Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/af2dd5-3f6e-45d5-b10e-b55f70fb1142/1/WZypahnO8ifMM7NFhZaqRV0rePg.mft
File:                     WZypahnO8ifMM7NFhZaqRV0rePg.mft (raw, json)
Hash identifier:          5TlpQaLIBAwSD4tB+hSe54+5P4t4OBD0zmMS94vB+A8=
Subject key identifier:   B9:C5:E9:51:C3:C0:5E:25:24:F6:41:3D:77:EE:09:8D:37:6C:52:28
Authority key identifier: 59:9C:A9:6A:19:CE:F2:27:CC:33:B3:45:85:96:AA:45:5D:2B:78:F8
Certificate issuer:       /CN=599ca96a19cef227cc33b3458596aa455d2b78f8
Certificate serial:       019651918C3B68962F4354F407EAD2ECC7DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WZypahnO8ifMM7NFhZaqRV0rePg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/af2dd5-3f6e-45d5-b10e-b55f70fb1142/1/WZypahnO8ifMM7NFhZaqRV0rePg.mft
Manifest number:          045A
Signing time:             Sun 20 Apr 2025 05:00:15 +0000
Manifest this update:     Sun 20 Apr 2025 05:00:15 +0000
Manifest next update:     Mon 21 Apr 2025 05:00:15 +0000
Files and hashes:         1: WZypahnO8ifMM7NFhZaqRV0rePg.crl (hash: MJf02ga1IurNoQAsh1fccJ5JepVv9FZr7Ne2ULumVW8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/af2dd5-3f6e-45d5-b10e-b55f70fb1142/1/WZypahnO8ifMM7NFhZaqRV0rePg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/af2dd5-3f6e-45d5-b10e-b55f70fb1142/1/WZypahnO8ifMM7NFhZaqRV0rePg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WZypahnO8ifMM7NFhZaqRV0rePg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 05:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:91:8c:3b:68:96:2f:43:54:f4:07:ea:d2:ec:c7:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=599ca96a19cef227cc33b3458596aa455d2b78f8
        Validity
            Not Before: Apr 20 05:00:15 2025 GMT
            Not After : Apr 21 05:00:15 2025 GMT
        Subject: CN=b9c5e951c3c05e2524f6413d77ee098d376c5228
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:3f:5a:34:9c:23:76:0c:30:f3:d7:81:71:8b:
                    57:ce:e2:1a:82:74:86:5d:69:11:3b:e4:6e:b1:75:
                    62:5e:a7:cd:d2:f2:05:ad:dc:93:d0:0f:45:c3:f1:
                    5a:7e:d7:b5:4e:91:c3:fb:06:98:94:36:17:35:6c:
                    3a:a0:78:87:f9:a5:58:3d:f0:e9:1f:e2:96:35:12:
                    be:ab:89:b1:a6:fe:37:35:2c:ae:81:07:0e:42:a3:
                    1a:58:07:7e:61:c1:58:10:7b:7e:e4:f0:66:bb:62:
                    ba:4b:6b:bd:d8:8d:fb:bd:58:b8:cf:ad:4c:cb:27:
                    4d:50:7f:0b:6a:d2:66:7f:99:f2:a0:a8:15:1e:c8:
                    8e:da:5e:1d:15:f7:b7:e4:82:b3:83:e8:ac:fb:ea:
                    af:f2:aa:09:e3:03:c8:49:22:68:31:b1:77:62:e5:
                    f3:0c:90:4c:93:eb:59:70:86:15:97:00:f3:e9:be:
                    06:1b:77:15:5c:25:24:ed:2d:c2:01:a8:cb:2a:db:
                    a4:38:cf:ef:a2:8d:4a:ea:0b:4f:40:95:37:9e:59:
                    61:80:22:f5:d6:e0:0f:55:99:9d:35:76:eb:c6:b4:
                    f8:c9:9d:e9:d3:5f:96:47:3a:49:7e:c8:ca:7f:ea:
                    00:52:ce:d9:f7:f8:fd:53:f6:b0:35:ee:63:eb:8b:
                    d2:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:C5:E9:51:C3:C0:5E:25:24:F6:41:3D:77:EE:09:8D:37:6C:52:28
