Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9d994b-8cf4-4529-bdbc-b38dcf2f010c/1/ArcBQMA9kMkS3xHw_YNySbfLLhI.mft
File:                     ArcBQMA9kMkS3xHw_YNySbfLLhI.mft (raw, json)
Hash identifier:          SLQii5hgtiXTIW2gA7i/lyFpReWbg+Dx5O71bWttkE8=
Subject key identifier:   74:05:3B:35:3A:DD:61:6E:AB:A0:C7:61:80:8A:71:16:20:C4:50:A3
Authority key identifier: 02:B7:01:40:C0:3D:90:C9:12:DF:11:F0:FD:83:72:49:B7:CB:2E:12
Certificate issuer:       /CN=02b70140c03d90c912df11f0fd837249b7cb2e12
Certificate serial:       019653EE65233A880ACBD2990A20DCD82770
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ArcBQMA9kMkS3xHw_YNySbfLLhI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/9d994b-8cf4-4529-bdbc-b38dcf2f010c/1/ArcBQMA9kMkS3xHw_YNySbfLLhI.mft
Manifest number:          14F8
Signing time:             Sun 20 Apr 2025 16:00:54 +0000
Manifest this update:     Sun 20 Apr 2025 16:00:54 +0000
Manifest next update:     Mon 21 Apr 2025 16:00:54 +0000
Files and hashes:         1: ArcBQMA9kMkS3xHw_YNySbfLLhI.crl (hash: lGqH6su2EeXXLgVJrkrj0BfNdxlknGFI64RFjH2Pf44=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/9d994b-8cf4-4529-bdbc-b38dcf2f010c/1/ArcBQMA9kMkS3xHw_YNySbfLLhI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/9d994b-8cf4-4529-bdbc-b38dcf2f010c/1/ArcBQMA9kMkS3xHw_YNySbfLLhI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ArcBQMA9kMkS3xHw_YNySbfLLhI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:ee:65:23:3a:88:0a:cb:d2:99:0a:20:dc:d8:27:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02b70140c03d90c912df11f0fd837249b7cb2e12
        Validity
            Not Before: Apr 20 16:00:54 2025 GMT
            Not After : Apr 21 16:00:54 2025 GMT
        Subject: CN=74053b353add616eaba0c761808a711620c450a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:80:b4:a5:ec:ff:24:ff:1f:d5:54:1b:d2:90:
                    fa:c8:9f:b9:1b:6f:ac:5c:fa:fd:f6:22:56:a4:e0:
                    ee:84:2a:ca:fd:78:12:31:97:03:37:37:d9:3a:b7:
                    e0:2f:7e:02:79:6a:ed:db:4a:9a:98:ff:6b:93:e6:
                    44:63:6e:7f:8d:00:a3:5c:f8:46:95:e4:38:7a:1e:
                    e6:61:32:d2:d1:8c:f6:98:df:4e:23:d9:a6:74:59:
                    73:58:df:05:bf:1b:99:53:6a:e1:0a:31:e7:ee:5c:
                    02:a1:ee:d0:ef:d3:da:ab:ad:5b:bc:35:2c:bb:22:
                    91:be:76:9c:a2:29:40:90:8c:c9:90:8b:4f:58:61:
                    ee:e3:bc:a7:01:12:0a:7e:2b:e7:65:1c:68:89:4a:
                    67:06:dc:22:84:a9:f5:5b:95:e4:0f:bc:b3:cd:eb:
                    06:b6:30:49:02:fb:1e:34:a2:a3:ff:ba:06:fb:b5:
                    15:4c:a0:a4:ab:ca:1e:00:db:aa:f4:a6:41:05:00:
                    23:8a:9b:6b:95:2a:09:c8:2d:b7:7a:b0:6a:18:6b:
                    6b:d1:70:e8:43:5b:b7:49:6f:c8:7b:ff:91:90:1c:
                    3e:8f:0d:52:64:e9:a3:fe:50:fd:a6:35:f7:87:eb:
                    98:b8:6b:73:28:c9:c0:dc:7d:be:76:09:da:24:9b:
                    1a:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:05:3B:35:3A:DD:61:6E:AB:A0:C7:61:80:8A:71:16:20:C4:50:A3
