Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.mft
File:                     dBkW6TW7TmhYsdIjYVrONp7SaB4.mft (raw, json)
Hash identifier:          svidv+Ii4va3Su8ZM4noMlCCBI7u13xFcIqiBaW5YKY=
Subject key identifier:   A2:E1:84:81:CA:97:AB:5B:78:7E:32:66:A8:AA:91:4B:7C:7E:37:A4
Authority key identifier: 74:19:16:E9:35:BB:4E:68:58:B1:D2:23:61:5A:CE:36:9E:D2:68:1E
Certificate issuer:       /CN=741916e935bb4e6858b1d223615ace369ed2681e
Certificate serial:       019659F093F675DF9E56B58463FDC55EBBB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dBkW6TW7TmhYsdIjYVrONp7SaB4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.mft
Manifest number:          14FE
Signing time:             Mon 21 Apr 2025 20:01:00 +0000
Manifest this update:     Mon 21 Apr 2025 20:01:00 +0000
Manifest next update:     Tue 22 Apr 2025 20:01:00 +0000
Files and hashes:         1: dBkW6TW7TmhYsdIjYVrONp7SaB4.crl (hash: hQ0fuH4whie0O/NAoUztSweWJeLD5vRyYafABmrsmeM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dBkW6TW7TmhYsdIjYVrONp7SaB4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:f0:93:f6:75:df:9e:56:b5:84:63:fd:c5:5e:bb:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=741916e935bb4e6858b1d223615ace369ed2681e
        Validity
            Not Before: Apr 21 20:01:00 2025 GMT
            Not After : Apr 22 20:01:00 2025 GMT
        Subject: CN=a2e18481ca97ab5b787e3266a8aa914b7c7e37a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:ac:05:7d:a1:91:d5:d6:4b:39:38:9e:52:dd:
                    39:fe:91:54:7d:32:9c:e5:59:0e:b3:bb:65:98:2b:
                    c7:7c:a7:d6:ad:f3:ac:f5:67:54:0e:05:45:38:72:
                    7e:16:43:4d:f7:35:18:21:9a:41:b1:95:1a:a3:17:
                    81:a7:37:60:84:64:52:03:18:12:1b:cf:2c:e8:04:
                    16:88:3c:3d:65:3f:87:81:52:b6:eb:c5:7c:6b:70:
                    48:bc:20:78:9a:43:84:24:41:bc:44:22:3e:66:08:
                    18:cd:f6:6e:56:44:5a:f3:67:a3:83:c2:74:a8:15:
                    15:30:d9:ef:e3:2e:63:01:4c:9a:3f:9a:81:d9:93:
                    e8:8e:bc:83:29:d6:fe:f5:f2:52:5e:3c:5c:b1:07:
                    df:44:78:6e:67:cb:ca:17:9a:36:c9:e5:85:9c:23:
                    17:11:2b:33:83:d0:11:05:dd:6c:4b:d4:05:40:fe:
                    0b:88:51:92:4f:ee:07:7a:f7:bf:0e:c6:e2:8f:e6:
                    b7:24:09:2c:ab:ea:73:43:58:d9:2d:67:14:8e:73:
                    f6:10:43:2d:36:22:a6:37:bc:c1:50:17:ab:e9:d9:
                    13:b4:db:ad:e9:fa:8a:e2:d0:a1:66:ad:1c:f0:bc:
                    b1:a0:bb:e8:97:fd:de:20:5b:9a:42:fb:46:23:d8:
                    fa:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:E1:84:81:CA:97:AB:5B:78:7E:32:66:A8:AA:91:4B:7C:7E:37:A4
            X509v3 Authority Key Identifier:
