Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8f063c-119a-47a0-8b0d-6d2b2ba2a88a/1/r_8Tpn8iXDwqYGZYwjlluBkdQAg.mft
File:                     r_8Tpn8iXDwqYGZYwjlluBkdQAg.mft (raw, json)
Hash identifier:          qH7TFDCg0EIQIpXNlTZfL+lcW2G+3+gm435tAlCwu7g=
Subject key identifier:   37:4C:4D:53:21:33:9D:B9:61:20:50:89:D0:97:AA:7D:89:D2:1B:C0
Authority key identifier: AF:FF:13:A6:7F:22:5C:3C:2A:60:66:58:C2:39:65:B8:19:1D:40:08
Certificate issuer:       /CN=afff13a67f225c3c2a606658c23965b8191d4008
Certificate serial:       019643D6DD2DF58F201C5C778EFE02136CFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r_8Tpn8iXDwqYGZYwjlluBkdQAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/8f063c-119a-47a0-8b0d-6d2b2ba2a88a/1/r_8Tpn8iXDwqYGZYwjlluBkdQAg.mft
Manifest number:          0B1A
Signing time:             Thu 17 Apr 2025 13:01:16 +0000
Manifest this update:     Thu 17 Apr 2025 13:01:16 +0000
Manifest next update:     Fri 18 Apr 2025 13:01:16 +0000
Files and hashes:         1: r_8Tpn8iXDwqYGZYwjlluBkdQAg.crl (hash: jsgdvegaaqhlBNTRym4JYsDLfkw3uFuuqXOkL+F+QIw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/8f063c-119a-47a0-8b0d-6d2b2ba2a88a/1/r_8Tpn8iXDwqYGZYwjlluBkdQAg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/8f063c-119a-47a0-8b0d-6d2b2ba2a88a/1/r_8Tpn8iXDwqYGZYwjlluBkdQAg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r_8Tpn8iXDwqYGZYwjlluBkdQAg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 13:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:43:d6:dd:2d:f5:8f:20:1c:5c:77:8e:fe:02:13:6c:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=afff13a67f225c3c2a606658c23965b8191d4008
        Validity
            Not Before: Apr 17 13:01:16 2025 GMT
            Not After : Apr 18 13:01:16 2025 GMT
        Subject: CN=374c4d5321339db961205089d097aa7d89d21bc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:95:39:4b:b0:04:ff:87:a3:55:d5:63:77:f6:
                    70:0f:ea:86:fc:4f:24:7e:1a:d5:d5:de:af:6b:05:
                    be:11:89:a2:d8:15:81:ff:0a:d6:76:03:14:14:1c:
                    e9:36:5f:cc:27:d9:ac:24:46:6b:3d:39:1a:21:1d:
                    08:02:9f:04:9b:35:2e:1f:30:95:19:53:14:71:b0:
                    34:29:bf:a4:ca:c8:da:e0:bf:bf:91:e8:b8:4f:35:
                    ed:d8:98:a5:6c:d4:a8:06:64:c6:a6:27:69:74:a2:
                    11:ac:22:1e:2d:1b:ce:dd:fc:07:b5:66:99:73:19:
                    d6:54:fb:be:1c:ef:0b:42:94:d2:92:1b:fc:d9:bf:
                    f5:4b:a6:77:db:b7:75:64:50:86:c5:a7:e4:92:ec:
                    48:e1:ae:1e:23:e1:88:f0:db:56:77:b9:8b:e5:92:
                    01:c3:4e:42:f0:7b:f0:a9:35:99:5e:24:ef:1a:a9:
                    f6:c8:d5:a9:aa:fa:7e:6a:66:0b:9d:ce:04:54:60:
                    e1:a7:56:ad:66:c3:36:e1:0a:2f:30:9d:17:9b:a4:
                    6f:cc:f3:d1:36:a7:e9:5a:95:49:93:db:fe:b6:16:
                    e5:c3:fe:84:99:01:80:53:ac:05:b3:0a:ae:0c:78:
                    74:78:21:95:67:b5:13:c3:2f:ed:03:00:1d:af:65:
                    ce:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:4C:4D:53:21:33:9D:B9:61:20:50:89:D0:97:AA:7D:89:D2:1B:C0
