Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
File:                     I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft (raw, json)
Hash identifier:          +oJ8tzrS3quhtnPYNmDFHT3sLLa+uqsw17pP3IN7vLQ=
Subject key identifier:   21:CE:05:CA:3C:EB:7A:98:29:9C:84:32:63:0D:CA:33:F6:EF:10:C6
Authority key identifier: 23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0
Certificate issuer:       /CN=23f91084058819889a4a8f32ea347759543134f0
Certificate serial:       01964A0FFD11768A16D971A4CFAD6BBB0563
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
Manifest number:          14F5
Signing time:             Fri 18 Apr 2025 18:01:23 +0000
Manifest this update:     Fri 18 Apr 2025 18:01:23 +0000
Manifest next update:     Sat 19 Apr 2025 18:01:23 +0000
Files and hashes:         1: I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl (hash: lU4CLbPpqgpNn08C3gU1r8Gr0LOvSvE/vjW/jB8prIc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 18:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4a:0f:fd:11:76:8a:16:d9:71:a4:cf:ad:6b:bb:05:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23f91084058819889a4a8f32ea347759543134f0
        Validity
            Not Before: Apr 18 18:01:23 2025 GMT
            Not After : Apr 19 18:01:23 2025 GMT
        Subject: CN=21ce05ca3ceb7a98299c8432630dca33f6ef10c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:b3:7b:6c:48:7d:bf:b9:31:aa:93:b2:da:97:
                    7a:e2:7a:dc:9b:f5:45:21:6d:f3:db:38:1f:03:b3:
                    53:d0:8e:56:04:a8:bc:4f:96:5c:ed:db:0f:fc:04:
                    e3:9a:c2:57:53:5b:09:45:13:46:68:d9:e6:31:48:
                    ce:97:a0:45:69:ac:2c:71:af:3c:21:30:42:94:33:
                    9b:3a:d5:f1:de:53:d3:c4:03:45:b0:f1:4d:b4:d7:
                    6b:d0:4b:88:94:8c:01:19:ca:4d:db:08:a3:e4:70:
                    d7:d6:ee:c1:a0:40:76:04:e6:ae:ea:9e:29:32:fa:
                    41:c8:75:fe:aa:88:e0:68:c6:d3:66:ae:e2:92:e0:
                    4f:52:ac:38:05:75:b1:14:32:16:f8:94:b8:0d:cf:
                    e8:b5:7c:60:48:af:44:a5:a8:53:52:0d:4d:b6:74:
                    3e:6d:52:3b:76:45:7a:a8:00:49:e4:df:fb:67:e6:
                    a5:f0:b6:91:8a:16:66:20:b4:47:f6:43:9b:2f:e4:
                    92:e3:6c:99:db:a0:c1:d3:97:e7:9a:2b:12:b7:18:
                    9e:ac:f0:d2:72:a6:8d:a4:17:88:fa:01:d2:77:e4:
                    0f:37:48:be:ed:d3:87:13:cb:d8:fe:f3:97:2e:de:
                    69:ea:60:22:2c:ee:a2:34:99:65:15:e4:bb:3c:1b:
                    55:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:CE:05:CA:3C:EB:7A:98:29:9C:84:32:63:0D:CA:33:F6:EF:10:C6
            X509v3 Authority Key Identifier:
                keyid:23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:a1:06:9e:d1:a5:e9:a3:41:92:21:6b:12:70:ae:ab:6e:04:
         46:38:c7:f2:d6:9e:60:cb:80:d0:69:d7:e2:b3:60:9e:b2:b4:
         ec:a9:a2:29:69:12:12:11:d7:fc:6d:48:5f:33:93:56:a0:15:
         2a:56:fb:94:2d:d5:48:de:71:00:7d:0b:e6:a7:ae:4c:18:b9:
         41:b6:fc:3c:7d:dc:2e:7b:46:ee:6e:c5:0b:11:6e:f9:8a:7e:
         ac:92:c7:cb:fd:4f:e7:da:06:9f:ec:5d:db:dc:f4:69:ca:8b:
         0c:48:67:32:e3:5a:1b:ec:e1:95:df:63:f7:1c:ae:4f:bf:03:
         58:c8:a6:00:9a:52:2a:6c:d3:52:dd:c5:53:76:dd:91:55:95:
         8b:f3:26:63:b3:db:cc:a1:83:de:99:c1:86:01:79:9a:7d:78:
         5a:5e:6b:be:f5:6c:e0:23:01:52:94:9b:b7:c3:63:69:08:5f:
         de:14:0d:f3:23:d4:97:61:29:22:72:22:39:cc:b0:d1:70:47:
         07:23:70:88:5c:76:2f:2e:f8:2d:61:48:e2:f4:91:c6:7f:0e:
         a9:33:5d:1e:00:b9:15:3b:1e:83:6b:b3:b3:47:63:51:26:01:
         3f:43:e5:95:fc:e8:73:aa:d0:ff:11:be:c9:da:d1:95:59:d5:
         43:be:64:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZKD/0RdooW2XGkz61ruwVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjkxMDg0MDU4ODE5ODg5YTRhOGYzMmVhMzQ3NzU5NTQz
MTM0ZjAwHhcNMjUwNDE4MTgwMTIzWhcNMjUwNDE5MTgwMTIzWjAzMTEwLwYDVQQD
EygyMWNlMDVjYTNjZWI3YTk4Mjk5Yzg0MzI2MzBkY2EzM2Y2ZWYxMGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7N7bEh9v7kxqpOy2pd64nrcm/VF
IW3z2zgfA7NT0I5WBKi8T5Zc7dsP/ATjmsJXU1sJRRNGaNnmMUjOl6BFaawsca88
ITBClDObOtXx3lPTxANFsPFNtNdr0EuIlIwBGcpN2wij5HDX1u7BoEB2BOau6p4p
MvpByHX+qojgaMbTZq7ikuBPUqw4BXWxFDIW+JS4Dc/otXxgSK9EpahTUg1NtnQ+
bVI7dkV6qABJ5N/7Z+al8LaRihZmILRH9kObL+SS42yZ26DB05fnmisStxierPDS
cqaNpBeI+gHSd+QPN0i+7dOHE8vY/vOXLt5p6mAiLO6iNJllFeS7PBtV6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCHOBco863qYKZyEMmMNyjP27xDGMB8GA1UdIwQY
MBaAFCP5EIQFiBmImkqPMuo0d1lUMTTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQt
ZmRjZWQ0NWQyZmVjLzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQtZmRjZWQ0NWQyZmVj
LzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABKEGntGl
6aNBkiFrEnCuq24ERjjH8taeYMuA0GnX4rNgnrK07KmiKWkSEhHX/G1IXzOTVqAV
Klb7lC3VSN5xAH0L5qeuTBi5Qbb8PH3cLntG7m7FCxFu+Yp+rJLHy/1P59oGn+xd
29z0acqLDEhnMuNaG+zhld9j9xyuT78DWMimAJpSKmzTUt3FU3bdkVWVi/MmY7Pb
zKGD3pnBhgF5mn14Wl5rvvVs4CMBUpSbt8NjaQhf3hQN8yPUl2EpInIiOcyw0XBH
ByNwiFx2Ly74LWFI4vSRxn8OqTNdHgC5FTseg2uzs0djUSYBP0Pllfzoc6rQ/xG+
ydrRlVnVQ75kBQ==
-----END CERTIFICATE-----