            X509v3 Authority Key Identifier:
                keyid:02:B7:01:40:C0:3D:90:C9:12:DF:11:F0:FD:83:72:49:B7:CB:2E:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArcBQMA9kMkS3xHw_YNySbfLLhI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9d994b-8cf4-4529-bdbc-b38dcf2f010c/1/ArcBQMA9kMkS3xHw_YNySbfLLhI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9d994b-8cf4-4529-bdbc-b38dcf2f010c/1/ArcBQMA9kMkS3xHw_YNySbfLLhI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:da:80:23:27:38:21:67:84:0f:3c:8a:1d:27:a4:89:a7:d6:
         5d:a5:4f:f4:da:6e:b3:bc:f4:3c:a2:65:80:d9:d3:4f:79:99:
         21:3b:06:06:a7:94:19:ba:1d:d4:4a:ae:fb:a6:b9:1c:61:37:
         c9:c6:b3:af:c9:36:63:67:83:f6:b5:25:de:a4:cd:c8:81:1e:
         ee:4a:e9:82:3f:c8:05:93:1d:74:6d:c2:ec:2d:f5:2b:76:40:
         9a:58:e9:39:10:4e:7f:6b:f8:dd:79:c3:f9:52:b1:9d:76:37:
         5d:67:59:7b:ad:19:d7:a0:f3:44:ea:93:1f:97:aa:92:96:80:
         37:d3:4a:6d:55:60:b5:4f:88:68:31:f7:f6:13:4d:48:00:87:
         53:ce:a5:cc:cb:c9:02:57:50:cf:b2:ed:e2:91:c0:3a:33:42:
         15:fd:dd:43:4c:1f:45:f3:37:f6:5f:a7:32:e3:a9:a4:64:78:
         a7:40:bd:e8:11:a2:a8:28:85:c5:83:ef:9e:de:59:01:d4:bc:
         9f:4b:96:5b:dd:0f:46:f9:a8:68:1b:79:89:aa:21:1d:41:93:
         5e:b1:70:b9:64:09:b1:de:93:97:20:c5:9b:22:c3:62:bb:dd:
         1c:aa:91:7f:30:ba:6d:7d:68:c9:db:15:d0:a2:69:60:b5:27:
         2e:17:86:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZT7mUjOogKy9KZCiDc2CdwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjcwMTQwYzAzZDkwYzkxMmRmMTFmMGZkODM3MjQ5Yjdj
YjJlMTIwHhcNMjUwNDIwMTYwMDU0WhcNMjUwNDIxMTYwMDU0WjAzMTEwLwYDVQQD
Eyg3NDA1M2IzNTNhZGQ2MTZlYWJhMGM3NjE4MDhhNzExNjIwYzQ1MGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4IC0pez/JP8f1VQb0pD6yJ+5G2+s
XPr99iJWpODuhCrK/XgSMZcDNzfZOrfgL34CeWrt20qamP9rk+ZEY25/jQCjXPhG
leQ4eh7mYTLS0Yz2mN9OI9mmdFlzWN8FvxuZU2rhCjHn7lwCoe7Q79Paq61bvDUs
uyKRvnacoilAkIzJkItPWGHu47ynARIKfivnZRxoiUpnBtwihKn1W5XkD7yzzesG
tjBJAvseNKKj/7oG+7UVTKCkq8oeANuq9KZBBQAjiptrlSoJyC23erBqGGtr0XDo
Q1u3SW/Ie/+RkBw+jw1SZOmj/lD9pjX3h+uYuGtzKMnA3H2+dgnaJJsacQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHQFOzU63WFuq6DHYYCKcRYgxFCjMB8GA1UdIwQY
MBaAFAK3AUDAPZDJEt8R8P2Dckm3yy4SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJjQlFNQTlrTWtTM3hId19ZTnlTYmZMTGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85ZDk5NGItOGNmNC00NTI5LWJkYmMt
YjM4ZGNmMmYwMTBjLzEvQXJjQlFNQTlrTWtTM3hId19ZTnlTYmZMTGhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85ZDk5NGItOGNmNC00NTI5LWJkYmMtYjM4ZGNmMmYwMTBj
LzEvQXJjQlFNQTlrTWtTM3hId19ZTnlTYmZMTGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH9qAIyc4
IWeEDzyKHSekiafWXaVP9Npus7z0PKJlgNnTT3mZITsGBqeUGbod1Equ+6a5HGE3
ycazr8k2Y2eD9rUl3qTNyIEe7krpgj/IBZMddG3C7C31K3ZAmljpORBOf2v43XnD
+VKxnXY3XWdZe60Z16DzROqTH5eqkpaAN9NKbVVgtU+IaDH39hNNSACHU86lzMvJ
AldQz7Lt4pHAOjNCFf3dQ0wfRfM39l+nMuOppGR4p0C96BGiqCiFxYPvnt5ZAdS8
n0uWW90PRvmoaBt5iaohHUGTXrFwuWQJsd6TlyDFmyLDYrvdHKqRfzC6bX1oydsV
0KJpYLUnLheGOg==
-----END CERTIFICATE-----