Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
File:                     IClZ7xuVPXmKoPVkMafxG2vhltY.mft (raw, json)
Hash identifier:          dhhmAlHWlICCwoCCdNzXuMQIv2ilBiVik+Kun6NVYA0=
Subject key identifier:   8A:98:83:9F:EE:95:64:D7:88:4B:10:48:3D:72:69:CA:0D:A2:56:23
Authority key identifier: 20:29:59:EF:1B:95:3D:79:8A:A0:F5:64:31:A7:F1:1B:6B:E1:96:D6
Certificate issuer:       /CN=202959ef1b953d798aa0f56431a7f11b6be196d6
Certificate serial:       01965047FB956AAB5811992E1DD5A37A9BE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
Manifest number:          10F4
Signing time:             Sat 19 Apr 2025 23:00:16 +0000
Manifest this update:     Sat 19 Apr 2025 23:00:16 +0000
Manifest next update:     Sun 20 Apr 2025 23:00:16 +0000
Files and hashes:         1: IClZ7xuVPXmKoPVkMafxG2vhltY.crl (hash: tj3mGzLD9KOM4uQk/ADYoC69DZlEd47iKPQ5f2Zm5tU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:47:fb:95:6a:ab:58:11:99:2e:1d:d5:a3:7a:9b:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=202959ef1b953d798aa0f56431a7f11b6be196d6
        Validity
            Not Before: Apr 19 23:00:16 2025 GMT
            Not After : Apr 20 23:00:16 2025 GMT
        Subject: CN=8a98839fee9564d7884b10483d7269ca0da25623
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:dc:4a:5a:a2:d8:b5:d9:78:c1:e9:8e:b7:bc:
                    7e:5a:4c:4f:30:7c:d3:96:03:83:b4:58:94:bf:3c:
                    7a:0d:16:bc:42:66:16:41:a5:bc:5f:98:eb:f0:0d:
                    b7:b1:7a:37:f8:bd:4f:17:22:86:43:b6:08:de:9c:
                    1b:49:e5:93:d4:3a:60:24:dc:68:f7:0c:f1:c6:8c:
                    d5:a0:91:7f:c0:7d:0c:0c:a2:9c:a3:13:d4:90:28:
                    d2:18:45:58:52:f5:10:1a:33:35:ea:d7:b5:a1:90:
                    e0:19:24:78:54:bc:02:9f:cf:89:10:76:eb:77:96:
                    17:1d:b9:36:9d:5c:dc:18:f0:e6:5c:03:ed:fd:43:
                    3c:03:d7:33:b0:43:1a:c0:a3:95:37:53:66:98:06:
                    65:84:d5:1f:50:e0:ff:a8:a0:7f:2c:9b:15:a5:81:
                    d7:63:9a:65:fc:0a:81:75:d0:0e:48:1d:28:5b:4c:
                    eb:3a:90:85:72:ad:84:da:fb:1b:dc:a9:7a:bb:33:
                    58:52:a5:31:05:c0:ba:49:c8:cd:b2:b4:33:0b:e8:
                    45:35:f1:0a:1a:23:f0:d9:a7:b3:ff:11:44:d7:bf:
                    14:69:3c:b6:a3:e6:67:a4:be:b7:c2:3f:d5:95:39:
                    51:6e:09:e0:a2:d7:2d:0b:69:2c:f2:a4:87:fd:4b:
                    e2:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:98:83:9F:EE:95:64:D7:88:4B:10:48:3D:72:69:CA:0D:A2:56:23
