Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft
File:                     Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft (raw, json)
Hash identifier:          AUhA1D24yY7AsY3P42QLyoqooEVnphpx3pt1H20sqRU=
Subject key identifier:   A5:0A:69:35:EC:2C:CB:31:D2:45:31:23:02:EF:C6:27:EE:0C:FC:C7
Authority key identifier: 16:86:F7:BE:9B:A1:71:C3:27:46:AB:4E:D2:0B:E8:82:BD:30:43:56
Certificate issuer:       /CN=1686f7be9ba171c32746ab4ed20be882bd304356
Certificate serial:       01965A5E0E82E913A0FF84DFBA376D775A11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Fob3vpuhccMnRqtO0gvogr0wQ1Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft
Manifest number:          0290
Signing time:             Mon 21 Apr 2025 22:00:35 +0000
Manifest this update:     Mon 21 Apr 2025 22:00:35 +0000
Manifest next update:     Tue 22 Apr 2025 22:00:35 +0000
Files and hashes:         1: Fob3vpuhccMnRqtO0gvogr0wQ1Y.crl (hash: oluBmEtyJt5q3J70sq6NVxJHvYYzrb4VrHhQdawp/TU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Fob3vpuhccMnRqtO0gvogr0wQ1Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5a:5e:0e:82:e9:13:a0:ff:84:df:ba:37:6d:77:5a:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1686f7be9ba171c32746ab4ed20be882bd304356
        Validity
            Not Before: Apr 21 22:00:35 2025 GMT
            Not After : Apr 22 22:00:35 2025 GMT
        Subject: CN=a50a6935ec2ccb31d245312302efc627ee0cfcc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:26:9c:b0:08:b6:1c:f3:4f:93:99:95:15:bb:
                    48:ee:c6:75:f2:ae:1e:1c:dc:d3:d4:17:da:3d:c0:
                    c2:28:6d:78:f4:4d:6a:ac:8a:cf:53:21:3d:85:08:
                    73:63:d2:e6:84:e3:83:1b:b4:1b:85:2f:c1:97:41:
                    bf:37:67:b3:e6:40:e5:be:f3:09:f6:eb:7e:9b:c8:
                    b0:5b:59:c1:6c:55:91:4a:1f:32:df:0f:9d:0d:4b:
                    08:a5:19:57:2c:d4:f7:e1:76:fe:27:3e:92:c9:5d:
                    a8:09:37:f3:ad:5e:69:7b:2e:32:6d:75:e5:50:d6:
                    38:bb:f6:ff:f3:a8:2a:f1:b8:00:c5:42:43:37:bd:
                    50:5f:a5:76:1a:5c:b3:25:f6:31:f9:bc:ad:66:c3:
                    2a:45:3d:bd:4c:19:1e:9e:f1:f2:be:df:d3:9e:ba:
                    67:ef:13:8a:5b:f6:48:d8:28:cf:a7:5a:84:6a:61:
                    3c:9b:2b:fd:7f:8c:e0:06:40:8a:5e:8c:8e:c2:ea:
                    f8:41:b1:ae:3d:cc:24:1a:45:63:14:c5:dd:90:d3:
                    17:cb:f4:9b:c7:bb:c7:fc:79:a1:d4:01:86:64:b7:
                    6b:b9:f1:2e:e4:fe:05:67:5c:4b:29:0d:85:bf:af:
                    f9:05:f3:bf:2b:02:ba:e8:58:1b:6e:4d:3e:c9:37:
                    61:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:0A:69:35:EC:2C:CB:31:D2:45:31:23:02:EF:C6:27:EE:0C:FC:C7
            X509v3 Authority Key Identifier:
