Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
File:                     TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft (raw, json)
Hash identifier:          ZStCSl+bLYa4LBpchOPPHVNt0FAcGIsbjw25xC0e9i4=
Subject key identifier:   86:B6:3E:E1:58:0D:F7:FA:0B:A1:42:D7:E6:8F:03:2F:57:D4:8F:E5
Authority key identifier: 4C:9D:92:3A:3B:43:41:69:59:57:6B:CB:40:04:16:CA:5C:F6:06:0D
Certificate issuer:       /CN=4c9d923a3b43416959576bcb400416ca5cf6060d
Certificate serial:       01965537762E8F644F881008C83C203499FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
Manifest number:          066E
Signing time:             Sun 20 Apr 2025 22:00:20 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:20 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:20 +0000
Files and hashes:         1: TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl (hash: 3zbTTuHzY+u9tD4/zg8EIoAc4mtxn1WV1yurlqAPi5E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:76:2e:8f:64:4f:88:10:08:c8:3c:20:34:99:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c9d923a3b43416959576bcb400416ca5cf6060d
        Validity
            Not Before: Apr 20 22:00:20 2025 GMT
            Not After : Apr 21 22:00:20 2025 GMT
        Subject: CN=86b63ee1580df7fa0ba142d7e68f032f57d48fe5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:fb:f1:c9:42:45:d7:3e:ac:d5:94:4f:6e:73:
                    9e:e1:e2:cb:d1:85:87:99:b2:62:22:44:00:cd:5f:
                    a8:46:33:07:61:f3:ed:05:3a:6a:5e:27:ae:b2:3a:
                    c4:1c:8f:83:d3:1b:f2:a9:53:6d:d5:04:17:9d:f6:
                    ba:36:a8:b5:4d:47:45:dd:5a:b2:4d:4e:65:cd:11:
                    c1:0b:cd:4a:ca:cd:85:eb:5b:af:83:9e:d5:eb:34:
                    66:58:96:fe:74:e1:5b:59:31:6d:a7:51:00:d5:a9:
                    20:50:ce:a2:e2:81:4f:7e:ab:53:1e:f7:8f:c4:af:
                    2c:49:b7:52:3c:9e:2b:2a:4a:5d:07:2c:1f:87:34:
                    3b:19:70:8e:a0:6d:b3:af:06:fd:b2:1a:93:e5:e4:
                    3d:1f:bb:ac:a9:d2:14:4b:2d:5c:07:a8:dd:d2:26:
                    46:22:8d:a6:0d:8c:78:85:ad:22:44:2a:46:fe:92:
                    6c:fc:23:ca:34:96:a9:79:08:55:31:87:a0:fe:6e:
                    7a:5a:6b:9f:78:33:6e:4c:1f:14:a4:29:28:16:62:
                    ea:ff:45:5d:05:f5:e1:65:eb:e8:61:04:41:b5:80:
                    07:4c:8d:e2:e3:aa:7f:49:a4:f5:f7:53:cd:cd:49:
                    01:fe:36:ff:8f:0c:1c:05:6b:5e:f6:8d:80:00:7f:
                    93:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:B6:3E:E1:58:0D:F7:FA:0B:A1:42:D7:E6:8F:03:2F:57:D4:8F:E5
