Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/2d782e-01e2-4b73-bf80-b979e65bc0d6/1/Sz1GYT0gKWKWebKwSi-chsq8dNU.mft
File:                     Sz1GYT0gKWKWebKwSi-chsq8dNU.mft (raw, json)
Hash identifier:          hU8DtjJCOHxDNrawYOzI5Ova8taGVhel6xNhS07vECg=
Subject key identifier:   81:60:06:74:DA:48:1A:9F:E6:60:DF:9E:74:C0:1E:D4:3C:8A:D5:63
Authority key identifier: 4B:3D:46:61:3D:20:29:62:96:79:B2:B0:4A:2F:9C:86:CA:BC:74:D5
Certificate issuer:       /CN=4b3d46613d2029629679b2b04a2f9c86cabc74d5
Certificate serial:       019655007DFCACCB878300D20AFE00A15630
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sz1GYT0gKWKWebKwSi-chsq8dNU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/2d782e-01e2-4b73-bf80-b979e65bc0d6/1/Sz1GYT0gKWKWebKwSi-chsq8dNU.mft
Manifest number:          14FA
Signing time:             Sun 20 Apr 2025 21:00:17 +0000
Manifest this update:     Sun 20 Apr 2025 21:00:17 +0000
Manifest next update:     Mon 21 Apr 2025 21:00:17 +0000
Files and hashes:         1: Sz1GYT0gKWKWebKwSi-chsq8dNU.crl (hash: 2e+z1ODElQhtUBNp6byQHcPIyYseYrb03RQ6XqrFuyk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/2d782e-01e2-4b73-bf80-b979e65bc0d6/1/Sz1GYT0gKWKWebKwSi-chsq8dNU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/2d782e-01e2-4b73-bf80-b979e65bc0d6/1/Sz1GYT0gKWKWebKwSi-chsq8dNU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sz1GYT0gKWKWebKwSi-chsq8dNU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:00:7d:fc:ac:cb:87:83:00:d2:0a:fe:00:a1:56:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b3d46613d2029629679b2b04a2f9c86cabc74d5
        Validity
            Not Before: Apr 20 21:00:17 2025 GMT
            Not After : Apr 21 21:00:17 2025 GMT
        Subject: CN=81600674da481a9fe660df9e74c01ed43c8ad563
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:09:5d:6a:a6:59:cc:89:45:4c:9d:9b:b6:7a:
                    0f:b4:3b:35:90:0b:a1:fa:bd:5f:29:53:a5:63:ed:
                    a5:c2:b6:f2:d7:f0:d4:fb:f1:05:52:da:ce:7b:6d:
                    f0:52:31:a2:7d:0f:c2:02:39:1d:ef:69:76:51:98:
                    39:e6:8c:2a:7e:9e:8a:56:9f:81:08:6e:20:e7:81:
                    ec:1f:5e:da:32:a2:19:1b:20:e5:00:ba:a1:31:be:
                    69:cb:94:92:8c:98:e0:bb:0d:2f:56:2d:b7:ac:d3:
                    10:18:2f:6b:ee:68:f1:7f:56:c0:a2:e6:64:b6:f7:
                    6c:4f:2c:f3:38:88:b0:10:44:17:7a:70:b5:ec:be:
                    74:f7:c9:4c:71:08:73:0a:8c:94:d3:99:f5:71:8e:
                    5a:db:13:ca:94:0a:27:63:79:96:cb:32:f0:61:e2:
                    1e:6f:42:35:fb:bf:e8:14:c2:58:63:c9:f2:c1:b4:
                    7f:c9:f8:08:d3:5f:45:d7:9a:7c:75:7a:df:e2:c5:
                    72:aa:ab:51:bb:2c:0c:48:65:e4:7b:2e:ad:dc:ee:
                    3c:16:99:4b:6c:d4:8c:78:20:44:40:14:51:08:d9:
                    69:3b:fd:98:e1:2f:fe:25:c5:2a:8d:24:25:e6:00:
                    b6:68:0f:d1:fb:b5:72:6f:7d:62:42:f4:06:0c:d1:
                    17:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:60:06:74:DA:48:1A:9F:E6:60:DF:9E:74:C0:1E:D4:3C:8A:D5:63
