Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft
File:                     FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft (raw, json)
Hash identifier:          poOIxKbKx4RgEEU4YbiCkn8BlB6ql7hslFCOC/xWipk=
Subject key identifier:   02:2A:FD:11:D9:36:13:26:C2:00:11:5B:BB:C5:29:F7:C3:50:05:3B
Authority key identifier: 14:C2:EA:B6:A2:96:05:06:04:6A:1D:A4:31:27:73:D9:8E:97:CD:5A
Certificate issuer:       /CN=14c2eab6a2960506046a1da4312773d98e97cd5a
Certificate serial:       0197488C8D8A387E01BC33A8F435CA2309E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft
Manifest number:          0A1E
Signing time:             Sat 07 Jun 2025 04:01:00 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:00 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:00 +0000
Files and hashes:         1: FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl (hash: jjbUPHckCKPqBJx80O7Bt1a0EMxakoHN1qdxvM3M/O0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:8d:8a:38:7e:01:bc:33:a8:f4:35:ca:23:09:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14c2eab6a2960506046a1da4312773d98e97cd5a
        Validity
            Not Before: Jun  7 04:01:00 2025 GMT
            Not After : Jun  8 04:01:00 2025 GMT
        Subject: CN=022afd11d9361326c200115bbbc529f7c350053b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:9c:3d:68:ae:c1:2e:21:6d:df:d3:8b:b4:f9:
                    b9:fb:68:53:40:bc:23:6f:23:2e:55:88:e3:c6:04:
                    94:84:ee:0c:08:64:66:94:cd:8a:7c:f6:3c:58:bc:
                    5c:be:00:28:ba:a8:e5:56:95:b2:22:3d:00:e2:a8:
                    5f:f4:d8:1f:bd:5d:9e:01:29:d1:0b:99:c6:95:4a:
                    3b:d8:6a:49:c2:24:f5:2d:cd:45:00:80:9e:0b:c9:
                    b9:e2:e8:24:f4:43:d1:f7:64:cc:6b:f8:0e:27:af:
                    c6:7d:6d:14:78:c8:c2:e7:ae:32:38:fc:bb:ea:5f:
                    5b:29:95:89:6d:39:23:33:fe:54:03:b8:7b:71:0d:
                    1f:14:3c:74:07:2e:65:e6:18:ea:ab:41:e9:3f:c2:
                    da:5a:10:c1:c4:21:9b:e8:08:c0:f0:9e:cd:ba:79:
                    b3:d9:4d:d7:f3:25:e1:77:bb:9e:82:16:39:15:40:
                    cf:1f:cc:1a:b2:59:d5:2e:37:a3:bd:30:84:d6:79:
                    c8:77:33:65:fb:a5:cb:24:7b:ee:f3:f7:0a:8e:93:
                    6d:80:1e:75:90:ac:92:39:28:a7:54:a6:40:b5:1d:
                    06:c6:5d:f1:38:02:66:45:f9:8c:eb:aa:98:b5:d3:
                    15:96:be:b1:6d:99:7c:9a:a0:39:8a:1c:61:35:be:
                    e9:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:2A:FD:11:D9:36:13:26:C2:00:11:5B:BB:C5:29:F7:C3:50:05:3B
            X509v3 Authority Key Identifier:
                keyid:14:C2:EA:B6:A2:96:05:06:04:6A:1D:A4:31:27:73:D9:8E:97:CD:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:f3:37:8f:79:9d:76:ed:f2:cb:35:2b:41:a9:fa:80:15:51:
         5a:f3:d4:e7:2d:94:76:1a:72:f2:43:ea:00:71:92:12:cd:c3:
         8d:be:5f:67:66:40:95:3d:48:59:ea:f4:ef:08:84:8f:33:bb:
         00:9e:bb:7f:8a:a4:d8:03:50:dc:35:96:22:45:4e:53:c4:58:
         e3:b3:5c:5b:a4:d3:f2:9a:b5:80:94:e5:68:12:2e:fc:50:94:
         8e:32:b9:66:73:fe:5b:3f:a6:06:db:73:c1:69:07:4f:ba:5f:
         63:7a:7f:52:18:32:69:3f:b9:59:4f:b7:7c:09:cc:d3:0a:94:
         64:6a:0c:c7:11:c0:ce:a2:a0:aa:94:05:01:fb:e0:3b:57:33:
         fb:fc:84:39:a9:c0:56:57:cb:ab:6c:1a:35:df:6e:48:d2:3f:
         92:33:38:fe:e7:35:e8:cf:d8:b2:1b:59:94:f7:dc:da:72:46:
         cd:ec:34:fc:07:43:ca:b1:78:52:3d:04:39:df:17:03:76:33:
         57:c8:37:e3:55:f4:0c:24:9d:87:0f:e5:53:63:3a:66:e3:03:
         0f:7e:ad:f8:97:18:96:e1:80:c3:d5:7d:56:12:54:dc:6a:96:
         82:55:37:6d:02:1f:e2:fe:2a:c8:65:32:20:73:cf:ba:e6:cb:
         e0:bd:7a:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjI2KOH4BvDOo9DXKIwniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YzJlYWI2YTI5NjA1MDYwNDZhMWRhNDMxMjc3M2Q5OGU5
N2NkNWEwHhcNMjUwNjA3MDQwMTAwWhcNMjUwNjA4MDQwMTAwWjAzMTEwLwYDVQQD
EygwMjJhZmQxMWQ5MzYxMzI2YzIwMDExNWJiYmM1MjlmN2MzNTAwNTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pw9aK7BLiFt39OLtPm5+2hTQLwj
byMuVYjjxgSUhO4MCGRmlM2KfPY8WLxcvgAouqjlVpWyIj0A4qhf9NgfvV2eASnR
C5nGlUo72GpJwiT1Lc1FAICeC8m54ugk9EPR92TMa/gOJ6/GfW0UeMjC564yOPy7
6l9bKZWJbTkjM/5UA7h7cQ0fFDx0By5l5hjqq0HpP8LaWhDBxCGb6AjA8J7Nunmz
2U3X8yXhd7ueghY5FUDPH8waslnVLjejvTCE1nnIdzNl+6XLJHvu8/cKjpNtgB51
kKySOSinVKZAtR0Gxl3xOAJmRfmM66qYtdMVlr6xbZl8mqA5ihxhNb7pjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAIq/RHZNhMmwgARW7vFKffDUAU7MB8GA1UdIwQY
MBaAFBTC6railgUGBGodpDEnc9mOl81aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS80YjRkN2EtY2U0OC00N2E0LWEzYzQt
NjExZTU3ZGE5NWMwLzEvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS80YjRkN2EtY2U0OC00N2E0LWEzYzQtNjExZTU3ZGE5NWMw
LzEvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMPM3j3md
du3yyzUrQan6gBVRWvPU5y2Udhpy8kPqAHGSEs3Djb5fZ2ZAlT1IWer07wiEjzO7
AJ67f4qk2ANQ3DWWIkVOU8RY47NcW6TT8pq1gJTlaBIu/FCUjjK5ZnP+Wz+mBttz
wWkHT7pfY3p/UhgyaT+5WU+3fAnM0wqUZGoMxxHAzqKgqpQFAfvgO1cz+/yEOanA
VlfLq2waNd9uSNI/kjM4/uc16M/YshtZlPfc2nJGzew0/AdDyrF4Uj0EOd8XA3Yz
V8g341X0DCSdhw/lU2M6ZuMDD36t+JcYluGAw9V9VhJU3GqWglU3bQIf4v4qyGUy
IHPPuubL4L16uA==
-----END CERTIFICATE-----