Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
File:                     s_sdIFBvVM-5oflFH6EKiP87L2Q.mft (raw, json)
Hash identifier:          ctMKXJh+cg9mvExo/uR41sndFLS+si0M2Kt2efXZRzc=
Subject key identifier:   B0:18:CC:DB:1E:E8:FD:14:87:52:7E:64:93:AE:C1:D3:EB:5A:C9:BB
Authority key identifier: B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64
Certificate issuer:       /CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
Certificate serial:       019640678D2C46ABB064E438D5971B2F8C86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
Manifest number:          0B98
Signing time:             Wed 16 Apr 2025 21:00:50 +0000
Manifest this update:     Wed 16 Apr 2025 21:00:50 +0000
Manifest next update:     Thu 17 Apr 2025 21:00:50 +0000
Files and hashes:         1: s_sdIFBvVM-5oflFH6EKiP87L2Q.crl (hash: Qs8IEpCJQ/2dSNbOU+1XUqUNdVHsxQhVyiFpACJ+zSs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 13:16:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:40:67:8d:2c:46:ab:b0:64:e4:38:d5:97:1b:2f:8c:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
        Validity
            Not Before: Apr 16 21:00:50 2025 GMT
            Not After : Apr 17 21:00:50 2025 GMT
        Subject: CN=b018ccdb1ee8fd1487527e6493aec1d3eb5ac9bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:d3:03:66:38:b6:42:14:95:fc:b2:de:89:d9:
                    14:29:47:a8:52:f9:9a:da:b7:c4:76:74:ff:a9:ae:
                    42:23:f9:fd:5a:2e:69:22:91:8c:20:75:25:12:c0:
                    60:77:55:1f:73:54:ab:a0:c6:a6:5c:53:bc:a6:23:
                    d5:58:97:9f:c0:2a:ed:eb:38:39:ab:d8:9d:39:a3:
                    2e:e7:07:52:e1:e7:4e:99:c4:6e:7b:5f:fc:4e:33:
                    65:c9:15:25:f2:88:48:53:f8:55:03:9b:8b:50:b2:
                    f2:a8:81:47:2f:7d:e1:7b:b5:e0:77:ea:69:8e:de:
                    99:1e:f5:0a:5e:77:1c:2b:ca:10:c9:fd:45:b1:19:
                    1e:7c:99:10:01:26:41:24:ce:fd:a7:5e:73:5c:55:
                    6b:04:98:60:6f:38:e7:20:9b:7c:ed:73:c3:d9:fe:
                    b5:78:f3:a8:96:b5:7e:2f:b7:a2:c2:16:db:2a:d9:
                    b0:13:d3:5f:4c:d1:84:9c:d8:af:b0:c8:fc:90:63:
                    61:4d:85:a5:25:94:c4:71:c9:06:bd:36:71:98:7a:
                    43:bc:04:cb:e1:b9:af:a1:52:93:3c:15:c6:cc:fa:
                    69:41:80:4b:92:7a:19:a7:9b:8d:b7:8e:0e:f8:e8:
                    10:f6:a3:7e:f6:e7:07:cf:6b:d8:ee:e5:5e:5e:99:
                    cb:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:18:CC:DB:1E:E8:FD:14:87:52:7E:64:93:AE:C1:D3:EB:5A:C9:BB
            X509v3 Authority Key Identifier:
                keyid:B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:23:b7:db:0c:c3:b0:8a:ce:fd:0e:22:d0:55:d6:d9:b6:0d:
         a5:cd:85:57:f6:61:47:dc:63:fa:ca:6e:1a:c6:df:e1:a4:80:
         fb:8a:0f:88:e9:ed:19:2c:5b:14:3a:2d:97:1d:1a:97:86:de:
         1b:52:0b:10:54:89:bd:77:c7:cc:b9:0b:b6:3b:e6:8e:25:f1:
         36:2a:fa:80:5d:47:a3:b8:10:fc:d9:9a:c0:e5:f3:6c:9f:63:
         83:e4:cb:3b:ff:18:49:a6:74:0c:ce:b0:f0:b7:e9:63:f2:a9:
         b4:b5:67:05:12:35:38:f4:9a:0b:4b:65:1e:0e:03:e2:f7:6b:
         6f:a7:93:6a:c2:cd:66:ea:8c:b8:9e:6a:d8:e2:3f:86:aa:f9:
         71:e3:b9:93:10:63:d7:80:56:0e:7d:67:1f:b4:9d:76:39:86:
         c7:37:a9:c3:18:ee:a3:a1:4c:ab:2c:49:7d:03:6d:43:97:6f:
         4e:7b:90:18:5e:fb:52:c2:88:cb:88:16:0e:e7:18:ac:32:d7:
         8b:f4:0c:ff:21:32:26:c3:b8:48:98:60:ae:90:7a:96:cf:84:
         bb:e9:bf:b5:24:1d:29:10:91:54:02:38:b2:ac:5e:0b:72:26:
         b5:cf:64:f7:85:72:6c:33:6e:08:24:b5:23:44:06:7a:e2:f7:
         65:e7:42:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZAZ40sRquwZOQ41ZcbL4yGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZmIxZDIwNTA2ZjU0Y2ZiOWExZjk0NTFmYTEwYTg4ZmYz
YjJmNjQwHhcNMjUwNDE2MjEwMDUwWhcNMjUwNDE3MjEwMDUwWjAzMTEwLwYDVQQD
EyhiMDE4Y2NkYjFlZThmZDE0ODc1MjdlNjQ5M2FlYzFkM2ViNWFjOWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9MDZji2QhSV/LLeidkUKUeoUvma
2rfEdnT/qa5CI/n9Wi5pIpGMIHUlEsBgd1Ufc1SroMamXFO8piPVWJefwCrt6zg5
q9idOaMu5wdS4edOmcRue1/8TjNlyRUl8ohIU/hVA5uLULLyqIFHL33he7Xgd+pp
jt6ZHvUKXnccK8oQyf1FsRkefJkQASZBJM79p15zXFVrBJhgbzjnIJt87XPD2f61
ePOolrV+L7eiwhbbKtmwE9NfTNGEnNivsMj8kGNhTYWlJZTEcckGvTZxmHpDvATL
4bmvoVKTPBXGzPppQYBLknoZp5uNt44O+OgQ9qN+9ucHz2vY7uVeXpnLpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLAYzNse6P0Uh1J+ZJOuwdPrWsm7MB8GA1UdIwQY
MBaAFLP7HSBQb1TPuaH5RR+hCoj/Oy9kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUt
ODZkNmUyZjQ2NjQyLzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUtODZkNmUyZjQ2NjQy
LzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAICO32wzD
sIrO/Q4i0FXW2bYNpc2FV/ZhR9xj+spuGsbf4aSA+4oPiOntGSxbFDotlx0al4be
G1ILEFSJvXfHzLkLtjvmjiXxNir6gF1Ho7gQ/NmawOXzbJ9jg+TLO/8YSaZ0DM6w
8LfpY/KptLVnBRI1OPSaC0tlHg4D4vdrb6eTasLNZuqMuJ5q2OI/hqr5ceO5kxBj
14BWDn1nH7SddjmGxzepwxjuo6FMqyxJfQNtQ5dvTnuQGF77UsKIy4gWDucYrDLX
i/QM/yEyJsO4SJhgrpB6ls+Eu+m/tSQdKRCRVAI4sqxeC3Imtc9k94VybDNuCCS1
I0QGeuL3ZedCew==
-----END CERTIFICATE-----