Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft
File:                     f35evW-kacXjcL_BBsTUqtHh25Q.mft (raw, json)
Hash identifier:          irbLq0LxmSkHokKlc/m2Ji02UD1NYeBaZBFxoMyxxaY=
Subject key identifier:   A4:47:73:E4:D5:A9:B7:01:65:87:19:D1:B4:F1:46:46:4D:AA:34:F7
Authority key identifier: 7F:7E:5E:BD:6F:A4:69:C5:E3:70:BF:C1:06:C4:D4:AA:D1:E1:DB:94
Certificate issuer:       /CN=7f7e5ebd6fa469c5e370bfc106c4d4aad1e1db94
Certificate serial:       01958CCE4293A9894675BBC7F3A3F5C9CAE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft
Manifest number:          0CFE
Signing time:             Thu 13 Mar 2025 00:01:22 +0000
Manifest this update:     Thu 13 Mar 2025 00:01:22 +0000
Manifest next update:     Fri 14 Mar 2025 00:01:22 +0000
Files and hashes:         1: f35evW-kacXjcL_BBsTUqtHh25Q.crl (hash: j6CQG+mCLeR11PPjE5PAFTFDtnGMf4cIhTUazSXC2KA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:ce:42:93:a9:89:46:75:bb:c7:f3:a3:f5:c9:ca:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f7e5ebd6fa469c5e370bfc106c4d4aad1e1db94
        Validity
            Not Before: Mar 13 00:01:22 2025 GMT
            Not After : Mar 14 00:01:22 2025 GMT
        Subject: CN=a44773e4d5a9b701658719d1b4f146464daa34f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:7c:f1:1e:65:db:22:e4:a0:17:6a:03:5e:3e:
                    4d:c4:84:d2:7b:5e:41:22:4c:68:50:00:82:8b:4f:
                    54:19:b7:52:42:72:df:3b:3a:33:96:f0:d7:0e:15:
                    95:60:31:b7:1e:ae:b6:ed:4e:e9:58:55:84:7f:9d:
                    18:50:c9:9b:43:1c:16:89:21:2b:0a:c7:68:9c:b0:
                    71:82:e1:75:c5:c6:51:3a:6c:f2:5f:a2:dd:9e:18:
                    f6:c3:96:b2:08:f7:3c:ac:6b:43:19:56:11:30:57:
                    82:09:c8:3a:a8:98:3b:ac:c2:88:0e:41:4c:1a:f3:
                    b6:47:fb:f0:41:14:da:83:52:59:1a:05:72:37:22:
                    08:7b:35:c4:f7:97:64:09:6e:89:19:18:b0:89:11:
                    13:a9:4d:ee:e4:db:1a:28:1a:e4:14:35:38:08:64:
                    0d:16:15:66:8f:a2:25:76:44:5b:d2:5a:9c:2c:43:
                    b6:d5:36:93:b4:9b:38:90:1c:4c:f3:4b:7e:70:b8:
                    7d:ad:d6:13:01:85:a4:88:06:27:d3:19:31:c8:e1:
                    db:2a:39:34:92:b0:d5:60:52:0f:3e:01:10:5d:e2:
                    81:eb:f9:98:81:8b:d1:fb:8b:35:58:ee:37:32:98:
                    00:f3:63:9e:34:cb:ac:c3:4b:e5:bf:3d:8d:ef:e3:
                    a3:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:47:73:E4:D5:A9:B7:01:65:87:19:D1:B4:F1:46:46:4D:AA:34:F7
