Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/eb1064-6d26-4555-9fa5-a1a08ebf4eea/1/ejiftI-wXUgfHyORlMU30Vs1cAk.mft
File:                     ejiftI-wXUgfHyORlMU30Vs1cAk.mft (raw, json)
Hash identifier:          rpHcCsoV1GPrWXy1sv7V3gEFoFKyWwUuNheKPr94Lbo=
Subject key identifier:   57:15:8A:A9:FB:93:F2:E6:94:25:3E:A4:73:24:BB:B9:95:2F:C8:47
Authority key identifier: 7A:38:9F:B4:8F:B0:5D:48:1F:1F:23:91:94:C5:37:D1:5B:35:70:09
Certificate issuer:       /CN=7a389fb48fb05d481f1f239194c537d15b357009
Certificate serial:       0196447B3E3FB000EBB732518C5D693A29C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ejiftI-wXUgfHyORlMU30Vs1cAk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/eb1064-6d26-4555-9fa5-a1a08ebf4eea/1/ejiftI-wXUgfHyORlMU30Vs1cAk.mft
Manifest number:          0B98
Signing time:             Thu 17 Apr 2025 16:00:49 +0000
Manifest this update:     Thu 17 Apr 2025 16:00:49 +0000
Manifest next update:     Fri 18 Apr 2025 16:00:49 +0000
Files and hashes:         1: ejiftI-wXUgfHyORlMU30Vs1cAk.crl (hash: OrB7umNiytRQtyJJ3SVMU5vCxIZvYax1hnjWauRMwug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/eb1064-6d26-4555-9fa5-a1a08ebf4eea/1/ejiftI-wXUgfHyORlMU30Vs1cAk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/eb1064-6d26-4555-9fa5-a1a08ebf4eea/1/ejiftI-wXUgfHyORlMU30Vs1cAk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ejiftI-wXUgfHyORlMU30Vs1cAk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:44:7b:3e:3f:b0:00:eb:b7:32:51:8c:5d:69:3a:29:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a389fb48fb05d481f1f239194c537d15b357009
        Validity
            Not Before: Apr 17 16:00:49 2025 GMT
            Not After : Apr 18 16:00:49 2025 GMT
        Subject: CN=57158aa9fb93f2e694253ea47324bbb9952fc847
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:03:af:8b:86:16:67:1e:94:d1:a0:64:2d:82:
                    72:80:f0:15:fd:56:fe:d9:bc:8a:8e:db:02:79:81:
                    ea:90:fd:fc:00:ce:b2:15:c7:0c:b4:ab:aa:fa:9a:
                    a2:0c:87:6f:e3:e7:35:96:b1:ec:dc:17:d9:63:08:
                    ef:f4:bb:1d:13:09:36:2f:39:c2:7d:a5:34:dd:47:
                    8b:4c:40:5f:ee:3f:45:cb:1a:02:34:cf:79:67:d1:
                    ac:32:1a:d4:5b:72:aa:c2:62:30:5a:7c:e5:5f:38:
                    ba:3a:5b:ef:09:74:89:62:9e:4a:78:46:98:ea:8e:
                    18:e2:fd:44:3f:dc:7b:f4:05:c2:7b:35:cc:15:19:
                    6f:c2:77:e5:86:6f:81:a5:b6:c3:ca:cb:eb:9b:ea:
                    75:55:12:b7:22:0a:e9:c6:a6:f9:fb:a1:a3:70:5f:
                    ad:38:e5:35:0a:8b:ba:6d:c9:7f:83:f1:34:28:f2:
                    b1:33:19:11:0b:a1:a7:77:eb:52:fd:20:5e:9d:c6:
                    05:93:a6:c6:a4:2d:20:ec:52:a1:02:1d:e6:ed:2b:
                    67:3a:09:07:93:fd:3b:50:9d:39:64:ff:0c:0f:98:
                    7a:73:13:60:77:eb:ef:4e:8d:92:00:82:a7:3f:b3:
                    9c:ff:3d:04:c6:64:c7:58:ac:8a:25:a4:c6:2e:55:
                    ca:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:15:8A:A9:FB:93:F2:E6:94:25:3E:A4:73:24:BB:B9:95:2F:C8:47
