Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/909b7b-d413-42e1-a60a-ec84dd5c69bf/1/R7cYcu1kXJZm1VEavHjwfE06uKw.mft
File:                     R7cYcu1kXJZm1VEavHjwfE06uKw.mft (raw, json)
Hash identifier:          3zCNHjrq42Q7hZV8Nu01VOfqrzuHoBwKcFh+x+mo/OI=
Subject key identifier:   DE:D4:F5:D0:76:55:F4:FA:6B:E9:4A:E9:C9:7B:6D:98:B1:EC:FC:29
Authority key identifier: 47:B7:18:72:ED:64:5C:96:66:D5:51:1A:BC:78:F0:7C:4D:3A:B8:AC
Certificate issuer:       /CN=47b71872ed645c9666d5511abc78f07c4d3ab8ac
Certificate serial:       019658A67E04BE93BAACBFE504004884ADD7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R7cYcu1kXJZm1VEavHjwfE06uKw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/909b7b-d413-42e1-a60a-ec84dd5c69bf/1/R7cYcu1kXJZm1VEavHjwfE06uKw.mft
Manifest number:          01A4
Signing time:             Mon 21 Apr 2025 14:00:28 +0000
Manifest this update:     Mon 21 Apr 2025 14:00:28 +0000
Manifest next update:     Tue 22 Apr 2025 14:00:28 +0000
Files and hashes:         1: R7cYcu1kXJZm1VEavHjwfE06uKw.crl (hash: bKdBjQ9pxPZhh8NbG+Me/SgltdC2KjamkG7SUUiYE7c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/909b7b-d413-42e1-a60a-ec84dd5c69bf/1/R7cYcu1kXJZm1VEavHjwfE06uKw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/909b7b-d413-42e1-a60a-ec84dd5c69bf/1/R7cYcu1kXJZm1VEavHjwfE06uKw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R7cYcu1kXJZm1VEavHjwfE06uKw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:58:a6:7e:04:be:93:ba:ac:bf:e5:04:00:48:84:ad:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47b71872ed645c9666d5511abc78f07c4d3ab8ac
        Validity
            Not Before: Apr 21 14:00:28 2025 GMT
            Not After : Apr 22 14:00:28 2025 GMT
        Subject: CN=ded4f5d07655f4fa6be94ae9c97b6d98b1ecfc29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:31:2d:b7:1a:ec:fa:d9:6a:a8:19:52:95:00:
                    f6:f5:55:35:98:3d:90:78:a7:6b:d8:e3:09:b6:cb:
                    1f:09:a5:16:87:00:f5:e0:9a:19:a9:d4:02:86:b5:
                    67:e7:7d:c6:b0:2f:2e:3d:70:a3:74:14:46:b7:07:
                    61:05:f2:60:9e:e9:df:fa:d8:a7:e7:a7:ae:c1:6f:
                    95:1c:e6:9e:1d:b4:21:fb:80:f6:b6:6f:c2:73:e8:
                    d2:66:dd:87:60:e4:4a:24:6c:f1:d7:85:f4:ed:0d:
                    6c:f2:35:26:58:b1:38:2a:23:e8:15:b9:57:18:22:
                    a8:7f:01:61:4e:be:da:1a:03:da:e0:cd:43:eb:48:
                    d6:6f:59:5a:d3:a7:0d:59:f4:ee:85:f2:ca:9a:80:
                    e9:1b:c6:0a:06:60:2d:7f:0e:56:08:70:40:a0:46:
                    95:6a:db:0a:76:58:b2:9a:75:9e:c4:71:71:0f:0d:
                    56:40:d6:a8:c6:8d:c4:dc:1a:00:2f:ba:8c:ea:8c:
                    ab:22:38:d0:fe:5f:68:46:bf:8c:10:97:1f:91:80:
                    19:cc:8f:c0:64:d2:ff:6a:2c:8f:4f:41:1c:9c:a3:
                    99:c1:76:e4:8b:ef:de:3e:09:81:f1:b3:d3:a4:95:
                    08:da:33:39:59:b8:b8:d6:80:fc:84:4b:10:80:ec:
                    80:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:D4:F5:D0:76:55:F4:FA:6B:E9:4A:E9:C9:7B:6D:98:B1:EC:FC:29
