Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
File:                     CeVm4OteXiEQflX8lg-x7iGHRHQ.mft (raw, json)
Hash identifier:          jM15l/0XiFmoMnB73xR014rWCy3hCUOhBpgqMPp/UdM=
Subject key identifier:   78:37:8A:F8:AB:22:22:02:25:93:36:66:66:26:E9:54:3B:5B:A4:CA
Authority key identifier: 09:E5:66:E0:EB:5E:5E:21:10:7E:55:FC:96:0F:B1:EE:21:87:44:74
Certificate issuer:       /CN=09e566e0eb5e5e21107e55fc960fb1ee21874474
Certificate serial:       01965537CD6F3EEAB455A7747AF53551744B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
Manifest number:          1345
Signing time:             Sun 20 Apr 2025 22:00:42 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:42 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:42 +0000
Files and hashes:         1: CeVm4OteXiEQflX8lg-x7iGHRHQ.crl (hash: bez9QCLtq3q0ylvz2XWP3Dy+nL+KEfVbSotM25NsGMc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:cd:6f:3e:ea:b4:55:a7:74:7a:f5:35:51:74:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09e566e0eb5e5e21107e55fc960fb1ee21874474
        Validity
            Not Before: Apr 20 22:00:42 2025 GMT
            Not After : Apr 21 22:00:42 2025 GMT
        Subject: CN=78378af8ab222202259336666626e9543b5ba4ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:5e:c7:67:a8:c9:66:d3:e9:73:8f:ac:a8:fa:
                    c1:d5:32:74:73:f0:83:41:d7:aa:3c:ce:4e:5d:b0:
                    20:7f:5c:3c:d8:70:20:35:a5:dd:5c:f2:ef:d2:7a:
                    aa:43:11:25:6a:b8:e4:67:73:8a:57:10:c9:14:7d:
                    9a:45:ee:7f:cc:74:bd:e4:af:e0:b6:32:51:b2:5b:
                    7f:33:70:8e:c3:ca:59:d2:b9:ca:c0:c8:aa:86:77:
                    a2:0f:c1:e4:47:89:59:c2:7f:32:d7:a7:98:10:a4:
                    4b:20:68:6b:00:1d:8e:8c:63:7b:5d:d3:10:f0:7b:
                    e9:a1:90:a4:05:df:16:d5:99:4d:24:13:b4:0c:be:
                    82:a5:23:58:80:a5:24:cc:64:92:ff:b8:e2:41:7e:
                    4f:9a:62:c4:15:d1:32:7e:63:00:a2:17:1a:9c:f8:
                    a9:87:b3:86:f9:c7:5e:0a:4e:83:27:e4:0f:9c:8a:
                    ee:5f:4a:9f:49:19:42:42:15:cd:c3:59:b3:10:89:
                    1a:4b:e2:b2:65:94:53:59:cc:a0:98:b3:41:82:ec:
                    ec:4e:53:05:28:d8:82:b1:1e:37:83:dd:42:51:05:
                    04:3e:19:50:54:9e:c5:d9:c0:ef:65:3a:dc:15:df:
                    97:3d:5b:db:34:76:a9:06:ff:ad:d5:c6:14:1c:20:
                    c6:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:37:8A:F8:AB:22:22:02:25:93:36:66:66:26:E9:54:3B:5B:A4:CA
