Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft
File:                     fkL5qpHFODs-cnVy67GVWRqHYM4.mft (raw, json)
Hash identifier:          vyJws+tAVeJOe25XrZPlgzC1+OshC0VC/CQkwwegwSs=
Subject key identifier:   06:F9:97:B2:D1:43:BF:5B:E6:C8:95:91:60:AF:C5:C1:7A:0A:1D:82
Authority key identifier: 7E:42:F9:AA:91:C5:38:3B:3E:72:75:72:EB:B1:95:59:1A:87:60:CE
Certificate issuer:       /CN=7e42f9aa91c5383b3e727572ebb195591a8760ce
Certificate serial:       01957910EB8886888BD078033571AF557F42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fkL5qpHFODs-cnVy67GVWRqHYM4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft
Manifest number:          0523
Signing time:             Sun 09 Mar 2025 04:01:46 +0000
Manifest this update:     Sun 09 Mar 2025 04:01:46 +0000
Manifest next update:     Mon 10 Mar 2025 04:01:46 +0000
Files and hashes:         1: fkL5qpHFODs-cnVy67GVWRqHYM4.crl (hash: IwXDFLDCVsWHHhgQWn9OUCpDHHpPz63Bkiz2jmoH/IE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fkL5qpHFODs-cnVy67GVWRqHYM4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 10 Mar 2025 04:01:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:79:10:eb:88:86:88:8b:d0:78:03:35:71:af:55:7f:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7e42f9aa91c5383b3e727572ebb195591a8760ce
        Validity
            Not Before: Mar  9 04:01:46 2025 GMT
            Not After : Mar 10 04:01:46 2025 GMT
        Subject: CN=06f997b2d143bf5be6c8959160afc5c17a0a1d82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:69:a2:b3:a6:27:22:98:ae:1a:09:af:44:c7:
                    f5:e5:1f:0c:c1:69:08:4c:a4:4f:25:cf:aa:1e:5a:
                    0f:4e:a5:3c:5c:1a:90:b8:8c:62:0a:5a:45:11:33:
                    44:66:1c:d5:bb:41:a6:3c:c2:3b:9a:c3:f1:6e:f5:
                    d5:9c:67:01:28:db:7c:97:19:90:38:88:e7:3a:a3:
                    59:1c:c6:74:ba:91:37:c4:61:d4:05:d3:3f:12:0a:
                    e2:e6:ec:9b:f8:d7:ca:f9:74:52:57:ee:88:f4:9d:
                    88:71:de:1d:ba:83:4f:22:6c:bf:9f:dd:c5:93:28:
                    cb:f0:1f:30:92:68:f4:cd:19:c2:7d:6b:e1:95:3a:
                    ca:9b:bc:7c:ac:bf:d8:73:83:4d:c5:9f:db:76:01:
                    4f:11:4a:25:3a:58:42:a5:3c:6b:67:11:81:4a:52:
                    43:62:dd:af:16:8d:bf:cc:03:bc:af:23:ea:67:38:
                    33:f6:88:84:3c:88:50:c0:28:16:05:26:c6:97:b1:
                    7c:b7:c4:a0:56:65:8b:64:6a:a4:cc:52:f1:c9:4c:
                    bd:e0:e6:40:ab:9f:96:2a:94:ef:08:ab:65:96:c7:
                    4c:d0:47:23:ef:38:cb:24:2b:72:09:00:9e:98:79:
                    77:5b:6a:33:72:fc:a0:6d:c4:7b:b1:90:14:05:8e:
                    39:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:F9:97:B2:D1:43:BF:5B:E6:C8:95:91:60:AF:C5:C1:7A:0A:1D:82
