Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft
File:                     ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft (raw, json)
Hash identifier:          O6jDS2TE5ofu1Wb7SVXtBLbQTOcYZTNIQhIw0vQ/jiE=
Subject key identifier:   2E:DA:AA:82:43:FF:6C:A1:AF:EF:E6:50:A3:AF:65:2F:E0:7F:DD:DC
Authority key identifier: 82:14:DC:48:B3:E9:19:E5:5C:E8:18:4D:3A:96:90:D1:49:25:BC:BD
Certificate issuer:       /CN=8214dc48b3e919e55ce8184d3a9690d14925bcbd
Certificate serial:       01964B908E07E05711C2B5C2971278691AF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ghTcSLPpGeVc6BhNOpaQ0UklvL0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft
Manifest number:          06DF
Signing time:             Sat 19 Apr 2025 01:01:26 +0000
Manifest this update:     Sat 19 Apr 2025 01:01:26 +0000
Manifest next update:     Sun 20 Apr 2025 01:01:26 +0000
Files and hashes:         1: ghTcSLPpGeVc6BhNOpaQ0UklvL0.crl (hash: axKGRlRv0TtkFCSrEYKbNhIK4Iswlo0BLg1wNQlw8eI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ghTcSLPpGeVc6BhNOpaQ0UklvL0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4b:90:8e:07:e0:57:11:c2:b5:c2:97:12:78:69:1a:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8214dc48b3e919e55ce8184d3a9690d14925bcbd
        Validity
            Not Before: Apr 19 01:01:26 2025 GMT
            Not After : Apr 20 01:01:26 2025 GMT
        Subject: CN=2edaaa8243ff6ca1afefe650a3af652fe07fdddc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:7b:09:9f:f9:77:18:42:4d:13:1b:a6:09:59:
                    e6:63:e2:cb:5c:e1:eb:3e:4d:b9:f8:6c:a0:7a:d7:
                    ea:bd:d9:32:9b:7b:1d:ff:29:c7:d5:20:6b:21:5f:
                    2a:ed:68:53:68:4c:a3:50:56:67:0f:93:a0:14:dd:
                    ed:a5:41:88:97:d2:86:e3:4b:ad:ac:5a:4c:55:7c:
                    30:23:af:8d:6f:ba:5d:9b:cc:02:50:46:33:53:2d:
                    d7:83:4e:da:0f:38:f9:1b:3c:ca:ef:f7:ae:f8:40:
                    c4:32:6e:4d:ca:99:4f:9d:7b:e9:eb:9e:10:93:1d:
                    4f:56:49:76:f8:ff:14:6a:84:a8:94:e1:a6:07:fe:
                    ec:c5:b4:c3:72:22:66:bf:d0:3e:51:de:1f:1a:58:
                    6f:bc:04:1f:88:e4:61:51:3c:ba:42:03:31:57:f0:
                    53:24:4e:44:4d:a5:d8:2d:c9:f0:6c:7e:16:1b:6c:
                    1c:3f:47:51:2b:d4:25:75:f5:53:5d:4e:98:74:62:
                    49:fa:2e:75:a4:50:56:86:d7:f9:da:1e:64:33:eb:
                    5b:0e:51:e3:b1:a4:2e:f0:8c:96:99:4d:db:86:97:
                    87:6e:ba:73:03:b0:e6:82:00:79:95:e2:a9:14:a3:
                    02:f0:7c:3d:5c:be:25:16:cb:10:54:82:04:e5:aa:
                    3a:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:DA:AA:82:43:FF:6C:A1:AF:EF:E6:50:A3:AF:65:2F:E0:7F:DD:DC
            X509v3 Authority Key Identifier:
