Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/7a011b-31a4-499f-a391-0329c78a4cfa/1/TvJo4UPX5E0UNk0dKOhtw-VQqrc.mft
File:                     TvJo4UPX5E0UNk0dKOhtw-VQqrc.mft (raw, json)
Hash identifier:          +IodV15O8F6Yyis0oZKGtRkSaznYIzXduV1Dm7N7jcs=
Subject key identifier:   53:57:A0:08:D9:25:B5:87:0E:F9:14:0E:4D:87:75:19:3F:DA:16:B1
Authority key identifier: 4E:F2:68:E1:43:D7:E4:4D:14:36:4D:1D:28:E8:6D:C3:E5:50:AA:B7
Certificate issuer:       /CN=4ef268e143d7e44d14364d1d28e86dc3e550aab7
Certificate serial:       0196553892A1F0ADB7039AE83A83CEC7C7F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TvJo4UPX5E0UNk0dKOhtw-VQqrc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/7a011b-31a4-499f-a391-0329c78a4cfa/1/TvJo4UPX5E0UNk0dKOhtw-VQqrc.mft
Manifest number:          14FA
Signing time:             Sun 20 Apr 2025 22:01:32 +0000
Manifest this update:     Sun 20 Apr 2025 22:01:32 +0000
Manifest next update:     Mon 21 Apr 2025 22:01:32 +0000
Files and hashes:         1: TvJo4UPX5E0UNk0dKOhtw-VQqrc.crl (hash: enTl7DHbLSMNZGkW6aKHoez9POFWMh4NnomnvpDF1ss=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/7a011b-31a4-499f-a391-0329c78a4cfa/1/TvJo4UPX5E0UNk0dKOhtw-VQqrc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/7a011b-31a4-499f-a391-0329c78a4cfa/1/TvJo4UPX5E0UNk0dKOhtw-VQqrc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TvJo4UPX5E0UNk0dKOhtw-VQqrc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:38:92:a1:f0:ad:b7:03:9a:e8:3a:83:ce:c7:c7:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ef268e143d7e44d14364d1d28e86dc3e550aab7
        Validity
            Not Before: Apr 20 22:01:32 2025 GMT
            Not After : Apr 21 22:01:32 2025 GMT
        Subject: CN=5357a008d925b5870ef9140e4d8775193fda16b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:97:95:81:70:2d:7d:f4:98:76:72:2b:a5:90:
                    2a:f6:fa:dc:db:cd:74:b2:ce:43:3e:66:e0:5b:5b:
                    54:84:e7:b2:74:d5:89:26:4e:cd:23:17:e7:34:27:
                    d5:97:b9:82:d0:6d:65:68:09:ad:65:8e:38:ed:ba:
                    5a:83:57:7c:57:97:a9:6d:9c:16:56:66:a7:7d:fb:
                    d2:ba:74:4c:8c:38:f1:bb:61:e2:86:1b:b3:52:ec:
                    8b:a5:c1:00:87:22:84:83:d4:f3:f6:ee:32:41:0f:
                    d0:70:e7:07:b5:33:a2:f6:21:95:17:0f:a2:d7:c8:
                    48:ae:54:96:3c:06:24:23:67:0c:b6:0d:16:a1:44:
                    5d:04:99:5b:bd:9f:4b:8f:46:f4:45:cc:c0:a7:dc:
                    30:9f:34:ea:d6:5a:32:d9:d1:00:a5:6e:58:b7:0f:
                    2c:bf:c6:1b:68:41:37:d8:34:11:61:d6:ff:ae:5e:
                    8a:aa:97:9d:11:f0:3f:93:b2:cd:45:0f:90:5d:f6:
                    40:51:f4:87:49:22:25:d4:17:41:76:a7:aa:bc:bc:
                    05:a6:c5:9f:a3:74:64:fb:de:68:a1:bc:ea:87:8a:
                    dc:ad:d3:a7:af:ad:2d:57:5c:1f:6b:c8:90:9b:7b:
                    7a:6d:24:43:76:0b:7a:9f:c6:a4:4e:17:40:59:7a:
                    1b:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:57:A0:08:D9:25:B5:87:0E:F9:14:0E:4D:87:75:19:3F:DA:16:B1
