Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
File:                     h7-ak2z5rSjsWNt5imD9cd9sN_M.mft (raw, json)
Hash identifier:          vSqXcUb5jnY671VFOthVkLqXuJIASpOYFOew5055RXI=
Subject key identifier:   0E:D4:88:FC:DE:E2:14:F8:84:A1:13:26:E1:67:90:5F:4C:90:01:95
Authority key identifier: 87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3
Certificate issuer:       /CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3
Certificate serial:       019643D609E3FDBF0ED5154C5C244177A049
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
Manifest number:          0DB6
Signing time:             Thu 17 Apr 2025 13:00:22 +0000
Manifest this update:     Thu 17 Apr 2025 13:00:22 +0000
Manifest next update:     Fri 18 Apr 2025 13:00:22 +0000
Files and hashes:         1: h7-ak2z5rSjsWNt5imD9cd9sN_M.crl (hash: znZhdOfkj3Y8/X/m6lDB0PhKpZNL3g0SGLUzu65qIr8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 13:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:43:d6:09:e3:fd:bf:0e:d5:15:4c:5c:24:41:77:a0:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3
        Validity
            Not Before: Apr 17 13:00:22 2025 GMT
            Not After : Apr 18 13:00:22 2025 GMT
        Subject: CN=0ed488fcdee214f884a11326e167905f4c900195
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:4d:cb:1d:da:27:86:be:b1:6c:87:5a:d9:7e:
                    99:48:26:11:a8:cb:a3:39:96:d3:26:c2:e3:05:af:
                    d7:66:1d:b1:96:cf:c7:5f:bd:9e:d4:7f:a3:a4:c1:
                    37:b2:66:ff:67:e9:99:0d:70:d1:c2:1d:96:6f:c4:
                    70:a4:58:8b:a1:a9:65:4d:53:29:38:33:ec:81:dd:
                    74:f6:2f:14:97:19:02:d4:86:ef:37:e0:e7:1a:cf:
                    59:b8:e1:97:5d:bc:09:6f:d9:94:3d:c7:00:f0:73:
                    c9:db:6b:d8:e7:f6:b5:78:5a:92:65:24:b1:4a:32:
                    90:8d:07:b9:15:dd:2e:6c:44:1a:c3:78:99:51:15:
                    d1:18:c8:50:19:64:ac:94:8b:52:99:ed:cb:4c:65:
                    08:6a:63:16:45:74:8a:02:8e:ea:2a:c5:a3:36:cb:
                    f8:32:84:9a:ba:1b:06:79:9e:16:57:f6:30:41:18:
                    45:d7:9d:2d:e8:7f:c1:ae:0f:94:b4:6a:06:7a:87:
                    87:95:81:4f:64:4a:02:32:80:c3:e5:f3:57:46:21:
                    fb:85:ae:c1:dd:0b:c5:25:14:e0:66:57:13:e8:c3:
                    e8:89:07:06:ed:94:5b:c3:2a:88:e7:21:d0:63:ab:
                    93:4d:57:bf:14:82:9e:0e:8b:a7:7c:76:3a:a6:f6:
                    ef:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:D4:88:FC:DE:E2:14:F8:84:A1:13:26:E1:67:90:5F:4C:90:01:95
            X509v3 Authority Key Identifier:
                keyid:87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:55:90:11:08:c2:27:ef:86:ac:66:5c:80:86:1f:21:3f:71:
         33:ae:92:bf:5c:37:d4:2c:b8:61:28:56:76:99:2f:49:2b:1f:
         75:c0:95:3f:5a:de:ce:2e:e2:14:84:09:2d:31:56:67:f4:59:
         59:77:6c:20:99:22:a2:82:14:9c:c3:3c:54:e0:c6:9d:67:e0:
         d9:98:d1:58:62:ae:3b:c4:87:ef:6b:11:eb:15:16:88:ca:7c:
         88:41:3a:51:0d:4b:48:fb:39:fc:c3:4a:ec:50:80:14:73:56:
         94:84:b6:00:43:eb:88:6e:a7:46:21:f9:8e:cd:74:aa:18:b2:
         e5:1d:5c:a4:76:bb:50:b7:31:c6:b9:30:fb:32:68:6e:e3:0a:
         ef:6d:44:1c:96:7e:53:ec:c1:69:51:67:ab:18:d0:d0:96:b8:
         41:76:1d:86:37:18:c8:ef:0e:e0:9a:73:a2:15:f5:30:73:47:
         bb:d0:49:23:2e:9c:d9:58:01:f6:88:82:83:83:da:2b:ed:30:
         10:c0:a5:ed:fa:63:db:55:0f:46:8d:62:b0:ee:d9:44:de:07:
         9b:8e:28:f3:09:d5:62:5e:1e:63:17:f5:b5:a3:47:65:5a:aa:
         dd:8b:86:d9:ce:15:d2:cf:65:53:7f:32:2d:b5:e1:5f:69:c9:
         14:a5:82:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZD1gnj/b8O1RVMXCRBd6BJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmY5YTkzNmNmOWFkMjhlYzU4ZGI3OThhNjBmZDcxZGY2
YzM3ZjMwHhcNMjUwNDE3MTMwMDIyWhcNMjUwNDE4MTMwMDIyWjAzMTEwLwYDVQQD
EygwZWQ0ODhmY2RlZTIxNGY4ODRhMTEzMjZlMTY3OTA1ZjRjOTAwMTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE3LHdonhr6xbIda2X6ZSCYRqMuj
OZbTJsLjBa/XZh2xls/HX72e1H+jpME3smb/Z+mZDXDRwh2Wb8RwpFiLoallTVMp
ODPsgd109i8UlxkC1IbvN+DnGs9ZuOGXXbwJb9mUPccA8HPJ22vY5/a1eFqSZSSx
SjKQjQe5Fd0ubEQaw3iZURXRGMhQGWSslItSme3LTGUIamMWRXSKAo7qKsWjNsv4
MoSauhsGeZ4WV/YwQRhF150t6H/Brg+UtGoGeoeHlYFPZEoCMoDD5fNXRiH7ha7B
3QvFJRTgZlcT6MPoiQcG7ZRbwyqI5yHQY6uTTVe/FIKeDounfHY6pvbv1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA7UiPze4hT4hKETJuFnkF9MkAGVMB8GA1UdIwQY
MBaAFIe/mpNs+a0o7FjbeYpg/XHfbDfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzIt
NGY5Nzc3MmIwMTgwLzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzItNGY5Nzc3MmIwMTgw
LzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJVWQEQjC
J++GrGZcgIYfIT9xM66Sv1w31Cy4YShWdpkvSSsfdcCVP1rezi7iFIQJLTFWZ/RZ
WXdsIJkiooIUnMM8VODGnWfg2ZjRWGKuO8SH72sR6xUWiMp8iEE6UQ1LSPs5/MNK
7FCAFHNWlIS2AEPriG6nRiH5js10qhiy5R1cpHa7ULcxxrkw+zJobuMK721EHJZ+
U+zBaVFnqxjQ0Ja4QXYdhjcYyO8O4JpzohX1MHNHu9BJIy6c2VgB9oiCg4PaK+0w
EMCl7fpj21UPRo1isO7ZRN4Hm44o8wnVYl4eYxf1taNHZVqq3YuG2c4V0s9lU38y
LbXhX2nJFKWC8Q==
-----END CERTIFICATE-----