Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
File:                     tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft (raw, json)
Hash identifier:          sY1FdC4T5y0oimVA/ukxeadjCtV19RtwmhLJfDjG380=
Subject key identifier:   CB:EE:31:AF:46:93:AF:2D:87:39:4C:9C:26:A7:BB:8D:DE:5B:A0:E2
Authority key identifier: B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB
Certificate issuer:       /CN=b539831835c87c7501f6c37cb48e60a795a394bb
Certificate serial:       019643D62F25094EF5015FF3DE325606CA68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
Manifest number:          14F4
Signing time:             Thu 17 Apr 2025 13:00:32 +0000
Manifest this update:     Thu 17 Apr 2025 13:00:32 +0000
Manifest next update:     Fri 18 Apr 2025 13:00:32 +0000
Files and hashes:         1: tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl (hash: H1MAS6x71NsrL8HMrby9e/jSSrjIB64hxKuZgp23RaA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 13:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:43:d6:2f:25:09:4e:f5:01:5f:f3:de:32:56:06:ca:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b539831835c87c7501f6c37cb48e60a795a394bb
        Validity
            Not Before: Apr 17 13:00:32 2025 GMT
            Not After : Apr 18 13:00:32 2025 GMT
        Subject: CN=cbee31af4693af2d87394c9c26a7bb8dde5ba0e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:1c:8b:bb:98:c4:b0:96:35:19:a4:59:60:ca:
                    c0:bd:09:c8:70:52:c9:1e:9c:9c:85:07:30:44:36:
                    43:e2:64:c0:3b:e5:4c:6f:48:f9:f3:70:f0:62:35:
                    b1:7e:1b:ab:28:c5:9e:e5:17:44:d9:ae:0b:1f:83:
                    a8:b7:81:f3:6f:cd:56:92:c5:46:0f:02:0b:ec:7d:
                    56:d7:51:6a:ae:c6:6a:4a:2c:b3:41:c4:cd:d6:78:
                    b9:42:ef:62:90:d6:fc:ec:9e:6a:35:be:e0:ef:4c:
                    1f:7f:da:d6:fe:51:e9:21:f1:c3:9f:56:db:4f:31:
                    6b:4f:c7:49:c7:00:d2:01:97:d6:2a:46:8e:b2:c3:
                    c8:d8:e2:e4:01:ae:3b:d8:7d:09:5f:f9:9e:70:db:
                    45:2c:e9:45:3d:09:f0:f9:2d:c4:d0:09:92:9b:ee:
                    1f:96:39:d5:d4:c6:c2:31:ea:8b:b9:c8:ad:7f:19:
                    90:31:dc:e3:f4:6d:3a:56:80:64:14:e3:5f:cd:e5:
                    18:26:5c:0d:2d:f1:65:13:f5:02:1b:3e:58:19:c3:
                    ec:7c:65:95:da:44:8a:ef:21:e1:bf:fc:b3:27:39:
                    d0:08:b4:35:24:b8:73:d4:e3:cd:c1:c3:98:da:db:
                    2d:71:fc:34:d3:95:dd:21:cf:00:63:5b:4c:8f:e8:
                    4c:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:EE:31:AF:46:93:AF:2D:87:39:4C:9C:26:A7:BB:8D:DE:5B:A0:E2
            X509v3 Authority Key Identifier:
                keyid:B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:3b:22:31:af:d4:87:25:27:da:e0:9a:f4:ee:75:65:fe:e1:
         ed:b0:66:2d:9b:1a:2c:9b:51:e2:f1:44:06:7a:fd:29:45:9b:
         d5:ab:14:6a:a9:e7:ce:5f:5c:8a:51:ef:90:c5:b0:25:f3:19:
         02:c7:bc:74:d6:c3:0f:ba:d0:f8:c2:31:29:fe:e0:aa:1c:10:
         9c:c5:5e:c8:6c:3b:b1:ce:e5:53:f8:d4:6d:f2:90:62:58:a0:
         1a:bc:94:0c:05:41:f4:29:61:18:48:6a:7e:73:f9:df:20:41:
         b2:cf:e8:ad:6a:49:a7:0f:bb:79:6b:cc:52:de:96:96:6e:17:
         51:f4:f9:90:a2:5e:56:73:b0:99:8a:ea:e1:22:9e:fd:ae:09:
         ee:56:79:e5:54:b3:88:4d:1b:b7:c7:23:c7:97:02:36:15:96:
         d4:07:ab:3a:c5:9c:73:03:77:7a:ec:8b:24:b8:4c:09:f0:b1:
         6e:af:ba:ef:d4:99:d1:da:58:9f:45:26:a7:fe:8e:cd:ae:b2:
         51:ef:0b:ad:42:6c:b2:69:bf:6c:b0:f3:70:97:38:91:c6:5b:
         81:df:4a:14:a4:1f:8c:5e:3c:2e:c4:34:e9:93:dd:43:71:ed:
         b6:84:35:15:7a:aa:8d:a4:86:07:0a:37:30:a5:4e:18:61:1a:
         ed:bb:6b:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZD1i8lCU71AV/z3jJWBspoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1Mzk4MzE4MzVjODdjNzUwMWY2YzM3Y2I0OGU2MGE3OTVh
Mzk0YmIwHhcNMjUwNDE3MTMwMDMyWhcNMjUwNDE4MTMwMDMyWjAzMTEwLwYDVQQD
EyhjYmVlMzFhZjQ2OTNhZjJkODczOTRjOWMyNmE3YmI4ZGRlNWJhMGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArByLu5jEsJY1GaRZYMrAvQnIcFLJ
HpychQcwRDZD4mTAO+VMb0j583DwYjWxfhurKMWe5RdE2a4LH4Oot4Hzb81WksVG
DwIL7H1W11FqrsZqSiyzQcTN1ni5Qu9ikNb87J5qNb7g70wff9rW/lHpIfHDn1bb
TzFrT8dJxwDSAZfWKkaOssPI2OLkAa472H0JX/mecNtFLOlFPQnw+S3E0AmSm+4f
ljnV1MbCMeqLucitfxmQMdzj9G06VoBkFONfzeUYJlwNLfFlE/UCGz5YGcPsfGWV
2kSK7yHhv/yzJznQCLQ1JLhz1OPNwcOY2tstcfw005XdIc8AY1tMj+hMvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMvuMa9Gk68thzlMnCanu43eW6DiMB8GA1UdIwQY
MBaAFLU5gxg1yHx1AfbDfLSOYKeVo5S7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMt
NDk1ZTE4ODcwMWI2LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMtNDk1ZTE4ODcwMWI2
LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGDsiMa/U
hyUn2uCa9O51Zf7h7bBmLZsaLJtR4vFEBnr9KUWb1asUaqnnzl9cilHvkMWwJfMZ
Ase8dNbDD7rQ+MIxKf7gqhwQnMVeyGw7sc7lU/jUbfKQYligGryUDAVB9ClhGEhq
fnP53yBBss/orWpJpw+7eWvMUt6Wlm4XUfT5kKJeVnOwmYrq4SKe/a4J7lZ55VSz
iE0bt8cjx5cCNhWW1AerOsWccwN3euyLJLhMCfCxbq+679SZ0dpYn0Ump/6Oza6y
Ue8LrUJssmm/bLDzcJc4kcZbgd9KFKQfjF48LsQ06ZPdQ3HttoQ1FXqqjaSGBwo3
MKVOGGEa7btrcg==
-----END CERTIFICATE-----