Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
File:                     9kixVYLTS9UXCp3RO4EyW6uuXjo.mft (raw, json)
Hash identifier:          0znTdLwNX7fE5/lHQdV8PHnQCC/V6lziKMrniXU2fSs=
Subject key identifier:   82:F0:53:68:85:74:4A:47:EF:0B:4E:A3:15:CA:C0:80:56:B7:18:D2
Authority key identifier: F6:48:B1:55:82:D3:4B:D5:17:0A:9D:D1:3B:81:32:5B:AB:AE:5E:3A
Certificate issuer:       /CN=f648b15582d34bd5170a9dd13b81325babae5e3a
Certificate serial:       01965681011160025ED92C6914085937BB46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
Manifest number:          14FF
Signing time:             Mon 21 Apr 2025 04:00:17 +0000
Manifest this update:     Mon 21 Apr 2025 04:00:17 +0000
Manifest next update:     Tue 22 Apr 2025 04:00:17 +0000
Files and hashes:         1: 9kixVYLTS9UXCp3RO4EyW6uuXjo.crl (hash: t6jXHKmLIsl9LIZ7hmXOV1nGrCpLVgm7EF9F/5alUtg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:56:81:01:11:60:02:5e:d9:2c:69:14:08:59:37:bb:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f648b15582d34bd5170a9dd13b81325babae5e3a
        Validity
            Not Before: Apr 21 04:00:17 2025 GMT
            Not After : Apr 22 04:00:17 2025 GMT
        Subject: CN=82f0536885744a47ef0b4ea315cac08056b718d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:b3:43:7e:73:16:bf:e8:62:05:15:77:b8:5e:
                    60:d8:de:41:23:0b:0a:97:dd:02:b6:a1:d1:c9:b3:
                    2b:75:10:01:5d:e3:7b:58:8c:97:0e:d9:2b:84:60:
                    3b:bd:87:aa:c2:6a:0f:4d:f5:5c:22:25:ef:79:8b:
                    21:3e:9a:17:fa:9a:c4:f0:22:36:15:5e:28:9a:d3:
                    b9:9b:23:ac:22:8a:b4:2a:f8:94:1c:e9:59:00:93:
                    91:ad:31:0c:f2:b4:ba:81:7b:3b:04:45:3c:3e:50:
                    8c:96:6d:25:29:fc:62:34:74:a3:23:1b:82:b7:72:
                    60:a2:56:3c:2d:5f:e6:99:0f:1a:da:de:e9:a4:c9:
                    b0:05:f6:9e:c3:44:db:5c:a3:ab:c1:c4:29:41:f4:
                    a5:f1:40:72:48:64:70:c9:18:dd:5f:4d:11:23:bc:
                    a6:e4:6d:fc:a1:fe:eb:01:c4:08:17:0d:ca:57:b9:
                    7b:af:a4:24:ba:7f:b2:bd:18:f5:24:63:41:e4:23:
                    dc:1c:a2:97:6f:30:c5:62:71:a6:56:e6:2b:1a:f3:
                    81:78:08:7d:3b:33:5f:c4:18:13:dc:27:70:85:76:
                    dc:80:09:f7:46:3a:fe:49:2e:9e:66:48:d5:ce:d0:
                    1e:f4:5c:83:fc:bc:30:18:ed:94:ab:7c:01:c4:6a:
                    9f:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:F0:53:68:85:74:4A:47:EF:0B:4E:A3:15:CA:C0:80:56:B7:18:D2