            X509v3 Authority Key Identifier:
                keyid:09:E5:66:E0:EB:5E:5E:21:10:7E:55:FC:96:0F:B1:EE:21:87:44:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:7a:f8:52:bf:74:37:0e:c3:cc:f6:b2:0e:4b:88:08:89:72:
         18:bb:bd:09:97:3b:80:24:3e:4c:a6:44:8a:3a:3e:2e:cc:71:
         52:6a:62:d8:8b:90:17:9a:ab:e8:7a:ae:d4:4a:8b:12:bd:f9:
         26:3d:eb:01:09:df:db:19:1c:0d:b5:e3:78:af:f6:30:82:be:
         4a:fc:78:c3:97:f7:53:f7:3d:d7:5e:42:3e:d7:f2:38:48:84:
         1a:4f:d7:42:67:2a:c8:77:bf:ca:14:b6:2c:5c:81:76:b4:d8:
         ee:46:53:61:fb:9d:39:cd:b1:3b:78:65:5d:3a:45:0c:a9:62:
         a8:ee:ff:83:9f:c3:f8:e1:c9:d8:53:91:93:88:bb:5f:bf:fc:
         27:ff:4c:a3:01:e6:f5:8e:eb:ab:7c:c3:78:fb:36:77:fd:9d:
         41:a1:c5:ce:38:c4:a1:2d:52:c6:08:27:20:f8:e2:b6:1e:d8:
         0f:81:5c:65:8f:b2:01:c6:56:c1:72:37:98:2c:02:1d:f7:5d:
         2b:f4:f2:77:9a:54:0c:2f:16:58:d6:ad:93:f9:12:84:f2:33:
         90:b1:11:b4:75:7f:9b:56:1f:38:3c:7e:66:3d:4b:67:f0:bd:
         55:09:16:fc:76:03:89:f1:d6:6d:f1:cf:9b:24:97:31:1c:62:
         b3:bf:a6:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN81vPuq0Vad0evU1UXRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTU2NmUwZWI1ZTVlMjExMDdlNTVmYzk2MGZiMWVlMjE4
NzQ0NzQwHhcNMjUwNDIwMjIwMDQyWhcNMjUwNDIxMjIwMDQyWjAzMTEwLwYDVQQD
Eyg3ODM3OGFmOGFiMjIyMjAyMjU5MzM2NjY2NjI2ZTk1NDNiNWJhNGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwV7HZ6jJZtPpc4+sqPrB1TJ0c/CD
QdeqPM5OXbAgf1w82HAgNaXdXPLv0nqqQxElarjkZ3OKVxDJFH2aRe5/zHS95K/g
tjJRslt/M3COw8pZ0rnKwMiqhneiD8HkR4lZwn8y16eYEKRLIGhrAB2OjGN7XdMQ
8HvpoZCkBd8W1ZlNJBO0DL6CpSNYgKUkzGSS/7jiQX5PmmLEFdEyfmMAohcanPip
h7OG+cdeCk6DJ+QPnIruX0qfSRlCQhXNw1mzEIkaS+KyZZRTWcygmLNBguzsTlMF
KNiCsR43g91CUQUEPhlQVJ7F2cDvZTrcFd+XPVvbNHapBv+t1cYUHCDG7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHg3ivirIiICJZM2ZmYm6VQ7W6TKMB8GA1UdIwQY
MBaAFAnlZuDrXl4hEH5V/JYPse4hh0R0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wMDA4Y2QtZTEyOS00MjRjLWI1YWYt
MGFmMWRlOGYxZmYxLzEvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wMDA4Y2QtZTEyOS00MjRjLWI1YWYtMGFmMWRlOGYxZmYx
LzEvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqXr4Ur90
Nw7DzPayDkuICIlyGLu9CZc7gCQ+TKZEijo+LsxxUmpi2IuQF5qr6Hqu1EqLEr35
Jj3rAQnf2xkcDbXjeK/2MIK+Svx4w5f3U/c9115CPtfyOEiEGk/XQmcqyHe/yhS2
LFyBdrTY7kZTYfudOc2xO3hlXTpFDKliqO7/g5/D+OHJ2FORk4i7X7/8J/9MowHm
9Y7rq3zDePs2d/2dQaHFzjjEoS1SxggnIPjith7YD4FcZY+yAcZWwXI3mCwCHfdd
K/Tyd5pUDC8WWNatk/kShPIzkLERtHV/m1YfODx+Zj1LZ/C9VQkW/HYDifHWbfHP
mySXMRxis7+mfg==
-----END CERTIFICATE-----