            X509v3 Authority Key Identifier:
                keyid:4B:3D:46:61:3D:20:29:62:96:79:B2:B0:4A:2F:9C:86:CA:BC:74:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sz1GYT0gKWKWebKwSi-chsq8dNU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2d782e-01e2-4b73-bf80-b979e65bc0d6/1/Sz1GYT0gKWKWebKwSi-chsq8dNU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2d782e-01e2-4b73-bf80-b979e65bc0d6/1/Sz1GYT0gKWKWebKwSi-chsq8dNU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:c0:6a:2e:96:88:b8:f4:d5:14:98:5e:94:d7:85:c7:08:ce:
         29:78:e1:c2:dd:47:9f:e5:ef:3f:e0:bc:cf:ca:ee:dd:1c:aa:
         ab:68:e5:e7:1d:8c:60:c6:77:e6:01:6c:82:f9:09:6a:d4:96:
         be:50:43:9d:37:fa:62:3b:e8:d2:74:d6:17:a5:d8:47:64:13:
         b2:65:12:db:46:2b:0c:1a:2a:31:65:ae:02:eb:1b:50:9e:80:
         45:c3:90:b2:aa:7d:7d:49:63:82:e8:17:b5:37:c7:cc:e8:e9:
         a0:d2:8f:8c:b6:ca:43:d8:72:11:fa:6d:c4:96:95:4a:04:34:
         84:4b:d1:64:21:23:41:d2:62:b6:86:57:1e:c0:95:05:e3:d4:
         37:27:51:c5:18:db:55:2e:14:bd:7e:4d:9a:90:11:66:7b:52:
         38:29:a9:4f:d3:68:4e:17:d6:37:98:67:68:7e:f6:91:56:08:
         58:5e:66:27:c1:05:4e:30:47:56:d5:3a:10:0f:8d:c8:e3:71:
         c5:70:04:8c:4d:10:12:73:e2:c5:f9:f3:4c:11:8e:3a:6c:40:
         6b:1e:95:b1:dd:1b:9d:7a:07:01:a7:29:9a:50:a6:0d:62:c9:
         65:f3:46:21:14:18:56:2b:f8:04:48:49:f1:00:9d:35:45:40:
         a0:76:6c:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVAH38rMuHgwDSCv4AoVYwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiM2Q0NjYxM2QyMDI5NjI5Njc5YjJiMDRhMmY5Yzg2Y2Fi
Yzc0ZDUwHhcNMjUwNDIwMjEwMDE3WhcNMjUwNDIxMjEwMDE3WjAzMTEwLwYDVQQD
Eyg4MTYwMDY3NGRhNDgxYTlmZTY2MGRmOWU3NGMwMWVkNDNjOGFkNTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQldaqZZzIlFTJ2btnoPtDs1kAuh
+r1fKVOlY+2lwrby1/DU+/EFUtrOe23wUjGifQ/CAjkd72l2UZg55owqfp6KVp+B
CG4g54HsH17aMqIZGyDlALqhMb5py5SSjJjguw0vVi23rNMQGC9r7mjxf1bAouZk
tvdsTyzzOIiwEEQXenC17L5098lMcQhzCoyU05n1cY5a2xPKlAonY3mWyzLwYeIe
b0I1+7/oFMJYY8nywbR/yfgI019F15p8dXrf4sVyqqtRuywMSGXkey6t3O48FplL
bNSMeCBEQBRRCNlpO/2Y4S/+JcUqjSQl5gC2aA/R+7Vyb31iQvQGDNEXvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIFgBnTaSBqf5mDfnnTAHtQ8itVjMB8GA1UdIwQY
MBaAFEs9RmE9IClilnmysEovnIbKvHTVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3oxR1lUMGdLV0tXZWJLd1NpLWNoc3E4ZE5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8yZDc4MmUtMDFlMi00YjczLWJmODAt
Yjk3OWU2NWJjMGQ2LzEvU3oxR1lUMGdLV0tXZWJLd1NpLWNoc3E4ZE5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8yZDc4MmUtMDFlMi00YjczLWJmODAtYjk3OWU2NWJjMGQ2
LzEvU3oxR1lUMGdLV0tXZWJLd1NpLWNoc3E4ZE5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlsBqLpaI
uPTVFJhelNeFxwjOKXjhwt1Hn+XvP+C8z8ru3Ryqq2jl5x2MYMZ35gFsgvkJatSW
vlBDnTf6Yjvo0nTWF6XYR2QTsmUS20YrDBoqMWWuAusbUJ6ARcOQsqp9fUljgugX
tTfHzOjpoNKPjLbKQ9hyEfptxJaVSgQ0hEvRZCEjQdJitoZXHsCVBePUNydRxRjb
VS4UvX5NmpARZntSOCmpT9NoThfWN5hnaH72kVYIWF5mJ8EFTjBHVtU6EA+NyONx
xXAEjE0QEnPixfnzTBGOOmxAax6Vsd0bnXoHAacpmlCmDWLJZfNGIRQYViv4BEhJ
8QCdNUVAoHZs6g==
-----END CERTIFICATE-----