            X509v3 Authority Key Identifier:
                keyid:7A:38:9F:B4:8F:B0:5D:48:1F:1F:23:91:94:C5:37:D1:5B:35:70:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejiftI-wXUgfHyORlMU30Vs1cAk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/eb1064-6d26-4555-9fa5-a1a08ebf4eea/1/ejiftI-wXUgfHyORlMU30Vs1cAk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/eb1064-6d26-4555-9fa5-a1a08ebf4eea/1/ejiftI-wXUgfHyORlMU30Vs1cAk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:4c:6f:ba:43:db:d4:b3:23:b9:70:09:25:e3:b5:77:29:07:
         18:45:fd:4b:7d:97:23:ed:7f:05:67:b0:9e:dd:3c:c3:bd:e7:
         c3:6e:04:68:c2:4f:2c:ea:8a:00:46:7b:65:d5:a6:2d:b6:50:
         51:2d:85:8a:e1:78:cb:9d:59:f2:9f:d1:b3:6d:ba:83:96:65:
         b8:9b:b9:22:26:e1:7b:20:67:5a:57:5b:a9:5e:e3:d1:27:95:
         26:c9:02:17:14:54:10:b2:b6:32:57:77:ad:d2:7e:5c:92:b9:
         d4:e6:9c:9c:7a:f5:f3:32:41:93:a7:2c:bb:59:7a:2f:e0:89:
         67:cb:a8:12:e2:10:50:85:42:4e:bb:f9:4f:df:8c:4f:ef:7d:
         e9:99:5f:70:77:d7:da:d9:6a:32:0c:98:89:2b:13:0b:c1:2d:
         b9:b7:5a:3c:1e:87:a4:97:2c:2e:ad:cb:e6:81:b8:b3:df:83:
         db:e5:40:43:60:bd:f2:dd:23:31:ad:e4:c5:0f:43:38:85:f8:
         29:02:22:1c:b6:8f:74:ea:30:00:c4:8b:f4:8c:b7:46:92:74:
         94:69:57:83:ba:ac:e1:e1:a5:4a:67:35:75:c3:84:3c:09:0d:
         0a:b3:48:6e:18:07:35:41:bd:d2:53:0a:69:17:5b:5e:fc:57:
         45:62:c9:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZEez4/sADrtzJRjF1pOinIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMzg5ZmI0OGZiMDVkNDgxZjFmMjM5MTk0YzUzN2QxNWIz
NTcwMDkwHhcNMjUwNDE3MTYwMDQ5WhcNMjUwNDE4MTYwMDQ5WjAzMTEwLwYDVQQD
Eyg1NzE1OGFhOWZiOTNmMmU2OTQyNTNlYTQ3MzI0YmJiOTk1MmZjODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQOvi4YWZx6U0aBkLYJygPAV/Vb+
2byKjtsCeYHqkP38AM6yFccMtKuq+pqiDIdv4+c1lrHs3BfZYwjv9LsdEwk2LznC
faU03UeLTEBf7j9FyxoCNM95Z9GsMhrUW3KqwmIwWnzlXzi6OlvvCXSJYp5KeEaY
6o4Y4v1EP9x79AXCezXMFRlvwnflhm+BpbbDysvrm+p1VRK3Igrpxqb5+6GjcF+t
OOU1Cou6bcl/g/E0KPKxMxkRC6Gnd+tS/SBencYFk6bGpC0g7FKhAh3m7StnOgkH
k/07UJ05ZP8MD5h6cxNgd+vvTo2SAIKnP7Oc/z0ExmTHWKyKJaTGLlXKxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFcViqn7k/LmlCU+pHMku7mVL8hHMB8GA1UdIwQY
MBaAFHo4n7SPsF1IHx8jkZTFN9FbNXAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWppZnRJLXdYVWdmSHlPUmxNVTMwVnMxY0FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYjEwNjQtNmQyNi00NTU1LTlmYTUt
YTFhMDhlYmY0ZWVhLzEvZWppZnRJLXdYVWdmSHlPUmxNVTMwVnMxY0FrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lYjEwNjQtNmQyNi00NTU1LTlmYTUtYTFhMDhlYmY0ZWVh
LzEvZWppZnRJLXdYVWdmSHlPUmxNVTMwVnMxY0FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARkxvukPb
1LMjuXAJJeO1dykHGEX9S32XI+1/BWewnt08w73nw24EaMJPLOqKAEZ7ZdWmLbZQ
US2FiuF4y51Z8p/Rs226g5ZluJu5IibheyBnWldbqV7j0SeVJskCFxRUELK2Mld3
rdJ+XJK51OacnHr18zJBk6csu1l6L+CJZ8uoEuIQUIVCTrv5T9+MT+996ZlfcHfX
2tlqMgyYiSsTC8EtubdaPB6HpJcsLq3L5oG4s9+D2+VAQ2C98t0jMa3kxQ9DOIX4
KQIiHLaPdOowAMSL9Iy3RpJ0lGlXg7qs4eGlSmc1dcOEPAkNCrNIbhgHNUG90lMK
aRdbXvxXRWLJKA==
-----END CERTIFICATE-----