            X509v3 Authority Key Identifier:
                keyid:7E:42:F9:AA:91:C5:38:3B:3E:72:75:72:EB:B1:95:59:1A:87:60:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fkL5qpHFODs-cnVy67GVWRqHYM4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:4e:c2:cd:1a:f8:cd:a9:f0:db:60:67:3f:77:4b:dd:0b:61:
         a6:81:0f:c3:ad:dc:01:b8:15:0a:72:cb:53:72:9e:fa:e4:5a:
         64:b5:41:83:47:9e:c1:94:82:b9:71:91:ff:17:d3:1b:08:c6:
         e8:b4:67:e8:bf:54:06:90:5f:71:dd:37:c1:a6:92:70:8b:5e:
         64:63:ac:af:89:b0:ea:6d:28:79:13:0e:b2:23:e2:0d:4f:c4:
         d3:2a:1e:d9:0e:7b:7c:df:54:c3:b7:ce:29:fd:90:33:8c:f1:
         2f:a6:f8:de:8a:71:61:ea:bb:f0:76:2a:82:e6:36:fc:6b:92:
         e7:fa:45:9e:69:25:25:64:0b:a0:10:59:ee:12:0c:8a:fe:71:
         2e:5f:c3:81:cc:bf:87:fe:73:01:e9:f0:f7:8a:61:bc:19:67:
         d9:cd:2a:58:57:81:df:c1:ef:e3:1b:95:65:db:3e:f6:16:0b:
         38:c0:47:2e:cd:69:d2:d3:f4:12:05:3e:04:51:d3:97:cc:d6:
         00:4f:b0:11:4f:a9:bd:bc:92:0d:bc:5a:0e:57:02:ec:34:8f:
         e9:9c:b3:a7:ef:d3:a3:62:46:a3:f7:a4:e4:74:a7:62:93:d4:
         f2:92:b4:7f:cd:75:85:c1:3b:5d:9f:85:70:63:e6:a4:ee:72:
         0a:4f:f7:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV5EOuIhoiL0HgDNXGvVX9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNDJmOWFhOTFjNTM4M2IzZTcyNzU3MmViYjE5NTU5MWE4
NzYwY2UwHhcNMjUwMzA5MDQwMTQ2WhcNMjUwMzEwMDQwMTQ2WjAzMTEwLwYDVQQD
EygwNmY5OTdiMmQxNDNiZjViZTZjODk1OTE2MGFmYzVjMTdhMGExZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mmis6YnIpiuGgmvRMf15R8MwWkI
TKRPJc+qHloPTqU8XBqQuIxiClpFETNEZhzVu0GmPMI7msPxbvXVnGcBKNt8lxmQ
OIjnOqNZHMZ0upE3xGHUBdM/Egri5uyb+NfK+XRSV+6I9J2Icd4duoNPImy/n93F
kyjL8B8wkmj0zRnCfWvhlTrKm7x8rL/Yc4NNxZ/bdgFPEUolOlhCpTxrZxGBSlJD
Yt2vFo2/zAO8ryPqZzgz9oiEPIhQwCgWBSbGl7F8t8SgVmWLZGqkzFLxyUy94OZA
q5+WKpTvCKtllsdM0Ecj7zjLJCtyCQCemHl3W2ozcvygbcR7sZAUBY45wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAb5l7LRQ79b5siVkWCvxcF6Ch2CMB8GA1UdIwQY
MBaAFH5C+aqRxTg7PnJ1cuuxlVkah2DOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmtMNXFwSEZPRHMtY25WeTY3R1ZXUnFIWU00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC84MWQ4ZGQtNGNkMy00Mzc4LWIwNjct
N2NkNDcyODY0YmY4LzEvZmtMNXFwSEZPRHMtY25WeTY3R1ZXUnFIWU00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC84MWQ4ZGQtNGNkMy00Mzc4LWIwNjctN2NkNDcyODY0YmY4
LzEvZmtMNXFwSEZPRHMtY25WeTY3R1ZXUnFIWU00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKk7CzRr4
zanw22BnP3dL3QthpoEPw63cAbgVCnLLU3Ke+uRaZLVBg0eewZSCuXGR/xfTGwjG
6LRn6L9UBpBfcd03waaScIteZGOsr4mw6m0oeRMOsiPiDU/E0yoe2Q57fN9Uw7fO
Kf2QM4zxL6b43opxYeq78HYqguY2/GuS5/pFnmklJWQLoBBZ7hIMiv5xLl/Dgcy/
h/5zAenw94phvBln2c0qWFeB38Hv4xuVZds+9hYLOMBHLs1p0tP0EgU+BFHTl8zW
AE+wEU+pvbySDbxaDlcC7DSP6Zyzp+/To2JGo/ek5HSnYpPU8pK0f811hcE7XZ+F
cGPmpO5yCk/3lA==
-----END CERTIFICATE-----