Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
File:                     ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft (raw, json)
Hash identifier:          kzRrp7s2chSkuKWRw1Tqg8PWUd2GdhbgygnFSenR5yQ=
Subject key identifier:   A2:78:4F:51:72:45:F9:1D:07:43:63:46:6A:9A:47:47:AA:4C:E2:02
Authority key identifier: 8A:41:E2:F2:D1:45:2E:7C:4C:C0:7D:BF:A7:83:9D:58:DF:57:F2:18
Certificate issuer:       /CN=8a41e2f2d1452e7c4cc07dbfa7839d58df57f218
Certificate serial:       01964D7EC7FD0B16D6447253D7623B926E5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
Manifest number:          14F6
Signing time:             Sat 19 Apr 2025 10:01:16 +0000
Manifest this update:     Sat 19 Apr 2025 10:01:16 +0000
Manifest next update:     Sun 20 Apr 2025 10:01:16 +0000
Files and hashes:         1: ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl (hash: Jf0Vo9nCLH/KJZcBD6ndWWf/8blVQkjO9nI9p3+d210=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7e:c7:fd:0b:16:d6:44:72:53:d7:62:3b:92:6e:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a41e2f2d1452e7c4cc07dbfa7839d58df57f218
        Validity
            Not Before: Apr 19 10:01:16 2025 GMT
            Not After : Apr 20 10:01:16 2025 GMT
        Subject: CN=a2784f517245f91d074363466a9a4747aa4ce202
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:00:94:e7:72:88:a2:04:05:64:f5:c0:19:32:
                    5e:1e:35:9d:33:6e:11:69:9b:da:a0:35:7f:73:93:
                    60:dc:09:33:72:1f:0f:1d:91:ce:e5:8b:d6:cf:91:
                    a6:f2:cf:09:59:21:f1:fd:74:c8:aa:e0:54:92:3d:
                    1f:43:8c:33:3b:f7:bd:11:09:92:ee:fe:e4:7a:a6:
                    12:e6:5f:37:c9:1a:a5:69:64:2b:f5:ab:7c:0e:73:
                    c9:4f:a4:83:30:58:8b:d7:4e:38:2a:21:5c:96:e7:
                    07:92:fa:c2:37:51:ed:9b:8f:e3:18:ff:2f:71:a6:
                    6a:0d:d8:d2:10:de:43:f1:b1:ba:e6:4a:a4:e9:5b:
                    05:61:14:74:fe:53:4e:9d:3c:cc:da:f3:42:b1:f6:
                    86:e6:04:9e:45:2a:22:f9:fd:8a:de:95:4d:32:b4:
                    bb:27:57:a8:16:ec:5c:c5:d1:72:32:49:68:51:67:
                    41:a8:d3:ed:2f:43:44:38:d2:b4:fc:fe:c5:d0:d8:
                    3e:fe:a3:d5:5e:ed:18:1e:3f:b7:86:01:c6:3d:17:
                    c0:a5:e8:bf:a4:4f:e8:d2:35:b8:06:7a:46:9c:0d:
                    ef:b3:84:c2:5e:b5:cb:83:81:17:56:78:1c:e6:a7:
                    0d:b7:1e:5f:d4:1d:7a:67:22:3e:2e:70:9b:af:ae:
                    f5:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:78:4F:51:72:45:F9:1D:07:43:63:46:6A:9A:47:47:AA:4C:E2:02