            X509v3 Authority Key Identifier:
                keyid:20:29:59:EF:1B:95:3D:79:8A:A0:F5:64:31:A7:F1:1B:6B:E1:96:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:c9:3b:9d:84:f4:95:1e:44:a4:8f:74:fe:e0:1b:4b:57:e7:
         7d:a7:16:f1:bc:e6:6f:7a:e0:f7:f9:9f:a2:ab:df:0a:65:41:
         48:a2:be:91:b5:5b:76:8c:40:40:90:64:98:d6:bd:aa:28:f0:
         1c:7e:28:c5:7f:f4:d9:74:ca:ae:81:66:c5:a3:ad:50:9e:5e:
         5e:eb:36:29:f2:b4:2c:85:fa:c0:ac:5b:ca:1c:10:30:7e:1e:
         3b:1b:bd:4f:81:87:1b:b8:00:26:94:b9:f4:16:5a:5c:0e:4f:
         31:33:4c:01:ea:4d:8e:7b:2f:ac:08:95:4b:15:99:81:07:93:
         fd:af:37:e5:ef:0b:bb:26:bc:3e:70:a8:f5:97:30:48:2a:98:
         29:e4:c7:60:c7:25:9f:4b:70:b8:ed:bf:58:1e:bb:06:43:45:
         87:7a:a2:f5:a3:e1:a3:b2:39:1b:05:76:e5:97:a8:4b:92:a0:
         da:6a:7b:30:fc:59:b3:6a:ab:86:9d:d2:55:68:bc:4b:4a:a6:
         cb:6b:ee:ca:12:8d:70:16:07:b6:42:46:27:b6:81:75:e5:ec:
         39:69:be:3f:31:bc:3f:5d:50:cd:8a:ff:2b:4c:6b:a6:2f:c2:
         1f:40:e3:37:52:73:14:34:d6:0d:d7:cc:98:79:9b:ed:7e:9c:
         70:dd:47:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQR/uVaqtYEZkuHdWjepvlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMjk1OWVmMWI5NTNkNzk4YWEwZjU2NDMxYTdmMTFiNmJl
MTk2ZDYwHhcNMjUwNDE5MjMwMDE2WhcNMjUwNDIwMjMwMDE2WjAzMTEwLwYDVQQD
Eyg4YTk4ODM5ZmVlOTU2NGQ3ODg0YjEwNDgzZDcyNjljYTBkYTI1NjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNxKWqLYtdl4wemOt7x+WkxPMHzT
lgODtFiUvzx6DRa8QmYWQaW8X5jr8A23sXo3+L1PFyKGQ7YI3pwbSeWT1DpgJNxo
9wzxxozVoJF/wH0MDKKcoxPUkCjSGEVYUvUQGjM16te1oZDgGSR4VLwCn8+JEHbr
d5YXHbk2nVzcGPDmXAPt/UM8A9czsEMawKOVN1NmmAZlhNUfUOD/qKB/LJsVpYHX
Y5pl/AqBddAOSB0oW0zrOpCFcq2E2vsb3Kl6uzNYUqUxBcC6ScjNsrQzC+hFNfEK
GiPw2aez/xFE178UaTy2o+ZnpL63wj/VlTlRbgngotctC2ks8qSH/UviCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqYg5/ulWTXiEsQSD1yacoNolYjMB8GA1UdIwQY
MBaAFCApWe8blT15iqD1ZDGn8Rtr4ZbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mMmNjYzAtMzczMi00MzUxLWI3NzAt
NmIwZGE5ZTRmYjEwLzEvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mMmNjYzAtMzczMi00MzUxLWI3NzAtNmIwZGE5ZTRmYjEw
LzEvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXck7nYT0
lR5EpI90/uAbS1fnfacW8bzmb3rg9/mfoqvfCmVBSKK+kbVbdoxAQJBkmNa9qijw
HH4oxX/02XTKroFmxaOtUJ5eXus2KfK0LIX6wKxbyhwQMH4eOxu9T4GHG7gAJpS5
9BZaXA5PMTNMAepNjnsvrAiVSxWZgQeT/a835e8Luya8PnCo9ZcwSCqYKeTHYMcl
n0twuO2/WB67BkNFh3qi9aPho7I5GwV25ZeoS5Kg2mp7MPxZs2qrhp3SVWi8S0qm
y2vuyhKNcBYHtkJGJ7aBdeXsOWm+PzG8P11QzYr/K0xrpi/CH0DjN1JzFDTWDdfM
mHmb7X6ccN1H0Q==
-----END CERTIFICATE-----