Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
File:                     aEdQ3w66d01LTWROyOM1CPj1OP4.mft (raw, json)
Hash identifier:          Q2bypkTSF+ZA4MOPt6PRh8f+tC/9RI6NcrswobHBk0c=
Subject key identifier:   07:D7:FA:C7:48:B8:B3:A8:6D:76:8E:8C:C3:C5:71:5C:FD:6C:6D:6C
Authority key identifier: 68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE
Certificate issuer:       /CN=684750df0eba774d4b4d644ec8e33508f8f538fe
Certificate serial:       019655DC995275892730B601DD21A3EF3204
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
Manifest number:          05A7
Signing time:             Mon 21 Apr 2025 01:00:42 +0000
Manifest this update:     Mon 21 Apr 2025 01:00:42 +0000
Manifest next update:     Tue 22 Apr 2025 01:00:42 +0000
Files and hashes:         1: aEdQ3w66d01LTWROyOM1CPj1OP4.crl (hash: o3A5NCHxqcsd6s9gmIqINFnyHcB1s+qw56VSIADkVxs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:dc:99:52:75:89:27:30:b6:01:dd:21:a3:ef:32:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=684750df0eba774d4b4d644ec8e33508f8f538fe
        Validity
            Not Before: Apr 21 01:00:42 2025 GMT
            Not After : Apr 22 01:00:42 2025 GMT
        Subject: CN=07d7fac748b8b3a86d768e8cc3c5715cfd6c6d6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:80:f6:86:5b:ca:50:41:68:52:69:02:bc:9e:
                    d4:a1:55:e2:48:27:3f:c5:1e:56:84:b9:55:a6:ce:
                    09:d5:8d:29:3c:62:1a:39:6d:4a:a3:b4:13:de:50:
                    fb:33:d6:4a:a5:59:6b:60:f1:57:03:14:8a:c8:6d:
                    2e:b5:15:3d:85:67:fb:f1:85:22:a4:8a:b4:51:af:
                    99:cc:37:9c:b6:dc:5e:de:bd:84:23:bc:ae:30:4b:
                    82:c0:f1:5b:1f:86:f1:a7:13:26:98:9c:b1:95:8c:
                    39:09:e0:03:4c:00:7e:83:41:5f:b2:59:32:4d:3f:
                    3f:93:80:26:3f:6a:4c:de:ac:eb:d3:7f:0e:07:4f:
                    1a:b9:b9:31:c3:da:09:60:bf:b8:aa:d1:fa:c7:80:
                    51:59:60:9b:e7:6d:96:89:e3:e3:73:95:3d:e0:cf:
                    01:70:22:a7:1f:28:75:39:c9:36:3a:cb:f4:9e:6a:
                    30:b7:80:7e:a5:16:7d:a0:6e:07:9b:83:8b:81:08:
                    f1:19:7c:56:6c:13:b9:a8:ec:b3:6a:84:d0:d6:fb:
                    36:5f:20:50:6c:69:d6:d9:3d:e7:8b:0c:ea:26:f3:
                    37:8c:6e:d7:76:34:57:5f:44:56:79:70:4f:8e:fa:
                    7d:7c:b6:b0:2f:4a:57:a0:70:56:aa:d7:98:05:42:
                    c2:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:D7:FA:C7:48:B8:B3:A8:6D:76:8E:8C:C3:C5:71:5C:FD:6C:6D:6C
            X509v3 Authority Key Identifier:
                keyid:68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:83:93:2c:f3:d3:e4:3a:91:ea:d8:45:f3:19:44:7b:f9:29:
         c0:de:bc:1c:00:07:2b:00:0c:b1:d7:06:08:03:f6:9a:52:29:
         59:d2:f0:a1:d5:3d:8c:43:e7:62:0a:51:c3:d1:48:5b:b5:f1:
         45:dd:7c:9f:17:f3:2b:76:81:91:41:e5:b6:cf:13:50:53:b2:
         74:08:be:f8:3d:16:99:2b:c1:12:10:f5:60:4a:44:58:d8:1f:
         a1:bb:58:32:59:1a:9a:71:69:0b:88:a6:c4:1f:f2:2b:15:29:
         ff:ec:3e:bf:7e:b4:0b:2f:09:c8:a4:dc:8a:1f:e5:47:ff:51:
         fc:5c:61:3c:ec:61:54:37:22:6c:17:ac:d8:56:72:e5:4a:05:
         36:54:fe:c8:9e:02:35:a7:16:4f:4a:ae:1a:7e:a8:b8:3e:64:
         58:22:f1:ae:c8:23:6f:54:93:15:b0:00:9e:be:be:19:97:ba:
         66:8e:6f:e9:b4:d4:ea:ca:3b:52:08:c0:a9:dc:14:d8:01:59:
         c2:42:1c:3e:32:a2:81:25:58:43:f9:31:32:86:fd:00:6c:90:
         98:95:73:c1:03:06:9a:a4:05:40:c9:0c:b2:5a:4b:14:b2:9f:
         e2:35:48:83:82:1b:d0:f7:03:e1:70:ae:28:b7:3d:01:2f:04:
         1a:a6:d7:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZV3JlSdYknMLYB3SGj7zIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDc1MGRmMGViYTc3NGQ0YjRkNjQ0ZWM4ZTMzNTA4Zjhm
NTM4ZmUwHhcNMjUwNDIxMDEwMDQyWhcNMjUwNDIyMDEwMDQyWjAzMTEwLwYDVQQD
EygwN2Q3ZmFjNzQ4YjhiM2E4NmQ3NjhlOGNjM2M1NzE1Y2ZkNmM2ZDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4D2hlvKUEFoUmkCvJ7UoVXiSCc/
xR5WhLlVps4J1Y0pPGIaOW1Ko7QT3lD7M9ZKpVlrYPFXAxSKyG0utRU9hWf78YUi
pIq0Ua+ZzDecttxe3r2EI7yuMEuCwPFbH4bxpxMmmJyxlYw5CeADTAB+g0Ffslky
TT8/k4AmP2pM3qzr038OB08aubkxw9oJYL+4qtH6x4BRWWCb522WiePjc5U94M8B
cCKnHyh1Ock2Osv0nmowt4B+pRZ9oG4Hm4OLgQjxGXxWbBO5qOyzaoTQ1vs2XyBQ
bGnW2T3niwzqJvM3jG7XdjRXX0RWeXBPjvp9fLawL0pXoHBWqteYBULCzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAfX+sdIuLOobXaOjMPFcVz9bG1sMB8GA1UdIwQY
MBaAFGhHUN8OundNS01kTsjjNQj49Tj+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYt
ZDMyNWY2ODYzMzQzLzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYtZDMyNWY2ODYzMzQz
LzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf4OTLPPT
5DqR6thF8xlEe/kpwN68HAAHKwAMsdcGCAP2mlIpWdLwodU9jEPnYgpRw9FIW7Xx
Rd18nxfzK3aBkUHlts8TUFOydAi++D0WmSvBEhD1YEpEWNgfobtYMlkamnFpC4im
xB/yKxUp/+w+v360Cy8JyKTcih/lR/9R/FxhPOxhVDcibBes2FZy5UoFNlT+yJ4C
NacWT0quGn6ouD5kWCLxrsgjb1STFbAAnr6+GZe6Zo5v6bTU6so7UgjAqdwU2AFZ
wkIcPjKigSVYQ/kxMob9AGyQmJVzwQMGmqQFQMkMslpLFLKf4jVIg4Ib0PcD4XCu
KLc9AS8EGqbXNg==
-----END CERTIFICATE-----