Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.mft
File:                     rRIanMsoPqIejQoHCi4LakDph30.mft (raw, json)
Hash identifier:          0KaBYg/VanQk8OktLaZemrKRLaotjJVQwanuMaO7lkk=
Subject key identifier:   54:F0:4C:13:FA:46:B1:57:97:0E:29:15:6D:4C:DC:13:66:FF:7C:89
Authority key identifier: AD:12:1A:9C:CB:28:3E:A2:1E:8D:0A:07:0A:2E:0B:6A:40:E9:87:7D
Certificate issuer:       /CN=ad121a9ccb283ea21e8d0a070a2e0b6a40e9877d
Certificate serial:       019643D5E829168C97D0CF044CE89E758023
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rRIanMsoPqIejQoHCi4LakDph30.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.mft
Manifest number:          14F1
Signing time:             Thu 17 Apr 2025 13:00:14 +0000
Manifest this update:     Thu 17 Apr 2025 13:00:14 +0000
Manifest next update:     Fri 18 Apr 2025 13:00:14 +0000
Files and hashes:         1: rRIanMsoPqIejQoHCi4LakDph30.crl (hash: MqdzCOj/br6L1CKoI358uDTG/FKev8c2YyzZkAWsnKY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rRIanMsoPqIejQoHCi4LakDph30.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 13:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:43:d5:e8:29:16:8c:97:d0:cf:04:4c:e8:9e:75:80:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad121a9ccb283ea21e8d0a070a2e0b6a40e9877d
        Validity
            Not Before: Apr 17 13:00:14 2025 GMT
            Not After : Apr 18 13:00:14 2025 GMT
        Subject: CN=54f04c13fa46b157970e29156d4cdc1366ff7c89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:27:70:7c:01:33:92:cb:4e:c7:1f:d3:11:0f:
                    a0:76:f1:b7:4f:86:19:ed:90:67:c9:fd:7a:03:79:
                    cf:b8:9d:a2:bb:41:43:16:10:9f:cb:12:ad:2f:16:
                    37:bb:17:eb:92:cb:f9:c1:d5:d0:74:73:c6:7e:92:
                    39:75:4a:93:12:65:50:f6:8d:29:e0:9c:67:b9:87:
                    b4:cb:c7:52:f1:81:fe:1a:ca:4d:40:d8:63:fc:d1:
                    4c:f5:8b:a2:d6:f9:af:58:71:62:dd:a1:41:b3:f8:
                    a2:b7:86:49:5c:09:07:47:6f:e9:3a:47:6e:25:65:
                    1a:fe:91:12:d2:57:9a:9f:07:8f:43:90:6b:d2:2e:
                    5a:32:50:27:2a:45:14:56:a9:6e:41:64:e1:03:25:
                    2e:c9:b6:04:90:1e:cb:db:46:5c:54:8a:e2:20:f8:
                    a6:8a:8c:91:ae:f7:ba:3f:5d:28:3a:20:20:e7:f4:
                    0c:05:c5:8a:71:32:60:77:b0:ee:70:44:ed:17:69:
                    3a:4d:c7:aa:7f:94:55:50:26:d3:a9:4f:c9:d1:53:
                    c8:65:56:ba:a6:97:1b:82:bb:27:cc:41:8c:d5:f0:
                    65:4f:9c:ec:42:21:5c:14:bc:59:c2:d5:86:96:47:
                    5b:3c:84:f4:8c:95:13:56:58:1f:91:41:f7:ca:bf:
                    74:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:F0:4C:13:FA:46:B1:57:97:0E:29:15:6D:4C:DC:13:66:FF:7C:89
