Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft
File:                     aesKgBz9tLWANaXQdaKQSy6qX5E.mft (raw, json)
Hash identifier:          OGb/2VzHothnHqalWDndf/exIEGrZwe5ljt3iCpxv3Q=
Subject key identifier:   11:04:CE:78:B2:F1:6F:DE:11:48:F8:53:CB:CE:99:64:DA:AD:58:D4
Authority key identifier: 69:EB:0A:80:1C:FD:B4:B5:80:35:A5:D0:75:A2:90:4B:2E:AA:5F:91
Certificate issuer:       /CN=69eb0a801cfdb4b58035a5d075a2904b2eaa5f91
Certificate serial:       01964F6D5734D5B4912E70459CCA6B66741E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aesKgBz9tLWANaXQdaKQSy6qX5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft
Manifest number:          14F8
Signing time:             Sat 19 Apr 2025 19:01:27 +0000
Manifest this update:     Sat 19 Apr 2025 19:01:27 +0000
Manifest next update:     Sun 20 Apr 2025 19:01:27 +0000
Files and hashes:         1: aesKgBz9tLWANaXQdaKQSy6qX5E.crl (hash: G+Sdg4PXQhKp/B+nkyNGpp1qGg1Ugq+qRoAhiJCDqbw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aesKgBz9tLWANaXQdaKQSy6qX5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 19:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:6d:57:34:d5:b4:91:2e:70:45:9c:ca:6b:66:74:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69eb0a801cfdb4b58035a5d075a2904b2eaa5f91
        Validity
            Not Before: Apr 19 19:01:27 2025 GMT
            Not After : Apr 20 19:01:27 2025 GMT
        Subject: CN=1104ce78b2f16fde1148f853cbce9964daad58d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:f4:31:39:73:18:2c:16:42:50:46:f4:a4:30:
                    d9:91:29:e0:08:6c:b0:be:f9:dc:72:13:a0:7f:20:
                    61:8e:55:e2:33:bd:94:ec:dd:6c:1c:85:26:e5:4f:
                    99:d0:e5:3a:8c:b5:59:1d:a4:c7:d9:cb:a8:32:2e:
                    c3:6d:7d:a0:28:25:ae:cb:cd:27:16:c5:38:38:b4:
                    d7:97:1b:b8:0f:1e:5f:1d:dc:81:c7:eb:f2:b6:be:
                    b3:ca:96:62:1c:0e:61:95:a5:09:29:bd:dd:2f:b8:
                    f9:a4:35:1b:66:60:3c:d1:d6:e0:1e:77:69:d5:2e:
                    4f:d8:06:4f:4e:13:b9:c1:d9:89:1d:b5:ec:71:68:
                    57:bb:5c:e3:0a:3b:6f:7c:ab:c0:aa:63:27:7d:39:
                    8e:df:36:a1:6c:63:12:42:6b:7e:45:73:eb:26:d7:
                    db:b4:c6:b5:8e:3a:9e:e9:ba:ff:a1:45:06:76:de:
                    43:66:0d:56:81:9a:e5:73:14:6c:3d:71:b5:ed:ed:
                    c2:ef:c2:74:6d:94:aa:70:0b:22:af:40:ea:5f:a6:
                    a2:39:f7:21:82:13:8c:56:93:91:72:6d:42:23:1c:
                    42:d6:da:2c:2a:e5:b5:92:2d:ad:37:3f:0a:4f:73:
                    c2:49:c0:77:cc:2d:a7:c6:22:aa:58:26:b5:a4:ab:
                    ea:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:04:CE:78:B2:F1:6F:DE:11:48:F8:53:CB:CE:99:64:DA:AD:58:D4
