Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/364d3e-a44d-446a-82ee-65d9e4611270/1/b7yr8HwZyKIKdpqoKQcaszgvWIo.mft
File:                     b7yr8HwZyKIKdpqoKQcaszgvWIo.mft (raw, json)
Hash identifier:          ti0UGICW0EUveWmoPdIm2aRodxAU6/D4m1xooZozuQw=
Subject key identifier:   E7:1D:C6:14:EC:BF:EF:AC:CA:F7:9D:D3:23:73:70:B4:95:9B:6F:46
Authority key identifier: 6F:BC:AB:F0:7C:19:C8:A2:0A:76:9A:A8:29:07:1A:B3:38:2F:58:8A
Certificate issuer:       /CN=6fbcabf07c19c8a20a769aa829071ab3382f588a
Certificate serial:       01965537D5D43AF33693D6080B59379C5105
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b7yr8HwZyKIKdpqoKQcaszgvWIo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/364d3e-a44d-446a-82ee-65d9e4611270/1/b7yr8HwZyKIKdpqoKQcaszgvWIo.mft
Manifest number:          14FB
Signing time:             Sun 20 Apr 2025 22:00:44 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:44 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:44 +0000
Files and hashes:         1: b7yr8HwZyKIKdpqoKQcaszgvWIo.crl (hash: +SPbItMxBLfW92trslB15TCeTKDc4TmVLGk34nRBtjE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/364d3e-a44d-446a-82ee-65d9e4611270/1/b7yr8HwZyKIKdpqoKQcaszgvWIo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/364d3e-a44d-446a-82ee-65d9e4611270/1/b7yr8HwZyKIKdpqoKQcaszgvWIo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b7yr8HwZyKIKdpqoKQcaszgvWIo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:d5:d4:3a:f3:36:93:d6:08:0b:59:37:9c:51:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6fbcabf07c19c8a20a769aa829071ab3382f588a
        Validity
            Not Before: Apr 20 22:00:44 2025 GMT
            Not After : Apr 21 22:00:44 2025 GMT
        Subject: CN=e71dc614ecbfefaccaf79dd3237370b4959b6f46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:19:fa:cc:c1:22:25:fe:3c:18:d4:ed:34:09:
                    4e:36:1f:a2:41:fb:7f:f8:c8:07:47:62:61:73:dc:
                    97:c6:90:fb:d7:d4:64:89:dc:01:34:11:d7:c8:eb:
                    d2:11:ef:c1:a9:cb:73:12:25:d5:2a:c9:84:54:73:
                    d5:c4:f7:26:09:25:6d:0b:f5:7c:a5:a5:93:fa:8b:
                    2b:7d:4d:80:77:e9:dd:05:15:e0:f2:9c:49:47:21:
                    bc:9d:07:5b:2b:a3:31:a3:93:c7:65:03:51:b7:8f:
                    b1:52:dd:f4:61:02:40:ea:89:0b:8b:d7:02:82:42:
                    d2:09:ef:eb:d5:8f:be:32:db:93:7f:93:6d:67:8a:
                    14:89:99:d2:66:84:d3:49:1e:bd:c6:02:1b:db:bc:
                    cc:e2:7a:67:ee:48:5b:5a:d1:1d:f0:0c:84:e7:fb:
                    ea:ca:f5:0b:f7:2e:58:9a:61:7c:ec:b1:f5:f2:47:
                    1b:67:05:8b:84:fe:1f:52:4b:e7:22:85:c9:74:13:
                    b3:c5:89:22:5e:9d:21:a8:f8:c1:4c:c6:84:8d:f2:
                    25:6f:45:a7:ad:00:8d:d2:37:37:f8:90:69:af:ab:
                    4c:89:26:2d:a9:c9:19:d6:83:86:df:45:19:81:1e:
                    af:4e:46:5d:ee:e9:13:5c:a8:37:8c:6f:f6:ac:c4:
                    5b:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:1D:C6:14:EC:BF:EF:AC:CA:F7:9D:D3:23:73:70:B4:95:9B:6F:46
