Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft
File:                     y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft (raw, json)
Hash identifier:          M42GKBnehizI2qh1Q4wehClYlHKMRIzEyHGd1nQWbC8=
Subject key identifier:   8F:C0:11:8D:39:97:80:2F:D3:53:3B:14:FD:9B:1B:C1:BA:90:1B:67
Authority key identifier: CB:83:FB:FC:17:6C:D4:8E:BE:2F:2C:DE:9F:4C:01:ED:25:3B:BB:2D
Certificate issuer:       /CN=cb83fbfc176cd48ebe2f2cde9f4c01ed253bbb2d
Certificate serial:       019659154B4E60736DCA175A8BDAD2861AEB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y4P7_Bds1I6-Lyzen0wB7SU7uy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft
Manifest number:          14FF
Signing time:             Mon 21 Apr 2025 16:01:29 +0000
Manifest this update:     Mon 21 Apr 2025 16:01:29 +0000
Manifest next update:     Tue 22 Apr 2025 16:01:29 +0000
Files and hashes:         1: y4P7_Bds1I6-Lyzen0wB7SU7uy0.crl (hash: Y5ck0/ITzlfA6xrkB2rzWDSccuW9f0rYCKDugQiSdkw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y4P7_Bds1I6-Lyzen0wB7SU7uy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 16:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:15:4b:4e:60:73:6d:ca:17:5a:8b:da:d2:86:1a:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb83fbfc176cd48ebe2f2cde9f4c01ed253bbb2d
        Validity
            Not Before: Apr 21 16:01:29 2025 GMT
            Not After : Apr 22 16:01:29 2025 GMT
        Subject: CN=8fc0118d3997802fd3533b14fd9b1bc1ba901b67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:81:17:66:8a:e5:33:13:09:ca:e0:55:fd:22:
                    12:75:f1:a4:92:bd:32:ec:dd:e3:73:a8:d6:bb:22:
                    52:0d:71:d5:e6:8d:25:45:7a:99:b7:5f:0b:e1:d1:
                    c7:ba:fe:ca:4d:c0:2e:1d:10:21:b9:b6:0d:0a:4c:
                    77:9b:8a:ab:f6:8d:ab:91:55:bc:32:91:33:e6:49:
                    a8:e1:cc:36:5a:9c:48:e5:1d:ce:ba:ad:72:8c:fd:
                    a3:a9:29:c6:2c:dc:65:81:5b:e7:f5:4e:40:f2:2e:
                    46:1a:7c:2c:2e:97:1b:aa:4c:4f:58:69:7d:5a:6f:
                    70:56:81:5b:71:fa:58:84:80:96:86:c1:56:fb:a4:
                    88:64:3e:65:b4:d3:fc:92:ae:cb:c7:e6:04:ed:58:
                    63:23:8b:57:30:2b:97:22:ed:f0:dd:50:a5:01:96:
                    9b:99:18:cf:f8:fd:57:04:7f:92:b8:68:2d:99:7c:
                    6a:34:36:23:92:4e:dd:e4:8a:6d:1a:fb:23:ee:74:
                    dd:7d:4a:ad:37:9d:e8:16:e1:2e:30:22:ed:be:41:
                    8a:cd:6a:c5:03:d2:90:08:12:98:b9:7c:58:9f:93:
                    b0:1b:43:85:1a:f8:ef:fa:2c:39:8e:09:d0:9d:9d:
                    56:b4:03:82:10:4f:56:44:1f:76:fe:0c:05:d2:3e:
                    e4:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:C0:11:8D:39:97:80:2F:D3:53:3B:14:FD:9B:1B:C1:BA:90:1B:67
