Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9cfc79-8bda-4862-a7d8-4f8d9355d862/1/WFRbn70B0owOptCPW0cts0-tLqM.mft
File:                     WFRbn70B0owOptCPW0cts0-tLqM.mft (raw, json)
Hash identifier:          JhWENv+SId65FcpsPjOVmlS++uqcLV8gYyMD2fbBjHg=
Subject key identifier:   86:C5:20:C6:C9:87:AF:C2:3C:F0:4E:A8:E5:9B:F7:83:0F:EA:1B:72
Authority key identifier: 58:54:5B:9F:BD:01:D2:8C:0E:A6:D0:8F:5B:47:2D:B3:4F:AD:2E:A3
Certificate issuer:       /CN=58545b9fbd01d28c0ea6d08f5b472db34fad2ea3
Certificate serial:       019653B712FE87B66E8E3BE36F59FCFF0ECA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WFRbn70B0owOptCPW0cts0-tLqM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/9cfc79-8bda-4862-a7d8-4f8d9355d862/1/WFRbn70B0owOptCPW0cts0-tLqM.mft
Manifest number:          14C3
Signing time:             Sun 20 Apr 2025 15:00:28 +0000
Manifest this update:     Sun 20 Apr 2025 15:00:28 +0000
Manifest next update:     Mon 21 Apr 2025 15:00:28 +0000
Files and hashes:         1: WFRbn70B0owOptCPW0cts0-tLqM.crl (hash: p2gQ1GTE/FKduo/EoN76NDwh8iLJAaK4XJf8QQfNr0Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/9cfc79-8bda-4862-a7d8-4f8d9355d862/1/WFRbn70B0owOptCPW0cts0-tLqM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/9cfc79-8bda-4862-a7d8-4f8d9355d862/1/WFRbn70B0owOptCPW0cts0-tLqM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WFRbn70B0owOptCPW0cts0-tLqM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 15:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:b7:12:fe:87:b6:6e:8e:3b:e3:6f:59:fc:ff:0e:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58545b9fbd01d28c0ea6d08f5b472db34fad2ea3
        Validity
            Not Before: Apr 20 15:00:28 2025 GMT
            Not After : Apr 21 15:00:28 2025 GMT
        Subject: CN=86c520c6c987afc23cf04ea8e59bf7830fea1b72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:63:dc:13:c8:49:94:10:21:70:cd:cb:6c:68:
                    b2:6e:8a:14:0f:ab:ac:55:1b:68:87:5b:0f:6a:92:
                    47:7e:b9:45:c9:73:4a:4c:20:cc:0d:0f:43:9c:ba:
                    24:83:03:2b:90:41:cf:c6:96:1a:31:f0:cb:82:45:
                    34:61:f1:f1:d9:ff:63:00:c7:98:92:d3:f2:54:74:
                    9e:ef:d0:8b:5b:56:59:c6:a6:5d:7d:91:3d:0f:73:
                    de:e4:9b:0a:d1:37:0f:8e:44:a8:4c:ae:33:68:c8:
                    8c:0f:32:7d:09:f6:c3:f6:a9:fb:de:96:03:fd:90:
                    b3:ac:dd:09:74:ac:bc:a7:ed:1e:82:f6:c8:1b:1f:
                    e7:30:2c:b3:74:12:d9:8f:f5:d9:03:8d:30:17:a3:
                    a4:74:f6:06:b5:cb:c7:c2:c1:64:b3:3e:9e:eb:c7:
                    f5:36:d9:9c:b3:69:a7:f7:e7:d5:b1:a8:98:13:7c:
                    7f:6b:8f:b8:7d:f1:86:57:fd:96:99:0e:5e:b0:b1:
                    ca:d7:d7:3b:66:a8:df:40:16:97:6f:15:45:8a:5c:
                    40:2c:96:99:1f:4c:51:68:a5:05:cb:a1:6c:23:80:
                    a1:d6:2a:f0:f0:f6:2e:ba:ef:55:00:e7:74:a2:a3:
                    29:e8:38:b9:ba:c1:41:d3:7a:67:fe:60:5b:24:0f:
                    3c:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:C5:20:C6:C9:87:AF:C2:3C:F0:4E:A8:E5:9B:F7:83:0F:EA:1B:72