            X509v3 Authority Key Identifier:
                keyid:AF:FF:13:A6:7F:22:5C:3C:2A:60:66:58:C2:39:65:B8:19:1D:40:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_8Tpn8iXDwqYGZYwjlluBkdQAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8f063c-119a-47a0-8b0d-6d2b2ba2a88a/1/r_8Tpn8iXDwqYGZYwjlluBkdQAg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8f063c-119a-47a0-8b0d-6d2b2ba2a88a/1/r_8Tpn8iXDwqYGZYwjlluBkdQAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:70:4a:52:e3:82:f1:14:b0:7d:fe:0a:84:6c:0e:7e:fc:b5:
         5a:6f:6d:3c:23:8e:bd:d8:fc:3e:10:b8:c0:da:9a:ab:a5:e4:
         b5:25:40:bc:89:37:8f:a0:c6:22:dd:51:54:55:38:fb:49:0d:
         35:52:c2:ff:0e:24:9f:b2:8e:27:af:a9:57:65:77:b5:38:c1:
         e4:5e:4b:50:01:a8:28:e5:e3:8b:5f:67:cf:a1:a7:66:2d:b1:
         85:be:84:22:d2:46:ac:03:86:87:86:07:01:c1:a4:cb:18:37:
         e2:8e:e7:4b:af:85:63:a9:bd:b5:68:a9:81:17:d7:6e:f6:a3:
         8d:60:83:c8:97:68:5a:f4:2b:84:60:5f:71:78:35:2e:65:2d:
         cd:c4:87:8a:d1:c0:b0:f2:df:23:36:7c:47:07:d6:cb:88:59:
         54:44:9d:20:1b:87:15:7e:5a:3e:61:55:80:5c:f4:23:69:2f:
         e9:2f:38:f9:0c:87:7b:75:7e:0b:49:39:65:d8:33:5d:1a:94:
         a9:24:de:27:06:7c:90:dc:23:0b:16:d6:e2:52:bb:a1:5e:ce:
         fe:0c:a0:a8:f5:33:d2:cd:ef:07:8b:ef:20:cd:af:e7:a3:4b:
         39:cc:b1:b8:ab:76:3c:c9:de:86:fa:57:63:98:97:db:07:7e:
         d6:0b:f9:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZD1t0t9Y8gHFx3jv4CE2z/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZmYxM2E2N2YyMjVjM2MyYTYwNjY1OGMyMzk2NWI4MTkx
ZDQwMDgwHhcNMjUwNDE3MTMwMTE2WhcNMjUwNDE4MTMwMTE2WjAzMTEwLwYDVQQD
EygzNzRjNGQ1MzIxMzM5ZGI5NjEyMDUwODlkMDk3YWE3ZDg5ZDIxYmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpU5S7AE/4ejVdVjd/ZwD+qG/E8k
fhrV1d6vawW+EYmi2BWB/wrWdgMUFBzpNl/MJ9msJEZrPTkaIR0IAp8EmzUuHzCV
GVMUcbA0Kb+kysja4L+/kei4TzXt2JilbNSoBmTGpidpdKIRrCIeLRvO3fwHtWaZ
cxnWVPu+HO8LQpTSkhv82b/1S6Z327d1ZFCGxafkkuxI4a4eI+GI8NtWd7mL5ZIB
w05C8HvwqTWZXiTvGqn2yNWpqvp+amYLnc4EVGDhp1atZsM24QovMJ0Xm6RvzPPR
NqfpWpVJk9v+thblw/6EmQGAU6wFswquDHh0eCGVZ7UTwy/tAwAdr2XOXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDdMTVMhM525YSBQidCXqn2J0hvAMB8GA1UdIwQY
MBaAFK//E6Z/Ilw8KmBmWMI5ZbgZHUAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl84VHBuOGlYRHdxWUdaWXdqbGx1QmtkUUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84ZjA2M2MtMTE5YS00N2EwLThiMGQt
NmQyYjJiYTJhODhhLzEvcl84VHBuOGlYRHdxWUdaWXdqbGx1QmtkUUFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84ZjA2M2MtMTE5YS00N2EwLThiMGQtNmQyYjJiYTJhODhh
LzEvcl84VHBuOGlYRHdxWUdaWXdqbGx1QmtkUUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHnBKUuOC
8RSwff4KhGwOfvy1Wm9tPCOOvdj8PhC4wNqaq6XktSVAvIk3j6DGIt1RVFU4+0kN
NVLC/w4kn7KOJ6+pV2V3tTjB5F5LUAGoKOXji19nz6GnZi2xhb6EItJGrAOGh4YH
AcGkyxg34o7nS6+FY6m9tWipgRfXbvajjWCDyJdoWvQrhGBfcXg1LmUtzcSHitHA
sPLfIzZ8RwfWy4hZVESdIBuHFX5aPmFVgFz0I2kv6S84+QyHe3V+C0k5ZdgzXRqU
qSTeJwZ8kNwjCxbW4lK7oV7O/gygqPUz0s3vB4vvIM2v56NLOcyxuKt2PMnehvpX
Y5iX2wd+1gv5UA==
-----END CERTIFICATE-----