            X509v3 Authority Key Identifier:
                keyid:4C:9D:92:3A:3B:43:41:69:59:57:6B:CB:40:04:16:CA:5C:F6:06:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:52:53:3c:7a:50:d9:e7:dd:0c:04:1e:1f:df:96:e5:58:12:
         ad:f4:60:d6:f6:36:5f:a1:ac:a1:58:1f:9d:da:c1:1f:94:c8:
         60:cf:b7:0c:aa:e5:5c:5e:bc:3c:34:93:29:ae:ed:06:71:20:
         57:73:3f:37:6c:c2:14:e6:17:f5:51:b0:7f:87:3e:00:b9:3c:
         78:5b:32:20:e9:11:1f:40:74:8c:b7:4e:12:a8:b3:46:6f:80:
         2e:ef:ac:f1:61:65:e2:77:07:0d:81:e1:74:07:46:68:68:75:
         a9:ad:43:95:52:80:d4:27:10:7f:1d:9a:7e:4e:88:12:26:3b:
         98:ba:6a:04:bb:0a:b3:42:f3:81:19:3d:ec:26:77:99:26:0f:
         ec:9e:59:cb:04:ff:c7:88:5a:95:26:5b:80:5a:4d:2a:e3:cd:
         d6:e1:24:89:f3:d7:49:3c:5a:0d:70:35:6a:21:8b:ef:be:7a:
         88:e4:6c:41:31:50:e4:54:f3:92:67:8d:d5:e1:fa:89:54:a5:
         04:7e:ac:e1:3e:58:f3:7f:ed:e1:ef:aa:33:fd:62:35:2a:04:
         94:a6:3f:a4:f3:fd:e2:df:a1:7b:b8:08:4f:f6:f2:48:14:3d:
         4e:4e:a0:93:a2:7a:2c:be:a3:32:a4:44:b0:8b:72:8f:e4:8c:
         fc:77:8a:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN3Yuj2RPiBAIyDwgNJn7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOWQ5MjNhM2I0MzQxNjk1OTU3NmJjYjQwMDQxNmNhNWNm
NjA2MGQwHhcNMjUwNDIwMjIwMDIwWhcNMjUwNDIxMjIwMDIwWjAzMTEwLwYDVQQD
Eyg4NmI2M2VlMTU4MGRmN2ZhMGJhMTQyZDdlNjhmMDMyZjU3ZDQ4ZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6/vxyUJF1z6s1ZRPbnOe4eLL0YWH
mbJiIkQAzV+oRjMHYfPtBTpqXieusjrEHI+D0xvyqVNt1QQXnfa6Nqi1TUdF3Vqy
TU5lzRHBC81Kys2F61uvg57V6zRmWJb+dOFbWTFtp1EA1akgUM6i4oFPfqtTHveP
xK8sSbdSPJ4rKkpdBywfhzQ7GXCOoG2zrwb9shqT5eQ9H7usqdIUSy1cB6jd0iZG
Io2mDYx4ha0iRCpG/pJs/CPKNJapeQhVMYeg/m56WmufeDNuTB8UpCkoFmLq/0Vd
BfXhZevoYQRBtYAHTI3i46p/SaT191PNzUkB/jb/jwwcBWte9o2AAH+TIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIa2PuFYDff6C6FC1+aPAy9X1I/lMB8GA1UdIwQY
MBaAFEydkjo7Q0FpWVdry0AEFspc9gYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lNzFjOWMtZjU4OS00NzZjLWIwODAt
YzAxZGI5ZDUzNDc5LzEvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lNzFjOWMtZjU4OS00NzZjLWIwODAtYzAxZGI5ZDUzNDc5
LzEvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH1JTPHpQ
2efdDAQeH9+W5VgSrfRg1vY2X6GsoVgfndrBH5TIYM+3DKrlXF68PDSTKa7tBnEg
V3M/N2zCFOYX9VGwf4c+ALk8eFsyIOkRH0B0jLdOEqizRm+ALu+s8WFl4ncHDYHh
dAdGaGh1qa1DlVKA1CcQfx2afk6IEiY7mLpqBLsKs0LzgRk97CZ3mSYP7J5ZywT/
x4halSZbgFpNKuPN1uEkifPXSTxaDXA1aiGL7756iORsQTFQ5FTzkmeN1eH6iVSl
BH6s4T5Y83/t4e+qM/1iNSoElKY/pPP94t+he7gIT/bySBQ9Tk6gk6J6LL6jMqRE
sItyj+SM/HeKXw==
-----END CERTIFICATE-----