            X509v3 Authority Key Identifier:
                keyid:F6:48:B1:55:82:D3:4B:D5:17:0A:9D:D1:3B:81:32:5B:AB:AE:5E:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:a0:06:27:f4:67:bb:ff:dc:56:7b:58:22:b3:e8:43:70:1a:
         c8:d3:fa:11:2f:1a:ab:e5:ae:75:2f:1f:41:e2:3d:c3:0d:64:
         d5:15:81:c5:cb:ea:2c:38:b7:41:b6:3b:0d:59:2a:f9:9d:4a:
         d5:1e:7e:e9:17:b3:41:38:6f:14:da:ed:93:2c:45:0f:50:ac:
         79:6b:cd:0b:40:56:09:a8:93:90:90:03:b5:63:af:88:98:c7:
         cb:76:f6:4e:29:1a:e2:4f:bd:2c:78:69:3a:c7:8d:7a:1a:39:
         6c:08:15:72:a3:21:06:04:d8:fc:f1:4b:f0:c3:3f:3e:97:eb:
         68:38:c2:2c:73:33:d1:1b:9a:c0:2d:c2:8c:ed:a2:d9:fa:20:
         34:cc:9a:7d:7f:13:79:87:ea:8c:fc:1d:db:3e:2b:31:f8:5e:
         47:0a:9e:6d:f1:a1:10:db:bd:41:41:ae:ee:4d:cb:d7:35:30:
         91:95:ea:e9:4b:5c:e1:f9:0a:71:de:9c:85:b8:20:d3:a4:36:
         1f:c2:92:af:de:9c:04:3f:7b:3d:b5:78:92:c3:0b:e4:98:0c:
         dd:af:89:b6:19:4e:23:70:bf:34:6c:dc:ed:fc:0b:86:75:32:
         bb:2f:c0:fa:5c:85:00:2e:23:3e:e0:2b:ac:4e:82:12:f0:90:
         35:f6:b8:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWgQERYAJe2SxpFAhZN7tGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NDhiMTU1ODJkMzRiZDUxNzBhOWRkMTNiODEzMjViYWJh
ZTVlM2EwHhcNMjUwNDIxMDQwMDE3WhcNMjUwNDIyMDQwMDE3WjAzMTEwLwYDVQQD
Eyg4MmYwNTM2ODg1NzQ0YTQ3ZWYwYjRlYTMxNWNhYzA4MDU2YjcxOGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7NDfnMWv+hiBRV3uF5g2N5BIwsK
l90CtqHRybMrdRABXeN7WIyXDtkrhGA7vYeqwmoPTfVcIiXveYshPpoX+prE8CI2
FV4omtO5myOsIoq0KviUHOlZAJORrTEM8rS6gXs7BEU8PlCMlm0lKfxiNHSjIxuC
t3JgolY8LV/mmQ8a2t7ppMmwBfaew0TbXKOrwcQpQfSl8UBySGRwyRjdX00RI7ym
5G38of7rAcQIFw3KV7l7r6Qkun+yvRj1JGNB5CPcHKKXbzDFYnGmVuYrGvOBeAh9
OzNfxBgT3CdwhXbcgAn3Rjr+SS6eZkjVztAe9FyD/LwwGO2Uq3wBxGqfnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFILwU2iFdEpH7wtOoxXKwIBWtxjSMB8GA1UdIwQY
MBaAFPZIsVWC00vVFwqd0TuBMlurrl46MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kOGY2NzItNTM5Zi00MDFkLTlkYzct
NjI3OTliOTAyMzFiLzEvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kOGY2NzItNTM5Zi00MDFkLTlkYzctNjI3OTliOTAyMzFi
LzEvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkKAGJ/Rn
u//cVntYIrPoQ3AayNP6ES8aq+WudS8fQeI9ww1k1RWBxcvqLDi3QbY7DVkq+Z1K
1R5+6RezQThvFNrtkyxFD1CseWvNC0BWCaiTkJADtWOviJjHy3b2Tika4k+9LHhp
OseNeho5bAgVcqMhBgTY/PFL8MM/PpfraDjCLHMz0RuawC3CjO2i2fogNMyafX8T
eYfqjPwd2z4rMfheRwqebfGhENu9QUGu7k3L1zUwkZXq6Utc4fkKcd6chbgg06Q2
H8KSr96cBD97PbV4ksML5JgM3a+JthlOI3C/NGzc7fwLhnUyuy/A+lyFAC4jPuAr
rE6CEvCQNfa4GQ==
-----END CERTIFICATE-----