Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/14e977-346f-44ad-b0df-0a10b881c3ac/1/04BE23ZiygAUgai9swt6vRi86ao.mft
File:                     04BE23ZiygAUgai9swt6vRi86ao.mft (raw, json)
Hash identifier:          GByPhzCQArsSEADWOED7s5/qGx4sRn6Dga1A/7b0uP0=
Subject key identifier:   F7:22:82:29:45:03:3E:5D:D4:76:88:B0:18:99:50:C2:2E:8F:D8:39
Authority key identifier: D3:80:44:DB:76:62:CA:00:14:81:A8:BD:B3:0B:7A:BD:18:BC:E9:AA
Certificate issuer:       /CN=d38044db7662ca001481a8bdb30b7abd18bce9aa
Certificate serial:       01974B1F8B76665540E6792C61F5F07B26C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/04BE23ZiygAUgai9swt6vRi86ao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/14e977-346f-44ad-b0df-0a10b881c3ac/1/04BE23ZiygAUgai9swt6vRi86ao.mft
Manifest number:          1040
Signing time:             Sat 07 Jun 2025 16:00:47 +0000
Manifest this update:     Sat 07 Jun 2025 16:00:47 +0000
Manifest next update:     Sun 08 Jun 2025 16:00:47 +0000
Files and hashes:         1: 04BE23ZiygAUgai9swt6vRi86ao.crl (hash: SOl1HpOyRQ550oWmmlTp9l7ZIxk3aFF7LpSL7BMYcVA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/14e977-346f-44ad-b0df-0a10b881c3ac/1/04BE23ZiygAUgai9swt6vRi86ao.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/14e977-346f-44ad-b0df-0a10b881c3ac/1/04BE23ZiygAUgai9swt6vRi86ao.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/04BE23ZiygAUgai9swt6vRi86ao.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:1f:8b:76:66:55:40:e6:79:2c:61:f5:f0:7b:26:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d38044db7662ca001481a8bdb30b7abd18bce9aa
        Validity
            Not Before: Jun  7 16:00:47 2025 GMT
            Not After : Jun  8 16:00:47 2025 GMT
        Subject: CN=f722822945033e5dd47688b0189950c22e8fd839
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:b4:ff:ff:05:e2:86:f8:76:eb:91:6b:ca:8b:
                    c3:8d:5e:b5:e3:98:86:8a:e3:ee:75:2f:f0:31:89:
                    e5:8b:16:75:55:68:ae:60:d8:e3:6e:62:75:d4:5c:
                    b1:90:8b:53:79:06:87:07:24:c2:92:b6:da:4d:bb:
                    26:58:9b:a3:b9:85:75:45:b6:ac:b6:90:1c:34:81:
                    d4:7a:47:cb:34:bf:01:c2:13:4e:fe:44:52:cb:bf:
                    fa:24:44:43:bc:75:66:28:38:9c:07:77:cc:ed:95:
                    0c:69:21:2f:0a:10:f9:35:fe:f6:13:72:07:ee:e7:
                    9d:ee:1d:ed:ea:3a:07:f9:00:49:cb:eb:a8:5a:72:
                    c2:ea:1e:1d:fc:f7:91:d5:d3:8a:60:c6:12:6b:dd:
                    bf:42:ee:36:4c:b1:07:c4:36:9f:c5:40:2c:ff:fe:
                    c2:48:3b:73:65:04:55:27:9c:68:8d:56:cc:9b:cb:
                    47:9f:ba:27:9a:cc:dc:ef:31:23:46:dc:2e:d3:fc:
                    da:80:b1:b7:8e:52:bd:db:34:bb:28:93:a5:3c:b8:
                    37:40:73:43:b2:d8:0f:b5:36:ab:78:48:2a:d3:d3:
                    25:f1:db:74:08:3f:01:1d:3f:11:65:49:ef:cb:c1:
                    95:27:e0:9d:6d:17:66:c4:50:3a:2c:03:2c:20:cd:
                    1a:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:22:82:29:45:03:3E:5D:D4:76:88:B0:18:99:50:C2:2E:8F:D8:39
