Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft
File:                     cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft (raw, json)
Hash identifier:          +wjd4dJOR3c5pzR9AWOv9WQ/Skzd9JpjWpcYJ6IAiyA=
Subject key identifier:   ED:28:80:53:04:01:57:BE:8C:F1:6A:6E:9E:0C:11:55:F4:B9:9D:41
Authority key identifier: 72:6F:94:48:A9:10:D2:57:41:57:A3:04:03:F4:6C:11:72:AE:ED:B6
Certificate issuer:       /CN=726f9448a910d2574157a30403f46c1172aeedb6
Certificate serial:       01965492F04C3C25E06EC623F8B2F8AA4B24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cm-USKkQ0ldBV6MEA_RsEXKu7bY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft
Manifest number:          14FA
Signing time:             Sun 20 Apr 2025 19:00:38 +0000
Manifest this update:     Sun 20 Apr 2025 19:00:38 +0000
Manifest next update:     Mon 21 Apr 2025 19:00:38 +0000
Files and hashes:         1: cm-USKkQ0ldBV6MEA_RsEXKu7bY.crl (hash: QToo/KXgmyTozJ2ALvVLWvD0vwVosUM2r9kEkVH4vsg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cm-USKkQ0ldBV6MEA_RsEXKu7bY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 19:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:92:f0:4c:3c:25:e0:6e:c6:23:f8:b2:f8:aa:4b:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=726f9448a910d2574157a30403f46c1172aeedb6
        Validity
            Not Before: Apr 20 19:00:38 2025 GMT
            Not After : Apr 21 19:00:38 2025 GMT
        Subject: CN=ed288053040157be8cf16a6e9e0c1155f4b99d41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:1b:6c:a0:e0:30:10:b6:97:5e:4d:b9:d4:3a:
                    bf:58:85:5e:f6:36:1c:1c:c4:79:c0:90:3c:dd:17:
                    f3:04:85:54:4c:72:9a:ac:07:73:18:7d:80:b3:e5:
                    d9:a9:7b:91:c6:e8:cb:c8:29:31:b9:2a:68:a9:32:
                    af:ee:e6:24:06:6c:fc:91:3b:f4:0e:19:ba:76:63:
                    42:69:de:65:dc:6b:23:2f:c1:03:6d:2d:0c:dc:0b:
                    31:d6:da:0d:e8:fe:78:97:2c:13:56:d8:a7:70:f1:
                    56:d8:e9:24:40:28:44:a5:5b:d1:52:48:13:75:7e:
                    9e:62:81:ee:a6:62:85:99:b2:e5:cb:26:66:c5:65:
                    02:48:78:2d:f6:b8:05:55:36:e0:6e:50:9d:56:3c:
                    0a:07:9b:d6:67:fa:c3:ec:2b:30:f7:26:32:4a:cc:
                    b9:6e:22:b2:7c:3d:17:eb:95:fc:63:02:96:0c:f2:
                    b8:6a:20:f4:79:be:8d:2e:c6:0b:4c:2e:e4:6f:27:
                    bb:18:79:7e:fc:a5:0d:07:09:06:af:fd:7a:2a:f5:
                    b6:60:26:ed:e7:ff:db:d5:8f:4e:49:5b:30:ee:a1:
                    a9:09:a9:ab:98:33:0a:e8:d2:93:9d:25:43:3a:43:
                    50:ac:f7:79:d4:57:23:64:71:6a:c6:27:68:c1:fc:
                    31:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:28:80:53:04:01:57:BE:8C:F1:6A:6E:9E:0C:11:55:F4:B9:9D:41