            X509v3 Authority Key Identifier:
                keyid:58:54:5B:9F:BD:01:D2:8C:0E:A6:D0:8F:5B:47:2D:B3:4F:AD:2E:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WFRbn70B0owOptCPW0cts0-tLqM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9cfc79-8bda-4862-a7d8-4f8d9355d862/1/WFRbn70B0owOptCPW0cts0-tLqM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9cfc79-8bda-4862-a7d8-4f8d9355d862/1/WFRbn70B0owOptCPW0cts0-tLqM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:53:ab:92:f7:13:1b:b3:2f:8b:8e:15:1d:f1:f3:fd:3d:49:
         cd:46:e3:6f:5d:dd:23:39:f3:88:97:4e:96:15:3d:2e:56:5e:
         71:3c:82:a7:9b:ad:d9:7e:ce:30:dd:b4:da:32:17:1d:3e:67:
         48:5e:c5:6f:b4:58:22:e7:a6:3b:85:12:25:58:f3:55:f4:ae:
         7a:0f:eb:10:79:08:17:a1:eb:a7:d0:41:e8:a7:6a:38:8d:9b:
         f2:fa:92:94:5a:10:76:96:8a:12:5a:9d:7c:2b:26:d3:3b:22:
         f4:f7:68:9b:95:f4:40:15:64:9a:fa:2d:73:d7:58:1f:5c:83:
         5d:32:ea:cb:c3:9f:ed:97:a9:07:8a:c9:a2:46:c3:33:4a:96:
         f9:a3:57:6b:0e:56:27:6f:f7:26:5a:9c:79:0e:4d:9a:fd:05:
         1d:bd:f7:11:0d:3e:29:3f:be:f0:64:42:dd:16:c6:f1:ff:5f:
         73:fe:58:37:ad:f9:e0:6f:be:cb:a6:7d:5d:5e:1a:ad:40:52:
         1d:f5:09:39:b0:9c:d2:f2:93:94:3a:e3:10:22:f6:3a:d0:6b:
         21:46:a9:11:1c:87:3f:cc:bf:39:44:96:0c:a5:04:ba:eb:6a:
         f6:a9:17:35:6e:ad:5c:6b:bc:24:03:e6:24:f6:b1:81:4f:99:
         f6:c4:ff:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTtxL+h7Zujjvjb1n8/w7KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NTQ1YjlmYmQwMWQyOGMwZWE2ZDA4ZjViNDcyZGIzNGZh
ZDJlYTMwHhcNMjUwNDIwMTUwMDI4WhcNMjUwNDIxMTUwMDI4WjAzMTEwLwYDVQQD
Eyg4NmM1MjBjNmM5ODdhZmMyM2NmMDRlYThlNTliZjc4MzBmZWExYjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWPcE8hJlBAhcM3LbGiybooUD6us
VRtoh1sPapJHfrlFyXNKTCDMDQ9DnLokgwMrkEHPxpYaMfDLgkU0YfHx2f9jAMeY
ktPyVHSe79CLW1ZZxqZdfZE9D3Pe5JsK0TcPjkSoTK4zaMiMDzJ9CfbD9qn73pYD
/ZCzrN0JdKy8p+0egvbIGx/nMCyzdBLZj/XZA40wF6OkdPYGtcvHwsFksz6e68f1
Ntmcs2mn9+fVsaiYE3x/a4+4ffGGV/2WmQ5esLHK19c7ZqjfQBaXbxVFilxALJaZ
H0xRaKUFy6FsI4Ch1irw8PYuuu9VAOd0oqMp6Di5usFB03pn/mBbJA880QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIbFIMbJh6/CPPBOqOWb94MP6htyMB8GA1UdIwQY
MBaAFFhUW5+9AdKMDqbQj1tHLbNPrS6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0ZSYm43MEIwb3dPcHRDUFcwY3RzMC10THFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85Y2ZjNzktOGJkYS00ODYyLWE3ZDgt
NGY4ZDkzNTVkODYyLzEvV0ZSYm43MEIwb3dPcHRDUFcwY3RzMC10THFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85Y2ZjNzktOGJkYS00ODYyLWE3ZDgtNGY4ZDkzNTVkODYy
LzEvV0ZSYm43MEIwb3dPcHRDUFcwY3RzMC10THFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJVOrkvcT
G7Mvi44VHfHz/T1JzUbjb13dIznziJdOlhU9LlZecTyCp5ut2X7OMN202jIXHT5n
SF7Fb7RYIuemO4USJVjzVfSueg/rEHkIF6Hrp9BB6KdqOI2b8vqSlFoQdpaKElqd
fCsm0zsi9Pdom5X0QBVkmvotc9dYH1yDXTLqy8Of7ZepB4rJokbDM0qW+aNXaw5W
J2/3JlqceQ5Nmv0FHb33EQ0+KT++8GRC3RbG8f9fc/5YN6354G++y6Z9XV4arUBS
HfUJObCc0vKTlDrjECL2OtBrIUapERyHP8y/OUSWDKUEuutq9qkXNW6tXGu8JAPm
JPaxgU+Z9sT/fg==
-----END CERTIFICATE-----