Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
File:                     FYi9izG5XpysnzgSjZW4UvA9V4Q.mft (raw, json)
Hash identifier:          utSB9nZ4sHGIkqFT9QGUWeVOvS/21OLIQG2OWL+OPZA=
Subject key identifier:   16:9F:7D:B8:EF:55:D5:C6:2D:A7:39:41:B3:CA:32:75:60:4F:DB:F7
Authority key identifier: 15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84
Certificate issuer:       /CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
Certificate serial:       01963FFA553E0CD310E8B85AE2992F899BE1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
Manifest number:          14F0
Signing time:             Wed 16 Apr 2025 19:01:32 +0000
Manifest this update:     Wed 16 Apr 2025 19:01:32 +0000
Manifest next update:     Thu 17 Apr 2025 19:01:32 +0000
Files and hashes:         1: FYi9izG5XpysnzgSjZW4UvA9V4Q.crl (hash: ZufxDeAdo1IxknVDif9anVV4G3bESso3oN47efG3yvw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 13:16:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3f:fa:55:3e:0c:d3:10:e8:b8:5a:e2:99:2f:89:9b:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
        Validity
            Not Before: Apr 16 19:01:32 2025 GMT
            Not After : Apr 17 19:01:32 2025 GMT
        Subject: CN=169f7db8ef55d5c62da73941b3ca3275604fdbf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:3f:9b:d3:7f:7b:ca:29:fc:18:f0:6d:67:e1:
                    3a:1a:1d:68:f5:14:4d:6d:14:42:8b:e0:74:d5:06:
                    01:48:0a:d6:c0:b9:7b:3d:7d:a5:a7:4c:92:f8:a1:
                    70:af:9a:2d:2c:9a:25:b7:db:a0:12:5d:a2:7a:72:
                    94:0b:10:1a:6b:a6:48:43:2c:97:a4:98:87:57:f1:
                    03:17:f4:d2:3d:2f:2c:1e:44:21:f2:35:c0:3a:2d:
                    5e:c0:34:c7:9b:8a:a1:8b:65:9a:18:de:c5:27:50:
                    3e:98:b5:83:fa:16:23:4e:47:ab:1c:28:59:9d:c8:
                    65:64:5f:b4:66:8d:50:cc:f4:59:1b:d8:0b:41:51:
                    95:3a:36:1a:e0:9b:6e:c7:5f:ea:6d:b1:f9:f6:5f:
                    01:9b:1f:44:e4:4c:b6:5a:7f:e6:aa:94:53:6c:92:
                    ef:06:4c:49:7f:ff:f9:aa:8a:c8:76:e3:f1:52:a0:
                    31:16:08:74:f0:b2:a0:b8:62:26:a8:8f:fb:09:93:
                    02:d0:09:96:7e:7b:22:ea:58:76:8d:13:2c:5e:aa:
                    d9:3b:83:94:ae:86:9d:a9:80:79:7c:17:f2:83:ff:
                    a1:73:eb:72:94:3e:6f:56:36:74:74:3e:2c:86:07:
                    76:8f:f0:00:90:50:93:84:76:2b:f7:d7:01:f9:b6:
                    37:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:9F:7D:B8:EF:55:D5:C6:2D:A7:39:41:B3:CA:32:75:60:4F:DB:F7
            X509v3 Authority Key Identifier:
                keyid:15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:1b:05:f5:55:32:55:e0:c9:88:1f:ff:f2:d4:3e:54:a1:0f:
         58:e7:06:31:8a:20:07:b2:8d:80:9e:6d:6a:a7:d7:19:de:42:
         39:bf:e0:74:42:38:97:3b:5f:99:62:79:ba:f7:21:49:11:b3:
         d9:31:fb:b6:a3:17:b0:58:0b:4b:a8:2c:52:b1:21:5c:4c:10:
         79:f1:eb:23:fb:cd:4a:0f:e2:a4:8e:68:d7:b0:f0:0d:bf:f0:
         4d:e8:1d:a8:ac:80:29:4d:22:c9:5b:fa:aa:34:9c:76:e9:6c:
         68:7e:86:82:44:79:64:b6:a2:c2:77:c2:10:74:d9:75:e9:e5:
         a0:03:a8:a7:7e:0c:db:15:45:fa:45:3a:cb:84:e6:38:52:e4:
         99:18:fb:5e:15:46:5b:29:74:a5:ee:3a:db:9a:a5:d3:bd:f2:
         0c:5d:c6:f5:d0:9b:8e:ae:54:e6:8f:43:40:e3:90:03:5a:6b:
         bd:52:9d:4e:52:93:71:d5:69:35:e4:1c:ca:c7:67:22:58:54:
         43:a6:08:e4:c0:33:a6:0b:08:2e:4a:64:d2:f4:ad:75:54:4b:
         6a:69:59:dd:da:63:55:ab:9f:c2:b5:8d:0a:68:5b:a1:bc:88:
         05:75:84:08:2a:34:5a:f7:67:0e:10:fd:1f:09:7c:66:75:2e:
         18:30:65:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY/+lU+DNMQ6Lha4pkviZvhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ODhiZDhiMzFiOTVlOWNhYzlmMzgxMjhkOTViODUyZjAz
ZDU3ODQwHhcNMjUwNDE2MTkwMTMyWhcNMjUwNDE3MTkwMTMyWjAzMTEwLwYDVQQD
EygxNjlmN2RiOGVmNTVkNWM2MmRhNzM5NDFiM2NhMzI3NTYwNGZkYmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvD+b0397yin8GPBtZ+E6Gh1o9RRN
bRRCi+B01QYBSArWwLl7PX2lp0yS+KFwr5otLJolt9ugEl2ienKUCxAaa6ZIQyyX
pJiHV/EDF/TSPS8sHkQh8jXAOi1ewDTHm4qhi2WaGN7FJ1A+mLWD+hYjTkerHChZ
nchlZF+0Zo1QzPRZG9gLQVGVOjYa4Jtux1/qbbH59l8Bmx9E5Ey2Wn/mqpRTbJLv
BkxJf//5qorIduPxUqAxFgh08LKguGImqI/7CZMC0AmWfnsi6lh2jRMsXqrZO4OU
roadqYB5fBfyg/+hc+tylD5vVjZ0dD4shgd2j/AAkFCThHYr99cB+bY3kwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBaffbjvVdXGLac5QbPKMnVgT9v3MB8GA1UdIwQY
MBaAFBWIvYsxuV6crJ84Eo2VuFLwPVeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYt
YjVhZTgzOWYzMGUyLzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYtYjVhZTgzOWYzMGUy
LzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHhsF9VUy
VeDJiB//8tQ+VKEPWOcGMYogB7KNgJ5taqfXGd5COb/gdEI4lztfmWJ5uvchSRGz
2TH7tqMXsFgLS6gsUrEhXEwQefHrI/vNSg/ipI5o17DwDb/wTegdqKyAKU0iyVv6
qjScdulsaH6GgkR5ZLaiwnfCEHTZdenloAOop34M2xVF+kU6y4TmOFLkmRj7XhVG
Wyl0pe4625ql073yDF3G9dCbjq5U5o9DQOOQA1prvVKdTlKTcdVpNeQcysdnIlhU
Q6YI5MAzpgsILkpk0vStdVRLamlZ3dpjVaufwrWNCmhbobyIBXWECCo0WvdnDhD9
Hwl8ZnUuGDBlOA==
-----END CERTIFICATE-----