Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
File:                     IQdBCPDRRZtitsetsn1pNLoL56U.mft (raw, json)
Hash identifier:          kHPl/2k+BXP3bmsPHHI4iZtdX6tFrkTKz/Oc/zM4jjs=
Subject key identifier:   C2:E9:16:C6:7D:13:72:89:23:10:5A:42:43:F4:5A:31:72:E0:59:9B
Authority key identifier: 21:07:41:08:F0:D1:45:9B:62:B6:C7:AD:B2:7D:69:34:BA:0B:E7:A5
Certificate issuer:       /CN=21074108f0d1459b62b6c7adb27d6934ba0be7a5
Certificate serial:       01965BA792ADB0858D9B8925D5E579131053
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
Manifest number:          148F
Signing time:             Tue 22 Apr 2025 04:00:30 +0000
Manifest this update:     Tue 22 Apr 2025 04:00:30 +0000
Manifest next update:     Wed 23 Apr 2025 04:00:30 +0000
Files and hashes:         1: IQdBCPDRRZtitsetsn1pNLoL56U.crl (hash: HqIZrKcELpSRUJLBRwO2YI3PosyTfb6A/g+ZmBPxykI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5b:a7:92:ad:b0:85:8d:9b:89:25:d5:e5:79:13:10:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21074108f0d1459b62b6c7adb27d6934ba0be7a5
        Validity
            Not Before: Apr 22 04:00:30 2025 GMT
            Not After : Apr 23 04:00:30 2025 GMT
        Subject: CN=c2e916c67d13728923105a4243f45a3172e0599b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a4:bc:28:ca:56:01:c4:10:93:b9:0d:b9:e9:
                    a5:c7:94:6b:05:72:2d:93:dc:86:75:62:47:90:95:
                    89:7a:61:35:57:43:a7:0f:b0:f0:3e:14:aa:5e:f8:
                    3e:27:9a:82:18:75:14:45:0a:3d:a0:55:ee:c9:b3:
                    bd:3e:3c:6b:f0:3f:99:c5:f7:14:ba:7a:d4:b4:fb:
                    80:9b:20:51:7b:8b:e7:1a:e8:8f:7f:ee:26:55:84:
                    df:8f:6d:28:b8:35:f0:79:6c:7c:a4:30:ff:7c:33:
                    fd:df:08:c3:cd:f6:f9:fc:04:c7:68:dc:8f:e3:7b:
                    4b:5a:4d:0f:a8:38:46:bb:a0:98:fc:52:0e:11:fe:
                    ea:6c:78:98:fe:ed:25:90:6c:0b:d1:ba:fb:ac:1d:
                    88:b8:8e:de:96:be:82:c1:b3:53:e9:be:ae:59:b0:
                    62:5d:eb:98:be:c6:be:09:d6:4a:5a:6b:e7:67:04:
                    93:dd:ff:32:b1:bb:90:07:a1:15:52:22:8b:8e:f7:
                    f6:a0:94:43:84:b3:de:2a:b7:f9:00:4a:34:87:69:
                    ac:3b:4b:6a:12:5c:ec:82:ba:6f:54:91:66:93:bb:
                    10:41:b1:ce:c3:de:54:b4:e1:58:45:aa:ad:fd:ce:
                    ac:fd:4c:e0:c4:49:ec:28:cc:1d:d7:0a:bf:d7:22:
                    d4:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:E9:16:C6:7D:13:72:89:23:10:5A:42:43:F4:5A:31:72:E0:59:9B