            X509v3 Authority Key Identifier:
                keyid:47:B7:18:72:ED:64:5C:96:66:D5:51:1A:BC:78:F0:7C:4D:3A:B8:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R7cYcu1kXJZm1VEavHjwfE06uKw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/909b7b-d413-42e1-a60a-ec84dd5c69bf/1/R7cYcu1kXJZm1VEavHjwfE06uKw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/909b7b-d413-42e1-a60a-ec84dd5c69bf/1/R7cYcu1kXJZm1VEavHjwfE06uKw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:16:d2:03:f4:22:a0:a8:77:1a:0e:db:99:4e:f9:e5:c5:54:
         be:bd:d1:17:29:a6:20:9b:75:93:e1:fe:bb:dc:06:76:e1:09:
         96:29:fe:c9:ae:fe:ca:2f:87:6f:a6:01:03:ac:0c:a1:2f:fa:
         eb:bf:25:b1:36:75:5e:43:64:7b:e7:e4:73:b7:94:d0:20:24:
         33:10:aa:13:52:e6:2b:e5:cd:63:04:7d:b2:47:5c:6b:80:f5:
         2b:00:2e:98:56:3c:20:b8:f6:50:48:a4:2a:42:16:d7:fd:56:
         f9:13:6d:ab:cd:da:a3:d9:de:4e:00:5c:c1:64:93:f2:14:84:
         3c:28:1f:ea:52:05:dc:df:ce:30:fa:c2:c9:3c:58:1d:43:0c:
         de:c9:eb:df:fc:37:4e:93:07:50:13:66:78:77:48:88:b7:af:
         52:89:a4:7e:56:0b:28:10:01:c2:18:5e:0a:4b:76:9f:1d:43:
         77:86:83:35:47:40:f0:0e:9f:34:19:89:52:8e:a4:06:24:d3:
         b4:8f:44:9a:1b:e7:aa:4f:c9:8c:bd:23:b7:ff:71:4f:12:74:
         fd:4c:91:99:67:bf:74:a6:bc:08:6a:92:d0:b7:6a:da:8a:69:
         5b:f3:6c:36:24:f8:70:fd:ee:bb:9b:04:a5:a5:d2:c8:c2:91:
         d6:92:2f:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZYpn4EvpO6rL/lBABIhK3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YjcxODcyZWQ2NDVjOTY2NmQ1NTExYWJjNzhmMDdjNGQz
YWI4YWMwHhcNMjUwNDIxMTQwMDI4WhcNMjUwNDIyMTQwMDI4WjAzMTEwLwYDVQQD
EyhkZWQ0ZjVkMDc2NTVmNGZhNmJlOTRhZTljOTdiNmQ5OGIxZWNmYzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTEttxrs+tlqqBlSlQD29VU1mD2Q
eKdr2OMJtssfCaUWhwD14JoZqdQChrVn533GsC8uPXCjdBRGtwdhBfJgnunf+tin
56euwW+VHOaeHbQh+4D2tm/Cc+jSZt2HYORKJGzx14X07Q1s8jUmWLE4KiPoFblX
GCKofwFhTr7aGgPa4M1D60jWb1la06cNWfTuhfLKmoDpG8YKBmAtfw5WCHBAoEaV
atsKdliymnWexHFxDw1WQNaoxo3E3BoAL7qM6oyrIjjQ/l9oRr+MEJcfkYAZzI/A
ZNL/aiyPT0EcnKOZwXbki+/ePgmB8bPTpJUI2jM5Wbi41oD8hEsQgOyAzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN7U9dB2VfT6a+lK6cl7bZix7PwpMB8GA1UdIwQY
MBaAFEe3GHLtZFyWZtVRGrx48HxNOrisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjdjWWN1MWtYSlptMVZFYXZIandmRTA2dUt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85MDliN2ItZDQxMy00MmUxLWE2MGEt
ZWM4NGRkNWM2OWJmLzEvUjdjWWN1MWtYSlptMVZFYXZIandmRTA2dUt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85MDliN2ItZDQxMy00MmUxLWE2MGEtZWM4NGRkNWM2OWJm
LzEvUjdjWWN1MWtYSlptMVZFYXZIandmRTA2dUt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGhbSA/Qi
oKh3Gg7bmU755cVUvr3RFymmIJt1k+H+u9wGduEJlin+ya7+yi+Hb6YBA6wMoS/6
678lsTZ1XkNke+fkc7eU0CAkMxCqE1LmK+XNYwR9skdca4D1KwAumFY8ILj2UEik
KkIW1/1W+RNtq83ao9neTgBcwWST8hSEPCgf6lIF3N/OMPrCyTxYHUMM3snr3/w3
TpMHUBNmeHdIiLevUomkflYLKBABwhheCkt2nx1Dd4aDNUdA8A6fNBmJUo6kBiTT
tI9Emhvnqk/JjL0jt/9xTxJ0/UyRmWe/dKa8CGqS0Ldq2oppW/NsNiT4cP3uu5sE
paXSyMKR1pIvew==
-----END CERTIFICATE-----