            X509v3 Authority Key Identifier:
                keyid:59:9C:A9:6A:19:CE:F2:27:CC:33:B3:45:85:96:AA:45:5D:2B:78:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WZypahnO8ifMM7NFhZaqRV0rePg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/af2dd5-3f6e-45d5-b10e-b55f70fb1142/1/WZypahnO8ifMM7NFhZaqRV0rePg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/af2dd5-3f6e-45d5-b10e-b55f70fb1142/1/WZypahnO8ifMM7NFhZaqRV0rePg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:d3:40:28:d9:ae:bd:ce:ee:48:e5:af:0b:73:57:3f:d0:79:
         fb:0d:db:3a:ed:cd:bc:cc:05:04:39:c2:02:b5:5b:8a:77:33:
         f0:35:e8:ab:58:03:b3:d5:95:d0:06:9e:df:26:16:e3:5f:51:
         12:82:11:f9:2d:eb:40:c4:60:2d:82:a6:16:21:7c:d8:a6:3c:
         2e:59:66:17:44:42:68:42:e6:df:56:46:2f:8a:ca:42:66:d5:
         c9:b3:72:e1:a7:d9:bc:96:87:70:62:53:cc:55:dd:80:95:44:
         73:8e:29:78:79:c8:3b:68:70:61:18:1f:c7:d8:5d:d3:2a:6e:
         45:96:6e:58:c7:da:f5:77:f2:d7:b6:39:a8:f1:d7:f2:e0:66:
         7d:4b:28:b3:a3:da:35:33:07:95:71:de:20:df:f8:46:34:3b:
         72:b2:09:eb:60:ef:2d:a4:52:2f:f8:98:27:40:ee:5e:a3:ff:
         12:9d:da:0e:23:4d:16:ee:fa:6f:67:92:d2:8b:39:0b:50:c2:
         a8:19:77:d1:c8:02:7e:9b:a3:e1:30:23:4c:8e:80:25:ae:d5:
         02:fa:51:73:58:af:17:31:a5:24:d7:2e:7a:c4:fd:01:fb:ea:
         f3:f7:ca:0d:f3:ad:74:12:b7:5e:ed:cb:16:c5:9e:1c:36:a2:
         6c:31:bb:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRkYw7aJYvQ1T0B+rS7MfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5OWNhOTZhMTljZWYyMjdjYzMzYjM0NTg1OTZhYTQ1NWQy
Yjc4ZjgwHhcNMjUwNDIwMDUwMDE1WhcNMjUwNDIxMDUwMDE1WjAzMTEwLwYDVQQD
EyhiOWM1ZTk1MWMzYzA1ZTI1MjRmNjQxM2Q3N2VlMDk4ZDM3NmM1MjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD9aNJwjdgww89eBcYtXzuIagnSG
XWkRO+RusXViXqfN0vIFrdyT0A9Fw/Fafte1TpHD+waYlDYXNWw6oHiH+aVYPfDp
H+KWNRK+q4mxpv43NSyugQcOQqMaWAd+YcFYEHt+5PBmu2K6S2u92I37vVi4z61M
yydNUH8LatJmf5nyoKgVHsiO2l4dFfe35IKzg+is++qv8qoJ4wPISSJoMbF3YuXz
DJBMk+tZcIYVlwDz6b4GG3cVXCUk7S3CAajLKtukOM/voo1K6gtPQJU3nllhgCL1
1uAPVZmdNXbrxrT4yZ3p01+WRzpJfsjKf+oAUs7Z9/j9U/awNe5j64vSGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnF6VHDwF4lJPZBPXfuCY03bFIoMB8GA1UdIwQY
MBaAFFmcqWoZzvInzDOzRYWWqkVdK3j4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1p5cGFobk84aWZNTTdORmhaYXFSVjByZVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hZjJkZDUtM2Y2ZS00NWQ1LWIxMGUt
YjU1ZjcwZmIxMTQyLzEvV1p5cGFobk84aWZNTTdORmhaYXFSVjByZVBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hZjJkZDUtM2Y2ZS00NWQ1LWIxMGUtYjU1ZjcwZmIxMTQy
LzEvV1p5cGFobk84aWZNTTdORmhaYXFSVjByZVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYdNAKNmu
vc7uSOWvC3NXP9B5+w3bOu3NvMwFBDnCArVbincz8DXoq1gDs9WV0Aae3yYW419R
EoIR+S3rQMRgLYKmFiF82KY8LllmF0RCaELm31ZGL4rKQmbVybNy4afZvJaHcGJT
zFXdgJVEc44peHnIO2hwYRgfx9hd0ypuRZZuWMfa9Xfy17Y5qPHX8uBmfUsos6Pa
NTMHlXHeIN/4RjQ7crIJ62DvLaRSL/iYJ0DuXqP/Ep3aDiNNFu76b2eS0os5C1DC
qBl30cgCfpuj4TAjTI6AJa7VAvpRc1ivFzGlJNcuesT9Afvq8/fKDfOtdBK3Xu3L
FsWeHDaibDG7EQ==
-----END CERTIFICATE-----