5361e/1/f0rlfubgqcUQH8FKh6UzQVC7q0Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/11fa44-8879-4d19-b468-5b5d98f5361e/1/f0rlfubgqcUQH8FKh6UzQVC7q0Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/f0rlfubgqcUQH8FKh6UzQVC7q0Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 14:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5d:cd:48:90:ef:d1:9d:ff:37:2f:3a:ef:45:1f:52:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f4ae57ee6e0a9c5101fc14a87a5334150bbab46
        Validity
            Not Before: Apr 22 14:00:56 2025 GMT
            Not After : Apr 23 14:00:56 2025 GMT
        Subject: CN=082bc8d3a137b6b9d3a46ed25148498748a94752
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ad:c7:50:5e:40:d1:03:4b:8d:53:6c:f0:55:
                    73:de:8f:59:77:ef:bc:fa:e4:a1:c9:0f:77:06:c2:
                    f5:ef:e5:b5:19:93:57:fb:3d:c8:e4:38:58:c3:91:
                    0c:50:80:6b:46:c9:38:60:6e:9f:ff:fc:a5:7c:f3:
                    02:16:93:d4:3d:da:8e:26:db:5b:6e:f3:0d:57:2b:
                    3f:eb:51:c9:c3:f0:a9:51:07:77:5f:37:5c:6d:6b:
                    16:9d:2b:b0:74:17:3b:06:a4:c4:2a:be:2f:3d:4f:
                    78:6d:5f:12:6d:2e:be:2a:3e:9f:5a:50:fd:68:19:
                    41:fd:9a:76:f2:3e:e3:9a:09:dd:51:fb:ee:33:c5:
                    81:8d:af:dd:1a:c3:6b:49:3a:2a:27:a0:7e:d0:43:
                    c7:1a:27:d2:32:aa:c5:02:2d:f9:7f:38:98:8e:57:
                    a6:f6:8d:63:23:6e:c4:7c:c2:22:3e:4c:bf:72:89:
                    4d:8a:db:d1:4e:37:33:4d:d6:72:69:cf:c4:52:5f:
                    cc:22:66:05:86:39:dd:e3:f9:36:87:f9:f1:ee:ff:
                    80:96:d4:60:a9:9a:d4:a6:cf:70:01:aa:b4:bd:63:
                    a6:68:40:69:7e:e0:8f:81:d4:b3:20:5d:5c:58:00:
                    0b:51:ea:dd:38:1d:df:02:6c:e3:08:08:7f:d8:e6:
                    bc:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:2B:C8:D3:A1:37:B6:B9:D3:A4:6E:D2:51:48:49:87:48:A9:47:52
            X509v3 Authority Key Identifier:
                keyid:7F:4A:E5:7E:E6:E0:A9:C5:10:1F:C1:4A:87:A5:33:41:50:BB:AB:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0rlfubgqcUQH8FKh6UzQVC7q0Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/11fa44-8879-4d19-b468-5b5d98f5361e/1/f0rlfubgqcUQH8FKh6UzQVC7q0Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/11fa44-8879-4d19-b468-5b5d98f5361e/1/f0rlfubgqcUQH8FKh6UzQVC7q0Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:8f:39:c9:34:c2:a9:ec:32:ae:b7:3a:84:4b:e3:b4:38:05:
         56:c1:48:ae:df:95:0e:10:e4:53:14:d1:09:0b:3d:70:a9:66:
         9d:ea:d8:e5:c6:c3:27:b1:a4:33:f7:72:1d:90:2a:64:66:2d:
         34:db:04:e1:cd:44:0e:e8:d9:e0:09:b8:be:00:58:9d:5f:54:
         d2:34:69:0c:f1:23:b6:58:76:56:4f:9b:28:44:1d:7b:fc:d7:
         23:4c:ee:38:6b:dc:a9:01:a2:b2:03:a8:46:c8:32:32:09:da:
         13:48:1f:9b:c1:15:a3:ec:d0:9f:ce:05:16:33:03:f3:f8:f7:
         8d:97:3a:a8:43:be:7c:49:de:5e:e9:6f:eb:c0:ac:62:f0:ce:
         59:3e:60:fa:b4:ba:5b:af:9d:41:2d:0f:ef:12:07:8f:4d:15:
         bf:f2:98:a0:ce:df:58:73:00:6a:19:6a:72:92:77:44:2c:bb:
         80:0b:a6:9e:fc:74:9c:71:f3:bb:81:87:92:99:d6:a0:f2:00:
         2b:08:6b:56:5e:06:1c:e3:a8:26:56:df:61:c5:47:4b:2b:b9:
         08:e6:f8:3b:c8:ae:e1:04:b7:7d:fb:27:a0:68:48:98:ca:a6:
         37:61:7a:88:b2:28:a2:d5:1c:97:58:9b:fd:cf:30:89:3a:81:
         fc:d4:85:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZdzUiQ79Gd/zcvOu9FH1LTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNGFlNTdlZTZlMGE5YzUxMDFmYzE0YTg3YTUzMzQxNTBi
YmFiNDYwHhcNMjUwNDIyMTQwMDU2WhcNMjUwNDIzMTQwMDU2WjAzMTEwLwYDVQQD
EygwODJiYzhkM2ExMzdiNmI5ZDNhNDZlZDI1MTQ4NDk4NzQ4YTk0NzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoK3HUF5A0QNLjVNs8FVz3o9Zd++8
+uShyQ93BsL17+W1GZNX+z3I5DhYw5EMUIBrRsk4YG6f//ylfPMCFpPUPdqOJttb
bvMNVys/61HJw/CpUQd3XzdcbWsWnSuwdBc7BqTEKr4vPU94bV8SbS6+Kj6fWlD9
aBlB/Zp28j7jmgndUfvuM8WBja/dGsNrSToqJ6B+0EPHGifSMqrFAi35fziYjlem
9o1jI27EfMIiPky/colNitvRTjczTdZyac/EUl/MImYFhjnd4/k2h/nx7v+AltRg
qZrUps9wAaq0vWOmaEBpfuCPgdSzIF1cWAALUerdOB3fAmzjCAh/2Oa83QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAgryNOhN7a506Ru0lFISYdIqUdSMB8GA1UdIwQY
MBaAFH9K5X7m4KnFEB/BSoelM0FQu6tGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjBybGZ1YmdxY1VRSDhGS2g2VXpRVkM3cTBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8xMWZhNDQtODg3OS00ZDE5LWI0Njgt
NWI1ZDk4ZjUzNjFlLzEvZjBybGZ1YmdxY1VRSDhGS2g2VXpRVkM3cTBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8xMWZhNDQtODg3OS00ZDE5LWI0NjgtNWI1ZDk4ZjUzNjFl
LzEvZjBybGZ1YmdxY1VRSDhGS2g2VXpRVkM3cTBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU485yTTC
qewyrrc6hEvjtDgFVsFIrt+VDhDkUxTRCQs9cKlmnerY5cbDJ7GkM/dyHZAqZGYt
NNsE4c1EDujZ4Am4vgBYnV9U0jRpDPEjtlh2Vk+bKEQde/zXI0zuOGvcqQGisgOo
RsgyMgnaE0gfm8EVo+zQn84FFjMD8/j3jZc6qEO+fEneXulv68CsYvDOWT5g+rS6
W6+dQS0P7xIHj00Vv/KYoM7fWHMAahlqcpJ3RCy7gAumnvx0nHHzu4GHkpnWoPIA
KwhrVl4GHOOoJlbfYcVHSyu5COb4O8iu4QS3ffsnoGhImMqmN2F6iLIootUcl1ib
/c8wiTqB/NSFRw==
-----END CERTIFICATE-----