Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft
File:                     _4MmzOvF_DL70ONP7n85u6iPuaI.mft (raw, json)
Hash identifier:          inXmjp7wQxyb6A7IE/qX6vdVWRgNTlG8dZ/hMQwtvZ8=
Subject key identifier:   85:FE:73:3A:1F:DD:39:E6:A7:81:99:73:2B:E0:60:57:F0:E9:8B:2D
Authority key identifier: FF:83:26:CC:EB:C5:FC:32:FB:D0:E3:4F:EE:7F:39:BB:A8:8F:B9:A2
Certificate issuer:       /CN=ff8326ccebc5fc32fbd0e34fee7f39bba88fb9a2
Certificate serial:       01965613C044A7069E8B59A3F8B2F3ED818D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_4MmzOvF_DL70ONP7n85u6iPuaI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft
Manifest number:          107E
Signing time:             Mon 21 Apr 2025 02:00:56 +0000
Manifest this update:     Mon 21 Apr 2025 02:00:56 +0000
Manifest next update:     Tue 22 Apr 2025 02:00:56 +0000
Files and hashes:         1: _4MmzOvF_DL70ONP7n85u6iPuaI.crl (hash: yUUDwWKrfVxBBa8LxL9rdPWgxNZXnld+rzfcp3ZCo9U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_4MmzOvF_DL70ONP7n85u6iPuaI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:56:13:c0:44:a7:06:9e:8b:59:a3:f8:b2:f3:ed:81:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff8326ccebc5fc32fbd0e34fee7f39bba88fb9a2
        Validity
            Not Before: Apr 21 02:00:56 2025 GMT
            Not After : Apr 22 02:00:56 2025 GMT
        Subject: CN=85fe733a1fdd39e6a78199732be06057f0e98b2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:00:84:24:bd:c9:4e:41:8c:47:be:16:43:02:
                    31:ac:6c:01:96:06:f1:77:70:de:9b:68:64:ee:0d:
                    0a:97:00:c7:17:d6:31:cf:94:23:17:e6:27:a0:0c:
                    78:1a:85:3e:2c:a4:7f:6a:55:93:fe:3c:bb:40:86:
                    f1:ff:e5:9c:95:62:0b:a5:3d:78:e0:0c:b3:fa:c3:
                    9f:84:40:e6:2b:76:f7:35:fe:5b:f4:9f:a0:95:42:
                    66:5a:b0:2d:cc:cd:68:8f:de:aa:c7:34:0c:7d:19:
                    7a:b2:07:9c:cc:de:7a:ef:46:37:e0:4f:64:87:80:
                    bd:85:75:20:dd:97:49:95:f6:3c:0a:1d:fc:f8:0e:
                    59:00:0f:d0:2f:93:fe:33:c4:29:d8:5b:23:cf:44:
                    a6:71:e4:b1:99:a2:12:1a:bf:0e:b3:72:09:05:c3:
                    d7:7e:e3:d7:04:2a:4e:cb:e7:09:01:95:ea:06:53:
                    63:eb:b2:f4:e2:3d:a2:79:44:17:59:8a:a7:d5:3d:
                    be:82:04:45:ff:8e:7a:2b:c5:71:9d:7f:e5:89:73:
                    d2:5b:8a:72:42:1e:2d:ad:cf:6d:bc:1c:2e:e5:36:
                    5a:a6:92:32:c5:62:60:46:c2:3d:31:7e:ed:b7:ef:
                    86:4a:f7:64:d1:e4:94:ce:a0:fe:db:7e:92:dd:ae:
                    0f:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:FE:73:3A:1F:DD:39:E6:A7:81:99:73:2B:E0:60:57:F0:E9:8B:2D
            X509v3 Authority Key Identifier:
