Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
File:                     I1PVKkAkkfT5n-VHG90aXdb0K7w.mft (raw, json)
Hash identifier:          TxdLaY/q9cCTHfYZaiSUB0SfEU2gH7gb6ehIhSso6lY=
Subject key identifier:   0F:90:A6:58:3A:C4:9E:F9:BD:82:A7:4F:10:85:CA:08:BB:9E:ED:ED
Authority key identifier: 23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC
Certificate issuer:       /CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
Certificate serial:       019613FD8A277C777BE11D0F0D1B3CEBB344
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
Manifest number:          14D6
Signing time:             Tue 08 Apr 2025 06:01:45 +0000
Manifest this update:     Tue 08 Apr 2025 06:01:45 +0000
Manifest next update:     Wed 09 Apr 2025 06:01:45 +0000
Files and hashes:         1: I1PVKkAkkfT5n-VHG90aXdb0K7w.crl (hash: GufXZqmLa5VfmZDI02h8SmNzfo8QprH0215GSDXK29U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 09 Apr 2025 06:01:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:13:fd:8a:27:7c:77:7b:e1:1d:0f:0d:1b:3c:eb:b3:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
        Validity
            Not Before: Apr  8 06:01:45 2025 GMT
            Not After : Apr  9 06:01:45 2025 GMT
        Subject: CN=0f90a6583ac49ef9bd82a74f1085ca08bb9eeded
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:11:d9:74:53:a8:c3:11:7f:29:fd:e9:37:d0:
                    98:1e:fb:c5:44:e3:d2:9f:35:4f:db:88:cf:d4:7f:
                    2f:25:ff:7f:d3:4d:f2:cc:63:fb:7c:3a:9f:8f:79:
                    4e:4a:ce:c7:d7:44:76:33:5a:49:ef:8e:90:85:c2:
                    98:cd:be:9b:15:82:ad:8a:45:59:48:66:e6:14:bb:
                    68:13:25:80:3c:96:fc:71:f9:dd:58:97:31:74:31:
                    db:b0:50:07:b9:f4:c7:e3:e9:bd:d3:02:ab:a8:5a:
                    11:42:d7:9f:ab:d6:f6:c9:2f:c5:e0:e2:fa:a0:e8:
                    b1:29:cb:ce:8b:35:ee:39:07:51:55:1f:19:68:71:
                    b3:0b:8b:f7:3a:8c:63:ab:0b:15:a8:0e:0a:48:94:
                    c9:a9:82:0a:43:ee:4c:99:06:64:5c:75:e7:78:e8:
                    27:ec:55:b5:50:63:c1:98:b4:de:92:96:c0:33:11:
                    c4:e8:76:73:3d:83:6c:de:0c:d3:13:d7:a5:6c:f1:
                    f4:6c:95:1f:a1:c4:12:e3:df:b2:4e:f5:85:56:1b:
                    87:47:41:d2:4f:89:70:94:17:83:75:06:99:2d:11:
                    bf:ce:cd:ad:b3:85:3b:d9:ca:ce:d2:06:27:79:44:
                    32:55:5c:29:3a:ee:e3:01:e4:1f:24:56:70:b2:a7:
                    ea:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:90:A6:58:3A:C4:9E:F9:BD:82:A7:4F:10:85:CA:08:BB:9E:ED:ED
            X509v3 Authority Key Identifier:
                keyid:23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:01:6f:b3:c9:ed:64:ac:bc:45:89:8b:d6:a7:56:b0:fb:e8:
         82:79:be:f0:a2:f7:d3:52:af:00:30:d1:56:9f:61:97:cb:9d:
         1a:ed:63:97:3f:23:24:0c:34:db:9a:95:3d:bb:cd:1f:53:55:
         07:3c:88:61:9a:98:32:a1:e7:f3:ed:04:f8:28:c6:2d:aa:c5:
         f7:90:06:cb:c2:3a:c1:66:08:b1:47:a5:2f:ca:e0:b9:ad:df:
         d5:5d:03:81:98:fd:d5:0d:38:8d:48:b9:c8:88:74:4d:fe:1b:
         06:b9:c7:ee:a6:35:bb:22:7b:75:c0:8b:ac:fe:60:3e:a6:b7:
         54:72:33:7b:3e:2e:28:fd:d4:68:be:7c:0e:1e:ae:8d:e8:ef:
         19:85:fb:ae:dc:3a:e1:b9:80:08:88:e6:73:6c:6f:cf:25:c9:
         90:f7:a7:44:34:a0:17:1a:fe:e0:d6:09:80:1e:f8:7a:e2:d3:
         b7:1a:9f:6f:d5:8c:c6:05:03:96:88:04:3e:67:ca:07:6b:ba:
         b9:17:f8:a2:46:08:4f:8f:ab:db:f4:8c:db:39:bd:87:00:e6:
         1e:40:c5:c1:5a:31:42:fa:0b:ce:5a:fa:ab:2d:c3:86:19:66:
         10:0e:66:78:b6:8f:80:06:b6:10:a3:07:77:c0:9c:7f:57:6b:
         75:d8:4e:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYT/YonfHd74R0PDRs867NEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNTNkNTJhNDAyNDkxZjRmOTlmZTU0NzFiZGQxYTVkZDZm
NDJiYmMwHhcNMjUwNDA4MDYwMTQ1WhcNMjUwNDA5MDYwMTQ1WjAzMTEwLwYDVQQD
EygwZjkwYTY1ODNhYzQ5ZWY5YmQ4MmE3NGYxMDg1Y2EwOGJiOWVlZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRHZdFOowxF/Kf3pN9CYHvvFROPS
nzVP24jP1H8vJf9/003yzGP7fDqfj3lOSs7H10R2M1pJ746QhcKYzb6bFYKtikVZ
SGbmFLtoEyWAPJb8cfndWJcxdDHbsFAHufTH4+m90wKrqFoRQtefq9b2yS/F4OL6
oOixKcvOizXuOQdRVR8ZaHGzC4v3OoxjqwsVqA4KSJTJqYIKQ+5MmQZkXHXneOgn
7FW1UGPBmLTekpbAMxHE6HZzPYNs3gzTE9elbPH0bJUfocQS49+yTvWFVhuHR0HS
T4lwlBeDdQaZLRG/zs2ts4U72crO0gYneUQyVVwpOu7jAeQfJFZwsqfqGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+Qplg6xJ75vYKnTxCFygi7nu3tMB8GA1UdIwQY
MBaAFCNT1SpAJJH0+Z/lRxvdGl3W9Cu8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTct
ZGVhYjg1ODZmMmNlLzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTctZGVhYjg1ODZmMmNl
LzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcAFvs8nt
ZKy8RYmL1qdWsPvognm+8KL301KvADDRVp9hl8udGu1jlz8jJAw025qVPbvNH1NV
BzyIYZqYMqHn8+0E+CjGLarF95AGy8I6wWYIsUelL8rgua3f1V0DgZj91Q04jUi5
yIh0Tf4bBrnH7qY1uyJ7dcCLrP5gPqa3VHIzez4uKP3UaL58Dh6ujejvGYX7rtw6
4bmACIjmc2xvzyXJkPenRDSgFxr+4NYJgB74euLTtxqfb9WMxgUDlogEPmfKB2u6
uRf4okYIT4+r2/SM2zm9hwDmHkDFwVoxQvoLzlr6qy3DhhlmEA5meLaPgAa2EKMH
d8Ccf1drddhO/A==
-----END CERTIFICATE-----