                keyid:74:19:16:E9:35:BB:4E:68:58:B1:D2:23:61:5A:CE:36:9E:D2:68:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBkW6TW7TmhYsdIjYVrONp7SaB4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:fd:d3:26:76:a0:4f:5b:e5:e2:81:43:4b:2c:09:28:f8:c2:
         4a:65:59:1f:23:4f:91:6f:b0:d2:ab:dd:f8:bc:72:18:07:90:
         b5:a6:aa:5f:77:58:6e:63:88:06:2c:71:78:bb:ed:8b:c4:a0:
         16:ac:f7:dc:ae:62:95:1f:77:a9:b7:cd:a9:78:bf:23:42:e8:
         5d:bd:fd:e6:d3:a8:a3:34:9a:43:d5:bf:f6:85:7f:4f:f0:c3:
         f9:f9:17:a2:a4:30:42:30:9a:cb:f2:d6:fd:71:f6:41:4c:8e:
         06:54:23:f8:bc:47:40:af:65:70:30:c6:3a:30:92:64:94:1d:
         81:13:ea:04:1c:1b:26:ff:64:ae:b5:9d:41:a3:b8:e1:f2:28:
         af:14:55:c3:7c:29:50:d8:5c:16:1d:c1:71:83:b4:ac:49:75:
         a3:82:7a:18:f7:75:a7:1e:7c:02:65:ef:63:28:3c:9a:ad:3d:
         a3:a1:22:cb:db:0b:fa:f0:81:bb:52:d0:b6:9e:49:ed:f4:22:
         c6:b3:ef:95:7d:18:ed:a5:dc:58:e3:e8:fc:9e:08:b7:5a:55:
         aa:14:e0:d7:40:7d:5e:bc:b9:6a:11:cf:f6:eb:97:52:eb:84:
         0b:f5:e5:27:31:94:b1:f0:02:e8:1d:da:c0:9e:f0:a5:98:24:
         6c:64:76:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZ8JP2dd+eVrWEY/3FXruwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTkxNmU5MzViYjRlNjg1OGIxZDIyMzYxNWFjZTM2OWVk
MjY4MWUwHhcNMjUwNDIxMjAwMTAwWhcNMjUwNDIyMjAwMTAwWjAzMTEwLwYDVQQD
EyhhMmUxODQ4MWNhOTdhYjViNzg3ZTMyNjZhOGFhOTE0YjdjN2UzN2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqwFfaGR1dZLOTieUt05/pFUfTKc
5VkOs7tlmCvHfKfWrfOs9WdUDgVFOHJ+FkNN9zUYIZpBsZUaoxeBpzdghGRSAxgS
G88s6AQWiDw9ZT+HgVK268V8a3BIvCB4mkOEJEG8RCI+ZggYzfZuVkRa82ejg8J0
qBUVMNnv4y5jAUyaP5qB2ZPojryDKdb+9fJSXjxcsQffRHhuZ8vKF5o2yeWFnCMX
ESszg9ARBd1sS9QFQP4LiFGST+4Heve/Dsbij+a3JAksq+pzQ1jZLWcUjnP2EEMt
NiKmN7zBUBer6dkTtNut6fqK4tChZq0c8LyxoLvol/3eIFuaQvtGI9j6CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKLhhIHKl6tbeH4yZqiqkUt8fjekMB8GA1UdIwQY
MBaAFHQZFuk1u05oWLHSI2Fazjae0mgeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJrVzZUVzdUbWhZc2RJallWck9OcDdTYUI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yODkxZjYtNzg2MS00MDM3LTgwMDgt
NTJjZjAxOTU4MzhiLzEvZEJrVzZUVzdUbWhZc2RJallWck9OcDdTYUI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yODkxZjYtNzg2MS00MDM3LTgwMDgtNTJjZjAxOTU4Mzhi
LzEvZEJrVzZUVzdUbWhZc2RJallWck9OcDdTYUI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo/3TJnag
T1vl4oFDSywJKPjCSmVZHyNPkW+w0qvd+LxyGAeQtaaqX3dYbmOIBixxeLvti8Sg
Fqz33K5ilR93qbfNqXi/I0LoXb395tOoozSaQ9W/9oV/T/DD+fkXoqQwQjCay/LW
/XH2QUyOBlQj+LxHQK9lcDDGOjCSZJQdgRPqBBwbJv9krrWdQaO44fIorxRVw3wp
UNhcFh3BcYO0rEl1o4J6GPd1px58AmXvYyg8mq09o6Eiy9sL+vCBu1LQtp5J7fQi
xrPvlX0Y7aXcWOPo/J4It1pVqhTg10B9Xry5ahHP9uuXUuuEC/XlJzGUsfAC6B3a
wJ7wpZgkbGR2vA==
-----END CERTIFICATE-----