            X509v3 Authority Key Identifier:
                keyid:8A:41:E2:F2:D1:45:2E:7C:4C:C0:7D:BF:A7:83:9D:58:DF:57:F2:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:98:4b:99:4a:86:24:62:30:cf:5d:64:41:a6:dc:f0:ed:a4:
         ea:1c:ef:cd:23:98:a8:c9:61:f5:43:b1:10:40:b1:92:e9:48:
         cc:db:74:c9:72:e9:35:4b:9e:d2:e0:b3:52:67:7c:c3:95:cf:
         74:a3:26:5c:e8:6c:a7:e1:af:77:d5:d6:0d:c2:38:bf:31:3f:
         2b:7f:b1:f0:5b:13:36:ff:b0:99:45:03:f6:0d:0f:ee:17:ec:
         57:f0:23:a6:1a:85:76:fa:d3:a5:fe:88:9a:eb:80:5d:6b:3e:
         3c:bb:57:95:70:53:78:46:85:19:51:e8:ae:4c:b2:cb:67:52:
         20:05:a6:ef:12:69:ea:da:69:74:70:98:2a:52:77:41:c5:10:
         67:d5:f4:1d:6f:36:c5:7f:74:f7:b4:9e:76:54:b2:ac:16:fa:
         78:ef:12:46:32:3e:b0:20:28:a6:36:ba:5d:43:07:3a:19:f0:
         f1:a5:a3:b4:5c:bf:fd:32:03:0a:bf:29:e5:1b:0d:7d:ea:ea:
         be:0b:4b:5d:a8:ff:26:9b:fe:4c:32:0b:c6:26:1d:fc:d1:e9:
         e3:b9:e2:47:96:02:07:04:17:bb:95:9b:fb:5f:2a:4d:f4:72:
         d2:df:c7:16:9d:af:88:63:3f:39:9b:1e:85:ef:c7:eb:b7:aa:
         ad:73:7f:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfsf9CxbWRHJT12I7km5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNDFlMmYyZDE0NTJlN2M0Y2MwN2RiZmE3ODM5ZDU4ZGY1
N2YyMTgwHhcNMjUwNDE5MTAwMTE2WhcNMjUwNDIwMTAwMTE2WjAzMTEwLwYDVQQD
EyhhMjc4NGY1MTcyNDVmOTFkMDc0MzYzNDY2YTlhNDc0N2FhNGNlMjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgCU53KIogQFZPXAGTJeHjWdM24R
aZvaoDV/c5Ng3Akzch8PHZHO5YvWz5Gm8s8JWSHx/XTIquBUkj0fQ4wzO/e9EQmS
7v7keqYS5l83yRqlaWQr9at8DnPJT6SDMFiL1044KiFclucHkvrCN1Htm4/jGP8v
caZqDdjSEN5D8bG65kqk6VsFYRR0/lNOnTzM2vNCsfaG5gSeRSoi+f2K3pVNMrS7
J1eoFuxcxdFyMkloUWdBqNPtL0NEONK0/P7F0Ng+/qPVXu0YHj+3hgHGPRfApei/
pE/o0jW4BnpGnA3vs4TCXrXLg4EXVngc5qcNtx5f1B16ZyI+LnCbr671PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKJ4T1FyRfkdB0NjRmqaR0eqTOICMB8GA1UdIwQY
MBaAFIpB4vLRRS58TMB9v6eDnVjfV/IYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iZjY5YzQtZDY0YS00MzQwLTliZjEt
MzY0ODU0Y2JjMGU4LzEvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iZjY5YzQtZDY0YS00MzQwLTliZjEtMzY0ODU0Y2JjMGU4
LzEvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX5hLmUqG
JGIwz11kQabc8O2k6hzvzSOYqMlh9UOxEECxkulIzNt0yXLpNUue0uCzUmd8w5XP
dKMmXOhsp+Gvd9XWDcI4vzE/K3+x8FsTNv+wmUUD9g0P7hfsV/AjphqFdvrTpf6I
muuAXWs+PLtXlXBTeEaFGVHorkyyy2dSIAWm7xJp6tppdHCYKlJ3QcUQZ9X0HW82
xX9097SedlSyrBb6eO8SRjI+sCAopja6XUMHOhnw8aWjtFy//TIDCr8p5RsNferq
vgtLXaj/Jpv+TDILxiYd/NHp47niR5YCBwQXu5Wb+18qTfRy0t/HFp2viGM/OZse
he/H67eqrXN/gw==
-----END CERTIFICATE-----