Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
File:                     _tPwXKP9-ef5nGXMagpnJPWTGnA.mft (raw, json)
Hash identifier:          YtDxFXKWQ5MqwZKShSL4pZ2wWF8gitCvILctGNZN5v0=
Subject key identifier:   FE:3C:91:C7:2C:5E:15:E1:D5:80:80:3B:AD:0D:34:8B:52:EC:CF:7D
Authority key identifier: FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70
Certificate issuer:       /CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
Certificate serial:       019659155AC807DC2E2EA68FFB58B40DC8AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
Manifest number:          14FB
Signing time:             Mon 21 Apr 2025 16:01:33 +0000
Manifest this update:     Mon 21 Apr 2025 16:01:33 +0000
Manifest next update:     Tue 22 Apr 2025 16:01:33 +0000
Files and hashes:         1: _tPwXKP9-ef5nGXMagpnJPWTGnA.crl (hash: m4tAIRejiaeUp4yEnSnuRMLGfTXpfznRxPFBXyQHKUY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 13:46:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:15:5a:c8:07:dc:2e:2e:a6:8f:fb:58:b4:0d:c8:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
        Validity
            Not Before: Apr 21 16:01:33 2025 GMT
            Not After : Apr 22 16:01:33 2025 GMT
        Subject: CN=fe3c91c72c5e15e1d580803bad0d348b52eccf7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:d5:4e:a5:f7:ec:3b:6d:c9:e0:58:df:f6:cc:
                    ae:aa:9a:be:01:a7:53:72:6d:31:2a:da:24:6e:70:
                    b0:3d:bf:8d:f3:f5:91:7e:e4:12:60:64:39:04:0f:
                    fd:a8:f2:c2:5c:d5:57:97:f3:19:eb:39:0f:61:c6:
                    53:82:51:33:82:db:0c:9c:f7:05:a7:79:74:65:d1:
                    c3:01:e6:3a:66:28:e2:36:aa:66:7c:ee:02:66:8a:
                    84:24:a3:11:c5:b9:9e:85:d8:c8:09:1f:ef:0d:c1:
                    a4:ee:29:da:24:80:09:53:45:a5:77:f5:83:eb:4f:
                    2e:f6:c5:4b:ae:23:a6:bf:71:cc:95:65:b5:62:33:
                    c8:b3:ea:1a:d7:8b:62:ad:1a:43:be:a0:72:2a:d1:
                    68:8e:bb:39:66:c7:49:cd:b8:0d:73:68:85:08:cd:
                    eb:ba:db:48:85:8e:0e:ac:82:e1:1d:3c:0e:f6:d9:
                    c5:bb:6a:e0:2f:49:ec:32:a8:77:6e:8e:58:cb:31:
                    42:5c:1f:30:05:51:e2:a1:ed:53:53:58:8b:f7:df:
                    e5:29:c2:2f:9f:b5:54:9f:d7:8b:46:6c:a3:6d:84:
                    7d:3a:65:f4:18:13:16:f6:b9:34:d4:f4:d8:12:dc:
                    97:64:63:a7:ab:9b:b7:7c:d6:b1:36:dc:d2:94:4b:
                    d0:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:3C:91:C7:2C:5E:15:E1:D5:80:80:3B:AD:0D:34:8B:52:EC:CF:7D
            X509v3 Authority Key Identifier:
                keyid:FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:39:79:7b:02:0f:17:b6:73:c5:a4:87:3b:12:43:a8:da:ea:
         76:bf:57:6d:c6:9d:7f:3e:c2:e4:bd:7a:49:23:1d:1b:1a:ec:
         e6:61:e6:51:b1:06:85:ae:8f:e9:40:c8:13:66:dc:a8:56:89:
         ca:39:06:5e:be:2c:3e:10:bd:59:0e:8f:2a:f3:55:cb:46:1c:
         a2:18:48:bf:68:3c:9e:23:28:cd:5f:fb:f7:d9:41:da:9a:2e:
         ff:66:a7:0f:4b:6a:0f:74:26:d4:91:ae:8e:6f:fe:6b:6e:57:
         06:4a:f5:e7:51:7b:ef:80:ab:9a:73:d3:a0:89:d8:fa:ff:8b:
         18:7d:ba:c4:e9:f9:22:a0:75:c0:31:97:f2:0d:ac:d0:11:8d:
         ff:be:03:b7:d8:cb:78:99:a4:10:b3:ac:0c:78:3a:3b:cf:3d:
         7b:5d:c2:58:df:1b:66:7b:52:fa:d1:6a:03:07:4b:89:33:52:
         98:a2:83:03:28:73:a0:d1:e6:8d:16:0d:06:8d:6a:f5:45:4e:
         fb:1e:d1:c4:b9:15:b4:f9:64:57:43:1e:e8:ff:d3:23:d3:95:
         9c:95:0f:d9:39:19:2a:56:44:0f:52:28:22:8f:9e:4b:e1:44:
         8b:9c:23:6f:51:50:9a:07:4a:96:df:b5:52:08:28:f3:13:ae:
         fa:8d:e4:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZFVrIB9wuLqaP+1i0DcirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDNmMDVjYTNmZGY5ZTdmOTljNjVjYzZhMGE2NzI0ZjU5
MzFhNzAwHhcNMjUwNDIxMTYwMTMzWhcNMjUwNDIyMTYwMTMzWjAzMTEwLwYDVQQD
EyhmZTNjOTFjNzJjNWUxNWUxZDU4MDgwM2JhZDBkMzQ4YjUyZWNjZjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9VOpffsO23J4Fjf9syuqpq+AadT
cm0xKtokbnCwPb+N8/WRfuQSYGQ5BA/9qPLCXNVXl/MZ6zkPYcZTglEzgtsMnPcF
p3l0ZdHDAeY6ZijiNqpmfO4CZoqEJKMRxbmehdjICR/vDcGk7inaJIAJU0Wld/WD
608u9sVLriOmv3HMlWW1YjPIs+oa14tirRpDvqByKtFojrs5ZsdJzbgNc2iFCM3r
uttIhY4OrILhHTwO9tnFu2rgL0nsMqh3bo5YyzFCXB8wBVHioe1TU1iL99/lKcIv
n7VUn9eLRmyjbYR9OmX0GBMW9rk01PTYEtyXZGOnq5u3fNaxNtzSlEvQrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP48kccsXhXh1YCAO60NNItS7M99MB8GA1UdIwQY
MBaAFP7T8Fyj/fnn+ZxlzGoKZyT1kxpwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWIt
YWM1ZWU2MjViYWJjLzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWItYWM1ZWU2MjViYWJj
LzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdjl5ewIP
F7ZzxaSHOxJDqNrqdr9Xbcadfz7C5L16SSMdGxrs5mHmUbEGha6P6UDIE2bcqFaJ
yjkGXr4sPhC9WQ6PKvNVy0YcohhIv2g8niMozV/799lB2pou/2anD0tqD3Qm1JGu
jm/+a25XBkr151F774CrmnPToInY+v+LGH26xOn5IqB1wDGX8g2s0BGN/74Dt9jL
eJmkELOsDHg6O889e13CWN8bZntS+tFqAwdLiTNSmKKDAyhzoNHmjRYNBo1q9UVO
+x7RxLkVtPlkV0Me6P/TI9OVnJUP2TkZKlZED1IoIo+eS+FEi5wjb1FQmgdKlt+1
Uggo8xOu+o3k6g==
-----END CERTIFICATE-----