                keyid:82:14:DC:48:B3:E9:19:E5:5C:E8:18:4D:3A:96:90:D1:49:25:BC:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ghTcSLPpGeVc6BhNOpaQ0UklvL0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:d8:d8:68:65:16:17:45:49:3b:5b:0f:1b:a1:5d:8f:a3:72:
         26:64:cf:aa:cd:48:d1:00:84:d3:2e:45:ab:5f:22:49:03:a7:
         a9:35:f0:3e:c7:8b:4d:89:66:f9:9a:82:2f:ab:5c:be:4c:af:
         5a:da:bd:ff:b4:18:db:71:f8:77:e6:74:06:7f:07:d6:ad:8d:
         11:9d:c3:7b:a6:90:a5:4d:a8:61:f3:08:77:bf:b0:89:27:bb:
         6b:de:d7:0f:f5:d5:3f:ef:c2:42:13:de:a6:f6:82:9c:5b:19:
         68:b7:a4:8e:43:d6:6d:55:c8:13:f8:6b:bf:55:ed:c2:90:a6:
         db:b6:29:42:e4:5a:cd:4f:93:cb:75:c3:ba:5c:48:87:aa:2f:
         76:27:9c:a2:db:bc:a1:27:e4:2c:b9:ae:30:6c:2d:86:a5:8f:
         d9:9d:20:bd:1c:21:02:cf:62:ec:11:96:45:c5:65:b6:d3:e6:
         b0:27:9d:b4:48:1c:e4:e0:1a:fc:1b:72:7a:94:c0:90:4f:8a:
         a3:6f:f3:a5:a4:91:62:d7:d8:5b:e1:fc:6d:3e:0b:9f:e4:32:
         e0:f7:24:bf:cf:e0:04:35:57:d1:8a:a1:55:3e:53:2a:21:ad:
         3f:9a:c0:69:8f:7a:3d:bf:72:e2:3c:11:5a:70:d2:02:d7:37:
         5f:99:0b:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZLkI4H4FcRwrXClxJ4aRr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMTRkYzQ4YjNlOTE5ZTU1Y2U4MTg0ZDNhOTY5MGQxNDky
NWJjYmQwHhcNMjUwNDE5MDEwMTI2WhcNMjUwNDIwMDEwMTI2WjAzMTEwLwYDVQQD
EygyZWRhYWE4MjQzZmY2Y2ExYWZlZmU2NTBhM2FmNjUyZmUwN2ZkZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHsJn/l3GEJNExumCVnmY+LLXOHr
Pk25+Gygetfqvdkym3sd/ynH1SBrIV8q7WhTaEyjUFZnD5OgFN3tpUGIl9KG40ut
rFpMVXwwI6+Nb7pdm8wCUEYzUy3Xg07aDzj5GzzK7/eu+EDEMm5NyplPnXvp654Q
kx1PVkl2+P8UaoSolOGmB/7sxbTDciJmv9A+Ud4fGlhvvAQfiORhUTy6QgMxV/BT
JE5ETaXYLcnwbH4WG2wcP0dRK9QldfVTXU6YdGJJ+i51pFBWhtf52h5kM+tbDlHj
saQu8IyWmU3bhpeHbrpzA7DmggB5leKpFKMC8Hw9XL4lFssQVIIE5ao6/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC7aqoJD/2yhr+/mUKOvZS/gf93cMB8GA1UdIwQY
MBaAFIIU3Eiz6RnlXOgYTTqWkNFJJby9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hUY1NMUHBHZVZjNkJoTk9wYVEwVWtsdkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yYTdhMTgtOGQ0YS00ZTgxLTkwYTAt
ZmJjMDI2OTE3ZjYyLzEvZ2hUY1NMUHBHZVZjNkJoTk9wYVEwVWtsdkwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yYTdhMTgtOGQ0YS00ZTgxLTkwYTAtZmJjMDI2OTE3ZjYy
LzEvZ2hUY1NMUHBHZVZjNkJoTk9wYVEwVWtsdkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASNjYaGUW
F0VJO1sPG6Fdj6NyJmTPqs1I0QCE0y5Fq18iSQOnqTXwPseLTYlm+ZqCL6tcvkyv
Wtq9/7QY23H4d+Z0Bn8H1q2NEZ3De6aQpU2oYfMId7+wiSe7a97XD/XVP+/CQhPe
pvaCnFsZaLekjkPWbVXIE/hrv1XtwpCm27YpQuRazU+Ty3XDulxIh6ovdiecotu8
oSfkLLmuMGwthqWP2Z0gvRwhAs9i7BGWRcVlttPmsCedtEgc5OAa/BtyepTAkE+K
o2/zpaSRYtfYW+H8bT4Ln+Qy4Pckv8/gBDVX0YqhVT5TKiGtP5rAaY96Pb9y4jwR
WnDSAtc3X5kLrg==
-----END CERTIFICATE-----