            X509v3 Authority Key Identifier:
                keyid:CB:83:FB:FC:17:6C:D4:8E:BE:2F:2C:DE:9F:4C:01:ED:25:3B:BB:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y4P7_Bds1I6-Lyzen0wB7SU7uy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:a4:39:b2:29:7e:d4:14:93:6b:f8:f1:6e:60:7c:28:2d:d9:
         9d:c5:50:c2:e4:e9:d5:12:ea:5d:92:8e:6b:e4:e5:10:3e:c6:
         b5:3b:33:a8:15:c6:e3:96:63:c4:4f:e4:e7:2b:1a:06:22:68:
         9d:00:cd:87:0a:9b:e0:33:a4:63:b7:78:6d:d4:69:4d:e4:bb:
         8e:57:5f:19:25:cd:3d:a8:92:27:cd:fc:ec:6f:69:cb:dc:d5:
         6b:77:a8:59:42:d1:6c:e6:0e:2f:bf:24:04:07:8b:1b:e8:2c:
         94:26:9f:2c:7a:85:3f:1e:82:ec:b5:63:d0:7c:5a:d0:18:12:
         cc:ef:92:e3:41:78:37:b4:b3:fe:41:c0:ce:33:92:84:56:ee:
         83:6b:12:27:7c:e8:24:ad:a0:19:5f:30:35:2a:5f:2b:99:31:
         f8:47:42:ea:39:c7:48:6b:7e:41:c8:36:49:00:f4:ef:4f:09:
         fe:87:cf:11:2a:95:94:c7:30:de:8a:00:3b:43:a7:72:e6:cf:
         4b:af:ef:ea:37:fa:43:37:1f:d7:ed:6c:d5:6d:d9:41:47:19:
         b1:65:ba:cc:02:61:74:65:92:08:1f:61:50:41:99:91:21:80:
         9a:db:d6:d7:31:b9:fc:fe:64:b0:17:86:b3:e0:2f:ec:5e:69:
         5c:4e:4e:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZFUtOYHNtyhdai9rShhrrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiODNmYmZjMTc2Y2Q0OGViZTJmMmNkZTlmNGMwMWVkMjUz
YmJiMmQwHhcNMjUwNDIxMTYwMTI5WhcNMjUwNDIyMTYwMTI5WjAzMTEwLwYDVQQD
Eyg4ZmMwMTE4ZDM5OTc4MDJmZDM1MzNiMTRmZDliMWJjMWJhOTAxYjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIEXZorlMxMJyuBV/SISdfGkkr0y
7N3jc6jWuyJSDXHV5o0lRXqZt18L4dHHuv7KTcAuHRAhubYNCkx3m4qr9o2rkVW8
MpEz5kmo4cw2WpxI5R3Ouq1yjP2jqSnGLNxlgVvn9U5A8i5GGnwsLpcbqkxPWGl9
Wm9wVoFbcfpYhICWhsFW+6SIZD5ltNP8kq7Lx+YE7VhjI4tXMCuXIu3w3VClAZab
mRjP+P1XBH+SuGgtmXxqNDYjkk7d5IptGvsj7nTdfUqtN53oFuEuMCLtvkGKzWrF
A9KQCBKYuXxYn5OwG0OFGvjv+iw5jgnQnZ1WtAOCEE9WRB92/gwF0j7ksQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI/AEY05l4Av01M7FP2bG8G6kBtnMB8GA1UdIwQY
MBaAFMuD+/wXbNSOvi8s3p9MAe0lO7stMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTRQN19CZHMxSTYtTHl6ZW4wd0I3U1U3dXkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9lYTM3ZjEtY2UxYS00ODE2LWJjYjYt
NDQxMmRlZmVkZTczLzEveTRQN19CZHMxSTYtTHl6ZW4wd0I3U1U3dXkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9lYTM3ZjEtY2UxYS00ODE2LWJjYjYtNDQxMmRlZmVkZTcz
LzEveTRQN19CZHMxSTYtTHl6ZW4wd0I3U1U3dXkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX6Q5sil+
1BSTa/jxbmB8KC3ZncVQwuTp1RLqXZKOa+TlED7GtTszqBXG45ZjxE/k5ysaBiJo
nQDNhwqb4DOkY7d4bdRpTeS7jldfGSXNPaiSJ8387G9py9zVa3eoWULRbOYOL78k
BAeLG+gslCafLHqFPx6C7LVj0Hxa0BgSzO+S40F4N7Sz/kHAzjOShFbug2sSJ3zo
JK2gGV8wNSpfK5kx+EdC6jnHSGt+Qcg2SQD0708J/ofPESqVlMcw3ooAO0OncubP
S6/v6jf6Qzcf1+1s1W3ZQUcZsWW6zAJhdGWSCB9hUEGZkSGAmtvW1zG5/P5ksBeG
s+Av7F5pXE5OHw==
-----END CERTIFICATE-----