Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
File:                     goIekswnAHYZMDmOI4DCOqR1XxY.mft (raw, json)
Hash identifier:          3TDNuO3vXSI1UeSsYeMpjpfPdGtBsFm0M5RO0/BwhHE=
Subject key identifier:   77:59:F5:8E:37:BA:B2:DA:B3:4C:C7:14:06:2B:EC:D8:AB:AA:12:E4
Authority key identifier: 82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16
Certificate issuer:       /CN=82821e92cc2700761930398e2380c23aa4755f16
Certificate serial:       01964F6D8A1F20F01932DF8A050B54A23997
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
Manifest number:          05B0
Signing time:             Sat 19 Apr 2025 19:01:40 +0000
Manifest this update:     Sat 19 Apr 2025 19:01:40 +0000
Manifest next update:     Sun 20 Apr 2025 19:01:40 +0000
Files and hashes:         1: goIekswnAHYZMDmOI4DCOqR1XxY.crl (hash: n1sCYx4W4u/COJacEpVHXt2EhyQMyjmXh3ssb8qirqo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 16:41:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:6d:8a:1f:20:f0:19:32:df:8a:05:0b:54:a2:39:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82821e92cc2700761930398e2380c23aa4755f16
        Validity
            Not Before: Apr 19 19:01:40 2025 GMT
            Not After : Apr 20 19:01:40 2025 GMT
        Subject: CN=7759f58e37bab2dab34cc714062becd8abaa12e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:4e:7c:c3:1e:d2:19:e2:13:24:ec:4a:0f:19:
                    3a:0a:ee:71:1b:6a:eb:5b:48:e5:f5:4b:6e:58:e4:
                    af:d7:83:df:b5:1e:6f:6a:f5:b9:30:a9:56:a2:32:
                    df:74:9c:d2:89:2a:7d:c4:7a:dc:42:4c:61:2e:e7:
                    53:e2:92:ef:7e:24:17:51:a7:15:14:cb:97:88:5a:
                    9c:5b:d5:e6:b3:e0:d7:c5:ec:79:e3:17:78:8b:0a:
                    43:40:d7:e5:39:d8:a8:0b:9a:72:9d:cb:99:fb:de:
                    8b:de:b9:f9:b6:89:f9:e6:09:61:aa:9d:d1:55:1f:
                    e4:6f:77:78:5c:0d:54:df:7a:10:35:f2:8e:fe:05:
                    e6:42:fc:96:b0:3e:98:3b:9e:9b:62:0a:1a:e6:50:
                    50:f5:1f:0a:58:ac:c1:88:27:5a:5e:8b:64:2b:70:
                    30:9f:f6:80:78:64:69:5d:1a:b5:26:da:93:81:0d:
                    60:24:1f:60:db:7c:d4:43:2c:75:b4:9f:64:09:9c:
                    50:51:22:e6:15:0a:98:ec:24:46:01:da:21:a6:07:
                    3f:60:2c:5d:ae:21:f8:2a:f0:2c:7e:62:4e:c0:e9:
                    48:88:0b:b8:74:49:5b:ab:ef:c9:14:a6:a6:cd:f6:
                    84:75:0a:fd:95:35:7b:a2:3a:55:ba:e4:61:eb:64:
                    15:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:59:F5:8E:37:BA:B2:DA:B3:4C:C7:14:06:2B:EC:D8:AB:AA:12:E4
            X509v3 Authority Key Identifier:
                keyid:82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:42:11:fa:c6:93:35:17:f2:4a:06:51:e3:c5:fe:0a:8e:f7:
         54:9d:fd:39:c4:3e:ff:09:0e:45:f7:bc:8a:ef:b2:02:f9:28:
         d3:6d:11:10:a7:49:03:fc:cb:4f:e1:0a:e8:d3:a4:e4:6f:ef:
         6d:91:12:ca:08:fb:d7:fa:65:20:db:ba:dd:88:8c:f1:45:b2:
         3f:0c:fb:8f:c0:f6:0f:1b:93:6c:5f:cc:3c:d1:5c:f5:fd:a5:
         e9:bb:6d:6c:81:ae:b1:7b:5c:d9:3a:70:a8:63:78:97:c3:04:
         aa:8e:45:12:b0:17:e1:cb:f9:b8:8c:a0:fe:84:0d:10:3a:a8:
         37:3d:ce:d6:f1:97:4c:8f:43:f3:a7:80:30:12:3e:c3:5f:e9:
         47:92:f3:0d:cc:c1:9a:f5:0e:5b:6b:d2:d2:a6:12:40:2e:35:
         fa:21:16:34:2e:74:a6:2c:07:a7:3c:03:a9:b6:e2:12:26:5a:
         13:9d:83:da:3b:57:39:d9:bd:a2:80:7a:0e:61:d3:f0:5f:75:
         e2:db:9e:2d:e3:13:bd:54:20:ee:c5:67:49:02:db:6b:ad:d1:
         d5:2f:a5:13:fc:85:40:cb:64:81:d1:7f:af:cb:31:af:74:de:
         92:1e:52:03:cc:6f:7c:e0:26:7b:59:b2:95:59:e2:48:a8:22:
         80:16:33:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPbYofIPAZMt+KBQtUojmXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyODIxZTkyY2MyNzAwNzYxOTMwMzk4ZTIzODBjMjNhYTQ3
NTVmMTYwHhcNMjUwNDE5MTkwMTQwWhcNMjUwNDIwMTkwMTQwWjAzMTEwLwYDVQQD
Eyg3NzU5ZjU4ZTM3YmFiMmRhYjM0Y2M3MTQwNjJiZWNkOGFiYWExMmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsk58wx7SGeITJOxKDxk6Cu5xG2rr
W0jl9UtuWOSv14PftR5vavW5MKlWojLfdJzSiSp9xHrcQkxhLudT4pLvfiQXUacV
FMuXiFqcW9Xms+DXxex54xd4iwpDQNflOdioC5pyncuZ+96L3rn5ton55glhqp3R
VR/kb3d4XA1U33oQNfKO/gXmQvyWsD6YO56bYgoa5lBQ9R8KWKzBiCdaXotkK3Aw
n/aAeGRpXRq1JtqTgQ1gJB9g23zUQyx1tJ9kCZxQUSLmFQqY7CRGAdohpgc/YCxd
riH4KvAsfmJOwOlIiAu4dElbq+/JFKamzfaEdQr9lTV7ojpVuuRh62QV0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHdZ9Y43urLas0zHFAYr7NirqhLkMB8GA1UdIwQY
MBaAFIKCHpLMJwB2GTA5jiOAwjqkdV8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAt
MDhiNjJiOGVmZTcxLzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAtMDhiNjJiOGVmZTcx
LzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO0IR+saT
NRfySgZR48X+Co73VJ39OcQ+/wkORfe8iu+yAvko020REKdJA/zLT+EK6NOk5G/v
bZESygj71/plINu63YiM8UWyPwz7j8D2DxuTbF/MPNFc9f2l6bttbIGusXtc2Tpw
qGN4l8MEqo5FErAX4cv5uIyg/oQNEDqoNz3O1vGXTI9D86eAMBI+w1/pR5LzDczB
mvUOW2vS0qYSQC41+iEWNC50piwHpzwDqbbiEiZaE52D2jtXOdm9ooB6DmHT8F91
4tueLeMTvVQg7sVnSQLba63R1S+lE/yFQMtkgdF/r8sxr3Tekh5SA8xvfOAme1my
lVniSKgigBYzuA==
-----END CERTIFICATE-----