Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
File:                     898KdcnvaBuNIzZ9vo7a0FPzvZU.mft (raw, json)
Hash identifier:          Mkb32Y/6OmBQc55TfiWWvO7G5uOq9oBsCe0G4F5rlu8=
Subject key identifier:   83:43:CB:BA:64:6F:C2:9C:85:8A:78:58:D4:B3:BA:F9:76:5F:72:16
Authority key identifier: F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95
Certificate issuer:       /CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
Certificate serial:       01962ABC000519F4061EE14E5BB1BBDC452E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
Manifest number:          14E6
Signing time:             Sat 12 Apr 2025 16:01:25 +0000
Manifest this update:     Sat 12 Apr 2025 16:01:25 +0000
Manifest next update:     Sun 13 Apr 2025 16:01:25 +0000
Files and hashes:         1: 898KdcnvaBuNIzZ9vo7a0FPzvZU.crl (hash: ahMdgdr1PhLC6jXWTVyX6v3ODi2ZlJUsgj/KtUk0jTc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 13 Apr 2025 16:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:2a:bc:00:05:19:f4:06:1e:e1:4e:5b:b1:bb:dc:45:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
        Validity
            Not Before: Apr 12 16:01:25 2025 GMT
            Not After : Apr 13 16:01:25 2025 GMT
        Subject: CN=8343cbba646fc29c858a7858d4b3baf9765f7216
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:0f:43:20:b5:9b:b3:7d:73:57:72:6c:de:0f:
                    fd:91:a0:05:c9:23:df:9a:c8:77:da:10:24:b3:64:
                    b0:b4:de:2c:fb:72:fd:07:dc:6b:2a:bd:31:07:36:
                    9a:3c:b4:d6:be:28:c8:16:5c:fe:42:69:88:cd:e8:
                    b7:b9:29:fe:a5:51:94:58:97:28:96:7d:8a:b7:dd:
                    05:90:47:a7:11:4d:96:86:6b:79:d4:30:0e:3f:60:
                    8f:76:31:c7:d1:66:37:d3:87:71:98:48:6a:e5:85:
                    0b:c8:4f:01:46:ef:2b:2a:9c:dc:39:8d:1b:dc:97:
                    d7:36:34:c9:b1:8d:5c:2d:b9:70:4a:1a:8c:b7:6c:
                    52:c3:17:e7:ab:5c:06:7a:a1:94:2d:d5:ca:a7:4e:
                    b0:0d:5d:d7:c4:9f:5d:ed:48:06:d9:bc:17:8a:a6:
                    cd:61:4d:e0:91:31:bd:f6:f9:e9:80:8c:91:2c:f3:
                    22:0b:1b:cb:22:03:4b:b2:b2:ea:15:6b:f1:91:c2:
                    98:46:e7:fd:f8:c7:7e:62:9d:4c:fe:d3:55:0a:bf:
                    f5:c6:6c:9d:e2:62:a4:e6:36:42:92:07:b2:70:0c:
                    e0:03:e2:2a:05:b8:58:73:94:18:ad:98:27:ba:37:
                    4a:d4:d1:80:3b:e6:fd:d0:f3:73:c1:cf:73:2a:fb:
                    ff:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:43:CB:BA:64:6F:C2:9C:85:8A:78:58:D4:B3:BA:F9:76:5F:72:16
            X509v3 Authority Key Identifier:
                keyid:F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:d8:57:d6:07:fd:fc:68:a2:a0:e5:f2:f7:b7:1e:34:8e:b2:
         90:e1:b6:d5:f4:3e:31:00:e2:94:1c:32:36:85:48:f4:cd:02:
         28:af:e9:f5:db:dd:79:ad:14:b8:3e:1d:03:15:52:f2:05:ea:
         67:92:2d:ee:bb:67:4c:d9:da:0a:fc:3f:d3:f1:54:74:48:b1:
         e6:c3:a4:74:bc:b2:2b:8e:41:8a:68:20:90:24:6d:46:21:e0:
         89:eb:12:fd:59:32:c5:40:d4:5b:e0:de:e5:16:ed:88:2f:ba:
         fd:93:57:7e:80:d0:73:cc:b5:b7:bf:c9:af:70:7a:4e:17:b0:
         43:eb:76:98:78:d0:6e:c7:f4:75:0e:f8:c7:e5:94:96:8a:20:
         11:c5:6d:4e:e8:ed:e0:bf:81:91:8b:36:8d:ac:ca:50:6c:58:
         ba:57:6e:46:86:04:c5:86:65:ef:dd:30:9d:a2:61:31:1b:30:
         c5:f5:30:6c:fc:74:67:b6:3e:a5:a3:f8:20:e8:76:16:78:6c:
         1a:1e:8e:d3:dc:6d:c4:77:d3:a1:1c:4b:e5:2a:a7:63:3c:ae:
         3e:b4:41:e3:f8:2f:51:53:e2:0d:b9:91:d6:23:fa:03:86:50:
         3e:04:bf:56:82:c9:af:89:77:eb:80:fe:ef:6f:02:ec:fc:9b:
         eb:3c:50:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYqvAAFGfQGHuFOW7G73EUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZGYwYTc1YzllZjY4MWI4ZDIzMzY3ZGJlOGVkYWQwNTNm
M2JkOTUwHhcNMjUwNDEyMTYwMTI1WhcNMjUwNDEzMTYwMTI1WjAzMTEwLwYDVQQD
Eyg4MzQzY2JiYTY0NmZjMjljODU4YTc4NThkNGIzYmFmOTc2NWY3MjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug9DILWbs31zV3Js3g/9kaAFySPf
msh32hAks2SwtN4s+3L9B9xrKr0xBzaaPLTWvijIFlz+QmmIzei3uSn+pVGUWJco
ln2Kt90FkEenEU2Whmt51DAOP2CPdjHH0WY304dxmEhq5YULyE8BRu8rKpzcOY0b
3JfXNjTJsY1cLblwShqMt2xSwxfnq1wGeqGULdXKp06wDV3XxJ9d7UgG2bwXiqbN
YU3gkTG99vnpgIyRLPMiCxvLIgNLsrLqFWvxkcKYRuf9+Md+Yp1M/tNVCr/1xmyd
4mKk5jZCkgeycAzgA+IqBbhYc5QYrZgnujdK1NGAO+b90PNzwc9zKvv/iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFINDy7pkb8KchYp4WNSzuvl2X3IWMB8GA1UdIwQY
MBaAFPPfCnXJ72gbjSM2fb6O2tBT872VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUt
YWI4YWJjYzY5MDE2LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUtYWI4YWJjYzY5MDE2
LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr9hX1gf9
/GiioOXy97ceNI6ykOG21fQ+MQDilBwyNoVI9M0CKK/p9dvdea0UuD4dAxVS8gXq
Z5It7rtnTNnaCvw/0/FUdEix5sOkdLyyK45BimggkCRtRiHgiesS/VkyxUDUW+De
5RbtiC+6/ZNXfoDQc8y1t7/Jr3B6ThewQ+t2mHjQbsf0dQ74x+WUloogEcVtTujt
4L+BkYs2jazKUGxYulduRoYExYZl790wnaJhMRswxfUwbPx0Z7Y+paP4IOh2Fnhs
Gh6O09xtxHfToRxL5SqnYzyuPrRB4/gvUVPiDbmR1iP6A4ZQPgS/VoLJr4l364D+
728C7Pyb6zxQOQ==
-----END CERTIFICATE-----