            X509v3 Authority Key Identifier:
                keyid:72:6F:94:48:A9:10:D2:57:41:57:A3:04:03:F4:6C:11:72:AE:ED:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cm-USKkQ0ldBV6MEA_RsEXKu7bY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:cb:da:08:0a:c0:f9:b8:63:09:70:08:7b:46:12:75:0f:85:
         8f:d7:4b:30:50:d4:dc:58:74:28:45:c2:47:40:9c:15:e7:58:
         a6:ea:0b:6c:13:f8:c4:45:92:dd:a7:fe:3e:7b:e4:a6:4d:e1:
         66:3d:31:02:ab:34:a1:44:24:1e:ec:ab:38:a8:88:9d:3a:fd:
         14:d7:2d:bd:24:14:e9:e5:7d:cb:34:a8:95:2f:3e:c7:e2:2f:
         c0:04:3f:f1:0b:d1:78:f7:0e:1c:d0:77:68:d9:67:4c:eb:b4:
         85:60:6b:04:f2:57:c9:aa:a1:5e:04:c5:10:29:e6:04:32:39:
         57:19:54:72:c3:3f:90:ed:61:5b:2b:09:70:dc:07:e7:ed:6f:
         91:bb:bf:6b:94:7e:ab:fb:d1:3f:5a:04:0c:5c:01:79:c1:71:
         45:44:49:af:a4:08:ed:40:fe:ae:a7:27:63:e2:fb:5d:27:3a:
         70:8f:33:14:fa:c8:82:57:ca:e5:50:bf:d7:b2:43:18:ca:b0:
         99:55:27:e1:2f:91:02:29:e9:0c:fb:18:9b:09:ff:2b:05:bb:
         51:0f:e9:b6:44:7c:97:53:bf:96:13:26:08:18:9a:41:ec:2f:
         55:4b:4e:b3:10:8d:3b:1a:63:61:67:16:1c:20:07:df:03:f0:
         0d:be:42:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUkvBMPCXgbsYj+LL4qkskMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNmY5NDQ4YTkxMGQyNTc0MTU3YTMwNDAzZjQ2YzExNzJh
ZWVkYjYwHhcNMjUwNDIwMTkwMDM4WhcNMjUwNDIxMTkwMDM4WjAzMTEwLwYDVQQD
EyhlZDI4ODA1MzA0MDE1N2JlOGNmMTZhNmU5ZTBjMTE1NWY0Yjk5ZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhtsoOAwELaXXk251Dq/WIVe9jYc
HMR5wJA83RfzBIVUTHKarAdzGH2As+XZqXuRxujLyCkxuSpoqTKv7uYkBmz8kTv0
Dhm6dmNCad5l3GsjL8EDbS0M3Asx1toN6P54lywTVtincPFW2OkkQChEpVvRUkgT
dX6eYoHupmKFmbLlyyZmxWUCSHgt9rgFVTbgblCdVjwKB5vWZ/rD7Csw9yYySsy5
biKyfD0X65X8YwKWDPK4aiD0eb6NLsYLTC7kbye7GHl+/KUNBwkGr/16KvW2YCbt
5//b1Y9OSVsw7qGpCamrmDMK6NKTnSVDOkNQrPd51FcjZHFqxidowfwxiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO0ogFMEAVe+jPFqbp4MEVX0uZ1BMB8GA1UdIwQY
MBaAFHJvlEipENJXQVejBAP0bBFyru22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY20tVVNLa1EwbGRCVjZNRUFfUnNFWEt1N2JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9lN2UzNmUtYTMyMy00ZjQ3LWE3NzYt
NjZiMTQxMTk0ZmQyLzEvY20tVVNLa1EwbGRCVjZNRUFfUnNFWEt1N2JZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9lN2UzNmUtYTMyMy00ZjQ3LWE3NzYtNjZiMTQxMTk0ZmQy
LzEvY20tVVNLa1EwbGRCVjZNRUFfUnNFWEt1N2JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMsvaCArA
+bhjCXAIe0YSdQ+Fj9dLMFDU3Fh0KEXCR0CcFedYpuoLbBP4xEWS3af+Pnvkpk3h
Zj0xAqs0oUQkHuyrOKiInTr9FNctvSQU6eV9yzSolS8+x+IvwAQ/8QvRePcOHNB3
aNlnTOu0hWBrBPJXyaqhXgTFECnmBDI5VxlUcsM/kO1hWysJcNwH5+1vkbu/a5R+
q/vRP1oEDFwBecFxRURJr6QI7UD+rqcnY+L7XSc6cI8zFPrIglfK5VC/17JDGMqw
mVUn4S+RAinpDPsYmwn/KwW7UQ/ptkR8l1O/lhMmCBiaQewvVUtOsxCNOxpjYWcW
HCAH3wPwDb5Cxw==
-----END CERTIFICATE-----