            X509v3 Authority Key Identifier:
                keyid:69:EB:0A:80:1C:FD:B4:B5:80:35:A5:D0:75:A2:90:4B:2E:AA:5F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aesKgBz9tLWANaXQdaKQSy6qX5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:6d:fc:11:0d:8b:7d:f9:72:d5:a4:42:84:1d:a4:22:b8:1c:
         c3:a6:1e:17:f4:a1:4f:6f:94:af:de:46:ca:7f:da:14:df:4f:
         f4:87:23:33:88:a6:d9:db:83:33:7a:91:72:f3:c6:4d:f6:d5:
         71:5b:b4:13:0f:9e:a4:5c:ac:78:d0:81:26:80:31:5d:fb:83:
         f0:49:3c:f8:7c:b9:86:67:6a:26:08:92:b3:ce:b0:a5:6b:78:
         ad:33:8b:bf:f7:3c:82:0f:1d:03:48:30:14:7e:d1:cf:5d:00:
         7d:5d:b3:93:c9:d5:f5:01:05:cd:94:91:71:a3:ac:d1:16:63:
         41:2d:74:3a:dd:f3:b7:76:69:ce:8d:c9:50:e4:65:76:cc:e9:
         14:a4:73:49:3e:64:b1:08:1c:c5:1f:d2:92:e4:39:9b:2e:24:
         64:87:a2:c7:73:f6:8a:16:3f:a0:f9:54:78:fe:f9:0c:03:34:
         c8:3a:9f:3a:41:d1:7c:08:ca:e6:5e:3c:a1:53:2f:50:74:d5:
         57:4d:eb:b0:b9:cb:90:04:eb:f4:45:ee:38:03:36:ce:e7:36:
         f5:ef:c7:ea:f8:2e:34:69:c9:ab:49:a4:6e:e9:a1:24:b8:da:
         66:80:6d:f0:0c:6a:0b:c9:99:28:22:24:52:2f:2c:17:dc:fb:
         18:61:51:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPbVc01bSRLnBFnMprZnQeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZWIwYTgwMWNmZGI0YjU4MDM1YTVkMDc1YTI5MDRiMmVh
YTVmOTEwHhcNMjUwNDE5MTkwMTI3WhcNMjUwNDIwMTkwMTI3WjAzMTEwLwYDVQQD
EygxMTA0Y2U3OGIyZjE2ZmRlMTE0OGY4NTNjYmNlOTk2NGRhYWQ1OGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvQxOXMYLBZCUEb0pDDZkSngCGyw
vvncchOgfyBhjlXiM72U7N1sHIUm5U+Z0OU6jLVZHaTH2cuoMi7DbX2gKCWuy80n
FsU4OLTXlxu4Dx5fHdyBx+vytr6zypZiHA5hlaUJKb3dL7j5pDUbZmA80dbgHndp
1S5P2AZPThO5wdmJHbXscWhXu1zjCjtvfKvAqmMnfTmO3zahbGMSQmt+RXPrJtfb
tMa1jjqe6br/oUUGdt5DZg1WgZrlcxRsPXG17e3C78J0bZSqcAsir0DqX6aiOfch
ghOMVpORcm1CIxxC1tosKuW1ki2tNz8KT3PCScB3zC2nxiKqWCa1pKvqMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBEEzniy8W/eEUj4U8vOmWTarVjUMB8GA1UdIwQY
MBaAFGnrCoAc/bS1gDWl0HWikEsuql+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWVzS2dCejl0TFdBTmFYUWRhS1FTeTZxWDVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8zYmFiNTctZGIzYi00YmU4LWIyNzkt
MDBmNTZmNDcyMWMyLzEvYWVzS2dCejl0TFdBTmFYUWRhS1FTeTZxWDVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8zYmFiNTctZGIzYi00YmU4LWIyNzktMDBmNTZmNDcyMWMy
LzEvYWVzS2dCejl0TFdBTmFYUWRhS1FTeTZxWDVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh238EQ2L
ffly1aRChB2kIrgcw6YeF/ShT2+Ur95Gyn/aFN9P9IcjM4im2duDM3qRcvPGTfbV
cVu0Ew+epFyseNCBJoAxXfuD8Ek8+Hy5hmdqJgiSs86wpWt4rTOLv/c8gg8dA0gw
FH7Rz10AfV2zk8nV9QEFzZSRcaOs0RZjQS10Ot3zt3Zpzo3JUORldszpFKRzST5k
sQgcxR/SkuQ5my4kZIeix3P2ihY/oPlUeP75DAM0yDqfOkHRfAjK5l48oVMvUHTV
V03rsLnLkATr9EXuOAM2zuc29e/H6vguNGnJq0mkbumhJLjaZoBt8AxqC8mZKCIk
Ui8sF9z7GGFRTQ==
-----END CERTIFICATE-----