            X509v3 Authority Key Identifier:
                keyid:AD:12:1A:9C:CB:28:3E:A2:1E:8D:0A:07:0A:2E:0B:6A:40:E9:87:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rRIanMsoPqIejQoHCi4LakDph30.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:63:5e:02:f3:ac:93:a2:cf:09:ed:25:0c:51:a6:59:34:4e:
         35:3d:7a:22:79:a5:3f:58:ae:e1:21:f2:ed:1e:34:db:a0:b5:
         9b:a5:71:db:a6:34:76:c3:06:51:ba:9e:1a:88:e5:76:52:8e:
         12:a7:b4:90:66:97:72:f8:ca:10:74:95:f3:fc:72:c7:93:36:
         57:34:27:95:fb:79:64:f6:ce:4e:1e:36:e5:11:01:f3:b8:2e:
         8a:c8:e7:a0:8e:fe:b2:81:79:6d:da:f9:2c:a8:cc:e6:14:cc:
         16:1e:50:66:fc:db:7c:8f:6c:78:73:41:20:5e:d1:93:bd:06:
         d8:d9:56:f9:1c:2c:2a:5a:bc:11:fe:c1:86:5c:aa:a5:b2:2e:
         f9:a7:0f:a9:0c:95:61:3d:7e:bb:71:fd:d1:37:ea:e1:51:e1:
         2d:05:d2:f1:c4:26:d1:03:99:34:82:e6:f5:c3:44:d8:84:92:
         23:8d:35:e0:96:b7:3f:e0:89:9a:14:a9:8f:1d:9e:11:ea:cf:
         c7:d8:f2:13:d3:27:8e:eb:89:35:9c:05:a0:93:14:c5:78:44:
         f8:06:5c:32:6a:33:a6:56:e9:81:35:0d:da:85:02:79:78:eb:
         de:a3:eb:b0:21:d1:e4:45:d8:0b:e8:4f:82:e0:b3:64:f7:85:
         2b:ac:7b:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZD1egpFoyX0M8ETOiedYAjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMTIxYTljY2IyODNlYTIxZThkMGEwNzBhMmUwYjZhNDBl
OTg3N2QwHhcNMjUwNDE3MTMwMDE0WhcNMjUwNDE4MTMwMDE0WjAzMTEwLwYDVQQD
Eyg1NGYwNGMxM2ZhNDZiMTU3OTcwZTI5MTU2ZDRjZGMxMzY2ZmY3Yzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCdwfAEzkstOxx/TEQ+gdvG3T4YZ
7ZBnyf16A3nPuJ2iu0FDFhCfyxKtLxY3uxfrksv5wdXQdHPGfpI5dUqTEmVQ9o0p
4JxnuYe0y8dS8YH+GspNQNhj/NFM9Yui1vmvWHFi3aFBs/iit4ZJXAkHR2/pOkdu
JWUa/pES0leanwePQ5Br0i5aMlAnKkUUVqluQWThAyUuybYEkB7L20ZcVIriIPim
ioyRrve6P10oOiAg5/QMBcWKcTJgd7DucETtF2k6Tceqf5RVUCbTqU/J0VPIZVa6
ppcbgrsnzEGM1fBlT5zsQiFcFLxZwtWGlkdbPIT0jJUTVlgfkUH3yr909wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFTwTBP6RrFXlw4pFW1M3BNm/3yJMB8GA1UdIwQY
MBaAFK0SGpzLKD6iHo0KBwouC2pA6Yd9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclJJYW5Nc29QcUllalFvSENpNExha0RwaDMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8yN2Y3ZmEtYjAxOS00ODQyLWE2YTYt
NTlkZjczZDNiYjkxLzEvclJJYW5Nc29QcUllalFvSENpNExha0RwaDMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8yN2Y3ZmEtYjAxOS00ODQyLWE2YTYtNTlkZjczZDNiYjkx
LzEvclJJYW5Nc29QcUllalFvSENpNExha0RwaDMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC2NeAvOs
k6LPCe0lDFGmWTRONT16InmlP1iu4SHy7R4026C1m6Vx26Y0dsMGUbqeGojldlKO
Eqe0kGaXcvjKEHSV8/xyx5M2VzQnlft5ZPbOTh425REB87guisjnoI7+soF5bdr5
LKjM5hTMFh5QZvzbfI9seHNBIF7Rk70G2NlW+RwsKlq8Ef7BhlyqpbIu+acPqQyV
YT1+u3H90Tfq4VHhLQXS8cQm0QOZNILm9cNE2ISSI4014Ja3P+CJmhSpjx2eEerP
x9jyE9MnjuuJNZwFoJMUxXhE+AZcMmozplbpgTUN2oUCeXjr3qPrsCHR5EXYC+hP
guCzZPeFK6x7Sg==
-----END CERTIFICATE-----