Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft
File:                     M4YMg3IhmQcJz1rqKduBaJU-feA.mft (raw, json)
Hash identifier:          PGSD+LNd8Rl4IVlZeEGpibxxjoL6ttvu+S/mvoIPi/8=
Subject key identifier:   8B:24:61:21:22:BC:5D:AE:BD:7F:A7:FA:39:DF:DD:03:BE:25:01:21
Authority key identifier: 33:86:0C:83:72:21:99:07:09:CF:5A:EA:29:DB:81:68:95:3E:7D:E0
Certificate issuer:       /CN=33860c837221990709cf5aea29db8168953e7de0
Certificate serial:       0197470C0DFF374B35EFB7999410753A591E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M4YMg3IhmQcJz1rqKduBaJU-feA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft
Manifest number:          06B2
Signing time:             Fri 06 Jun 2025 21:01:01 +0000
Manifest this update:     Fri 06 Jun 2025 21:01:01 +0000
Manifest next update:     Sat 07 Jun 2025 21:01:01 +0000
Files and hashes:         1: M4YMg3IhmQcJz1rqKduBaJU-feA.crl (hash: A7oJI8sk1OD92ovmfEd+16/qMLu0AAKoz/3UnyTRuwc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M4YMg3IhmQcJz1rqKduBaJU-feA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 21:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:0c:0d:ff:37:4b:35:ef:b7:99:94:10:75:3a:59:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33860c837221990709cf5aea29db8168953e7de0
        Validity
            Not Before: Jun  6 21:01:01 2025 GMT
            Not After : Jun  7 21:01:01 2025 GMT
        Subject: CN=8b24612122bc5daebd7fa7fa39dfdd03be250121
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:65:93:05:02:44:11:bf:b2:ed:e3:c7:c2:9f:
                    74:2a:1f:de:0b:d8:79:1a:9d:dd:8e:1c:91:00:a9:
                    9f:9e:55:9d:c8:75:b7:a7:ca:a5:9d:d3:88:ad:62:
                    ff:90:1a:74:b1:fb:43:ab:fc:b4:03:cb:e9:57:f4:
                    9b:0b:a6:56:56:b9:ce:94:fa:28:3b:92:50:27:26:
                    aa:ec:9a:ed:dc:3d:5f:26:d4:20:31:18:eb:19:ce:
                    4e:90:ca:b3:44:c0:fc:f4:79:94:e5:38:a9:05:64:
                    f2:c2:fe:9a:1c:1a:69:48:5a:cb:28:b5:65:35:c1:
                    7f:55:f1:67:e3:62:2a:16:db:48:59:dd:15:a7:3d:
                    12:56:c4:49:09:4a:02:a8:0e:5b:d0:cc:1e:07:ce:
                    2c:52:a2:9d:9e:5e:8f:15:f2:1f:1c:de:ec:bc:21:
                    9d:4c:f6:8c:33:29:dd:07:7e:f7:2c:f8:42:b2:68:
                    02:39:d8:f1:6a:37:2c:4d:6b:4c:36:79:53:ef:00:
                    40:a9:70:df:fd:25:9c:c8:12:bd:05:64:fd:dd:84:
                    fb:80:69:14:93:2d:2d:f2:d5:dc:d6:20:97:50:f3:
                    29:8a:9e:ab:5a:2f:de:1f:85:c1:22:42:95:43:9c:
                    2a:f3:3e:ec:f8:67:c5:90:da:52:a5:42:64:0d:33:
                    e7:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:24:61:21:22:BC:5D:AE:BD:7F:A7:FA:39:DF:DD:03:BE:25:01:21
