Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.mft
File:                     veWU40bxTQmDwaa_S7XHFP-bhEI.mft (raw, json)
Hash identifier:          ib9xOt3ihpiPrkEVDx8n8qj0b0pIaqrn92jj4K8LrdA=
Subject key identifier:   DC:2D:6C:42:06:2E:D5:AC:DD:68:63:51:54:EF:18:94:85:46:37:82
Authority key identifier: BD:E5:94:E3:46:F1:4D:09:83:C1:A6:BF:4B:B5:C7:14:FF:9B:84:42
Certificate issuer:       /CN=bde594e346f14d0983c1a6bf4bb5c714ff9b8442
Certificate serial:       01964444526F32223AAAED061A5CEFF07A75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/veWU40bxTQmDwaa_S7XHFP-bhEI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.mft
Manifest number:          14F2
Signing time:             Thu 17 Apr 2025 15:00:50 +0000
Manifest this update:     Thu 17 Apr 2025 15:00:50 +0000
Manifest next update:     Fri 18 Apr 2025 15:00:50 +0000
Files and hashes:         1: veWU40bxTQmDwaa_S7XHFP-bhEI.crl (hash: qvMkYd80etuiDIItFQgRgMhIiiEZXSu7CcOALu4Nzr8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/veWU40bxTQmDwaa_S7XHFP-bhEI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 15:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:44:44:52:6f:32:22:3a:aa:ed:06:1a:5c:ef:f0:7a:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bde594e346f14d0983c1a6bf4bb5c714ff9b8442
        Validity
            Not Before: Apr 17 15:00:50 2025 GMT
            Not After : Apr 18 15:00:50 2025 GMT
        Subject: CN=dc2d6c42062ed5acdd68635154ef189485463782
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:2a:5e:3f:94:92:4a:a4:85:c4:15:30:ba:15:
                    0d:4f:e1:30:2f:dd:28:f2:08:23:17:e9:fd:f7:0f:
                    37:11:df:1c:11:1b:a3:8a:4c:41:d6:8e:8b:0f:56:
                    d4:e7:a8:3c:b0:7e:66:dd:21:6e:a5:39:64:13:3e:
                    a0:25:6f:2a:7e:1c:42:a0:ae:c6:d7:c3:dc:a4:5c:
                    f2:04:e0:38:6c:4d:11:b3:aa:6d:20:ef:43:63:e6:
                    8f:64:cd:4e:59:d0:82:26:7f:69:78:ee:d0:a0:95:
                    df:45:13:02:6d:c7:80:5b:60:38:d6:ea:cf:d5:68:
                    75:37:9b:f3:c2:98:cb:b9:fe:6f:56:2b:d0:a3:8b:
                    49:c9:d3:96:bc:b4:7f:61:7b:00:ef:7a:b1:8b:f4:
                    63:5b:b6:91:b1:4d:86:d2:08:8d:8d:82:2d:8f:da:
                    22:48:0e:c4:4a:90:c0:fc:f3:e3:c0:22:7c:e1:4b:
                    1d:86:33:18:06:9e:e4:72:92:1d:75:88:c2:04:ce:
                    38:5f:58:4b:f0:2c:1f:6e:7a:9a:e2:1f:55:77:26:
                    c9:86:fe:f6:19:89:8b:a3:44:d4:e3:38:16:7a:29:
                    fd:d3:4f:76:64:9a:be:04:e7:f7:b3:3a:d4:44:00:
                    66:bc:59:53:7f:07:04:a4:48:37:40:c3:87:b6:05:
                    0d:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:2D:6C:42:06:2E:D5:AC:DD:68:63:51:54:EF:18:94:85:46:37:82
            X509v3 Authority Key Identifier:
                keyid:BD:E5:94:E3:46:F1:4D:09:83:C1:A6:BF:4B:B5:C7:14:FF:9B:84:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veWU40bxTQmDwaa_S7XHFP-bhEI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/ebb39e-be6b-428d-b50e-c7a366b91f43/1/veWU40bxTQmDwaa_S7XHFP-bhEI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:86:dd:f4:36:8f:ab:2c:29:94:7f:b7:e2:98:96:f1:1b:19:
         1e:75:57:bc:7b:ce:b1:ea:09:fa:c2:40:77:4b:f4:ee:d9:31:
         84:5a:4b:c9:85:18:ff:4e:98:49:fe:9f:3f:7d:0a:f4:b0:2c:
         4b:2e:27:f3:f6:e3:bd:94:cd:6c:1a:1d:cd:d1:1f:dc:c5:2e:
         b2:26:48:a5:14:0e:ef:ed:57:71:7f:5b:3f:7e:96:57:dc:02:
         03:3c:d0:4d:7b:82:45:42:77:be:68:75:09:b9:f7:8f:d4:55:
         53:3b:f0:67:f4:72:1c:0b:fa:31:50:e6:71:8d:8a:dc:61:7a:
         12:5f:c9:eb:9c:3d:69:40:e5:66:81:e5:03:5f:24:22:1e:d6:
         75:8d:43:d9:05:f6:a5:02:4b:f9:06:00:39:84:f1:3b:99:75:
         ee:c6:f0:cb:45:60:20:37:0f:67:f9:11:8c:32:73:e0:19:b1:
         b7:09:ab:5b:27:7c:5c:23:af:b0:17:15:87:3b:f9:8d:5d:9e:
         f9:fd:40:2f:9e:fd:9b:e6:a6:89:80:d0:d4:27:0a:d1:cb:73:
         4d:7f:c7:09:38:9d:3e:23:fc:22:c2:d1:66:d8:13:19:91:95:
         9f:82:0b:6a:5c:ca:1a:d1:e1:b4:df:91:de:42:b5:e9:2e:1d:
         14:5c:89:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZERFJvMiI6qu0GGlzv8Hp1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTU5NGUzNDZmMTRkMDk4M2MxYTZiZjRiYjVjNzE0ZmY5
Yjg0NDIwHhcNMjUwNDE3MTUwMDUwWhcNMjUwNDE4MTUwMDUwWjAzMTEwLwYDVQQD
EyhkYzJkNmM0MjA2MmVkNWFjZGQ2ODYzNTE1NGVmMTg5NDg1NDYzNzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CpeP5SSSqSFxBUwuhUNT+EwL90o
8ggjF+n99w83Ed8cERujikxB1o6LD1bU56g8sH5m3SFupTlkEz6gJW8qfhxCoK7G
18PcpFzyBOA4bE0Rs6ptIO9DY+aPZM1OWdCCJn9peO7QoJXfRRMCbceAW2A41urP
1Wh1N5vzwpjLuf5vVivQo4tJydOWvLR/YXsA73qxi/RjW7aRsU2G0giNjYItj9oi
SA7ESpDA/PPjwCJ84UsdhjMYBp7kcpIddYjCBM44X1hL8Cwfbnqa4h9VdybJhv72
GYmLo0TU4zgWein90092ZJq+BOf3szrURABmvFlTfwcEpEg3QMOHtgUNawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNwtbEIGLtWs3WhjUVTvGJSFRjeCMB8GA1UdIwQY
MBaAFL3llONG8U0Jg8Gmv0u1xxT/m4RCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVXVTQwYnhUUW1Ed2FhX1M3WEhGUC1iaEVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lYmIzOWUtYmU2Yi00MjhkLWI1MGUt
YzdhMzY2YjkxZjQzLzEvdmVXVTQwYnhUUW1Ed2FhX1M3WEhGUC1iaEVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lYmIzOWUtYmU2Yi00MjhkLWI1MGUtYzdhMzY2YjkxZjQz
LzEvdmVXVTQwYnhUUW1Ed2FhX1M3WEhGUC1iaEVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFobd9DaP
qywplH+34piW8RsZHnVXvHvOseoJ+sJAd0v07tkxhFpLyYUY/06YSf6fP30K9LAs
Sy4n8/bjvZTNbBodzdEf3MUusiZIpRQO7+1XcX9bP36WV9wCAzzQTXuCRUJ3vmh1
Cbn3j9RVUzvwZ/RyHAv6MVDmcY2K3GF6El/J65w9aUDlZoHlA18kIh7WdY1D2QX2
pQJL+QYAOYTxO5l17sbwy0VgIDcPZ/kRjDJz4BmxtwmrWyd8XCOvsBcVhzv5jV2e
+f1AL579m+amiYDQ1CcK0ctzTX/HCTidPiP8IsLRZtgTGZGVn4ILalzKGtHhtN+R
3kK16S4dFFyJcQ==
-----END CERTIFICATE-----