Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/74ac9d-2a53-4ae5-ba72-62afcb9972d7/1/iZFbtGEcVfYprTpMz-NXwECh3BI.mft
File:                     iZFbtGEcVfYprTpMz-NXwECh3BI.mft (raw, json)
Hash identifier:          k+ksMNy41T3qJh7LXjupsX3B/E7nl0vX55gAwGAXWJg=
Subject key identifier:   95:E6:FF:B8:C0:09:52:23:10:54:BC:DB:58:AF:99:73:39:84:3C:8E
Authority key identifier: 89:91:5B:B4:61:1C:55:F6:29:AD:3A:4C:CF:E3:57:C0:40:A1:DC:12
Certificate issuer:       /CN=89915bb4611c55f629ad3a4ccfe357c040a1dc12
Certificate serial:       01958BBB84F94C162FC5EA884D5D8C1E8545
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iZFbtGEcVfYprTpMz-NXwECh3BI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/74ac9d-2a53-4ae5-ba72-62afcb9972d7/1/iZFbtGEcVfYprTpMz-NXwECh3BI.mft
Manifest number:          0461
Signing time:             Wed 12 Mar 2025 19:01:17 +0000
Manifest this update:     Wed 12 Mar 2025 19:01:17 +0000
Manifest next update:     Thu 13 Mar 2025 19:01:17 +0000
Files and hashes:         1: iZFbtGEcVfYprTpMz-NXwECh3BI.crl (hash: gVioSiQqdBnrV078Bt5t1zLYYgawNAMTkkxdN54XD1s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/74ac9d-2a53-4ae5-ba72-62afcb9972d7/1/iZFbtGEcVfYprTpMz-NXwECh3BI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/74ac9d-2a53-4ae5-ba72-62afcb9972d7/1/iZFbtGEcVfYprTpMz-NXwECh3BI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iZFbtGEcVfYprTpMz-NXwECh3BI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:bb:84:f9:4c:16:2f:c5:ea:88:4d:5d:8c:1e:85:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89915bb4611c55f629ad3a4ccfe357c040a1dc12
        Validity
            Not Before: Mar 12 19:01:17 2025 GMT
            Not After : Mar 13 19:01:17 2025 GMT
        Subject: CN=95e6ffb8c00952231054bcdb58af997339843c8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:f1:8a:79:af:6f:94:26:bc:d0:78:64:1a:85:
                    9d:b3:b8:a6:81:9e:b4:89:2e:16:64:e4:b7:8a:32:
                    4b:73:e4:a0:b8:a3:7b:e0:e5:19:47:43:3e:1a:70:
                    fc:92:7b:20:d5:14:ee:e5:6e:9e:76:19:1e:51:b3:
                    38:06:ff:ae:f8:6e:07:ce:cd:f0:20:44:3d:34:81:
                    b4:fb:8b:8b:a9:24:ac:7c:7c:48:2a:5f:1f:47:97:
                    9d:4d:57:d5:ac:f0:8d:85:1b:60:4f:95:66:3f:86:
                    ce:9b:24:d8:61:37:38:3d:e6:89:82:1a:da:fb:5b:
                    8c:7c:71:0a:00:02:96:e1:75:9b:dc:82:30:6d:1f:
                    fe:5f:8b:38:b0:8a:6b:e4:75:59:6f:fc:f6:40:a1:
                    62:d5:b2:0b:ce:9b:1f:b0:05:f2:e9:3f:c7:9f:91:
                    ee:5e:0b:88:b6:40:57:61:59:4a:1e:87:56:75:38:
                    fc:40:d9:70:06:10:94:35:19:18:2a:ed:09:68:7e:
                    26:42:fa:63:c2:ae:7b:76:3e:0a:ec:9b:0b:4b:ed:
                    63:ef:26:77:af:19:ce:2c:7b:f2:8b:6e:5a:56:ed:
                    72:38:e4:00:70:08:05:c9:5c:de:35:db:9c:99:64:
                    0e:bb:46:73:66:c8:7a:4d:1a:9f:66:b8:3e:81:92:
                    89:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:E6:FF:B8:C0:09:52:23:10:54:BC:DB:58:AF:99:73:39:84:3C:8E