                keyid:FF:83:26:CC:EB:C5:FC:32:FB:D0:E3:4F:EE:7F:39:BB:A8:8F:B9:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4MmzOvF_DL70ONP7n85u6iPuaI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:26:24:d5:17:8d:bd:30:9c:cc:0c:ea:3b:b6:a9:9b:77:71:
         0a:09:bc:5b:b4:85:82:6c:42:f7:ac:78:1f:be:2a:65:1c:ee:
         05:d8:f7:6d:6d:bd:c3:de:e6:0a:bf:99:51:db:1c:94:0d:fa:
         34:3b:13:b5:3a:e4:43:9f:2b:b0:34:c3:b1:d7:7a:69:b9:d6:
         1c:31:c0:71:75:5c:df:11:56:9a:cf:d5:6c:5d:91:39:89:1d:
         62:08:8d:c8:56:52:fa:f9:cd:8d:0c:57:23:bd:7f:ce:f8:de:
         ad:63:72:3b:c3:60:bd:16:e1:ab:7e:7a:f5:5c:64:0e:c0:95:
         58:72:a0:8c:33:de:9c:83:af:f6:39:24:b0:70:ee:42:5d:7c:
         d1:7b:fc:1d:df:1e:72:87:de:f5:26:63:fd:38:19:84:a1:28:
         4e:fa:e4:fa:eb:6d:49:59:8f:17:fd:cd:1d:3b:85:bc:38:c8:
         b6:c2:37:d0:e7:a0:4e:38:43:9f:b3:b5:22:ab:c9:2b:04:eb:
         64:79:6f:03:ef:2f:8c:d2:be:2e:12:c1:ba:7e:5d:49:9b:58:
         9e:f1:53:f8:52:0f:0a:7f:66:87:56:84:08:2e:66:13:a9:4d:
         9c:38:a1:34:a8:ef:0c:fd:4e:73:69:d2:98:01:ea:aa:e0:eb:
         f1:73:5d:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWE8BEpwaei1mj+LLz7YGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODMyNmNjZWJjNWZjMzJmYmQwZTM0ZmVlN2YzOWJiYTg4
ZmI5YTIwHhcNMjUwNDIxMDIwMDU2WhcNMjUwNDIyMDIwMDU2WjAzMTEwLwYDVQQD
Eyg4NWZlNzMzYTFmZGQzOWU2YTc4MTk5NzMyYmUwNjA1N2YwZTk4YjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyACEJL3JTkGMR74WQwIxrGwBlgbx
d3Dem2hk7g0KlwDHF9Yxz5QjF+YnoAx4GoU+LKR/alWT/jy7QIbx/+WclWILpT14
4Ayz+sOfhEDmK3b3Nf5b9J+glUJmWrAtzM1oj96qxzQMfRl6sgeczN5670Y34E9k
h4C9hXUg3ZdJlfY8Ch38+A5ZAA/QL5P+M8Qp2Fsjz0SmceSxmaISGr8Os3IJBcPX
fuPXBCpOy+cJAZXqBlNj67L04j2ieUQXWYqn1T2+ggRF/456K8VxnX/liXPSW4py
Qh4trc9tvBwu5TZappIyxWJgRsI9MX7tt++GSvdk0eSUzqD+236S3a4PqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIX+czof3Tnmp4GZcyvgYFfw6YstMB8GA1UdIwQY
MBaAFP+DJszrxfwy+9DjT+5/Obuoj7miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRNbXpPdkZfREw3ME9OUDduODV1NmlQdWFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS82ZjViNmEtZjRiYi00ZmRlLThhNTEt
OGIxMzQ0YjdkNWE2LzEvXzRNbXpPdkZfREw3ME9OUDduODV1NmlQdWFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS82ZjViNmEtZjRiYi00ZmRlLThhNTEtOGIxMzQ0YjdkNWE2
LzEvXzRNbXpPdkZfREw3ME9OUDduODV1NmlQdWFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVyYk1ReN
vTCczAzqO7apm3dxCgm8W7SFgmxC96x4H74qZRzuBdj3bW29w97mCr+ZUdsclA36
NDsTtTrkQ58rsDTDsdd6abnWHDHAcXVc3xFWms/VbF2ROYkdYgiNyFZS+vnNjQxX
I71/zvjerWNyO8NgvRbhq3569VxkDsCVWHKgjDPenIOv9jkksHDuQl180Xv8Hd8e
cofe9SZj/TgZhKEoTvrk+uttSVmPF/3NHTuFvDjItsI30OegTjhDn7O1IqvJKwTr
ZHlvA+8vjNK+LhLBun5dSZtYnvFT+FIPCn9mh1aECC5mE6lNnDihNKjvDP1Oc2nS
mAHqquDr8XNdWQ==
-----END CERTIFICATE-----