            X509v3 Authority Key Identifier:
                keyid:7F:7E:5E:BD:6F:A4:69:C5:E3:70:BF:C1:06:C4:D4:AA:D1:E1:DB:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:f7:35:29:f4:bb:9d:fd:b0:5d:38:cd:59:01:04:46:de:da:
         c9:04:25:85:16:1a:a9:52:a4:8d:76:a5:2b:d3:c1:46:49:32:
         a3:5a:d0:60:3f:79:2d:2c:5f:09:6d:83:4d:4d:db:da:bc:87:
         cc:e6:ac:43:f3:70:4a:a6:6f:9c:2d:96:e2:f4:12:84:6e:fe:
         b0:4b:0e:1b:a9:d7:bc:07:06:d9:e0:c8:a8:eb:70:37:22:a1:
         ba:54:ef:9f:83:51:2a:56:d5:96:56:18:ec:90:15:0f:1f:94:
         72:71:24:a9:78:13:4b:fe:bd:ea:c3:8c:e6:74:ab:f7:0e:25:
         3e:be:6f:10:6d:c9:18:4f:f5:86:b4:fe:ce:48:2f:8b:b2:40:
         cf:dc:99:07:e8:8a:3d:94:ed:d6:83:f6:d0:72:e1:9f:08:72:
         c7:22:2f:14:fd:c6:3b:f0:51:9e:37:77:89:77:e9:04:81:38:
         5e:2e:50:d2:15:3f:9e:4c:44:e9:b3:45:1f:2f:80:89:88:90:
         48:e0:ee:bf:94:e2:a0:52:bf:bc:35:3c:11:56:a0:0f:b3:1e:
         b5:88:02:b3:52:68:cd:d4:16:be:63:01:44:8d:57:7c:8c:ad:
         84:d6:42:94:88:bd:df:6c:74:b8:f8:28:cd:99:75:81:58:d0:
         b8:63:9d:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMzkKTqYlGdbvH86P1ycrmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmN2U1ZWJkNmZhNDY5YzVlMzcwYmZjMTA2YzRkNGFhZDFl
MWRiOTQwHhcNMjUwMzEzMDAwMTIyWhcNMjUwMzE0MDAwMTIyWjAzMTEwLwYDVQQD
EyhhNDQ3NzNlNGQ1YTliNzAxNjU4NzE5ZDFiNGYxNDY0NjRkYWEzNGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHzxHmXbIuSgF2oDXj5NxITSe15B
IkxoUACCi09UGbdSQnLfOzozlvDXDhWVYDG3Hq627U7pWFWEf50YUMmbQxwWiSEr
CsdonLBxguF1xcZROmzyX6Ldnhj2w5ayCPc8rGtDGVYRMFeCCcg6qJg7rMKIDkFM
GvO2R/vwQRTag1JZGgVyNyIIezXE95dkCW6JGRiwiRETqU3u5NsaKBrkFDU4CGQN
FhVmj6IldkRb0lqcLEO21TaTtJs4kBxM80t+cLh9rdYTAYWkiAYn0xkxyOHbKjk0
krDVYFIPPgEQXeKB6/mYgYvR+4s1WO43MpgA82OeNMusw0vlvz2N7+OjxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKRHc+TVqbcBZYcZ0bTxRkZNqjT3MB8GA1UdIwQY
MBaAFH9+Xr1vpGnF43C/wQbE1KrR4duUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jM2U4ZWQtNTk3YS00ODVhLTk0YTMt
OTgyY2ZiMzU5YWVlLzEvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9jM2U4ZWQtNTk3YS00ODVhLTk0YTMtOTgyY2ZiMzU5YWVl
LzEvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfPc1KfS7
nf2wXTjNWQEERt7ayQQlhRYaqVKkjXalK9PBRkkyo1rQYD95LSxfCW2DTU3b2ryH
zOasQ/NwSqZvnC2W4vQShG7+sEsOG6nXvAcG2eDIqOtwNyKhulTvn4NRKlbVllYY
7JAVDx+UcnEkqXgTS/696sOM5nSr9w4lPr5vEG3JGE/1hrT+zkgvi7JAz9yZB+iK
PZTt1oP20HLhnwhyxyIvFP3GO/BRnjd3iXfpBIE4Xi5Q0hU/nkxE6bNFHy+AiYiQ
SODuv5TioFK/vDU8EVagD7MetYgCs1JozdQWvmMBRI1XfIythNZClIi932x0uPgo
zZl1gVjQuGOd3w==
-----END CERTIFICATE-----