Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/e24bb6-7363-4442-b568-c80dec87cd09/1/rIpdP4uUYpQnOEoSDHdHYFY611o.mft
File:                     rIpdP4uUYpQnOEoSDHdHYFY611o.mft (raw, json)
Hash identifier:          1lMtmXBB6c5TOwJiWJkhfUE4/uHvbJBEwMvU1nuMIXc=
Subject key identifier:   A6:42:8E:24:6C:78:5D:8D:CC:9C:44:94:9C:D2:73:58:FE:84:72:E7
Authority key identifier: AC:8A:5D:3F:8B:94:62:94:27:38:4A:12:0C:77:47:60:56:3A:D7:5A
Certificate issuer:       /CN=ac8a5d3f8b94629427384a120c774760563ad75a
Certificate serial:       019649A2590854F20BC4E6A8CF1342212148
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rIpdP4uUYpQnOEoSDHdHYFY611o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/e24bb6-7363-4442-b568-c80dec87cd09/1/rIpdP4uUYpQnOEoSDHdHYFY611o.mft
Manifest number:          0ED5
Signing time:             Fri 18 Apr 2025 16:01:38 +0000
Manifest this update:     Fri 18 Apr 2025 16:01:38 +0000
Manifest next update:     Sat 19 Apr 2025 16:01:38 +0000
Files and hashes:         1: rIpdP4uUYpQnOEoSDHdHYFY611o.crl (hash: mSpz7v1kU0W5RgdoY6w+74pWpHqseCTX966/G0MZj6k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/e24bb6-7363-4442-b568-c80dec87cd09/1/rIpdP4uUYpQnOEoSDHdHYFY611o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/e24bb6-7363-4442-b568-c80dec87cd09/1/rIpdP4uUYpQnOEoSDHdHYFY611o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rIpdP4uUYpQnOEoSDHdHYFY611o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 14:20:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:49:a2:59:08:54:f2:0b:c4:e6:a8:cf:13:42:21:21:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac8a5d3f8b94629427384a120c774760563ad75a
        Validity
            Not Before: Apr 18 16:01:38 2025 GMT
            Not After : Apr 19 16:01:38 2025 GMT
        Subject: CN=a6428e246c785d8dcc9c44949cd27358fe8472e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:f1:70:16:7b:7d:2f:1d:66:b0:71:67:fb:23:
                    33:12:34:19:42:3a:57:de:34:eb:6d:35:83:1e:78:
                    4e:e6:bc:70:e7:d4:0c:fe:a0:2f:54:e9:77:66:f1:
                    fc:07:39:56:be:0b:e8:67:ef:2b:bd:9a:ce:11:3a:
                    90:5f:af:38:e4:9b:c4:d5:d5:c2:ac:7a:f6:ea:f8:
                    26:e3:2c:3b:9d:d9:ff:5f:97:a7:66:17:57:9c:a4:
                    67:32:c4:8c:e3:09:6e:72:3a:91:5c:1e:d9:3f:28:
                    16:88:66:0c:c5:06:70:65:63:75:4d:67:53:fa:6b:
                    36:cb:a4:55:1c:af:6a:35:cf:dd:d0:5e:a7:04:11:
                    23:d2:53:11:53:e6:e4:79:3d:e9:f6:ad:8c:a2:5f:
                    d0:20:11:2a:73:61:8f:8a:2e:7a:6b:c5:7a:43:99:
                    39:46:c4:3f:c2:d5:18:85:90:67:0b:72:6d:1c:25:
                    7b:d4:11:c1:36:a8:7b:e7:ae:24:b0:fa:7f:4d:09:
                    03:3b:6f:ee:a1:bc:57:32:4c:69:94:46:c5:c8:36:
                    49:66:85:a0:ab:67:72:a6:eb:4a:ed:52:cf:30:0c:
                    5f:f8:60:d3:a7:65:eb:20:91:0e:dd:61:90:7c:cd:
                    a9:9e:70:56:15:ac:f0:e0:44:c8:0d:00:3a:ab:a3:
                    7d:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:42:8E:24:6C:78:5D:8D:CC:9C:44:94:9C:D2:73:58:FE:84:72:E7