            X509v3 Authority Key Identifier:
                keyid:21:07:41:08:F0:D1:45:9B:62:B6:C7:AD:B2:7D:69:34:BA:0B:E7:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:d4:d6:30:87:5d:6d:0d:3c:a6:a6:c1:31:9b:83:21:ac:c2:
         ae:89:6d:43:41:9e:dd:63:0e:8c:78:65:af:a1:64:af:3d:e6:
         fd:69:9d:56:d5:aa:e3:1b:a4:e1:82:fe:d3:12:03:de:77:6d:
         2c:ae:e2:1f:73:72:4d:07:bd:b6:a7:6d:2b:37:ae:e8:8a:71:
         62:71:c8:43:05:a6:8b:fd:3e:ca:e5:32:97:c7:5c:0e:22:6e:
         46:3a:5e:3b:c9:7c:47:81:66:ab:69:f8:e4:7b:e0:f5:49:c1:
         f2:7d:7e:af:0a:ed:81:66:f9:5c:a9:fe:45:a3:c5:9b:94:a0:
         00:85:8b:59:db:ee:eb:25:cf:25:5b:0f:bc:6a:fc:a5:ef:38:
         87:e7:51:ed:96:ba:38:36:c6:a2:26:bb:9a:2b:f8:66:c5:e3:
         78:a7:4c:45:d4:48:54:03:09:ad:6d:08:eb:ba:50:e1:b1:91:
         6f:d2:8c:4b:9f:6b:d4:77:92:59:e7:6f:51:42:8e:73:fc:e9:
         b0:28:80:50:01:87:d0:98:0d:17:74:e1:d1:4a:45:17:cd:63:
         b7:58:5d:ad:ba:10:60:b8:0f:93:17:56:61:1c:08:d5:e6:b8:
         1d:27:cd:99:90:f6:fd:72:e7:72:ee:6c:a6:69:ed:7e:24:ae:
         c0:63:6c:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZbp5KtsIWNm4kl1eV5ExBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDc0MTA4ZjBkMTQ1OWI2MmI2YzdhZGIyN2Q2OTM0YmEw
YmU3YTUwHhcNMjUwNDIyMDQwMDMwWhcNMjUwNDIzMDQwMDMwWjAzMTEwLwYDVQQD
EyhjMmU5MTZjNjdkMTM3Mjg5MjMxMDVhNDI0M2Y0NWEzMTcyZTA1OTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6S8KMpWAcQQk7kNuemlx5RrBXIt
k9yGdWJHkJWJemE1V0OnD7DwPhSqXvg+J5qCGHUURQo9oFXuybO9Pjxr8D+ZxfcU
unrUtPuAmyBRe4vnGuiPf+4mVYTfj20ouDXweWx8pDD/fDP93wjDzfb5/ATHaNyP
43tLWk0PqDhGu6CY/FIOEf7qbHiY/u0lkGwL0br7rB2IuI7elr6CwbNT6b6uWbBi
XeuYvsa+CdZKWmvnZwST3f8ysbuQB6EVUiKLjvf2oJRDhLPeKrf5AEo0h2msO0tq
ElzsgrpvVJFmk7sQQbHOw95UtOFYRaqt/c6s/UzgxEnsKMwd1wq/1yLUMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMLpFsZ9E3KJIxBaQkP0WjFy4FmbMB8GA1UdIwQY
MBaAFCEHQQjw0UWbYrbHrbJ9aTS6C+elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC82ZWZiNDQtMDEyYi00MTVmLTgyMjAt
YzYyMjBlMTg1Njk0LzEvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC82ZWZiNDQtMDEyYi00MTVmLTgyMjAtYzYyMjBlMTg1Njk0
LzEvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH9TWMIdd
bQ08pqbBMZuDIazCroltQ0Ge3WMOjHhlr6Fkrz3m/WmdVtWq4xuk4YL+0xID3ndt
LK7iH3NyTQe9tqdtKzeu6IpxYnHIQwWmi/0+yuUyl8dcDiJuRjpeO8l8R4Fmq2n4
5Hvg9UnB8n1+rwrtgWb5XKn+RaPFm5SgAIWLWdvu6yXPJVsPvGr8pe84h+dR7Za6
ODbGoia7miv4ZsXjeKdMRdRIVAMJrW0I67pQ4bGRb9KMS59r1HeSWedvUUKOc/zp
sCiAUAGH0JgNF3Th0UpFF81jt1hdrboQYLgPkxdWYRwI1ea4HSfNmZD2/XLncu5s
pmntfiSuwGNseA==
-----END CERTIFICATE-----