Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft
File:                     FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft (raw, json)
Hash identifier:          t4cHBmFhHr29asY9uN15nobJkweStE2NikfVjy60wj8=
Subject key identifier:   71:09:96:89:A4:58:CF:76:90:0D:87:5C:90:8F:4C:B0:82:74:68:EF
Authority key identifier: 14:C2:EA:B6:A2:96:05:06:04:6A:1D:A4:31:27:73:D9:8E:97:CD:5A
Certificate issuer:       /CN=14c2eab6a2960506046a1da4312773d98e97cd5a
Certificate serial:       0196534A17A0439A815CB4D41593C5BBE126
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft
Manifest number:          099F
Signing time:             Sun 20 Apr 2025 13:01:26 +0000
Manifest this update:     Sun 20 Apr 2025 13:01:26 +0000
Manifest next update:     Mon 21 Apr 2025 13:01:26 +0000
Files and hashes:         1: FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl (hash: HatZUXXrmgQNthmUq7gE7OZenpQt7Q1GnJ7HGu2qSBI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 13:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:4a:17:a0:43:9a:81:5c:b4:d4:15:93:c5:bb:e1:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14c2eab6a2960506046a1da4312773d98e97cd5a
        Validity
            Not Before: Apr 20 13:01:26 2025 GMT
            Not After : Apr 21 13:01:26 2025 GMT
        Subject: CN=71099689a458cf76900d875c908f4cb0827468ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:39:59:ad:37:ba:a3:81:ab:2d:c9:d7:75:50:
                    8c:5e:ac:41:3b:e3:6a:31:b1:1a:b8:08:c3:8b:22:
                    70:95:97:d3:f7:99:6a:73:fb:d8:91:a8:f9:a2:ec:
                    b3:ae:ef:74:a3:fb:8e:78:93:40:ba:e7:4f:5b:4e:
                    6c:de:f2:4a:7b:13:e8:5d:54:81:46:1a:bb:b5:59:
                    3d:b3:da:f0:3f:63:52:23:2a:aa:b3:1f:97:81:cc:
                    db:e6:48:3e:88:d9:e4:d7:be:ad:c0:e5:8b:95:d0:
                    e2:56:14:eb:f5:6a:65:09:fe:b4:56:b2:45:56:aa:
                    ca:4b:ef:5a:4a:36:bd:25:0e:6f:bc:aa:0a:9e:b9:
                    50:e2:1d:13:70:18:da:18:e3:0e:30:40:bf:3d:86:
                    07:8d:15:bf:75:c6:76:fb:05:50:36:3d:6f:7c:01:
                    20:9c:70:a7:8e:9c:4c:85:42:df:98:fa:30:65:55:
                    c0:4f:8d:cc:47:bd:12:29:06:6e:10:70:1c:09:69:
                    f4:4b:07:5c:fa:c6:36:39:30:91:9d:81:ce:51:c1:
                    97:4e:1a:3a:b4:d3:29:96:d1:4b:11:0c:3c:7c:2a:
                    0e:3c:1a:6a:50:12:c8:b1:75:a3:09:fd:b5:a7:5f:
                    ee:91:20:d2:55:ad:00:cc:d0:b4:b2:c9:68:07:50:
                    4b:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:09:96:89:A4:58:CF:76:90:0D:87:5C:90:8F:4C:B0:82:74:68:EF
