Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
File:                     1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft (raw, json)
Hash identifier:          ZgpTUZbSqlsNZ2jZLVpxZdhWa00G8FLNXpgq/Z+pF2c=
Subject key identifier:   EC:BE:46:6B:27:8E:83:A3:CC:A4:5F:5B:7D:D9:E7:A1:61:96:40:18
Authority key identifier: D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5
Certificate issuer:       /CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
Certificate serial:       01965236C18BB3C42E2BA43F885A835BBB49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
Manifest number:          0214
Signing time:             Sun 20 Apr 2025 08:00:42 +0000
Manifest this update:     Sun 20 Apr 2025 08:00:42 +0000
Manifest next update:     Mon 21 Apr 2025 08:00:42 +0000
Files and hashes:         1: 1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl (hash: LR4gztaYnX0/FGJkEdhNHgV3z7iv3Z9RKGrAgmMXPu8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:36:c1:8b:b3:c4:2e:2b:a4:3f:88:5a:83:5b:bb:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
        Validity
            Not Before: Apr 20 08:00:42 2025 GMT
            Not After : Apr 21 08:00:42 2025 GMT
        Subject: CN=ecbe466b278e83a3cca45f5b7dd9e7a161964018
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:8f:07:c8:95:b8:78:44:36:65:8d:81:64:c6:
                    0a:55:f0:23:01:ca:15:19:ee:67:5a:21:f4:e9:fa:
                    88:37:c7:d1:ff:45:8c:49:5e:41:f9:fd:cf:f2:b4:
                    41:8d:14:2c:54:fd:71:ba:64:b1:28:b1:34:5d:9c:
                    37:04:01:97:b4:e5:11:d7:4f:8b:f2:97:91:36:b3:
                    e0:5c:0a:ef:a7:d2:08:17:d7:c6:23:59:51:55:2d:
                    1a:71:38:97:db:90:c3:b4:98:3d:9f:c1:b8:41:02:
                    65:4d:41:5b:cd:43:d7:c7:db:f6:d7:6c:af:a0:e6:
                    63:6c:5b:69:38:cd:c4:e5:ab:28:cf:8d:6b:ca:ca:
                    0a:ff:59:b5:2d:1a:5d:a4:10:04:6c:7e:e6:eb:93:
                    3d:c3:7d:1f:d0:42:d8:ca:43:e9:c8:d3:f1:a9:2e:
                    6a:88:ab:42:6b:6c:11:f1:9d:5b:09:00:9c:cb:c5:
                    ba:28:7c:32:b7:b0:44:3a:0a:5b:15:de:a5:3f:ec:
                    89:d6:0a:cc:40:a6:cb:9e:ea:2f:81:37:00:f2:4f:
                    45:5f:49:ca:86:42:7f:9c:29:7a:f8:33:20:e6:1b:
                    0f:f8:d5:80:dd:53:b5:09:b8:59:0d:80:4e:3d:09:
                    34:4e:7c:4d:bc:fe:0a:d4:db:4c:4c:a6:2a:53:66:
                    bb:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:BE:46:6B:27:8E:83:A3:CC:A4:5F:5B:7D:D9:E7:A1:61:96:40:18
            X509v3 Authority Key Identifier:
                keyid:D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:44:b1:50:81:45:b9:f9:a2:04:f0:37:36:9b:30:0c:ed:cc:
         3f:4d:7d:95:1e:0b:36:fb:ab:6e:c0:92:35:df:af:7b:2b:bc:
         48:21:be:e7:aa:8f:e3:f0:83:36:b3:7d:7d:ef:04:e4:8f:9a:
         3e:46:91:e4:c2:46:46:ad:98:ae:26:53:d7:9c:a8:cd:38:bc:
         ae:34:f2:88:94:07:2f:16:14:1c:78:b8:7a:e1:64:d5:d9:ff:
         6d:24:af:60:df:95:4e:80:69:4a:ea:85:17:ff:2d:ed:c2:87:
         01:fe:81:7e:8f:ba:d8:82:f4:89:53:51:2c:08:34:37:49:e2:
         5c:58:15:f1:7b:0d:3d:27:7b:75:ee:43:6c:10:09:e8:ca:cf:
         02:47:f3:ea:28:34:d1:5e:d8:72:74:1c:19:44:f7:96:4b:09:
         a4:56:57:e6:ef:f3:ab:63:93:da:9d:3c:5d:b6:5d:19:e5:29:
         70:ae:ac:09:35:5c:d7:6f:5b:53:6b:d0:6a:37:5e:22:63:16:
         f6:a2:a7:ab:f0:53:e8:ea:c7:63:16:05:88:6b:a2:d1:ea:76:
         64:09:d6:ca:ac:85:4c:3b:73:ff:a8:4a:fd:e5:b0:f2:6a:8c:
         b9:94:70:d7:7b:54:18:7d:32:d0:cc:23:8f:ab:d5:8c:e7:62:
         f2:d3:a6:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSNsGLs8QuK6Q/iFqDW7tJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjYyM2RhNGNkMmVlZGRjMmM4N2M1MTVjNjI1MThjNDMx
ZDNmYjUwHhcNMjUwNDIwMDgwMDQyWhcNMjUwNDIxMDgwMDQyWjAzMTEwLwYDVQQD
EyhlY2JlNDY2YjI3OGU4M2EzY2NhNDVmNWI3ZGQ5ZTdhMTYxOTY0MDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsI8HyJW4eEQ2ZY2BZMYKVfAjAcoV
Ge5nWiH06fqIN8fR/0WMSV5B+f3P8rRBjRQsVP1xumSxKLE0XZw3BAGXtOUR10+L
8peRNrPgXArvp9IIF9fGI1lRVS0acTiX25DDtJg9n8G4QQJlTUFbzUPXx9v212yv
oOZjbFtpOM3E5asoz41rysoK/1m1LRpdpBAEbH7m65M9w30f0ELYykPpyNPxqS5q
iKtCa2wR8Z1bCQCcy8W6KHwyt7BEOgpbFd6lP+yJ1grMQKbLnuovgTcA8k9FX0nK
hkJ/nCl6+DMg5hsP+NWA3VO1CbhZDYBOPQk0TnxNvP4K1NtMTKYqU2a7uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOy+RmsnjoOjzKRfW33Z56FhlkAYMB8GA1UdIwQY
MBaAFNX2I9pM0u7dwsh8UVxiUYxDHT+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3Mzkt
MDRmMWRjZWMzMjBlLzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3MzktMDRmMWRjZWMzMjBl
LzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVESxUIFF
ufmiBPA3NpswDO3MP019lR4LNvurbsCSNd+veyu8SCG+56qP4/CDNrN9fe8E5I+a
PkaR5MJGRq2YriZT15yozTi8rjTyiJQHLxYUHHi4euFk1dn/bSSvYN+VToBpSuqF
F/8t7cKHAf6Bfo+62IL0iVNRLAg0N0niXFgV8XsNPSd7de5DbBAJ6MrPAkfz6ig0
0V7YcnQcGUT3lksJpFZX5u/zq2OT2p08XbZdGeUpcK6sCTVc129bU2vQajdeImMW
9qKnq/BT6OrHYxYFiGui0ep2ZAnWyqyFTDtz/6hK/eWw8mqMuZRw13tUGH0y0Mwj
j6vVjOdi8tOmdA==
-----END CERTIFICATE-----