Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.mft
File:                     SFF8v1-HKM7CSvPC6G7PuANT5g0.mft (raw, json)
Hash identifier:          NYVyiRk4i19WGIFQFAE5ZGMIi9GatU8GR3F/2P6ZNiA=
Subject key identifier:   33:69:80:8F:AA:40:48:B4:80:23:80:73:88:28:3E:CD:BE:F9:40:16
Authority key identifier: 48:51:7C:BF:5F:87:28:CE:C2:4A:F3:C2:E8:6E:CF:B8:03:53:E6:0D
Certificate issuer:       /CN=48517cbf5f8728cec24af3c2e86ecfb80353e60d
Certificate serial:       01964BFD8D408AF2573FFA137345A3FDD4A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SFF8v1-HKM7CSvPC6G7PuANT5g0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.mft
Manifest number:          0BD9
Signing time:             Sat 19 Apr 2025 03:00:30 +0000
Manifest this update:     Sat 19 Apr 2025 03:00:30 +0000
Manifest next update:     Sun 20 Apr 2025 03:00:30 +0000
Files and hashes:         1: SFF8v1-HKM7CSvPC6G7PuANT5g0.crl (hash: nrkcR6ndt2jlxEg9CIzngYkmbgfc5aeBW6v7cvNlR7o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SFF8v1-HKM7CSvPC6G7PuANT5g0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 03:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4b:fd:8d:40:8a:f2:57:3f:fa:13:73:45:a3:fd:d4:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=48517cbf5f8728cec24af3c2e86ecfb80353e60d
        Validity
            Not Before: Apr 19 03:00:30 2025 GMT
            Not After : Apr 20 03:00:30 2025 GMT
        Subject: CN=3369808faa4048b48023807388283ecdbef94016
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:29:e5:73:cb:94:65:cd:d2:33:43:7a:91:0c:
                    4e:cf:01:b4:6e:4c:37:fc:ec:8a:d8:29:20:6a:8a:
                    48:48:d9:d6:00:a9:f5:16:f2:7c:6e:33:22:c2:8d:
                    c7:ce:37:00:9f:34:18:7b:db:5a:0f:75:5d:2b:e2:
                    84:cc:04:79:63:3b:be:de:85:03:9c:1b:d1:1a:fc:
                    3a:95:ed:3f:2c:ed:d0:b0:c6:b8:e6:4c:21:45:d2:
                    33:df:65:83:13:97:00:12:75:40:e7:26:29:c3:9a:
                    0e:d1:37:0d:53:2f:31:06:4d:3f:3b:c4:4f:99:09:
                    a6:b5:d1:05:fc:a0:b9:4e:22:5d:bb:9d:1d:6e:c0:
                    cb:fc:67:4f:f4:d8:85:de:91:c1:29:df:aa:b0:ca:
                    c1:d2:19:d3:c5:56:49:ab:87:d9:5a:39:0d:4c:c8:
                    ae:5d:8a:2e:f1:be:b8:15:a4:6b:aa:35:a6:cf:56:
                    1a:c2:e1:77:47:83:6d:30:7a:c0:c5:88:9f:90:60:
                    db:c8:90:92:99:cf:ac:e8:b4:34:eb:82:a7:f5:d7:
                    79:7a:f4:ac:a5:0c:eb:1b:d7:8e:8e:c3:78:1f:42:
                    c5:f8:d1:8d:b7:7e:25:ee:79:8e:a8:00:83:be:af:
                    d4:fa:c7:ef:d8:ed:7f:d9:df:7c:46:d4:7e:55:a4:
                    a6:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:69:80:8F:AA:40:48:B4:80:23:80:73:88:28:3E:CD:BE:F9:40:16
