Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
File:                     IIP4tbYgnefJQAjzM3vjQ2866-Y.mft (raw, json)
Hash identifier:          RN3iWlkfS/DqsrLyqSPao1/9bsilndpp4hlDMP9NS6k=
Subject key identifier:   56:CA:4A:25:1B:0F:D9:FA:88:8A:65:FA:79:D1:F0:B0:6A:34:AC:24
Authority key identifier: 20:83:F8:B5:B6:20:9D:E7:C9:40:08:F3:33:7B:E3:43:6F:3A:EB:E6
Certificate issuer:       /CN=2083f8b5b6209de7c94008f3337be3436f3aebe6
Certificate serial:       0196564A8EB1DFB6C182306478F3AD795CBF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
Manifest number:          0553
Signing time:             Mon 21 Apr 2025 03:00:48 +0000
Manifest this update:     Mon 21 Apr 2025 03:00:48 +0000
Manifest next update:     Tue 22 Apr 2025 03:00:48 +0000
Files and hashes:         1: IIP4tbYgnefJQAjzM3vjQ2866-Y.crl (hash: nU9Ig40Zv6ln/cmm/Ep8VZ1oEuNTKyEiOoo+DrVA9Iw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:56:4a:8e:b1:df:b6:c1:82:30:64:78:f3:ad:79:5c:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2083f8b5b6209de7c94008f3337be3436f3aebe6
        Validity
            Not Before: Apr 21 03:00:48 2025 GMT
            Not After : Apr 22 03:00:48 2025 GMT
        Subject: CN=56ca4a251b0fd9fa888a65fa79d1f0b06a34ac24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:70:81:86:89:71:02:61:7f:2e:d4:44:9f:47:
                    91:0b:62:9e:ac:a5:93:b3:8d:43:f7:bb:4b:9d:11:
                    7f:5d:02:2c:20:63:be:05:10:1a:25:37:b6:ec:49:
                    5f:a4:53:68:ac:58:63:e4:6b:f1:cb:cc:2d:52:3d:
                    67:11:5b:c3:34:de:40:ea:04:22:66:f1:1b:07:4a:
                    1c:8e:ec:35:70:27:65:5e:35:65:5e:ab:9e:da:e2:
                    b7:81:02:5b:7b:79:8f:81:37:5b:52:03:f4:b6:84:
                    e9:c1:7a:d5:f6:4c:db:d2:2e:6e:da:b2:61:5c:a9:
                    4f:dd:33:2f:cb:84:48:04:fa:6d:ef:b7:72:b7:e2:
                    9a:ef:2d:c0:68:51:f0:d0:5c:92:04:de:1e:88:77:
                    4a:fc:1f:72:7c:34:b6:f8:65:4d:22:a2:cc:28:ec:
                    b3:ad:2c:1e:46:55:35:00:b3:f8:3f:03:30:e8:4e:
                    89:2a:23:da:a3:09:f8:5e:22:c2:75:a7:2e:31:a7:
                    5a:4a:0c:fb:27:53:dd:fd:32:ef:27:ba:34:b5:f0:
                    87:9e:3a:b5:f6:65:e8:49:78:a2:bd:3b:06:c3:23:
                    b1:ae:d6:e5:67:6a:d3:78:8f:aa:02:8e:d3:51:7c:
                    9e:cf:90:94:31:9a:cc:56:8a:3f:8b:a4:9a:3d:a4:
                    f1:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:CA:4A:25:1B:0F:D9:FA:88:8A:65:FA:79:D1:F0:B0:6A:34:AC:24
