Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/55b8b2-18d4-4527-8f6b-56e44f9f9914/1/fgTdnIKxkaXwnWBspVDAF3ha7sQ.mft
File:                     fgTdnIKxkaXwnWBspVDAF3ha7sQ.mft (raw, json)
Hash identifier:          d4TJSaD+DwHs6kIMMHqs98nlzUxHyTwtylN6futKKIk=
Subject key identifier:   09:6D:E4:09:AC:63:06:59:71:B9:8D:50:10:FC:DE:C3:C8:55:50:CD
Authority key identifier: 7E:04:DD:9C:82:B1:91:A5:F0:9D:60:6C:A5:50:C0:17:78:5A:EE:C4
Certificate issuer:       /CN=7e04dd9c82b191a5f09d606ca550c017785aeec4
Certificate serial:       01965538A7FF9E0523E3C20145960A9D88DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fgTdnIKxkaXwnWBspVDAF3ha7sQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/55b8b2-18d4-4527-8f6b-56e44f9f9914/1/fgTdnIKxkaXwnWBspVDAF3ha7sQ.mft
Manifest number:          14FA
Signing time:             Sun 20 Apr 2025 22:01:38 +0000
Manifest this update:     Sun 20 Apr 2025 22:01:38 +0000
Manifest next update:     Mon 21 Apr 2025 22:01:38 +0000
Files and hashes:         1: fgTdnIKxkaXwnWBspVDAF3ha7sQ.crl (hash: sr9UQDFoJ6awiaTQW31NbF4pKhkWApyynqpQkmOYUKY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/55b8b2-18d4-4527-8f6b-56e44f9f9914/1/fgTdnIKxkaXwnWBspVDAF3ha7sQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/55b8b2-18d4-4527-8f6b-56e44f9f9914/1/fgTdnIKxkaXwnWBspVDAF3ha7sQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fgTdnIKxkaXwnWBspVDAF3ha7sQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:38:a7:ff:9e:05:23:e3:c2:01:45:96:0a:9d:88:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7e04dd9c82b191a5f09d606ca550c017785aeec4
        Validity
            Not Before: Apr 20 22:01:38 2025 GMT
            Not After : Apr 21 22:01:38 2025 GMT
        Subject: CN=096de409ac63065971b98d5010fcdec3c85550cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:a9:d3:6a:ef:05:93:c9:c0:59:bb:2d:60:b3:
                    5d:09:c2:9d:96:2b:21:e3:d1:99:70:bd:55:5a:24:
                    b4:5d:d7:59:05:73:8b:ad:65:d9:06:e2:34:94:eb:
                    5b:e4:ed:c5:cf:95:cd:d4:4c:a4:5d:39:e8:b3:62:
                    fe:9f:6e:b6:e1:7d:d8:03:84:e3:87:31:52:53:92:
                    08:35:35:fb:4d:78:37:3b:bf:13:e4:2d:a9:66:44:
                    36:de:16:d5:fd:46:48:61:d0:37:36:56:21:58:7e:
                    f0:e8:b0:a5:39:4d:8a:cc:24:00:97:d5:91:37:1f:
                    d7:d4:dc:ad:82:6a:11:93:f7:52:b6:d1:ce:bc:bd:
                    e5:a1:44:8d:ae:6a:4d:91:b6:e7:5f:9e:29:0b:fe:
                    5b:bb:09:f5:62:b7:31:c1:b0:f7:e1:2e:a6:ef:76:
                    47:d7:fc:1e:c5:b4:62:d1:19:61:f7:a1:00:03:9e:
                    28:e5:58:c7:28:40:08:45:2f:79:68:29:97:16:11:
                    f3:03:8a:90:c6:a4:00:8a:a8:30:88:8c:f9:d5:73:
                    75:d2:74:9e:cc:81:ad:2c:a7:82:e8:91:17:26:e8:
                    6a:49:90:59:67:8c:cc:1e:62:a8:74:ce:e1:24:a0:
                    f8:90:67:b5:ea:4f:b7:c6:b4:e6:84:f7:fa:4d:93:
                    00:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:6D:E4:09:AC:63:06:59:71:B9:8D:50:10:FC:DE:C3:C8:55:50:CD
