Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
File:                     TYEGKSpQrK_qaBfLoczmd6J34OE.mft (raw, json)
Hash identifier:          wffJH6t8XXFtdyZSKW/PPRCsi13cYgcbIPeUPqEI+DM=
Subject key identifier:   9B:4C:FF:65:17:08:7D:BE:B4:E7:B1:39:F1:D3:B2:1E:6A:12:C7:9B
Authority key identifier: 4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1
Certificate issuer:       /CN=4d8106292a50acafea6817cba1cce677a277e0e1
Certificate serial:       01958F6167936FE158EE60C8AC309A2B2458
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
Manifest number:          030B
Signing time:             Thu 13 Mar 2025 12:01:20 +0000
Manifest this update:     Thu 13 Mar 2025 12:01:20 +0000
Manifest next update:     Fri 14 Mar 2025 12:01:20 +0000
Files and hashes:         1: TYEGKSpQrK_qaBfLoczmd6J34OE.crl (hash: 5q5NQzyCA/M02Pkk47C12TYTQ19HuD0R97jbuvoHNFI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 09:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8f:61:67:93:6f:e1:58:ee:60:c8:ac:30:9a:2b:24:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d8106292a50acafea6817cba1cce677a277e0e1
        Validity
            Not Before: Mar 13 12:01:20 2025 GMT
            Not After : Mar 14 12:01:20 2025 GMT
        Subject: CN=9b4cff6517087dbeb4e7b139f1d3b21e6a12c79b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:5c:1b:7d:87:35:d2:58:83:fa:dd:db:37:20:
                    6f:fe:a1:82:a8:49:50:2f:03:91:4b:ea:5e:c5:7b:
                    e2:31:c8:24:4e:57:79:6e:df:9f:7c:64:97:6b:e1:
                    64:e0:69:5c:e3:19:b9:59:0b:a9:52:87:a0:d6:c6:
                    71:b6:2d:88:ef:c5:7d:e8:12:db:be:e5:2e:12:85:
                    e9:17:e0:2e:f2:bb:85:05:13:86:ce:15:62:fb:92:
                    be:94:fd:94:6b:a2:d3:27:82:5a:d2:5e:5a:5f:a8:
                    64:26:77:8c:25:9d:2b:7a:34:ed:a0:72:2e:1c:29:
                    25:ac:a5:8d:c5:d4:b6:6d:4c:9a:3f:f4:34:25:c6:
                    66:c5:57:a0:ed:00:1e:e4:88:b7:fd:4d:cb:73:9a:
                    67:ea:41:bd:21:ed:a8:e6:4f:74:2b:c7:76:1e:5a:
                    ba:dc:3a:0a:e8:9b:55:0e:d0:23:9d:20:80:29:cf:
                    38:c0:ee:cb:8c:93:17:7f:4f:2e:ee:b1:87:cd:2c:
                    a7:77:ac:23:23:35:90:29:c8:e5:50:9b:6c:b0:6d:
                    90:86:be:52:41:2a:16:2f:99:af:0c:1c:a8:87:aa:
                    6f:c0:2f:73:43:0b:4d:77:24:bf:b5:b6:e9:70:a0:
                    2e:cc:02:be:b4:ec:c6:6e:79:0e:0f:40:83:60:30:
                    6a:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:4C:FF:65:17:08:7D:BE:B4:E7:B1:39:F1:D3:B2:1E:6A:12:C7:9B
            X509v3 Authority Key Identifier:
                keyid:4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:95:d4:0f:4d:fc:6b:e9:46:51:af:f2:9a:d9:93:9e:61:bd:
         63:50:ae:27:e2:2f:45:d9:54:e7:92:4e:4d:fc:ed:2e:f1:1b:
         42:26:4b:02:71:68:f3:40:3b:a7:b6:ce:12:43:60:02:03:38:
         40:37:fb:9b:48:90:a4:18:96:76:a4:dc:a1:e5:08:d8:7a:37:
         4c:8f:bf:6a:50:79:e0:f0:91:c5:f0:c3:c3:ef:15:46:b0:48:
         f2:3c:84:6c:c7:c0:7d:2c:c3:66:26:55:68:dd:78:4b:b0:90:
         5d:9c:f1:17:62:a2:ee:ef:96:bc:11:e3:27:86:2f:24:83:82:
         7a:47:fb:80:d8:db:e8:30:cc:9d:5a:98:90:85:91:61:b9:1b:
         9c:c4:e6:1d:ff:ea:d9:7b:72:3b:e3:ca:4c:6b:0d:bb:83:19:
         a2:2d:0d:8f:61:29:38:bf:29:ff:3f:42:4f:ce:ce:70:cc:8a:
         f3:6e:35:f5:3a:e4:e5:e1:6d:83:fd:8d:8e:05:93:c3:2e:be:
         bd:e5:1f:08:70:2b:77:87:5f:dd:85:6e:ad:78:a2:36:9f:17:
         48:b3:a8:a5:39:24:dd:b8:13:85:53:a9:bb:29:99:27:14:79:
         a2:ec:09:07:3c:a1:62:8c:93:e3:46:ce:af:f0:c6:28:fe:12:
         ef:cb:a5:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWPYWeTb+FY7mDIrDCaKyRYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkODEwNjI5MmE1MGFjYWZlYTY4MTdjYmExY2NlNjc3YTI3
N2UwZTEwHhcNMjUwMzEzMTIwMTIwWhcNMjUwMzE0MTIwMTIwWjAzMTEwLwYDVQQD
Eyg5YjRjZmY2NTE3MDg3ZGJlYjRlN2IxMzlmMWQzYjIxZTZhMTJjNzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVwbfYc10liD+t3bNyBv/qGCqElQ
LwORS+pexXviMcgkTld5bt+ffGSXa+Fk4Glc4xm5WQupUoeg1sZxti2I78V96BLb
vuUuEoXpF+Au8ruFBROGzhVi+5K+lP2Ua6LTJ4Ja0l5aX6hkJneMJZ0rejTtoHIu
HCklrKWNxdS2bUyaP/Q0JcZmxVeg7QAe5Ii3/U3Lc5pn6kG9Ie2o5k90K8d2Hlq6
3DoK6JtVDtAjnSCAKc84wO7LjJMXf08u7rGHzSynd6wjIzWQKcjlUJtssG2Qhr5S
QSoWL5mvDByoh6pvwC9zQwtNdyS/tbbpcKAuzAK+tOzGbnkOD0CDYDBqGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJtM/2UXCH2+tOexOfHTsh5qEsebMB8GA1UdIwQY
MBaAFE2BBikqUKyv6mgXy6HM5neid+DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDct
M2E1YjM2OTY4MTdkLzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDctM2E1YjM2OTY4MTdk
LzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGZXUD038
a+lGUa/ymtmTnmG9Y1CuJ+IvRdlU55JOTfztLvEbQiZLAnFo80A7p7bOEkNgAgM4
QDf7m0iQpBiWdqTcoeUI2Ho3TI+/alB54PCRxfDDw+8VRrBI8jyEbMfAfSzDZiZV
aN14S7CQXZzxF2Ki7u+WvBHjJ4YvJIOCekf7gNjb6DDMnVqYkIWRYbkbnMTmHf/q
2XtyO+PKTGsNu4MZoi0Nj2EpOL8p/z9CT87OcMyK82419Trk5eFtg/2NjgWTwy6+
veUfCHArd4df3YVurXiiNp8XSLOopTkk3bgThVOpuymZJxR5ouwJBzyhYoyT40bO
r/DGKP4S78ulXw==
-----END CERTIFICATE-----