Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/c75e16-6647-407a-a201-d0327df02628/1/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.mft
File:                     vHfLiWTE7WAUSKQ2hoW_CNy14fQ.mft (raw, json)
Hash identifier:          0ldQs7vS+apu9wsXeyngVSfJ878TQR14jdCFvm46Obg=
Subject key identifier:   49:BE:ED:39:9A:69:9A:64:C7:CB:40:EA:F5:99:90:14:81:91:3C:88
Authority key identifier: BC:77:CB:89:64:C4:ED:60:14:48:A4:36:86:85:BF:08:DC:B5:E1:F4
Certificate issuer:       /CN=bc77cb8964c4ed601448a4368685bf08dcb5e1f4
Certificate serial:       01965914C5CF22A341E6E42353BF84139170
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/c75e16-6647-407a-a201-d0327df02628/1/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.mft
Manifest number:          1500
Signing time:             Mon 21 Apr 2025 16:00:55 +0000
Manifest this update:     Mon 21 Apr 2025 16:00:55 +0000
Manifest next update:     Tue 22 Apr 2025 16:00:55 +0000
Files and hashes:         1: vHfLiWTE7WAUSKQ2hoW_CNy14fQ.crl (hash: mNqMvqizju4t3qpZjfZTSWCy1dLpi69sOx7FDqRGlvo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/c75e16-6647-407a-a201-d0327df02628/1/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/c75e16-6647-407a-a201-d0327df02628/1/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 16:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:14:c5:cf:22:a3:41:e6:e4:23:53:bf:84:13:91:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc77cb8964c4ed601448a4368685bf08dcb5e1f4
        Validity
            Not Before: Apr 21 16:00:55 2025 GMT
            Not After : Apr 22 16:00:55 2025 GMT
        Subject: CN=49beed399a699a64c7cb40eaf599901481913c88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:14:b3:c8:69:95:ca:50:2b:4b:35:6c:d8:8a:
                    f0:b4:de:68:6b:5e:88:ee:9c:85:09:70:c1:cb:c5:
                    e3:d0:80:91:ca:ca:2f:18:44:7c:c8:e7:4f:84:45:
                    3e:8a:c1:db:97:ce:c3:02:31:0d:0f:67:b3:a2:ca:
                    32:75:2c:7a:a5:fd:95:10:dd:5d:7e:a4:fe:e7:e6:
                    25:af:52:e4:37:9b:7b:73:54:ce:8b:55:1a:4a:3e:
                    00:f1:2a:32:8a:4d:24:3f:1b:57:d2:db:e1:79:57:
                    97:22:0c:55:0d:35:9b:42:bd:62:b9:a7:b0:9a:a3:
                    ac:28:ba:8b:62:b2:e5:30:f5:61:df:c5:f6:b0:5a:
                    57:90:ea:e4:c2:19:11:0a:91:be:42:9a:a9:7d:ea:
                    b6:fd:c4:11:b7:e3:c1:b3:3e:43:f0:b8:c8:6c:cf:
                    9f:39:00:40:78:4e:d8:ea:6d:56:db:e5:39:fa:89:
                    1c:d2:90:ee:f8:d4:04:99:ce:0c:61:36:72:1c:a1:
                    02:ea:56:b3:5d:14:a6:04:e6:72:6f:0a:67:33:d0:
                    63:0c:08:aa:9d:1d:f5:db:be:ad:e9:3d:21:98:fb:
                    4c:60:7d:6b:e9:8f:d2:02:c7:ff:a8:91:ba:72:78:
                    a6:5b:06:6e:de:9c:d9:3c:ea:68:1d:bb:b8:22:d2:
                    32:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:BE:ED:39:9A:69:9A:64:C7:CB:40:EA:F5:99:90:14:81:91:3C:88
