Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.mft
File:                     _4fgqwMrDAXrXnTMLAhpjdMk2WM.mft (raw, json)
Hash identifier:          p1XVKthjas9sTwVnhA9f8mbuGTgqb84is3VaepnBBNY=
Subject key identifier:   9C:6D:45:D5:4F:65:F2:AD:67:36:9C:96:FC:C9:54:9C:ED:AD:60:3D
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Certificate issuer:       /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial:       019651FFCDC9AD13F409E4C01BA08B7CCDF2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.mft
Manifest number:          1538
Signing time:             Sun 20 Apr 2025 07:00:40 +0000
Manifest this update:     Sun 20 Apr 2025 07:00:40 +0000
Manifest next update:     Mon 21 Apr 2025 07:00:40 +0000
Files and hashes:         1: _4fgqwMrDAXrXnTMLAhpjdMk2WM.crl (hash: UDr2AiVDCxP7jXH5dsXgFlZlvIlN+iZ8XGCCYrKaHcY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:ff:cd:c9:ad:13:f4:09:e4:c0:1b:a0:8b:7c:cd:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
        Validity
            Not Before: Apr 20 07:00:40 2025 GMT
            Not After : Apr 21 07:00:40 2025 GMT
        Subject: CN=9c6d45d54f65f2ad67369c96fcc9549cedad603d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:fe:ff:e5:4c:b1:c7:c1:f6:44:5e:80:d3:ca:
                    81:b5:48:68:72:eb:09:ac:dc:c5:6f:d6:f7:01:12:
                    44:9b:6b:77:bf:eb:e3:39:e2:b8:6d:85:99:6a:42:
                    d6:54:21:43:0d:b9:55:26:10:a4:4a:e5:ef:d5:fc:
                    47:50:cc:ef:00:ef:14:88:e2:d5:fa:2c:5f:f7:2e:
                    dd:aa:28:5d:f5:cf:6e:28:b4:34:b3:b8:7b:d8:35:
                    d1:e3:b2:00:6a:02:61:38:97:ba:3e:d0:e2:2c:71:
                    40:ba:04:ea:41:8a:b3:4f:a9:a6:a3:19:fc:ad:97:
                    b3:a5:8d:2b:b6:6f:07:34:e4:05:c0:e7:14:08:a6:
                    18:38:35:f9:43:da:88:63:42:e1:92:df:b6:d4:ef:
                    c9:65:db:e9:c0:3b:82:b3:2a:b1:fe:36:ad:3f:8a:
                    5b:60:ce:9a:0f:bd:c8:a6:62:de:ab:76:e7:a3:7b:
                    ac:24:0e:2b:d9:02:c0:eb:29:4c:f9:81:76:b9:e3:
                    97:89:dd:25:a0:94:5c:9a:52:44:53:78:a9:5e:ba:
                    ce:51:29:0b:f9:6d:72:65:d0:92:41:97:8a:c5:0d:
                    59:79:9f:88:69:c9:3e:fd:9b:04:f3:4b:65:78:8b:
                    cb:64:20:b5:da:e0:23:b4:d4:23:ac:72:55:4a:06:
                    c5:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:6D:45:D5:4F:65:F2:AD:67:36:9C:96:FC:C9:54:9C:ED:AD:60:3D
            X509v3 Authority Key Identifier:
                keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:b6:54:4c:43:23:49:22:5b:b1:ed:f7:8c:cb:84:8b:f7:cd:
         cd:70:66:7e:65:7d:e0:e3:86:2a:ef:13:14:26:58:72:c0:df:
         22:91:03:01:c9:56:4d:1a:ff:dd:c6:90:9d:ec:39:07:95:58:
         e2:65:f0:2f:f6:67:c2:41:88:92:f9:66:80:e4:54:a9:13:ab:
         a7:f6:d9:d7:7a:bc:ea:0e:78:9f:56:fa:94:26:91:74:72:a2:
         a9:f0:b0:e3:11:79:31:37:d3:6e:84:ce:47:cb:e9:6d:bd:5f:
         1d:98:9a:f3:90:a3:78:7a:18:75:d3:bd:85:85:cb:55:25:01:
         dc:1e:90:69:56:e4:e2:ab:e2:dc:6a:b9:14:2e:2a:5b:de:2b:
         8f:eb:30:54:1a:8b:20:76:0e:2a:a0:21:98:49:72:f1:7a:9c:
         d0:7a:09:9a:6f:9a:96:d6:b8:1c:d5:f5:69:e9:a9:f0:c7:ac:
         2a:27:50:ea:11:b5:5b:26:a0:ad:d4:c9:c3:cf:e5:1c:d4:fd:
         ad:73:01:4a:a5:43:8a:40:c6:7f:a1:fb:4f:7d:5d:2c:34:a2:
         90:0b:50:38:ef:0f:01:45:94:1d:51:5e:60:ca:c5:29:8e:0d:
         1f:80:e8:fe:2d:49:ec:d9:10:ad:b8:6f:eb:20:a5:ec:c9:19:
         10:a3:8f:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZR/83JrRP0CeTAG6CLfM3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjUwNDIwMDcwMDQwWhcNMjUwNDIxMDcwMDQwWjAzMTEwLwYDVQQD
Eyg5YzZkNDVkNTRmNjVmMmFkNjczNjljOTZmY2M5NTQ5Y2VkYWQ2MDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/7/5Uyxx8H2RF6A08qBtUhocusJ
rNzFb9b3ARJEm2t3v+vjOeK4bYWZakLWVCFDDblVJhCkSuXv1fxHUMzvAO8UiOLV
+ixf9y7dqihd9c9uKLQ0s7h72DXR47IAagJhOJe6PtDiLHFAugTqQYqzT6mmoxn8
rZezpY0rtm8HNOQFwOcUCKYYODX5Q9qIY0Lhkt+21O/JZdvpwDuCsyqx/jatP4pb
YM6aD73IpmLeq3bno3usJA4r2QLA6ylM+YF2ueOXid0loJRcmlJEU3ipXrrOUSkL
+W1yZdCSQZeKxQ1ZeZ+Iack+/ZsE80tleIvLZCC12uAjtNQjrHJVSgbFuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJxtRdVPZfKtZzaclvzJVJztrWA9MB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIbZUTEMj
SSJbse33jMuEi/fNzXBmfmV94OOGKu8TFCZYcsDfIpEDAclWTRr/3caQnew5B5VY
4mXwL/ZnwkGIkvlmgORUqROrp/bZ13q86g54n1b6lCaRdHKiqfCw4xF5MTfTboTO
R8vpbb1fHZia85CjeHoYddO9hYXLVSUB3B6QaVbk4qvi3Gq5FC4qW94rj+swVBqL
IHYOKqAhmEly8Xqc0HoJmm+alta4HNX1aemp8MesKidQ6hG1WyagrdTJw8/lHNT9
rXMBSqVDikDGf6H7T31dLDSikAtQOO8PAUWUHVFeYMrFKY4NH4Do/i1J7NkQrbhv
6yCl7MkZEKOPOA==
-----END CERTIFICATE-----