            X509v3 Authority Key Identifier:
                keyid:89:91:5B:B4:61:1C:55:F6:29:AD:3A:4C:CF:E3:57:C0:40:A1:DC:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iZFbtGEcVfYprTpMz-NXwECh3BI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/74ac9d-2a53-4ae5-ba72-62afcb9972d7/1/iZFbtGEcVfYprTpMz-NXwECh3BI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/74ac9d-2a53-4ae5-ba72-62afcb9972d7/1/iZFbtGEcVfYprTpMz-NXwECh3BI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:d4:9f:18:cb:41:43:59:2f:85:bf:8e:f0:0d:de:66:1c:c3:
         c2:d7:77:29:c3:2a:52:a6:24:9b:72:ca:9a:c0:f3:9e:38:6e:
         1a:9b:31:7e:9b:e3:ed:b1:74:75:bd:7b:c1:cd:19:02:4e:1b:
         94:0a:bb:8c:5f:89:0d:62:56:07:4d:3c:e8:62:25:64:cb:90:
         55:f8:41:19:41:82:26:77:9c:aa:60:31:ba:e4:70:66:d6:bf:
         7d:4b:f0:11:5d:82:cf:cd:8c:56:84:eb:f2:37:ae:4d:03:d7:
         60:1e:b0:32:8a:d7:79:3c:32:12:bd:e3:30:9f:81:1f:04:69:
         03:da:3d:b5:0c:14:a6:d5:e6:90:d3:3d:73:9e:46:fb:8b:4b:
         2c:e2:d9:26:51:c2:fa:9c:cf:b3:4b:b4:56:47:e5:2d:79:35:
         ba:23:54:37:f6:4c:63:08:45:8d:e9:38:ac:2c:a2:d1:01:ad:
         e8:b8:62:36:1a:9e:be:e7:3d:9f:3b:27:98:c6:bf:52:63:74:
         2a:6b:97:83:c5:e1:a6:02:5f:39:1e:c9:86:de:9f:a5:90:33:
         1e:6d:49:e5:b5:dc:4c:b6:30:ca:be:9a:ba:25:87:6f:58:ed:
         d7:cd:45:fc:6f:7c:e3:77:b7:b1:f4:38:90:f3:da:0a:cc:dd:
         bb:d3:44:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLu4T5TBYvxeqITV2MHoVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5OTE1YmI0NjExYzU1ZjYyOWFkM2E0Y2NmZTM1N2MwNDBh
MWRjMTIwHhcNMjUwMzEyMTkwMTE3WhcNMjUwMzEzMTkwMTE3WjAzMTEwLwYDVQQD
Eyg5NWU2ZmZiOGMwMDk1MjIzMTA1NGJjZGI1OGFmOTk3MzM5ODQzYzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfGKea9vlCa80HhkGoWds7imgZ60
iS4WZOS3ijJLc+SguKN74OUZR0M+GnD8knsg1RTu5W6edhkeUbM4Bv+u+G4Hzs3w
IEQ9NIG0+4uLqSSsfHxIKl8fR5edTVfVrPCNhRtgT5VmP4bOmyTYYTc4PeaJghra
+1uMfHEKAAKW4XWb3IIwbR/+X4s4sIpr5HVZb/z2QKFi1bILzpsfsAXy6T/Hn5Hu
XguItkBXYVlKHodWdTj8QNlwBhCUNRkYKu0JaH4mQvpjwq57dj4K7JsLS+1j7yZ3
rxnOLHvyi25aVu1yOOQAcAgFyVzeNducmWQOu0ZzZsh6TRqfZrg+gZKJYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXm/7jACVIjEFS821ivmXM5hDyOMB8GA1UdIwQY
MBaAFImRW7RhHFX2Ka06TM/jV8BAodwSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVpGYnRHRWNWZllwclRwTXotTlh3RUNoM0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NGFjOWQtMmE1My00YWU1LWJhNzIt
NjJhZmNiOTk3MmQ3LzEvaVpGYnRHRWNWZllwclRwTXotTlh3RUNoM0JJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NGFjOWQtMmE1My00YWU1LWJhNzItNjJhZmNiOTk3MmQ3
LzEvaVpGYnRHRWNWZllwclRwTXotTlh3RUNoM0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANtSfGMtB
Q1kvhb+O8A3eZhzDwtd3KcMqUqYkm3LKmsDznjhuGpsxfpvj7bF0db17wc0ZAk4b
lAq7jF+JDWJWB0086GIlZMuQVfhBGUGCJnecqmAxuuRwZta/fUvwEV2Cz82MVoTr
8jeuTQPXYB6wMorXeTwyEr3jMJ+BHwRpA9o9tQwUptXmkNM9c55G+4tLLOLZJlHC
+pzPs0u0VkflLXk1uiNUN/ZMYwhFjek4rCyi0QGt6LhiNhqevuc9nzsnmMa/UmN0
KmuXg8XhpgJfOR7Jht6fpZAzHm1J5bXcTLYwyr6auiWHb1jt181F/G9843e3sfQ4
kPPaCszdu9NEcQ==
-----END CERTIFICATE-----