                keyid:16:86:F7:BE:9B:A1:71:C3:27:46:AB:4E:D2:0B:E8:82:BD:30:43:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fob3vpuhccMnRqtO0gvogr0wQ1Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:6c:45:5f:37:fb:0e:2e:5c:b9:6b:45:cf:aa:a8:3e:e3:7d:
         6b:59:7e:27:d6:9c:69:45:c9:3e:c9:cd:1e:87:53:c3:53:96:
         23:5e:e4:a2:94:d7:e7:a3:c6:9a:af:97:e4:46:81:4a:0e:0e:
         29:9f:7f:0d:5e:61:98:4e:43:81:d3:76:17:38:ae:54:b4:60:
         d6:e5:aa:e6:21:be:d7:be:6a:c1:ee:eb:bc:54:e3:f2:43:54:
         07:bf:c1:8e:1c:a2:ab:2f:7e:37:0b:22:fe:77:d0:4a:04:80:
         45:f1:06:61:ad:58:17:9d:30:8c:5e:c0:1b:6c:d0:a3:5c:ff:
         30:02:de:20:59:2d:a7:e1:2a:9b:c3:d4:59:cf:c3:c1:6b:f7:
         60:84:8f:c8:ab:e8:85:15:47:fa:14:13:72:ca:51:da:46:9b:
         ff:b2:68:4f:18:12:9f:32:d4:9e:c8:28:f0:e7:35:3e:ae:89:
         3c:ec:16:2f:81:17:30:e4:4c:79:3b:23:6f:98:ee:0c:26:5f:
         de:17:6e:be:f7:30:36:c2:63:e2:6d:0f:02:55:79:44:6f:70:
         0d:13:7c:85:29:ec:60:9d:5a:bd:8e:d2:0e:b2:fb:c0:0d:6a:
         51:b1:a8:64:0e:87:49:75:0c:e7:f4:55:d3:60:10:03:94:16:
         bb:56:e5:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZaXg6C6ROg/4Tfujdtd1oRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODZmN2JlOWJhMTcxYzMyNzQ2YWI0ZWQyMGJlODgyYmQz
MDQzNTYwHhcNMjUwNDIxMjIwMDM1WhcNMjUwNDIyMjIwMDM1WjAzMTEwLwYDVQQD
EyhhNTBhNjkzNWVjMmNjYjMxZDI0NTMxMjMwMmVmYzYyN2VlMGNmY2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3iacsAi2HPNPk5mVFbtI7sZ18q4e
HNzT1BfaPcDCKG149E1qrIrPUyE9hQhzY9LmhOODG7QbhS/Bl0G/N2ez5kDlvvMJ
9ut+m8iwW1nBbFWRSh8y3w+dDUsIpRlXLNT34Xb+Jz6SyV2oCTfzrV5pey4ybXXl
UNY4u/b/86gq8bgAxUJDN71QX6V2GlyzJfYx+bytZsMqRT29TBkenvHyvt/Tnrpn
7xOKW/ZI2CjPp1qEamE8myv9f4zgBkCKXoyOwur4QbGuPcwkGkVjFMXdkNMXy/Sb
x7vH/Hmh1AGGZLdrufEu5P4FZ1xLKQ2Fv6/5BfO/KwK66Fgbbk0+yTdhZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKUKaTXsLMsx0kUxIwLvxifuDPzHMB8GA1UdIwQY
MBaAFBaG976boXHDJ0arTtIL6IK9MENWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9iM3ZwdWhjY01uUnF0TzBndm9ncjB3UTFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy83Y2E4MDgtYzc5NS00MGVmLThhNDkt
NzRhOThjYjY2ZmZmLzEvRm9iM3ZwdWhjY01uUnF0TzBndm9ncjB3UTFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy83Y2E4MDgtYzc5NS00MGVmLThhNDktNzRhOThjYjY2ZmZm
LzEvRm9iM3ZwdWhjY01uUnF0TzBndm9ncjB3UTFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr2xFXzf7
Di5cuWtFz6qoPuN9a1l+J9acaUXJPsnNHodTw1OWI17kopTX56PGmq+X5EaBSg4O
KZ9/DV5hmE5DgdN2FziuVLRg1uWq5iG+175qwe7rvFTj8kNUB7/Bjhyiqy9+Nwsi
/nfQSgSARfEGYa1YF50wjF7AG2zQo1z/MALeIFktp+Eqm8PUWc/DwWv3YISPyKvo
hRVH+hQTcspR2kab/7JoTxgSnzLUnsgo8Oc1Pq6JPOwWL4EXMORMeTsjb5juDCZf
3hduvvcwNsJj4m0PAlV5RG9wDRN8hSnsYJ1avY7SDrL7wA1qUbGoZA6HSXUM5/RV
02AQA5QWu1blPw==
-----END CERTIFICATE-----