Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
File:                     kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft (raw, json)
Hash identifier:          u74GY+HI1Sez3ghQ/Mjkv+dchPfydYVTFd9xg7RSXxM=
Subject key identifier:   7C:B3:C2:A2:9D:3C:D0:22:2B:CB:64:B6:FB:2B:B1:09:EE:57:3B:C4
Authority key identifier: 90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A
Certificate issuer:       /CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
Certificate serial:       01964BFD599DB0FD1E7212BC3A81A7629492
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
Manifest number:          0423
Signing time:             Sat 19 Apr 2025 03:00:16 +0000
Manifest this update:     Sat 19 Apr 2025 03:00:16 +0000
Manifest next update:     Sun 20 Apr 2025 03:00:16 +0000
Files and hashes:         1: kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl (hash: HiNrc4ZoDh7B8xQG8/85HxTSMr7f2HA4ZPvmSEUTZWQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4b:fd:59:9d:b0:fd:1e:72:12:bc:3a:81:a7:62:94:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
        Validity
            Not Before: Apr 19 03:00:16 2025 GMT
            Not After : Apr 20 03:00:16 2025 GMT
        Subject: CN=7cb3c2a29d3cd0222bcb64b6fb2bb109ee573bc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:13:78:3f:ea:13:cb:9a:79:bf:5b:9c:f1:57:
                    39:6c:c6:75:07:41:d8:24:4e:98:28:85:18:ce:6a:
                    b1:b7:fb:66:75:1d:24:e4:92:c6:dc:15:16:80:80:
                    58:c3:64:39:52:a7:9a:ac:6c:8b:92:d3:70:36:ed:
                    21:7d:ce:95:8b:7e:95:bd:24:ce:4c:9e:17:4e:df:
                    e0:f7:c4:c2:21:04:a1:79:46:f7:25:87:c3:32:be:
                    34:5a:c3:e6:b0:c4:7c:d0:bd:10:80:13:26:e8:10:
                    ee:2c:40:e4:c6:77:2c:ff:c1:60:11:84:33:96:ef:
                    5c:62:8f:5e:b6:f5:cf:7f:e0:30:4a:04:2e:1f:aa:
                    e2:8d:f8:2f:85:7f:ec:26:6c:12:a6:67:ec:be:75:
                    06:c4:df:90:ca:b2:3b:ea:8b:14:3d:4a:32:c1:36:
                    4c:22:f6:ed:eb:9a:08:d7:ef:37:7a:ed:ae:32:a6:
                    d7:5a:ff:80:bd:9d:30:ca:9e:94:cf:dc:1f:2a:b6:
                    2e:f7:95:d9:0a:f3:f6:e1:c5:29:4f:cf:15:a5:00:
                    19:86:77:22:50:c9:31:86:03:79:b5:15:17:46:12:
                    e6:23:4c:49:db:39:0f:87:7b:e7:8e:e6:cf:52:7f:
                    67:75:92:74:ab:33:57:4d:01:78:53:7e:bc:2a:90:
                    78:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:B3:C2:A2:9D:3C:D0:22:2B:CB:64:B6:FB:2B:B1:09:EE:57:3B:C4
            X509v3 Authority Key Identifier:
                keyid:90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:c8:a2:ed:02:f9:8e:e2:e5:34:34:08:db:dc:d0:a8:de:61:
         2f:76:36:68:e4:f9:57:61:b3:f6:09:18:04:0e:30:d6:e8:17:
         59:37:aa:5e:ad:09:e3:b7:58:d2:7f:c9:86:40:fc:bd:cc:ff:
         99:05:35:4f:d7:45:dc:bb:b5:29:d5:8a:7d:87:70:00:5f:52:
         00:51:de:a8:4d:d5:08:77:61:51:be:70:9d:7b:f3:6d:e2:b2:
         b9:4f:c1:56:44:85:4d:f9:11:60:87:ea:bc:82:40:db:0b:a8:
         47:80:23:1d:06:14:09:15:07:53:92:80:8c:6d:9e:ab:ea:34:
         44:59:f6:fb:7e:1d:12:fa:08:97:30:32:75:89:49:cd:ad:f2:
         6e:16:04:5d:9e:eb:9b:49:23:76:80:ac:62:ca:4b:0d:91:64:
         af:f8:60:a0:d5:60:1e:25:16:3d:b9:8c:c8:bf:be:a6:c6:d8:
         40:e4:a1:55:04:a0:49:09:4b:dc:2d:90:cc:ad:37:a9:2a:53:
         e6:9d:a1:8a:d4:1f:da:99:58:43:5b:91:3f:f6:fc:59:2e:cf:
         74:d3:ea:ec:38:6e:3b:29:8f:23:d0:d3:a5:41:7a:c8:00:4c:
         d0:8c:60:59:63:53:26:6e:f3:0d:3d:ba:bd:62:4d:4a:51:fd:
         e1:29:29:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZL/VmdsP0echK8OoGnYpSSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMzYxMGNmMmE1NDY0M2EwYTFiNmIxNTFmYTY2ZTMyNTAw
NGNiNGEwHhcNMjUwNDE5MDMwMDE2WhcNMjUwNDIwMDMwMDE2WjAzMTEwLwYDVQQD
Eyg3Y2IzYzJhMjlkM2NkMDIyMmJjYjY0YjZmYjJiYjEwOWVlNTczYmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxN4P+oTy5p5v1uc8Vc5bMZ1B0HY
JE6YKIUYzmqxt/tmdR0k5JLG3BUWgIBYw2Q5UqearGyLktNwNu0hfc6Vi36VvSTO
TJ4XTt/g98TCIQSheUb3JYfDMr40WsPmsMR80L0QgBMm6BDuLEDkxncs/8FgEYQz
lu9cYo9etvXPf+AwSgQuH6rijfgvhX/sJmwSpmfsvnUGxN+QyrI76osUPUoywTZM
Ivbt65oI1+83eu2uMqbXWv+AvZ0wyp6Uz9wfKrYu95XZCvP24cUpT88VpQAZhnci
UMkxhgN5tRUXRhLmI0xJ2zkPh3vnjubPUn9ndZJ0qzNXTQF4U368KpB4IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHyzwqKdPNAiK8tktvsrsQnuVzvEMB8GA1UdIwQY
MBaAFJA2EM8qVGQ6ChtrFR+mbjJQBMtKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYt
YmM1M2YzODhmYWZhLzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYtYmM1M2YzODhmYWZh
LzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbcii7QL5
juLlNDQI29zQqN5hL3Y2aOT5V2Gz9gkYBA4w1ugXWTeqXq0J47dY0n/JhkD8vcz/
mQU1T9dF3Lu1KdWKfYdwAF9SAFHeqE3VCHdhUb5wnXvzbeKyuU/BVkSFTfkRYIfq
vIJA2wuoR4AjHQYUCRUHU5KAjG2eq+o0RFn2+34dEvoIlzAydYlJza3ybhYEXZ7r
m0kjdoCsYspLDZFkr/hgoNVgHiUWPbmMyL++psbYQOShVQSgSQlL3C2QzK03qSpT
5p2hitQf2plYQ1uRP/b8WS7PdNPq7DhuOymPI9DTpUF6yABM0IxgWWNTJm7zDT26
vWJNSlH94Skpeg==
-----END CERTIFICATE-----