Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.mft
File:                     daRvv8jeUjM5XHPeUflVO7doRgU.mft (raw, json)
Hash identifier:          CKIkL636d7UOLzgwVEMV2QDo/DmP6EmQo2Pkr4o/iSM=
Subject key identifier:   45:83:D9:10:7B:B2:66:93:F1:38:0B:0C:42:99:CF:B7:C7:5E:E7:07
Authority key identifier: 75:A4:6F:BF:C8:DE:52:33:39:5C:73:DE:51:F9:55:3B:B7:68:46:05
Certificate issuer:       /CN=75a46fbfc8de5233395c73de51f9553bb7684605
Certificate serial:       01964D7EFAC06235D2516606181DB30C0EE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/daRvv8jeUjM5XHPeUflVO7doRgU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.mft
Manifest number:          14F5
Signing time:             Sat 19 Apr 2025 10:01:29 +0000
Manifest this update:     Sat 19 Apr 2025 10:01:29 +0000
Manifest next update:     Sun 20 Apr 2025 10:01:29 +0000
Files and hashes:         1: daRvv8jeUjM5XHPeUflVO7doRgU.crl (hash: BW6L1Ju38AqQM9ETHeg+u5wE6DLvFvXrm5Ve9oGIDVo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/daRvv8jeUjM5XHPeUflVO7doRgU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 10:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7e:fa:c0:62:35:d2:51:66:06:18:1d:b3:0c:0e:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75a46fbfc8de5233395c73de51f9553bb7684605
        Validity
            Not Before: Apr 19 10:01:29 2025 GMT
            Not After : Apr 20 10:01:29 2025 GMT
        Subject: CN=4583d9107bb26693f1380b0c4299cfb7c75ee707
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:52:93:c6:69:2e:d3:94:9c:5c:2c:16:41:85:
                    2a:b4:78:ad:17:52:67:6c:87:3e:88:94:2a:7b:42:
                    90:1c:00:94:98:e1:57:1e:b2:81:54:e8:28:ac:44:
                    81:6d:f8:a7:46:9a:c8:54:2e:92:cd:aa:f7:27:2d:
                    53:96:76:cf:bc:fa:c9:5e:7e:7a:1f:8f:eb:e3:ba:
                    5a:bb:86:ff:41:c1:38:b0:cd:99:fd:7b:1f:7c:82:
                    44:48:aa:d0:a6:ff:50:74:79:92:d3:a7:f5:57:61:
                    b5:79:ca:9d:4f:e5:9b:eb:54:b5:97:5e:3b:f3:07:
                    51:be:30:8d:ea:5d:c6:3b:41:9c:68:20:bf:e3:8e:
                    fb:74:b9:33:cd:83:33:d1:5a:56:19:6f:de:17:15:
                    80:14:b2:44:d6:9e:d6:5f:04:10:31:58:02:47:03:
                    01:f9:51:42:25:c9:d3:ac:79:48:a8:dc:ee:ac:67:
                    78:46:b6:77:4b:2a:28:33:81:e0:93:93:43:33:ef:
                    c2:eb:fb:89:be:25:35:b0:1b:ef:61:49:1d:b1:6e:
                    62:4f:99:05:08:91:ed:11:02:60:2e:59:9e:f1:eb:
                    44:af:53:13:34:f7:43:ea:fd:5a:45:a3:7b:50:95:
                    d9:5a:d9:d0:7b:10:3c:60:97:49:be:46:49:83:ae:
                    4a:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:83:D9:10:7B:B2:66:93:F1:38:0B:0C:42:99:CF:B7:C7:5E:E7:07