            X509v3 Authority Key Identifier:
                keyid:20:83:F8:B5:B6:20:9D:E7:C9:40:08:F3:33:7B:E3:43:6F:3A:EB:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:19:da:87:4c:df:aa:1a:41:9f:be:9a:38:b2:1f:fe:00:4b:
         17:4a:55:4e:50:68:d6:2c:98:48:dd:6f:13:a3:89:47:23:c9:
         ed:ea:af:bb:34:30:6e:fd:4d:2c:19:2c:18:9e:78:92:3e:28:
         c5:e9:1d:37:b5:9b:65:20:dc:6e:01:26:54:fe:37:84:3e:42:
         67:de:d9:32:fc:51:6c:07:b2:de:ba:92:20:ab:f5:5c:f8:4a:
         35:a3:31:91:b0:ae:76:75:93:a3:5a:b1:c1:0b:6c:a4:29:05:
         04:5d:1c:35:64:bf:77:57:cb:6d:a2:7b:d9:ce:ce:6a:c4:fc:
         ec:ef:55:f0:2b:44:4d:ad:3b:9f:2e:c7:5f:88:c9:a2:2f:95:
         ba:fc:5d:d3:6e:7f:fe:a2:ac:d1:1c:08:7f:36:41:cc:42:cb:
         26:bf:af:ca:0f:01:63:48:6f:4d:6c:e5:76:47:44:89:2d:a3:
         b5:f9:32:97:5b:90:fb:a9:ff:e4:e2:f1:aa:f4:88:fe:99:4f:
         50:a2:92:bc:e2:1c:4f:bf:bb:2d:ad:59:fb:5d:8b:cf:54:c2:
         08:50:14:af:ba:74:b9:93:cf:6d:47:29:cf:e5:ea:67:fd:cd:
         e2:4a:f0:e5:15:85:c7:49:0b:77:17:78:ad:6d:d7:4f:33:0c:
         4e:ff:6d:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWSo6x37bBgjBkePOteVy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwODNmOGI1YjYyMDlkZTdjOTQwMDhmMzMzN2JlMzQzNmYz
YWViZTYwHhcNMjUwNDIxMDMwMDQ4WhcNMjUwNDIyMDMwMDQ4WjAzMTEwLwYDVQQD
Eyg1NmNhNGEyNTFiMGZkOWZhODg4YTY1ZmE3OWQxZjBiMDZhMzRhYzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3CBholxAmF/LtREn0eRC2KerKWT
s41D97tLnRF/XQIsIGO+BRAaJTe27ElfpFNorFhj5Gvxy8wtUj1nEVvDNN5A6gQi
ZvEbB0ocjuw1cCdlXjVlXque2uK3gQJbe3mPgTdbUgP0toTpwXrV9kzb0i5u2rJh
XKlP3TMvy4RIBPpt77dyt+Ka7y3AaFHw0FySBN4eiHdK/B9yfDS2+GVNIqLMKOyz
rSweRlU1ALP4PwMw6E6JKiPaown4XiLCdacuMadaSgz7J1Pd/TLvJ7o0tfCHnjq1
9mXoSXiivTsGwyOxrtblZ2rTeI+qAo7TUXyez5CUMZrMVoo/i6SaPaTxcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFbKSiUbD9n6iIpl+nnR8LBqNKwkMB8GA1UdIwQY
MBaAFCCD+LW2IJ3nyUAI8zN740NvOuvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jMDI1ZTUtMzk5YS00Y2U4LWI1ZjAt
YWNiZWYwMThkMDNhLzEvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9jMDI1ZTUtMzk5YS00Y2U4LWI1ZjAtYWNiZWYwMThkMDNh
LzEvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVRnah0zf
qhpBn76aOLIf/gBLF0pVTlBo1iyYSN1vE6OJRyPJ7eqvuzQwbv1NLBksGJ54kj4o
xekdN7WbZSDcbgEmVP43hD5CZ97ZMvxRbAey3rqSIKv1XPhKNaMxkbCudnWTo1qx
wQtspCkFBF0cNWS/d1fLbaJ72c7OasT87O9V8CtETa07ny7HX4jJoi+Vuvxd025/
/qKs0RwIfzZBzELLJr+vyg8BY0hvTWzldkdEiS2jtfkyl1uQ+6n/5OLxqvSI/plP
UKKSvOIcT7+7La1Z+12Lz1TCCFAUr7p0uZPPbUcpz+XqZ/3N4krw5RWFx0kLdxd4
rW3XTzMMTv9tIA==
-----END CERTIFICATE-----