            X509v3 Authority Key Identifier:
                keyid:14:C2:EA:B6:A2:96:05:06:04:6A:1D:A4:31:27:73:D9:8E:97:CD:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:5b:0b:92:8e:eb:36:f6:45:f8:80:10:02:d1:d7:1e:eb:3d:
         14:3d:e7:03:d3:58:b5:5c:8b:c5:d2:2d:0a:a0:87:ea:78:1e:
         8d:10:fa:a3:90:ed:7e:15:73:19:64:51:d1:39:0f:26:e1:62:
         cb:03:cc:d2:63:04:91:07:7c:5c:3f:1a:dd:d9:87:a9:2b:45:
         a9:df:b2:f0:16:44:89:a8:46:b1:64:bd:c3:0e:d0:89:19:08:
         45:4b:57:7f:2c:ad:94:42:ec:e2:f8:41:20:9b:80:08:51:82:
         15:dc:61:ce:5d:ff:71:44:dc:bc:92:17:54:97:40:9a:2d:45:
         34:27:cf:af:55:5f:67:ab:c6:a5:cc:7d:61:32:8e:94:80:4b:
         63:b0:16:49:33:74:69:fa:d9:2a:1f:93:e1:37:0e:3a:49:80:
         b5:72:47:1c:5e:52:f4:2f:ca:c0:ae:d8:7f:d4:dd:60:c0:3f:
         a6:36:11:78:97:34:ba:b0:4a:9d:7e:eb:dd:7d:37:85:a6:8d:
         45:1b:3a:ad:ad:75:69:d9:ff:c6:31:1f:47:f4:32:e3:e7:a5:
         91:6e:10:cf:9a:0d:29:3e:b1:b8:57:b9:d3:37:6b:6b:c7:49:
         58:2c:8e:52:5a:0f:42:17:c5:d0:56:c8:8f:0e:ad:fd:99:11:
         f4:6b:aa:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTShegQ5qBXLTUFZPFu+EmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YzJlYWI2YTI5NjA1MDYwNDZhMWRhNDMxMjc3M2Q5OGU5
N2NkNWEwHhcNMjUwNDIwMTMwMTI2WhcNMjUwNDIxMTMwMTI2WjAzMTEwLwYDVQQD
Eyg3MTA5OTY4OWE0NThjZjc2OTAwZDg3NWM5MDhmNGNiMDgyNzQ2OGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6zlZrTe6o4GrLcnXdVCMXqxBO+Nq
MbEauAjDiyJwlZfT95lqc/vYkaj5ouyzru90o/uOeJNAuudPW05s3vJKexPoXVSB
Rhq7tVk9s9rwP2NSIyqqsx+Xgczb5kg+iNnk176twOWLldDiVhTr9WplCf60VrJF
VqrKS+9aSja9JQ5vvKoKnrlQ4h0TcBjaGOMOMEC/PYYHjRW/dcZ2+wVQNj1vfAEg
nHCnjpxMhULfmPowZVXAT43MR70SKQZuEHAcCWn0Swdc+sY2OTCRnYHOUcGXTho6
tNMpltFLEQw8fCoOPBpqUBLIsXWjCf21p1/ukSDSVa0AzNC0ssloB1BL9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEJlomkWM92kA2HXJCPTLCCdGjvMB8GA1UdIwQY
MBaAFBTC6railgUGBGodpDEnc9mOl81aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS80YjRkN2EtY2U0OC00N2E0LWEzYzQt
NjExZTU3ZGE5NWMwLzEvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS80YjRkN2EtY2U0OC00N2E0LWEzYzQtNjExZTU3ZGE5NWMw
LzEvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmVsLko7r
NvZF+IAQAtHXHus9FD3nA9NYtVyLxdItCqCH6ngejRD6o5DtfhVzGWRR0TkPJuFi
ywPM0mMEkQd8XD8a3dmHqStFqd+y8BZEiahGsWS9ww7QiRkIRUtXfyytlELs4vhB
IJuACFGCFdxhzl3/cUTcvJIXVJdAmi1FNCfPr1VfZ6vGpcx9YTKOlIBLY7AWSTN0
afrZKh+T4TcOOkmAtXJHHF5S9C/KwK7Yf9TdYMA/pjYReJc0urBKnX7r3X03haaN
RRs6ra11adn/xjEfR/Qy4+elkW4Qz5oNKT6xuFe50zdra8dJWCyOUloPQhfF0FbI
jw6t/ZkR9Guqmw==
-----END CERTIFICATE-----