            X509v3 Authority Key Identifier:
                keyid:33:86:0C:83:72:21:99:07:09:CF:5A:EA:29:DB:81:68:95:3E:7D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M4YMg3IhmQcJz1rqKduBaJU-feA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:a2:bd:90:2d:9b:a5:ba:32:99:15:c1:0b:ab:fe:ab:e7:70:
         e0:4d:9f:45:48:00:25:99:af:67:7e:22:27:67:5b:3b:35:6a:
         b4:26:eb:48:a8:e5:a3:88:f4:2f:30:7f:cb:f5:21:20:4d:3c:
         84:fa:be:ae:e4:11:ba:b0:e7:7b:5a:ff:6c:3b:de:0b:f1:e0:
         31:af:7b:7c:45:eb:ae:1d:90:d0:f8:85:74:c9:5e:9e:69:1a:
         52:a0:22:72:a3:3c:88:26:64:a2:06:aa:97:df:41:17:1c:1f:
         0f:0f:86:b3:7a:c9:ca:55:87:e5:89:f3:93:e0:d5:fd:85:34:
         cc:4e:61:98:5d:89:68:ec:1c:cd:be:94:5a:d2:38:21:33:c3:
         2e:ee:1d:61:75:82:7e:84:7c:c0:6f:7f:49:e8:d5:8f:7d:4d:
         73:3e:60:ff:6b:d7:a9:f0:4e:3b:85:d7:44:51:52:fa:e0:5d:
         cd:6d:e1:fa:0d:a5:c2:d7:db:b2:42:3c:00:23:a1:c7:b6:3f:
         99:dc:4f:2f:fc:dd:3d:c0:4e:89:cd:79:d7:c9:03:32:50:b3:
         1f:18:ee:79:68:8f:d3:f6:bf:ce:a8:83:3c:8f:a3:c1:e9:16:
         40:f7:ff:31:01:da:5c:7a:ed:64:63:7f:c7:1e:be:1f:8f:db:
         0c:aa:1f:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHDA3/N0s177eZlBB1OlkeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzODYwYzgzNzIyMTk5MDcwOWNmNWFlYTI5ZGI4MTY4OTUz
ZTdkZTAwHhcNMjUwNjA2MjEwMTAxWhcNMjUwNjA3MjEwMTAxWjAzMTEwLwYDVQQD
Eyg4YjI0NjEyMTIyYmM1ZGFlYmQ3ZmE3ZmEzOWRmZGQwM2JlMjUwMTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGWTBQJEEb+y7ePHwp90Kh/eC9h5
Gp3djhyRAKmfnlWdyHW3p8qlndOIrWL/kBp0sftDq/y0A8vpV/SbC6ZWVrnOlPoo
O5JQJyaq7Jrt3D1fJtQgMRjrGc5OkMqzRMD89HmU5TipBWTywv6aHBppSFrLKLVl
NcF/VfFn42IqFttIWd0Vpz0SVsRJCUoCqA5b0MweB84sUqKdnl6PFfIfHN7svCGd
TPaMMyndB373LPhCsmgCOdjxajcsTWtMNnlT7wBAqXDf/SWcyBK9BWT93YT7gGkU
ky0t8tXc1iCXUPMpip6rWi/eH4XBIkKVQ5wq8z7s+GfFkNpSpUJkDTPnTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIskYSEivF2uvX+n+jnf3QO+JQEhMB8GA1UdIwQY
MBaAFDOGDINyIZkHCc9a6inbgWiVPn3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTRZTWczSWhtUWNKejFycUtkdUJhSlUtZmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9hNWViY2ItZjAxMS00ODAxLTk0ZmYt
YjgyZTUzMDEwNTk3LzEvTTRZTWczSWhtUWNKejFycUtkdUJhSlUtZmVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9hNWViY2ItZjAxMS00ODAxLTk0ZmYtYjgyZTUzMDEwNTk3
LzEvTTRZTWczSWhtUWNKejFycUtkdUJhSlUtZmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFKK9kC2b
pboymRXBC6v+q+dw4E2fRUgAJZmvZ34iJ2dbOzVqtCbrSKjlo4j0LzB/y/UhIE08
hPq+ruQRurDne1r/bDveC/HgMa97fEXrrh2Q0PiFdMlenmkaUqAicqM8iCZkogaq
l99BFxwfDw+Gs3rJylWH5Ynzk+DV/YU0zE5hmF2JaOwczb6UWtI4ITPDLu4dYXWC
foR8wG9/SejVj31Ncz5g/2vXqfBOO4XXRFFS+uBdzW3h+g2lwtfbskI8ACOhx7Y/
mdxPL/zdPcBOic1518kDMlCzHxjueWiP0/a/zqiDPI+jwekWQPf/MQHaXHrtZGN/
xx6+H4/bDKofPA==
-----END CERTIFICATE-----