            X509v3 Authority Key Identifier:
                keyid:7E:04:DD:9C:82:B1:91:A5:F0:9D:60:6C:A5:50:C0:17:78:5A:EE:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fgTdnIKxkaXwnWBspVDAF3ha7sQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/55b8b2-18d4-4527-8f6b-56e44f9f9914/1/fgTdnIKxkaXwnWBspVDAF3ha7sQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/55b8b2-18d4-4527-8f6b-56e44f9f9914/1/fgTdnIKxkaXwnWBspVDAF3ha7sQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:4e:9b:5d:43:a7:23:c5:e5:8d:d2:f5:d6:45:0d:58:b5:fb:
         27:37:9c:50:ef:36:cd:1e:44:67:96:aa:57:43:6f:b1:fd:6b:
         90:f8:de:8d:d5:46:a2:5b:08:74:8b:3f:76:b9:ff:b4:1e:a9:
         bc:fc:61:6a:af:7a:9e:58:8b:43:68:49:51:2a:3a:17:fe:11:
         4d:d2:c9:de:70:c1:c5:c0:0f:97:d7:fd:17:e7:8e:4f:bc:d4:
         a1:aa:27:3c:f8:e6:2a:30:83:61:40:ee:03:df:fb:9c:e5:43:
         17:96:fc:f1:f9:47:01:a1:ed:c6:ab:55:15:23:86:dc:52:56:
         86:9f:9b:91:cc:39:24:ee:d4:de:4f:e9:57:d6:88:fb:61:03:
         b3:49:e2:6d:60:4b:79:cb:85:d1:2e:d3:c0:06:f3:99:1d:a5:
         8c:2f:ed:ed:8b:26:80:5e:dc:d3:c3:e2:72:6c:3c:c7:25:c3:
         8e:23:73:2d:ce:54:ff:e7:6b:b2:65:ee:af:f6:c2:c1:de:49:
         79:22:35:c1:18:cf:6b:fc:15:5c:29:10:0a:ac:e0:42:35:48:
         c3:93:bd:ef:14:a9:22:c6:29:5f:1d:ff:b6:4f:1a:e6:fa:07:
         24:e9:fc:20:3c:48:ab:f3:b7:7c:a3:d5:0b:fc:3a:73:7f:84:
         1d:cf:cd:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVOKf/ngUj48IBRZYKnYjeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMDRkZDljODJiMTkxYTVmMDlkNjA2Y2E1NTBjMDE3Nzg1
YWVlYzQwHhcNMjUwNDIwMjIwMTM4WhcNMjUwNDIxMjIwMTM4WjAzMTEwLwYDVQQD
EygwOTZkZTQwOWFjNjMwNjU5NzFiOThkNTAxMGZjZGVjM2M4NTU1MGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqnTau8Fk8nAWbstYLNdCcKdlish
49GZcL1VWiS0XddZBXOLrWXZBuI0lOtb5O3Fz5XN1EykXTnos2L+n2624X3YA4Tj
hzFSU5IINTX7TXg3O78T5C2pZkQ23hbV/UZIYdA3NlYhWH7w6LClOU2KzCQAl9WR
Nx/X1NytgmoRk/dSttHOvL3loUSNrmpNkbbnX54pC/5buwn1YrcxwbD34S6m73ZH
1/wexbRi0Rlh96EAA54o5VjHKEAIRS95aCmXFhHzA4qQxqQAiqgwiIz51XN10nSe
zIGtLKeC6JEXJuhqSZBZZ4zMHmKodM7hJKD4kGe16k+3xrTmhPf6TZMA6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAlt5AmsYwZZcbmNUBD83sPIVVDNMB8GA1UdIwQY
MBaAFH4E3ZyCsZGl8J1gbKVQwBd4Wu7EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmdUZG5JS3hrYVh3bldCc3BWREFGM2hhN3NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81NWI4YjItMThkNC00NTI3LThmNmIt
NTZlNDRmOWY5OTE0LzEvZmdUZG5JS3hrYVh3bldCc3BWREFGM2hhN3NRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS81NWI4YjItMThkNC00NTI3LThmNmItNTZlNDRmOWY5OTE0
LzEvZmdUZG5JS3hrYVh3bldCc3BWREFGM2hhN3NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi06bXUOn
I8XljdL11kUNWLX7JzecUO82zR5EZ5aqV0Nvsf1rkPjejdVGolsIdIs/drn/tB6p
vPxhaq96nliLQ2hJUSo6F/4RTdLJ3nDBxcAPl9f9F+eOT7zUoaonPPjmKjCDYUDu
A9/7nOVDF5b88flHAaHtxqtVFSOG3FJWhp+bkcw5JO7U3k/pV9aI+2EDs0nibWBL
ecuF0S7TwAbzmR2ljC/t7YsmgF7c08Picmw8xyXDjiNzLc5U/+drsmXur/bCwd5J
eSI1wRjPa/wVXCkQCqzgQjVIw5O97xSpIsYpXx3/tk8a5voHJOn8IDxIq/O3fKPV
C/w6c3+EHc/N7Q==
-----END CERTIFICATE-----