            X509v3 Authority Key Identifier:
                keyid:48:51:7C:BF:5F:87:28:CE:C2:4A:F3:C2:E8:6E:CF:B8:03:53:E6:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SFF8v1-HKM7CSvPC6G7PuANT5g0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:9a:27:e8:92:e0:1a:0c:25:23:1a:11:59:70:28:ef:27:ec:
         e9:18:48:27:a8:ab:6f:f4:e4:75:0e:ff:fd:d0:af:b3:62:ee:
         1e:79:1e:69:af:c6:cc:1d:88:09:eb:d9:33:0a:ec:b2:d3:dc:
         83:91:19:df:dd:17:d4:fb:f7:39:6a:8f:c2:a2:94:df:19:2e:
         78:ee:3f:d4:f1:31:69:42:8a:23:d9:2c:27:83:f9:f2:c8:ed:
         7a:03:0d:63:45:a6:9d:16:d8:5f:fc:08:cb:ec:62:d7:d6:83:
         6f:2f:83:58:1d:d0:58:32:61:66:16:f4:c3:d7:77:b1:35:f8:
         4f:6e:9e:1d:1e:86:91:99:ba:aa:84:26:12:6b:63:d2:76:cb:
         0f:f9:e7:2f:91:99:7b:41:3f:8a:26:ef:f4:fb:1b:89:39:f7:
         61:15:cc:37:85:26:8a:0d:0e:32:be:2b:ae:b6:c5:4c:84:eb:
         9c:8c:cc:b8:66:c0:55:2c:19:9d:0f:73:88:44:97:d0:b7:d3:
         56:e2:5f:40:e0:d1:c4:c8:93:22:bd:9a:ac:9c:f0:06:88:72:
         34:d8:d2:31:f7:4a:e5:c5:f6:be:4d:1e:14:e4:72:1b:61:16:
         72:98:35:f1:98:90:d1:36:45:3b:31:54:b4:ec:df:61:09:be:
         5d:6c:ac:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZL/Y1AivJXP/oTc0Wj/dShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NTE3Y2JmNWY4NzI4Y2VjMjRhZjNjMmU4NmVjZmI4MDM1
M2U2MGQwHhcNMjUwNDE5MDMwMDMwWhcNMjUwNDIwMDMwMDMwWjAzMTEwLwYDVQQD
EygzMzY5ODA4ZmFhNDA0OGI0ODAyMzgwNzM4ODI4M2VjZGJlZjk0MDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxynlc8uUZc3SM0N6kQxOzwG0bkw3
/OyK2CkgaopISNnWAKn1FvJ8bjMiwo3HzjcAnzQYe9taD3VdK+KEzAR5Yzu+3oUD
nBvRGvw6le0/LO3QsMa45kwhRdIz32WDE5cAEnVA5yYpw5oO0TcNUy8xBk0/O8RP
mQmmtdEF/KC5TiJdu50dbsDL/GdP9NiF3pHBKd+qsMrB0hnTxVZJq4fZWjkNTMiu
XYou8b64FaRrqjWmz1YawuF3R4NtMHrAxYifkGDbyJCSmc+s6LQ064Kn9dd5evSs
pQzrG9eOjsN4H0LF+NGNt34l7nmOqACDvq/U+sfv2O1/2d98RtR+VaSmzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDNpgI+qQEi0gCOAc4goPs2++UAWMB8GA1UdIwQY
MBaAFEhRfL9fhyjOwkrzwuhuz7gDU+YNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0ZGOHYxLUhLTTdDU3ZQQzZHN1B1QU5UNWcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZDJmMmQtYTQyNS00NGFiLTliNWQt
OGMzYjQwMjg1NTY2LzEvU0ZGOHYxLUhLTTdDU3ZQQzZHN1B1QU5UNWcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZDJmMmQtYTQyNS00NGFiLTliNWQtOGMzYjQwMjg1NTY2
LzEvU0ZGOHYxLUhLTTdDU3ZQQzZHN1B1QU5UNWcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR5on6JLg
GgwlIxoRWXAo7yfs6RhIJ6irb/TkdQ7//dCvs2LuHnkeaa/GzB2ICevZMwrsstPc
g5EZ390X1Pv3OWqPwqKU3xkueO4/1PExaUKKI9ksJ4P58sjtegMNY0WmnRbYX/wI
y+xi19aDby+DWB3QWDJhZhb0w9d3sTX4T26eHR6GkZm6qoQmEmtj0nbLD/nnL5GZ
e0E/iibv9PsbiTn3YRXMN4Umig0OMr4rrrbFTITrnIzMuGbAVSwZnQ9ziESX0LfT
VuJfQODRxMiTIr2arJzwBohyNNjSMfdK5cX2vk0eFORyG2EWcpg18ZiQ0TZFOzFU
tOzfYQm+XWysGw==
-----END CERTIFICATE-----