Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
File:                     tNkMTfZ2phH1alrtWAmwV-msV5E.mft (raw, json)
Hash identifier:          LbMdjlMtLi2DFNVIMbyacPyKytQj6yo93O4DfyanQxw=
Subject key identifier:   E2:A9:2E:D0:DB:86:9D:31:46:60:D4:23:0E:FB:12:F9:22:4A:A5:54
Authority key identifier: B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91
Certificate issuer:       /CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
Certificate serial:       01964067BCCC8B3D1D970CEE1A571B2775A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
Manifest number:          077A
Signing time:             Wed 16 Apr 2025 21:01:02 +0000
Manifest this update:     Wed 16 Apr 2025 21:01:02 +0000
Manifest next update:     Thu 17 Apr 2025 21:01:02 +0000
Files and hashes:         1: tNkMTfZ2phH1alrtWAmwV-msV5E.crl (hash: /TdFntH4R6lGdru7sqoDfCe0Jzwyic4UkcYiJQYhB8g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 13:16:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:40:67:bc:cc:8b:3d:1d:97:0c:ee:1a:57:1b:27:75:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
        Validity
            Not Before: Apr 16 21:01:02 2025 GMT
            Not After : Apr 17 21:01:02 2025 GMT
        Subject: CN=e2a92ed0db869d314660d4230efb12f9224aa554
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:4a:e8:e0:94:f8:9a:27:8b:c2:db:b8:59:f5:
                    a0:eb:27:42:75:10:91:34:16:8e:87:e8:f4:9c:06:
                    3b:25:a4:b9:39:59:4e:8d:d6:22:e2:2e:b4:20:d7:
                    e8:44:d1:19:fc:d0:78:91:ca:5c:da:42:f2:28:3e:
                    6d:4b:01:6d:15:94:c0:b1:8f:23:3a:be:ee:46:12:
                    ef:86:d9:23:eb:27:8a:90:4d:28:fb:3c:14:ed:f6:
                    42:af:53:79:49:c5:5f:78:5d:3d:b3:a3:e2:b5:4b:
                    51:0d:10:a8:03:5c:5c:52:e9:98:56:a5:72:70:e8:
                    f2:0f:f1:e8:2d:7f:a0:1a:71:f5:74:44:b3:86:e3:
                    a3:d0:60:21:32:e7:f2:a0:ac:62:ec:c0:40:48:86:
                    ba:aa:0f:50:07:58:e2:0d:de:82:e7:f9:5b:f7:c0:
                    16:c8:18:14:fd:9f:6a:e6:d3:16:30:e8:80:b2:77:
                    b6:6b:43:d7:89:08:fc:c3:db:f2:7b:ae:f1:1b:09:
                    21:af:ca:5c:9a:a8:1f:e9:63:b9:fe:ce:99:ca:dd:
                    9e:84:91:bb:5d:c3:f8:e3:40:c4:54:1a:a9:14:77:
                    bd:78:0d:51:b0:98:51:23:bb:7e:12:ff:5a:71:4d:
                    da:41:cc:4f:0f:69:77:a2:ea:08:5b:97:46:2a:7b:
                    9c:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:A9:2E:D0:DB:86:9D:31:46:60:D4:23:0E:FB:12:F9:22:4A:A5:54
            X509v3 Authority Key Identifier:
                keyid:B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:65:37:58:0e:a7:2c:89:4f:f1:bc:ca:df:60:16:c1:e4:05:
         5f:d8:72:94:34:83:bc:54:9f:a3:9e:3d:1e:86:a4:38:b9:04:
         41:fd:d5:90:01:e4:6d:06:fd:9a:ec:3d:64:29:d1:87:15:80:
         fc:f5:45:8c:ee:1f:a2:4b:76:98:6f:eb:96:f2:7b:27:79:7e:
         b8:cd:1a:cb:4e:4e:bc:63:fd:bd:aa:d7:93:74:ef:5e:b2:55:
         51:df:73:41:50:ae:44:5d:f5:fc:28:8d:8c:91:c2:dc:7c:5b:
         d5:ca:90:86:26:ed:69:72:7f:51:b3:66:25:90:64:23:de:e2:
         34:43:ae:c5:b2:6f:5e:f0:cc:44:a1:70:3e:0b:ff:04:e9:6a:
         0d:cf:5b:f8:94:00:6b:eb:be:32:8b:21:63:83:95:58:62:f4:
         8b:32:42:76:57:47:cd:c7:98:f1:48:d8:98:90:7f:a8:31:be:
         12:7b:b8:2c:44:df:90:71:e7:da:81:98:73:d9:6f:a9:e0:3f:
         43:a8:73:cf:50:4c:75:78:0c:92:15:50:fd:6d:d5:2a:0a:7a:
         73:18:a6:dc:ca:ba:8e:85:1b:8b:16:bf:27:46:c7:41:5f:91:
         f6:53:80:03:00:20:56:55:71:11:64:18:11:2e:d7:fd:45:d8:
         34:06:7c:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZAZ7zMiz0dlwzuGlcbJ3WkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZDkwYzRkZjY3NmE2MTFmNTZhNWFlZDU4MDliMDU3ZTlh
YzU3OTEwHhcNMjUwNDE2MjEwMTAyWhcNMjUwNDE3MjEwMTAyWjAzMTEwLwYDVQQD
EyhlMmE5MmVkMGRiODY5ZDMxNDY2MGQ0MjMwZWZiMTJmOTIyNGFhNTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0ro4JT4mieLwtu4WfWg6ydCdRCR
NBaOh+j0nAY7JaS5OVlOjdYi4i60INfoRNEZ/NB4kcpc2kLyKD5tSwFtFZTAsY8j
Or7uRhLvhtkj6yeKkE0o+zwU7fZCr1N5ScVfeF09s6PitUtRDRCoA1xcUumYVqVy
cOjyD/HoLX+gGnH1dESzhuOj0GAhMufyoKxi7MBASIa6qg9QB1jiDd6C5/lb98AW
yBgU/Z9q5tMWMOiAsne2a0PXiQj8w9vye67xGwkhr8pcmqgf6WO5/s6Zyt2ehJG7
XcP440DEVBqpFHe9eA1RsJhRI7t+Ev9acU3aQcxPD2l3ouoIW5dGKnucqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOKpLtDbhp0xRmDUIw77EvkiSqVUMB8GA1UdIwQY
MBaAFLTZDE32dqYR9Wpa7VgJsFfprFeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTIt
NDM1ZTU3ZmNjZGM5LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTItNDM1ZTU3ZmNjZGM5
LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnWU3WA6n
LIlP8bzK32AWweQFX9hylDSDvFSfo549HoakOLkEQf3VkAHkbQb9muw9ZCnRhxWA
/PVFjO4fokt2mG/rlvJ7J3l+uM0ay05OvGP9varXk3TvXrJVUd9zQVCuRF31/CiN
jJHC3Hxb1cqQhibtaXJ/UbNmJZBkI97iNEOuxbJvXvDMRKFwPgv/BOlqDc9b+JQA
a+u+MoshY4OVWGL0izJCdldHzceY8UjYmJB/qDG+Enu4LETfkHHn2oGYc9lvqeA/
Q6hzz1BMdXgMkhVQ/W3VKgp6cxim3Mq6joUbixa/J0bHQV+R9lOAAwAgVlVxEWQY
ES7X/UXYNAZ8yg==
-----END CERTIFICATE-----