Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.mft
File:                     p_555OY70WvEI3WStoTQBDPL0PY.mft (raw, json)
Hash identifier:          X4SQlZrR5sEiLVGMvMXUyWXGlIlVbm/sBnwYGUImZx0=
Subject key identifier:   13:81:93:B6:50:E9:03:02:32:09:FF:54:01:85:94:41:B6:21:06:9A
Authority key identifier: A7:FE:79:E4:E6:3B:D1:6B:C4:23:75:92:B6:84:D0:04:33:CB:D0:F6
Certificate issuer:       /CN=a7fe79e4e63bd16bc4237592b684d00433cbd0f6
Certificate serial:       01964D476CDAE6094C14D7E5ACAA3270B2BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p_555OY70WvEI3WStoTQBDPL0PY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.mft
Manifest number:          063C
Signing time:             Sat 19 Apr 2025 09:00:48 +0000
Manifest this update:     Sat 19 Apr 2025 09:00:48 +0000
Manifest next update:     Sun 20 Apr 2025 09:00:48 +0000
Files and hashes:         1: p_555OY70WvEI3WStoTQBDPL0PY.crl (hash: R7V9IrXjvuRnd0vSCAD+EgnY2x2wcvG61g2GmgxNaJo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/p_555OY70WvEI3WStoTQBDPL0PY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:47:6c:da:e6:09:4c:14:d7:e5:ac:aa:32:70:b2:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a7fe79e4e63bd16bc4237592b684d00433cbd0f6
        Validity
            Not Before: Apr 19 09:00:48 2025 GMT
            Not After : Apr 20 09:00:48 2025 GMT
        Subject: CN=138193b650e903023209ff5401859441b621069a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:9d:d9:8f:21:5d:9f:ab:e6:7d:0e:ed:09:4f:
                    10:99:b4:91:5b:f8:24:b1:01:d2:14:2a:d3:44:b1:
                    7a:f7:6e:98:64:d2:c0:e8:9f:6e:82:3d:25:5a:46:
                    c2:e2:e7:26:18:b5:34:0a:35:fd:c9:83:86:86:c8:
                    10:6a:04:33:f9:89:d4:46:fd:c4:6f:b2:5a:be:08:
                    ce:d2:a8:11:61:d6:88:81:7c:d1:f7:53:bf:2c:5c:
                    f1:f5:dd:ce:bd:22:d2:36:cb:8f:b6:34:f9:63:5f:
                    8a:4d:ab:03:42:73:fa:a4:63:62:6b:53:eb:44:3e:
                    65:d7:5f:d9:c6:50:e7:5b:9f:ad:75:a4:f2:92:60:
                    85:1a:49:fd:1b:c1:a9:7e:22:a2:49:70:44:40:c3:
                    ea:c1:f9:84:b0:7d:31:79:65:67:00:2b:3f:61:5d:
                    1b:84:4b:a7:68:87:bc:22:0a:6f:ce:e1:c7:8f:64:
                    03:3e:0d:bf:48:2d:e2:16:f7:df:67:40:f1:65:53:
                    90:07:13:51:11:92:e4:2c:92:62:06:96:72:bc:b6:
                    b9:cb:ec:45:ef:61:b1:f7:d5:71:69:c9:de:cf:cf:
                    c5:6c:45:d5:b2:22:9d:18:cf:23:7c:e5:f8:e2:01:
                    63:1a:af:ec:4c:44:79:82:dd:32:dd:5a:84:ff:da:
                    43:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:81:93:B6:50:E9:03:02:32:09:FF:54:01:85:94:41:B6:21:06:9A
            X509v3 Authority Key Identifier:
                keyid:A7:FE:79:E4:E6:3B:D1:6B:C4:23:75:92:B6:84:D0:04:33:CB:D0:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_555OY70WvEI3WStoTQBDPL0PY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:f2:e0:3d:5c:cd:44:c2:76:10:39:25:43:16:8e:dd:dc:7b:
         f3:20:71:0b:b7:c8:b1:fd:e5:d3:2b:67:84:57:00:60:dc:cb:
         d8:96:7a:31:d2:60:08:3e:a6:e3:f7:6a:c9:80:66:ff:b5:45:
         21:f1:d2:60:d0:cc:0b:3c:05:bb:e6:c5:8e:ad:36:45:8d:16:
         cd:14:4e:22:85:28:d1:2a:64:e6:95:c7:f8:79:09:f0:33:0e:
         a8:a1:5b:5b:73:7c:c0:13:07:b1:5d:ef:1f:f1:82:f5:f4:40:
         70:10:0a:1f:7e:18:a5:5a:3a:1f:b7:68:d7:60:ca:39:bf:fd:
         61:5a:6c:c1:10:dc:12:b6:7a:6b:12:e7:cf:cf:ec:ef:cb:d1:
         f9:63:08:e0:72:80:72:21:70:78:1a:1a:97:7e:43:e2:b3:44:
         7d:51:18:04:1c:64:2c:68:3c:f3:1c:fb:f8:38:2d:07:92:8a:
         68:1f:7b:67:56:a9:82:00:3b:f8:26:ba:62:4c:92:4c:c6:41:
         9c:9b:e9:e2:d4:a1:f0:d0:b0:75:49:f9:bb:fe:a3:d7:91:d3:
         9e:bd:eb:aa:04:b5:07:16:a8:31:56:88:d3:e2:f2:8b:b5:10:
         b9:72:23:c0:39:64:d7:40:f4:29:5f:d9:3d:93:a1:d1:ad:b3:
         d1:85:2d:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNR2za5glMFNflrKoycLK7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmU3OWU0ZTYzYmQxNmJjNDIzNzU5MmI2ODRkMDA0MzNj
YmQwZjYwHhcNMjUwNDE5MDkwMDQ4WhcNMjUwNDIwMDkwMDQ4WjAzMTEwLwYDVQQD
EygxMzgxOTNiNjUwZTkwMzAyMzIwOWZmNTQwMTg1OTQ0MWI2MjEwNjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAop3ZjyFdn6vmfQ7tCU8QmbSRW/gk
sQHSFCrTRLF6926YZNLA6J9ugj0lWkbC4ucmGLU0CjX9yYOGhsgQagQz+YnURv3E
b7JavgjO0qgRYdaIgXzR91O/LFzx9d3OvSLSNsuPtjT5Y1+KTasDQnP6pGNia1Pr
RD5l11/ZxlDnW5+tdaTykmCFGkn9G8GpfiKiSXBEQMPqwfmEsH0xeWVnACs/YV0b
hEunaIe8IgpvzuHHj2QDPg2/SC3iFvffZ0DxZVOQBxNREZLkLJJiBpZyvLa5y+xF
72Gx99Vxacnez8/FbEXVsiKdGM8jfOX44gFjGq/sTER5gt0y3VqE/9pDIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBOBk7ZQ6QMCMgn/VAGFlEG2IQaaMB8GA1UdIwQY
MBaAFKf+eeTmO9FrxCN1kraE0AQzy9D2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF81NTVPWTcwV3ZFSTNXU3RvVFFCRFBMMFBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8xNGI1YzEtYTMzMy00NDliLWIyODAt
MjUxYTdiMTNjMTE4LzEvcF81NTVPWTcwV3ZFSTNXU3RvVFFCRFBMMFBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8xNGI1YzEtYTMzMy00NDliLWIyODAtMjUxYTdiMTNjMTE4
LzEvcF81NTVPWTcwV3ZFSTNXU3RvVFFCRFBMMFBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANfLgPVzN
RMJ2EDklQxaO3dx78yBxC7fIsf3l0ytnhFcAYNzL2JZ6MdJgCD6m4/dqyYBm/7VF
IfHSYNDMCzwFu+bFjq02RY0WzRROIoUo0Spk5pXH+HkJ8DMOqKFbW3N8wBMHsV3v
H/GC9fRAcBAKH34YpVo6H7do12DKOb/9YVpswRDcErZ6axLnz8/s78vR+WMI4HKA
ciFweBoal35D4rNEfVEYBBxkLGg88xz7+DgtB5KKaB97Z1apggA7+Ca6YkySTMZB
nJvp4tSh8NCwdUn5u/6j15HTnr3rqgS1BxaoMVaI0+Lyi7UQuXIjwDlk10D0KV/Z
PZOh0a2z0YUtmg==
-----END CERTIFICATE-----