            X509v3 Authority Key Identifier:
                keyid:AC:8A:5D:3F:8B:94:62:94:27:38:4A:12:0C:77:47:60:56:3A:D7:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rIpdP4uUYpQnOEoSDHdHYFY611o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e24bb6-7363-4442-b568-c80dec87cd09/1/rIpdP4uUYpQnOEoSDHdHYFY611o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e24bb6-7363-4442-b568-c80dec87cd09/1/rIpdP4uUYpQnOEoSDHdHYFY611o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d6:a8:8e:27:f4:b4:2f:17:6f:a5:05:c2:a1:04:69:0d:ae:d7:
         ff:bf:1f:e7:84:fc:fa:43:47:1f:1d:96:67:bd:43:87:97:c7:
         01:b0:fb:f2:25:97:01:2d:a9:c6:5b:8f:a1:e4:75:42:87:20:
         f7:b0:68:8b:c4:fb:12:6f:86:c1:ac:7c:b9:cb:50:a4:1c:00:
         3a:c5:62:30:a0:66:bf:4c:e6:29:a0:8a:9a:6f:c1:9d:1b:d6:
         80:6d:b8:37:8c:94:79:62:ac:62:a9:ad:f4:bb:68:42:72:a8:
         3c:65:86:db:e5:8a:04:4e:9b:ae:6d:30:09:73:00:ea:08:11:
         5d:50:b3:ee:64:e7:31:dc:37:d6:df:cd:e1:89:8b:ce:dc:74:
         82:da:b0:df:f3:33:ba:ee:9b:f0:4a:80:c4:28:b2:ff:aa:d7:
         65:1a:a7:4f:97:3f:2e:14:db:1a:00:e7:5a:de:78:a4:76:cc:
         54:c3:9c:71:9c:f7:fa:19:fb:5b:00:a7:1f:a4:73:d6:c4:1a:
         a3:22:44:6e:19:fc:dd:6a:05:b1:f7:f2:c4:c1:06:95:40:e7:
         a2:a5:81:5d:ea:27:65:c1:a3:70:c6:83:46:5e:0f:80:25:ae:
         1e:48:48:32:21:f5:bd:d8:3c:32:ac:4e:ee:3d:e8:37:31:ce:
         fb:7d:86:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZJolkIVPILxOaozxNCISFIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOGE1ZDNmOGI5NDYyOTQyNzM4NGExMjBjNzc0NzYwNTYz
YWQ3NWEwHhcNMjUwNDE4MTYwMTM4WhcNMjUwNDE5MTYwMTM4WjAzMTEwLwYDVQQD
EyhhNjQyOGUyNDZjNzg1ZDhkY2M5YzQ0OTQ5Y2QyNzM1OGZlODQ3MmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPFwFnt9Lx1msHFn+yMzEjQZQjpX
3jTrbTWDHnhO5rxw59QM/qAvVOl3ZvH8BzlWvgvoZ+8rvZrOETqQX6845JvE1dXC
rHr26vgm4yw7ndn/X5enZhdXnKRnMsSM4wlucjqRXB7ZPygWiGYMxQZwZWN1TWdT
+ms2y6RVHK9qNc/d0F6nBBEj0lMRU+bkeT3p9q2Mol/QIBEqc2GPii56a8V6Q5k5
RsQ/wtUYhZBnC3JtHCV71BHBNqh7564ksPp/TQkDO2/uobxXMkxplEbFyDZJZoWg
q2dyputK7VLPMAxf+GDTp2XrIJEO3WGQfM2pnnBWFazw4ETIDQA6q6N9pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKZCjiRseF2NzJxElJzSc1j+hHLnMB8GA1UdIwQY
MBaAFKyKXT+LlGKUJzhKEgx3R2BWOtdaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcklwZFA0dVVZcFFuT0VvU0RIZEhZRlk2MTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lMjRiYjYtNzM2My00NDQyLWI1Njgt
YzgwZGVjODdjZDA5LzEvcklwZFA0dVVZcFFuT0VvU0RIZEhZRlk2MTFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lMjRiYjYtNzM2My00NDQyLWI1NjgtYzgwZGVjODdjZDA5
LzEvcklwZFA0dVVZcFFuT0VvU0RIZEhZRlk2MTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1qiOJ/S0
LxdvpQXCoQRpDa7X/78f54T8+kNHHx2WZ71Dh5fHAbD78iWXAS2pxluPoeR1Qocg
97Boi8T7Em+Gwax8uctQpBwAOsViMKBmv0zmKaCKmm/BnRvWgG24N4yUeWKsYqmt
9LtoQnKoPGWG2+WKBE6brm0wCXMA6ggRXVCz7mTnMdw31t/N4YmLztx0gtqw3/Mz
uu6b8EqAxCiy/6rXZRqnT5c/LhTbGgDnWt54pHbMVMOccZz3+hn7WwCnH6Rz1sQa
oyJEbhn83WoFsffyxMEGlUDnoqWBXeonZcGjcMaDRl4PgCWuHkhIMiH1vdg8MqxO
7j3oNzHO+32G7Q==
-----END CERTIFICATE-----