            X509v3 Authority Key Identifier:
                keyid:75:A4:6F:BF:C8:DE:52:33:39:5C:73:DE:51:F9:55:3B:B7:68:46:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/daRvv8jeUjM5XHPeUflVO7doRgU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:cd:0d:fa:5d:6d:77:82:4a:7c:c4:15:6f:9c:09:2e:47:1b:
         9e:74:ef:a3:d9:f7:a3:13:93:55:f3:c6:f3:61:e0:72:e2:b9:
         43:39:87:85:5d:6e:ee:57:0f:cd:84:f8:44:e7:48:86:81:08:
         21:47:20:3f:9d:92:9d:6d:ba:30:14:2f:ac:91:4a:06:03:6a:
         68:56:47:da:d7:05:8e:9d:08:0b:fb:cc:63:01:6f:99:a9:7f:
         f2:99:b5:39:38:8b:59:40:e9:07:84:b2:cf:1b:90:14:46:0c:
         5b:88:28:a5:1c:8d:f3:aa:86:cd:e0:04:f9:7c:16:08:7f:8a:
         65:fd:f8:a4:70:83:54:c6:2a:5d:8d:0e:60:47:58:11:15:89:
         7b:b4:7b:b3:61:75:a9:33:bd:73:eb:35:72:11:97:e7:23:0a:
         e6:29:0c:bc:6a:d7:e2:d6:77:59:63:5b:89:09:b9:3c:cc:77:
         e2:2c:14:fb:31:d7:b7:10:71:8d:96:ce:d6:cf:21:bf:c9:53:
         1e:85:56:a4:46:00:87:94:7a:78:bb:7c:66:7b:1f:ff:44:d8:
         11:0d:3d:6e:33:e3:38:8a:80:60:15:b6:c9:77:91:da:15:7e:
         3e:2d:a8:a9:49:e5:5a:a6:19:80:56:08:49:39:02:08:98:24:
         2e:94:bb:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfvrAYjXSUWYGGB2zDA7iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YTQ2ZmJmYzhkZTUyMzMzOTVjNzNkZTUxZjk1NTNiYjc2
ODQ2MDUwHhcNMjUwNDE5MTAwMTI5WhcNMjUwNDIwMTAwMTI5WjAzMTEwLwYDVQQD
Eyg0NTgzZDkxMDdiYjI2NjkzZjEzODBiMGM0Mjk5Y2ZiN2M3NWVlNzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1KTxmku05ScXCwWQYUqtHitF1Jn
bIc+iJQqe0KQHACUmOFXHrKBVOgorESBbfinRprIVC6Szar3Jy1TlnbPvPrJXn56
H4/r47pau4b/QcE4sM2Z/XsffIJESKrQpv9QdHmS06f1V2G1ecqdT+Wb61S1l147
8wdRvjCN6l3GO0GcaCC/4477dLkzzYMz0VpWGW/eFxWAFLJE1p7WXwQQMVgCRwMB
+VFCJcnTrHlIqNzurGd4RrZ3SyooM4Hgk5NDM+/C6/uJviU1sBvvYUkdsW5iT5kF
CJHtEQJgLlme8etEr1MTNPdD6v1aRaN7UJXZWtnQexA8YJdJvkZJg65KPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWD2RB7smaT8TgLDEKZz7fHXucHMB8GA1UdIwQY
MBaAFHWkb7/I3lIzOVxz3lH5VTu3aEYFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGFSdnY4amVVak01WEhQZVVmbFZPN2RvUmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS80MjdlMmMtOTZmNi00ZTQzLTkxNGEt
OGM3YzU0ZjNjNWIwLzEvZGFSdnY4amVVak01WEhQZVVmbFZPN2RvUmdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS80MjdlMmMtOTZmNi00ZTQzLTkxNGEtOGM3YzU0ZjNjNWIw
LzEvZGFSdnY4amVVak01WEhQZVVmbFZPN2RvUmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV80N+l1t
d4JKfMQVb5wJLkcbnnTvo9n3oxOTVfPG82HgcuK5QzmHhV1u7lcPzYT4ROdIhoEI
IUcgP52SnW26MBQvrJFKBgNqaFZH2tcFjp0IC/vMYwFvmal/8pm1OTiLWUDpB4Sy
zxuQFEYMW4gopRyN86qGzeAE+XwWCH+KZf34pHCDVMYqXY0OYEdYERWJe7R7s2F1
qTO9c+s1chGX5yMK5ikMvGrX4tZ3WWNbiQm5PMx34iwU+zHXtxBxjZbO1s8hv8lT
HoVWpEYAh5R6eLt8Znsf/0TYEQ09bjPjOIqAYBW2yXeR2hV+Pi2oqUnlWqYZgFYI
STkCCJgkLpS7Hw==
-----END CERTIFICATE-----