            X509v3 Authority Key Identifier:
                keyid:6F:BC:AB:F0:7C:19:C8:A2:0A:76:9A:A8:29:07:1A:B3:38:2F:58:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7yr8HwZyKIKdpqoKQcaszgvWIo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/364d3e-a44d-446a-82ee-65d9e4611270/1/b7yr8HwZyKIKdpqoKQcaszgvWIo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/364d3e-a44d-446a-82ee-65d9e4611270/1/b7yr8HwZyKIKdpqoKQcaszgvWIo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:76:11:db:63:15:a7:6a:7b:26:5a:a2:ea:71:9c:d9:37:bb:
         80:b1:92:c6:c3:00:c3:27:31:a8:83:a3:23:a1:b8:1b:74:53:
         03:57:60:fc:0f:67:e7:66:4d:78:ed:6c:4e:6d:57:a5:cc:19:
         f6:c7:cf:2f:d1:ba:e6:99:f4:4e:6c:cd:19:b8:eb:eb:18:35:
         76:cb:57:f2:20:c0:96:1d:d9:10:50:81:5c:87:25:68:0e:41:
         fc:84:3e:79:66:c4:0b:67:74:c9:48:26:7f:80:c3:c1:76:e7:
         7f:4c:50:38:cb:7d:06:a6:eb:2e:9f:15:f5:d4:64:2b:0f:9a:
         d8:04:a8:2f:3e:eb:b1:5d:84:7c:f4:e9:25:a6:eb:e3:fb:47:
         33:43:72:eb:56:82:a4:82:5b:81:1b:88:ed:7e:2c:79:65:a7:
         39:3d:4c:cd:ac:52:6d:3a:c0:8c:4e:2c:32:79:a9:94:35:91:
         68:5b:98:bc:75:38:64:27:c3:e0:da:4a:df:6d:5b:1e:69:cd:
         bc:3b:55:3d:8f:f4:ad:64:1b:9d:17:5c:19:f4:e7:b8:6d:11:
         05:de:fe:66:3a:0d:d4:80:8b:1e:4f:19:33:ad:90:7e:5b:2d:
         e3:01:f7:a2:24:4f:71:f5:2d:f9:0a:63:16:48:a4:ea:a3:cf:
         d3:a1:5a:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN9XUOvM2k9YIC1k3nFEFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYmNhYmYwN2MxOWM4YTIwYTc2OWFhODI5MDcxYWIzMzgy
ZjU4OGEwHhcNMjUwNDIwMjIwMDQ0WhcNMjUwNDIxMjIwMDQ0WjAzMTEwLwYDVQQD
EyhlNzFkYzYxNGVjYmZlZmFjY2FmNzlkZDMyMzczNzBiNDk1OWI2ZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxn6zMEiJf48GNTtNAlONh+iQft/
+MgHR2Jhc9yXxpD719RkidwBNBHXyOvSEe/BqctzEiXVKsmEVHPVxPcmCSVtC/V8
paWT+osrfU2Ad+ndBRXg8pxJRyG8nQdbK6Mxo5PHZQNRt4+xUt30YQJA6okLi9cC
gkLSCe/r1Y++MtuTf5NtZ4oUiZnSZoTTSR69xgIb27zM4npn7khbWtEd8AyE5/vq
yvUL9y5YmmF87LH18kcbZwWLhP4fUkvnIoXJdBOzxYkiXp0hqPjBTMaEjfIlb0Wn
rQCN0jc3+JBpr6tMiSYtqckZ1oOG30UZgR6vTkZd7ukTXKg3jG/2rMRbIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOcdxhTsv++syved0yNzcLSVm29GMB8GA1UdIwQY
MBaAFG+8q/B8GciiCnaaqCkHGrM4L1iKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjd5cjhId1p5S0lLZHBxb0tRY2Fzemd2V0lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8zNjRkM2UtYTQ0ZC00NDZhLTgyZWUt
NjVkOWU0NjExMjcwLzEvYjd5cjhId1p5S0lLZHBxb0tRY2Fzemd2V0lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8zNjRkM2UtYTQ0ZC00NDZhLTgyZWUtNjVkOWU0NjExMjcw
LzEvYjd5cjhId1p5S0lLZHBxb0tRY2Fzemd2V0lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJHYR22MV
p2p7Jlqi6nGc2Te7gLGSxsMAwycxqIOjI6G4G3RTA1dg/A9n52ZNeO1sTm1XpcwZ
9sfPL9G65pn0TmzNGbjr6xg1dstX8iDAlh3ZEFCBXIclaA5B/IQ+eWbEC2d0yUgm
f4DDwXbnf0xQOMt9BqbrLp8V9dRkKw+a2ASoLz7rsV2EfPTpJabr4/tHM0Ny61aC
pIJbgRuI7X4seWWnOT1MzaxSbTrAjE4sMnmplDWRaFuYvHU4ZCfD4NpK321bHmnN
vDtVPY/0rWQbnRdcGfTnuG0RBd7+ZjoN1ICLHk8ZM62Qflst4wH3oiRPcfUt+Qpj
Fkik6qPP06FazA==
-----END CERTIFICATE-----