            X509v3 Authority Key Identifier:
                keyid:D3:80:44:DB:76:62:CA:00:14:81:A8:BD:B3:0B:7A:BD:18:BC:E9:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04BE23ZiygAUgai9swt6vRi86ao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/14e977-346f-44ad-b0df-0a10b881c3ac/1/04BE23ZiygAUgai9swt6vRi86ao.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/14e977-346f-44ad-b0df-0a10b881c3ac/1/04BE23ZiygAUgai9swt6vRi86ao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:b7:59:41:fc:5c:ad:4b:73:47:77:e4:c4:f6:2c:5b:8a:aa:
         92:e4:fb:e3:b8:ba:56:c2:03:27:72:f5:cd:17:72:66:fb:27:
         b2:1a:6a:94:b1:c7:d6:90:2f:c7:85:ed:18:0a:f9:43:d8:08:
         bf:9e:c2:08:84:11:b5:9a:57:ef:fb:41:d1:72:fa:e2:f8:ef:
         82:cb:24:8d:9f:5b:2b:67:c9:a2:f9:f1:64:d5:93:18:c4:02:
         36:b9:cf:df:84:3b:6e:4d:1f:d3:8c:02:47:5b:38:af:d9:6c:
         1d:25:63:82:9d:4a:fe:ba:26:a7:5a:61:0c:3f:9d:71:a0:1d:
         13:43:be:68:cb:77:d9:a4:66:66:98:eb:60:db:67:13:90:f6:
         8d:c6:a4:47:7a:3d:a9:be:a1:80:93:64:9c:d9:f9:7b:42:bc:
         c8:96:1f:7d:89:8d:d7:9e:ed:65:77:3e:cb:69:54:0b:b4:7d:
         80:f6:97:f6:c0:f9:b0:a5:a3:b3:dd:aa:0b:1e:d1:9b:f0:1a:
         51:bb:25:66:e2:11:39:f0:58:81:4e:55:97:f9:48:90:50:55:
         ff:d9:ae:e7:8f:40:c1:fa:17:01:d1:0c:17:ce:06:4c:09:53:
         10:8f:81:14:d3:46:0f:d0:85:e0:a4:d0:25:cc:d4:3b:f2:8d:
         a2:7c:c1:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLH4t2ZlVA5nksYfXweybAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODA0NGRiNzY2MmNhMDAxNDgxYThiZGIzMGI3YWJkMThi
Y2U5YWEwHhcNMjUwNjA3MTYwMDQ3WhcNMjUwNjA4MTYwMDQ3WjAzMTEwLwYDVQQD
EyhmNzIyODIyOTQ1MDMzZTVkZDQ3Njg4YjAxODk5NTBjMjJlOGZkODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7bT//wXihvh265FryovDjV6145iG
iuPudS/wMYnlixZ1VWiuYNjjbmJ11FyxkItTeQaHByTCkrbaTbsmWJujuYV1Rbas
tpAcNIHUekfLNL8BwhNO/kRSy7/6JERDvHVmKDicB3fM7ZUMaSEvChD5Nf72E3IH
7ued7h3t6joH+QBJy+uoWnLC6h4d/PeR1dOKYMYSa92/Qu42TLEHxDafxUAs//7C
SDtzZQRVJ5xojVbMm8tHn7onmszc7zEjRtwu0/zagLG3jlK92zS7KJOlPLg3QHND
stgPtTareEgq09Ml8dt0CD8BHT8RZUnvy8GVJ+CdbRdmxFA6LAMsIM0aBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPcigilFAz5d1HaIsBiZUMIuj9g5MB8GA1UdIwQY
MBaAFNOARNt2YsoAFIGovbMLer0YvOmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRCRTIzWml5Z0FVZ2FpOXN3dDZ2Umk4NmFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8xNGU5NzctMzQ2Zi00NGFkLWIwZGYt
MGExMGI4ODFjM2FjLzEvMDRCRTIzWml5Z0FVZ2FpOXN3dDZ2Umk4NmFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8xNGU5NzctMzQ2Zi00NGFkLWIwZGYtMGExMGI4ODFjM2Fj
LzEvMDRCRTIzWml5Z0FVZ2FpOXN3dDZ2Umk4NmFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcLdZQfxc
rUtzR3fkxPYsW4qqkuT747i6VsIDJ3L1zRdyZvsnshpqlLHH1pAvx4XtGAr5Q9gI
v57CCIQRtZpX7/tB0XL64vjvgsskjZ9bK2fJovnxZNWTGMQCNrnP34Q7bk0f04wC
R1s4r9lsHSVjgp1K/romp1phDD+dcaAdE0O+aMt32aRmZpjrYNtnE5D2jcakR3o9
qb6hgJNknNn5e0K8yJYffYmN157tZXc+y2lUC7R9gPaX9sD5sKWjs92qCx7Rm/Aa
UbslZuIROfBYgU5Vl/lIkFBV/9mu549AwfoXAdEMF84GTAlTEI+BFNNGD9CF4KTQ
JczUO/KNonzB5g==
-----END CERTIFICATE-----