Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft
File:                     TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft (raw, json)
Hash identifier:          Q/YUe9hQmPHRX88MP2bT+HWWEDQ6Aw8e/0SFkGMjMbE=
Subject key identifier:   91:D0:EA:44:9B:B4:9A:4E:1C:87:D1:D7:1D:54:3B:86:75:00:FE:FE
Authority key identifier: 4C:00:06:E0:58:96:F6:FF:B3:01:61:E7:C8:DD:A2:F9:AD:05:B5:61
Certificate issuer:       /CN=4c0006e05896f6ffb30161e7c8dda2f9ad05b561
Certificate serial:       01964DEC17DB351AEDD14CAA4B348CD39C6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft
Manifest number:          1457
Signing time:             Sat 19 Apr 2025 12:00:40 +0000
Manifest this update:     Sat 19 Apr 2025 12:00:40 +0000
Manifest next update:     Sun 20 Apr 2025 12:00:40 +0000
Files and hashes:         1: TAAG4FiW9v-zAWHnyN2i-a0FtWE.crl (hash: Aav8io/fQlya2tnpZLq56M3TpdNhBMLOFjWKAhOfPvE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:ec:17:db:35:1a:ed:d1:4c:aa:4b:34:8c:d3:9c:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c0006e05896f6ffb30161e7c8dda2f9ad05b561
        Validity
            Not Before: Apr 19 12:00:40 2025 GMT
            Not After : Apr 20 12:00:40 2025 GMT
        Subject: CN=91d0ea449bb49a4e1c87d1d71d543b867500fefe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:a9:72:f3:3b:5d:a5:81:03:c2:ea:89:06:4a:
                    04:36:8d:e5:61:b7:dd:9b:9e:bf:99:a8:13:f3:71:
                    f7:66:5e:a0:40:f4:93:bc:8b:a6:08:25:9c:b8:2e:
                    eb:92:cf:f1:b8:5c:9d:4c:bb:fd:68:da:16:c6:b9:
                    fc:56:7f:19:92:f4:9b:26:f8:0d:93:cc:ad:f4:16:
                    bc:ad:9e:7f:e9:23:3d:ad:d1:17:48:34:bf:41:54:
                    b7:95:f1:7b:0e:3b:c5:5f:53:6a:3e:ea:62:b8:d0:
                    ef:30:e5:56:8d:cf:75:52:0d:47:8c:7e:84:6c:66:
                    ac:58:b4:db:c9:7b:2b:ea:31:80:44:45:b3:00:b6:
                    07:7c:da:d7:93:e4:19:30:bd:a2:4b:b6:e1:b0:ad:
                    86:71:c3:ac:c8:7a:53:8a:bb:8f:3f:66:72:2d:92:
                    5f:d6:a1:1a:fc:96:d0:a8:63:5e:0f:50:38:d3:3b:
                    0b:34:82:8e:58:f9:95:2a:84:85:7e:1a:b2:1f:03:
                    ee:ff:ea:8b:c9:2c:a7:66:79:03:85:9f:a6:7d:2a:
                    ff:e0:20:f4:d8:eb:8b:be:e5:0f:2b:d2:aa:5b:f6:
                    13:ee:26:90:1b:97:eb:51:f7:93:52:9b:a8:19:d2:
                    93:81:48:cc:5b:c7:f7:9b:59:cc:2d:95:a9:88:d9:
                    16:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:D0:EA:44:9B:B4:9A:4E:1C:87:D1:D7:1D:54:3B:86:75:00:FE:FE
            X509v3 Authority Key Identifier:
                keyid:4C:00:06:E0:58:96:F6:FF:B3:01:61:E7:C8:DD:A2:F9:AD:05:B5:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:8b:3a:24:d9:85:57:1c:42:75:35:c6:ad:b9:7e:d1:e9:34:
         ac:d7:ea:2d:ea:6d:12:16:96:f8:15:c3:c6:97:52:7e:eb:23:
         22:39:34:c0:70:63:29:7f:05:b6:f2:cf:dc:11:cb:f1:b1:31:
         6a:f4:9c:11:e4:c9:93:04:d2:61:fa:c2:d0:9d:84:84:15:c7:
         00:43:cb:56:ae:6f:24:0c:6d:13:be:37:e3:26:dc:b4:bb:35:
         a9:2a:16:98:d5:28:80:24:42:60:fa:0c:8b:4c:43:43:70:ff:
         b9:e2:35:a1:4d:07:b8:ca:78:24:5d:e3:90:3d:0c:77:6e:26:
         60:36:0b:a1:e8:72:74:11:f3:9b:d6:36:f2:a5:e7:b4:22:16:
         87:cb:a0:f2:04:76:0a:94:78:b3:3b:77:a0:9f:a9:12:9d:e0:
         23:87:fb:e8:23:81:d1:dc:20:98:df:69:9c:6f:84:60:f6:4b:
         8d:8b:6d:12:b8:dd:8d:83:4b:cf:8a:39:9a:5b:ad:ae:5d:56:
         98:09:f6:59:a4:5c:a4:b6:f0:26:18:e6:6d:81:d8:a9:84:c3:
         89:42:29:ec:7c:27:ff:57:90:8c:8f:30:42:05:02:be:87:48:
         15:80:85:14:e5:5a:19:8c:4c:7a:f5:ec:4f:92:3c:8b:5e:ed:
         bd:e7:89:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZN7BfbNRrt0UyqSzSM05xqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMDAwNmUwNTg5NmY2ZmZiMzAxNjFlN2M4ZGRhMmY5YWQw
NWI1NjEwHhcNMjUwNDE5MTIwMDQwWhcNMjUwNDIwMTIwMDQwWjAzMTEwLwYDVQQD
Eyg5MWQwZWE0NDliYjQ5YTRlMWM4N2QxZDcxZDU0M2I4Njc1MDBmZWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaly8ztdpYEDwuqJBkoENo3lYbfd
m56/magT83H3Zl6gQPSTvIumCCWcuC7rks/xuFydTLv9aNoWxrn8Vn8ZkvSbJvgN
k8yt9Ba8rZ5/6SM9rdEXSDS/QVS3lfF7DjvFX1NqPupiuNDvMOVWjc91Ug1HjH6E
bGasWLTbyXsr6jGAREWzALYHfNrXk+QZML2iS7bhsK2GccOsyHpTiruPP2ZyLZJf
1qEa/JbQqGNeD1A40zsLNIKOWPmVKoSFfhqyHwPu/+qLySynZnkDhZ+mfSr/4CD0
2OuLvuUPK9KqW/YT7iaQG5frUfeTUpuoGdKTgUjMW8f3m1nMLZWpiNkWNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJHQ6kSbtJpOHIfR1x1UO4Z1AP7+MB8GA1UdIwQY
MBaAFEwABuBYlvb/swFh58jdovmtBbVhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEFBRzRGaVc5di16QVdIbnlOMmktYTBGdFdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9iN2Y4MzktYzY4MC00NWVhLWE4ZWUt
MTMwODdiZWJkMWU0LzEvVEFBRzRGaVc5di16QVdIbnlOMmktYTBGdFdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9iN2Y4MzktYzY4MC00NWVhLWE4ZWUtMTMwODdiZWJkMWU0
LzEvVEFBRzRGaVc5di16QVdIbnlOMmktYTBGdFdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP4s6JNmF
VxxCdTXGrbl+0ek0rNfqLeptEhaW+BXDxpdSfusjIjk0wHBjKX8FtvLP3BHL8bEx
avScEeTJkwTSYfrC0J2EhBXHAEPLVq5vJAxtE7434ybctLs1qSoWmNUogCRCYPoM
i0xDQ3D/ueI1oU0HuMp4JF3jkD0Md24mYDYLoehydBHzm9Y28qXntCIWh8ug8gR2
CpR4szt3oJ+pEp3gI4f76COB0dwgmN9pnG+EYPZLjYttErjdjYNLz4o5mlutrl1W
mAn2WaRcpLbwJhjmbYHYqYTDiUIp7Hwn/1eQjI8wQgUCvodIFYCFFOVaGYxMevXs
T5I8i17tveeJ8g==
-----END CERTIFICATE-----