Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft
File:                     PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft (raw, json)
Hash identifier:          JCMd85kq2jSiWLj6Ne25aYmZWOSe6wCUJIKXkQd6PvM=
Subject key identifier:   C3:14:CC:E0:05:CA:BC:67:DB:C5:01:47:32:03:8A:E1:3F:11:69:CB
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Certificate issuer:       /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial:       0196568159612E59A3848405AD9F36746A16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft
Manifest number:          0FD2
Signing time:             Mon 21 Apr 2025 04:00:39 +0000
Manifest this update:     Mon 21 Apr 2025 04:00:39 +0000
Manifest next update:     Tue 22 Apr 2025 04:00:39 +0000
Files and hashes:         1: PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl (hash: aP/x1oOuZooj1Vp9n/nFaES8Q8UeyxY5j7jiV9uduZE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:56:81:59:61:2e:59:a3:84:84:05:ad:9f:36:74:6a:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
        Validity
            Not Before: Apr 21 04:00:39 2025 GMT
            Not After : Apr 22 04:00:39 2025 GMT
        Subject: CN=c314cce005cabc67dbc5014732038ae13f1169cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:73:57:14:be:f0:48:49:ae:89:bd:34:b5:e7:
                    01:17:b0:79:1c:51:c9:16:37:05:34:c6:56:97:c9:
                    34:a7:97:fc:ec:4b:ea:46:89:90:d5:54:79:40:53:
                    6c:f6:f0:98:1c:60:ad:1b:17:ec:23:08:5d:6b:56:
                    c9:71:40:04:84:39:3c:73:76:7b:d5:7d:96:a2:eb:
                    5c:1b:ae:e2:6e:8f:89:08:27:54:ca:a5:65:e4:d3:
                    49:c4:21:25:80:63:b5:8f:dc:fb:44:cd:fa:75:84:
                    fd:de:d3:04:2a:fa:d0:cf:de:1f:d9:a5:11:a6:7b:
                    b8:5e:cd:de:ce:2d:b9:c6:da:4e:1f:27:f2:4c:3b:
                    5f:30:e4:de:89:88:79:27:16:2f:5e:8c:95:d6:68:
                    ae:92:f7:d9:40:71:5e:87:d1:bc:60:e6:e1:ba:54:
                    26:94:1d:ab:5c:fd:92:da:d7:09:fc:c2:d6:86:a1:
                    70:1e:fb:b1:d1:7c:6f:a8:37:17:c2:a4:43:31:5b:
                    71:31:ee:c0:29:25:a8:cd:eb:af:1b:05:ad:d3:d9:
                    1f:ba:d1:23:2a:6a:e6:7c:6c:20:ff:33:dc:72:df:
                    ca:9b:68:16:5f:fd:c7:ce:29:15:bf:49:cd:cc:22:
                    18:56:6f:d7:43:6a:8d:aa:ae:23:08:54:73:a2:41:
                    36:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:14:CC:E0:05:CA:BC:67:DB:C5:01:47:32:03:8A:E1:3F:11:69:CB
            X509v3 Authority Key Identifier:
                keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:17:60:03:7b:9d:8b:37:23:2e:54:ff:48:70:02:e2:60:2c:
         16:4e:9b:c8:51:e9:58:d1:46:15:05:e9:f4:67:b6:86:a6:a0:
         dd:b2:d3:d3:7b:87:6b:68:a6:e6:0f:72:88:b6:6c:85:b6:e4:
         3d:bd:ba:04:f0:dc:a7:87:76:75:f7:97:0f:86:2d:f5:ba:1f:
         38:0c:31:02:f3:29:12:11:5d:ae:ae:b3:d7:c9:67:5a:3d:3c:
         a8:1e:78:da:33:26:f5:25:d2:94:45:4e:9a:18:5e:98:19:75:
         4a:d6:e7:9b:20:cf:11:36:e2:89:58:9f:d0:4b:23:ff:a0:31:
         59:6f:f8:de:d6:9d:60:02:0d:29:ee:e0:43:aa:12:b7:f8:9f:
         0a:80:79:92:f0:e5:49:54:3b:88:33:08:ba:de:b5:91:43:b7:
         9b:f7:48:c6:06:43:e0:0f:1c:4b:8d:c3:89:13:9d:4f:fa:ed:
         4f:cd:66:f7:4c:37:39:1e:c3:b4:a6:c3:d1:ca:61:10:5c:dd:
         9a:d2:99:f0:0a:6a:76:33:e1:af:3b:f8:7e:53:e6:de:97:f8:
         12:9e:95:b3:d8:a0:1e:eb:93:fd:47:7c:20:1a:5a:bb:77:d5:
         ec:f5:23:82:06:86:8e:50:f1:fb:93:65:1b:14:0b:2d:81:49:
         14:87:18:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWgVlhLlmjhIQFrZ82dGoWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjUwNDIxMDQwMDM5WhcNMjUwNDIyMDQwMDM5WjAzMTEwLwYDVQQD
EyhjMzE0Y2NlMDA1Y2FiYzY3ZGJjNTAxNDczMjAzOGFlMTNmMTE2OWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13NXFL7wSEmuib00tecBF7B5HFHJ
FjcFNMZWl8k0p5f87EvqRomQ1VR5QFNs9vCYHGCtGxfsIwhda1bJcUAEhDk8c3Z7
1X2WoutcG67ibo+JCCdUyqVl5NNJxCElgGO1j9z7RM36dYT93tMEKvrQz94f2aUR
pnu4Xs3ezi25xtpOHyfyTDtfMOTeiYh5JxYvXoyV1miukvfZQHFeh9G8YObhulQm
lB2rXP2S2tcJ/MLWhqFwHvux0XxvqDcXwqRDMVtxMe7AKSWozeuvGwWt09kfutEj
KmrmfGwg/zPcct/Km2gWX/3HzikVv0nNzCIYVm/XQ2qNqq4jCFRzokE21wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMMUzOAFyrxn28UBRzIDiuE/EWnLMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhxdgA3ud
izcjLlT/SHAC4mAsFk6byFHpWNFGFQXp9Ge2hqag3bLT03uHa2im5g9yiLZshbbk
Pb26BPDcp4d2dfeXD4Yt9bofOAwxAvMpEhFdrq6z18lnWj08qB542jMm9SXSlEVO
mhhemBl1StbnmyDPETbiiVif0Esj/6AxWW/43tadYAINKe7gQ6oSt/ifCoB5kvDl
SVQ7iDMIut61kUO3m/dIxgZD4A8cS43DiROdT/rtT81m90w3OR7DtKbD0cphEFzd
mtKZ8ApqdjPhrzv4flPm3pf4Ep6Vs9igHuuT/Ud8IBpau3fV7PUjggaGjlDx+5Nl
GxQLLYFJFIcYbQ==
-----END CERTIFICATE-----