            X509v3 Authority Key Identifier:
                keyid:BC:77:CB:89:64:C4:ED:60:14:48:A4:36:86:85:BF:08:DC:B5:E1:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c75e16-6647-407a-a201-d0327df02628/1/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c75e16-6647-407a-a201-d0327df02628/1/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:a7:54:84:27:95:dc:92:23:24:99:5f:60:0c:3f:24:2d:e2:
         35:cc:16:39:f3:f7:28:59:4b:42:d9:53:72:23:d1:b5:95:49:
         39:a6:44:5f:72:1b:4b:6e:fc:f7:6d:0d:2f:00:fd:22:8d:6d:
         90:16:f4:1a:58:21:e7:75:55:69:f2:22:7a:21:ed:6e:bd:2b:
         f7:5f:90:44:7a:24:54:c1:30:76:d6:ff:a7:b0:d8:ea:a8:22:
         99:f6:80:0e:a8:63:15:53:c1:b9:e8:f6:cc:f9:b0:41:52:45:
         f9:1d:6b:e4:78:ed:ba:70:0f:c6:67:f8:de:20:f8:4d:d0:f5:
         de:bf:37:af:2e:1b:14:f4:03:8e:ad:de:e7:e7:94:d8:7e:2e:
         2e:8f:fd:5e:17:6d:55:86:1b:fc:67:f7:71:af:8f:4d:12:8a:
         6f:95:d5:e6:92:a9:b4:96:6f:c8:be:c5:3a:e9:5a:9a:38:2b:
         f3:4c:56:cf:9e:c1:ba:63:69:8f:00:20:5b:2e:f7:6f:e1:0e:
         79:bf:4d:a0:09:07:82:47:c7:3f:51:0e:fc:c0:bd:5c:0b:10:
         f5:95:43:cb:04:83:67:49:05:72:4e:a8:8f:4e:df:dc:ce:2d:
         91:cd:3d:67:32:f3:37:35:77:1a:3e:62:03:b6:93:87:f0:cf:
         bb:8d:ad:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZFMXPIqNB5uQjU7+EE5FwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNzdjYjg5NjRjNGVkNjAxNDQ4YTQzNjg2ODViZjA4ZGNi
NWUxZjQwHhcNMjUwNDIxMTYwMDU1WhcNMjUwNDIyMTYwMDU1WjAzMTEwLwYDVQQD
Eyg0OWJlZWQzOTlhNjk5YTY0YzdjYjQwZWFmNTk5OTAxNDgxOTEzYzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BSzyGmVylArSzVs2IrwtN5oa16I
7pyFCXDBy8Xj0ICRysovGER8yOdPhEU+isHbl87DAjEND2ezosoydSx6pf2VEN1d
fqT+5+Ylr1LkN5t7c1TOi1UaSj4A8Soyik0kPxtX0tvheVeXIgxVDTWbQr1iuaew
mqOsKLqLYrLlMPVh38X2sFpXkOrkwhkRCpG+Qpqpfeq2/cQRt+PBsz5D8LjIbM+f
OQBAeE7Y6m1W2+U5+okc0pDu+NQEmc4MYTZyHKEC6lazXRSmBOZybwpnM9BjDAiq
nR31276t6T0hmPtMYH1r6Y/SAsf/qJG6cnimWwZu3pzZPOpoHbu4ItIyBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEm+7TmaaZpkx8tA6vWZkBSBkTyIMB8GA1UdIwQY
MBaAFLx3y4lkxO1gFEikNoaFvwjcteH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkhmTGlXVEU3V0FVU0tRMmhvV19DTnkxNGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9jNzVlMTYtNjY0Ny00MDdhLWEyMDEt
ZDAzMjdkZjAyNjI4LzEvdkhmTGlXVEU3V0FVU0tRMmhvV19DTnkxNGZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9jNzVlMTYtNjY0Ny00MDdhLWEyMDEtZDAzMjdkZjAyNjI4
LzEvdkhmTGlXVEU3V0FVU0tRMmhvV19DTnkxNGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMadUhCeV
3JIjJJlfYAw/JC3iNcwWOfP3KFlLQtlTciPRtZVJOaZEX3IbS278920NLwD9Io1t
kBb0Glgh53VVafIieiHtbr0r91+QRHokVMEwdtb/p7DY6qgimfaADqhjFVPBuej2
zPmwQVJF+R1r5HjtunAPxmf43iD4TdD13r83ry4bFPQDjq3e5+eU2H4uLo/9Xhdt
VYYb/Gf3ca+PTRKKb5XV5pKptJZvyL7FOulamjgr80xWz57BumNpjwAgWy73b+EO
eb9NoAkHgkfHP1EO/MC9XAsQ9ZVDywSDZ0kFck6oj07f3M4tkc09ZzLzNzV3Gj5i
A7aTh/DPu42t2g==
-----END CERTIFICATE-----