            X509v3 Authority Key Identifier:
                keyid:4E:F2:68:E1:43:D7:E4:4D:14:36:4D:1D:28:E8:6D:C3:E5:50:AA:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TvJo4UPX5E0UNk0dKOhtw-VQqrc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/7a011b-31a4-499f-a391-0329c78a4cfa/1/TvJo4UPX5E0UNk0dKOhtw-VQqrc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/7a011b-31a4-499f-a391-0329c78a4cfa/1/TvJo4UPX5E0UNk0dKOhtw-VQqrc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:49:6f:5a:bf:fd:ef:31:50:1e:f5:e3:2f:5b:a9:51:91:c6:
         34:fb:9a:5f:c9:25:3f:17:d2:3d:2a:ba:e5:95:c6:2a:51:31:
         7a:1b:e8:ad:95:dc:22:5f:9a:3f:6a:74:29:b3:f1:c1:7a:28:
         c4:59:ab:8e:51:29:56:f6:e0:39:68:a3:9b:b9:e6:bb:61:6b:
         cc:79:7f:64:a1:5c:a7:71:fb:66:ee:40:c5:9d:f0:b6:8b:ab:
         ff:e6:73:27:33:9c:4b:5e:fe:aa:2d:cb:bd:db:15:2f:b8:27:
         96:c5:37:59:22:01:e9:5a:32:0a:54:4c:3b:4c:ba:95:3d:68:
         59:09:4c:da:b1:af:08:40:14:6c:15:4e:8d:8f:2a:7e:8b:4f:
         23:7a:73:13:a9:51:a6:bb:d5:f6:8e:7a:01:62:95:57:80:f9:
         57:a9:84:3d:bc:9a:1f:62:76:42:ca:bf:9d:f7:b2:f6:7f:7e:
         9c:ef:ba:cb:d7:2f:92:0f:66:dc:d7:00:a4:aa:69:4a:a8:ad:
         b0:34:37:3f:65:83:1d:15:0e:8a:a5:b5:21:47:c6:b3:61:89:
         fc:2f:11:c7:99:24:3e:40:81:7a:5a:8a:af:c8:4e:86:84:f3:
         32:47:8c:c1:fa:b5:70:d5:9e:15:67:9a:8b:be:d6:ed:71:ea:
         d3:ca:d6:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVOJKh8K23A5roOoPOx8f1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZjI2OGUxNDNkN2U0NGQxNDM2NGQxZDI4ZTg2ZGMzZTU1
MGFhYjcwHhcNMjUwNDIwMjIwMTMyWhcNMjUwNDIxMjIwMTMyWjAzMTEwLwYDVQQD
Eyg1MzU3YTAwOGQ5MjViNTg3MGVmOTE0MGU0ZDg3NzUxOTNmZGExNmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5eVgXAtffSYdnIrpZAq9vrc2810
ss5DPmbgW1tUhOeydNWJJk7NIxfnNCfVl7mC0G1laAmtZY447bpag1d8V5epbZwW
VmanffvSunRMjDjxu2HihhuzUuyLpcEAhyKEg9Tz9u4yQQ/QcOcHtTOi9iGVFw+i
18hIrlSWPAYkI2cMtg0WoURdBJlbvZ9Lj0b0RczAp9wwnzTq1loy2dEApW5Ytw8s
v8YbaEE32DQRYdb/rl6KqpedEfA/k7LNRQ+QXfZAUfSHSSIl1BdBdqeqvLwFpsWf
o3Rk+95oobzqh4rcrdOnr60tV1wfa8iQm3t6bSRDdgt6n8akThdAWXobiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFNXoAjZJbWHDvkUDk2HdRk/2haxMB8GA1UdIwQY
MBaAFE7yaOFD1+RNFDZNHSjobcPlUKq3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHZKbzRVUFg1RTBVTmswZEtPaHR3LVZRcXJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC83YTAxMWItMzFhNC00OTlmLWEzOTEt
MDMyOWM3OGE0Y2ZhLzEvVHZKbzRVUFg1RTBVTmswZEtPaHR3LVZRcXJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC83YTAxMWItMzFhNC00OTlmLWEzOTEtMDMyOWM3OGE0Y2Zh
LzEvVHZKbzRVUFg1RTBVTmswZEtPaHR3LVZRcXJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeklvWr/9
7zFQHvXjL1upUZHGNPuaX8klPxfSPSq65ZXGKlExehvorZXcIl+aP2p0KbPxwXoo
xFmrjlEpVvbgOWijm7nmu2FrzHl/ZKFcp3H7Zu5AxZ3wtour/+ZzJzOcS17+qi3L
vdsVL7gnlsU3WSIB6VoyClRMO0y6lT1oWQlM2rGvCEAUbBVOjY8qfotPI3pzE6lR
prvV9o56AWKVV4D5V6mEPbyaH2J2Qsq/nfey9n9+nO+6y9cvkg9m3NcApKppSqit
sDQ3P2WDHRUOiqW1IUfGs2GJ/C8Rx5kkPkCBelqKr8hOhoTzMkeMwfq1cNWeFWea
i77W7XHq08rWzA==
-----END CERTIFICATE-----