Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
File:                     SVfItkDqWWxdEac7PSZu54w_Cds.mft (raw, json)
Hash identifier:          OkHSZBvrmZZAsysep9UYx5wtazCXrmiR1aZzfv4rVRk=
Subject key identifier:   5B:AB:BA:1C:FA:B7:69:32:E0:86:B5:95:C5:40:BB:2B:43:74:83:D8
Authority key identifier: 49:57:C8:B6:40:EA:59:6C:5D:11:A7:3B:3D:26:6E:E7:8C:3F:09:DB
Certificate issuer:       /CN=4957c8b640ea596c5d11a73b3d266ee78c3f09db
Certificate serial:       01964C346BE24BEE36BE0EFABE3C54317C41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
Manifest number:          0787
Signing time:             Sat 19 Apr 2025 04:00:25 +0000
Manifest this update:     Sat 19 Apr 2025 04:00:25 +0000
Manifest next update:     Sun 20 Apr 2025 04:00:25 +0000
Files and hashes:         1: SVfItkDqWWxdEac7PSZu54w_Cds.crl (hash: T6AtSeT7vErXKYGbUjs74Uu0gluXDJu3qvprOs8tyKw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:34:6b:e2:4b:ee:36:be:0e:fa:be:3c:54:31:7c:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4957c8b640ea596c5d11a73b3d266ee78c3f09db
        Validity
            Not Before: Apr 19 04:00:25 2025 GMT
            Not After : Apr 20 04:00:25 2025 GMT
        Subject: CN=5babba1cfab76932e086b595c540bb2b437483d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:c3:d2:9e:b0:e6:30:f7:98:95:9a:0b:38:21:
                    64:a6:20:26:5f:28:26:47:89:76:e3:e9:25:2c:67:
                    56:a3:70:fc:cd:b7:06:e1:49:0c:de:83:9b:07:b1:
                    c2:1d:5c:34:c6:d7:6b:bc:90:8c:2c:60:68:10:97:
                    f9:d0:2c:7d:43:28:6e:1d:94:6f:2d:27:3a:c0:28:
                    ff:4c:f6:54:0a:e3:1e:1f:e7:86:81:f3:99:7d:38:
                    ad:fc:55:43:4e:c2:7a:41:f7:e9:b3:46:7b:78:6c:
                    d4:f3:7b:f3:11:c0:af:35:4c:5e:9a:df:a6:e9:a2:
                    18:5e:3f:3d:5c:12:95:3e:a2:eb:19:da:4c:6b:85:
                    dd:5e:82:bb:b4:6e:9e:05:8f:85:f3:5b:67:c4:73:
                    ef:20:63:19:8b:e9:d2:22:3d:53:cc:6b:c1:48:f4:
                    3c:c0:16:9d:31:35:d1:83:34:d4:08:39:df:e5:d2:
                    a4:5f:1b:6a:c5:83:f6:da:5c:79:d3:b8:8a:3c:5a:
                    74:4b:0c:73:d9:17:9c:f9:b9:bf:65:92:13:e9:6b:
                    1b:f2:83:1f:84:be:b6:16:1e:85:f3:98:c1:3c:58:
                    7b:12:4d:56:b3:b2:dd:56:c1:2c:65:80:9a:25:3a:
                    84:ba:75:82:f2:13:a9:2c:09:56:69:8d:17:4b:a7:
                    25:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:AB:BA:1C:FA:B7:69:32:E0:86:B5:95:C5:40:BB:2B:43:74:83:D8
            X509v3 Authority Key Identifier:
                keyid:49:57:C8:B6:40:EA:59:6C:5D:11:A7:3B:3D:26:6E:E7:8C:3F:09:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:19:b8:b1:ee:30:9e:d6:90:98:0a:39:fb:00:27:67:31:d0:
         4b:b9:23:06:7a:69:a3:5a:f0:f2:00:d0:ca:97:b7:81:f7:c6:
         ae:c6:2d:39:e6:45:bc:5c:00:5d:32:2c:a7:d4:dd:91:5c:2a:
         09:57:20:7c:23:f4:b9:90:15:56:ee:03:8a:cf:52:8b:00:d7:
         00:67:d2:a9:ca:bf:8c:0a:26:2b:29:2a:77:a6:8d:7d:6c:f2:
         65:ee:40:c0:68:a8:75:38:07:fb:53:a5:f0:eb:69:fa:c6:da:
         50:8c:24:0d:c3:ba:91:f1:0b:3e:1a:4e:0b:c7:d1:66:08:2d:
         cc:ef:e7:5a:ca:89:e9:d3:a2:3c:32:64:f3:ba:c5:55:bf:68:
         d4:79:61:b5:99:01:ea:bc:0e:21:9e:7c:53:39:41:ce:1f:cc:
         48:f2:97:a9:e4:c1:94:38:a4:b7:04:c8:89:1d:e6:84:43:81:
         77:16:a4:fa:09:29:c0:64:13:53:72:5c:33:11:43:be:8e:62:
         b2:ef:9c:3c:b9:fa:67:58:18:c9:c5:63:1d:86:e9:79:1a:59:
         3e:a5:b1:e9:8b:a7:0b:83:37:ac:c2:41:31:d0:3c:20:12:3f:
         53:cb:84:a0:64:20:ca:5d:6c:67:3a:14:9f:30:a8:ae:f4:d8:
         a3:30:d7:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZMNGviS+42vg76vjxUMXxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NTdjOGI2NDBlYTU5NmM1ZDExYTczYjNkMjY2ZWU3OGMz
ZjA5ZGIwHhcNMjUwNDE5MDQwMDI1WhcNMjUwNDIwMDQwMDI1WjAzMTEwLwYDVQQD
Eyg1YmFiYmExY2ZhYjc2OTMyZTA4NmI1OTVjNTQwYmIyYjQzNzQ4M2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sPSnrDmMPeYlZoLOCFkpiAmXygm
R4l24+klLGdWo3D8zbcG4UkM3oObB7HCHVw0xtdrvJCMLGBoEJf50Cx9QyhuHZRv
LSc6wCj/TPZUCuMeH+eGgfOZfTit/FVDTsJ6Qffps0Z7eGzU83vzEcCvNUxemt+m
6aIYXj89XBKVPqLrGdpMa4XdXoK7tG6eBY+F81tnxHPvIGMZi+nSIj1TzGvBSPQ8
wBadMTXRgzTUCDnf5dKkXxtqxYP22lx507iKPFp0Swxz2Rec+bm/ZZIT6Wsb8oMf
hL62Fh6F85jBPFh7Ek1Ws7LdVsEsZYCaJTqEunWC8hOpLAlWaY0XS6clPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFuruhz6t2ky4Ia1lcVAuytDdIPYMB8GA1UdIwQY
MBaAFElXyLZA6llsXRGnOz0mbueMPwnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wY2VlYzMtNDgyYS00MWE1LTk3ZWIt
YmZlMWUxNzNkOGYwLzEvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wY2VlYzMtNDgyYS00MWE1LTk3ZWItYmZlMWUxNzNkOGYw
LzEvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbRm4se4w
ntaQmAo5+wAnZzHQS7kjBnppo1rw8gDQype3gffGrsYtOeZFvFwAXTIsp9TdkVwq
CVcgfCP0uZAVVu4Dis9SiwDXAGfSqcq/jAomKykqd6aNfWzyZe5AwGiodTgH+1Ol
8Otp+sbaUIwkDcO6kfELPhpOC8fRZggtzO/nWsqJ6dOiPDJk87rFVb9o1HlhtZkB
6rwOIZ58UzlBzh/MSPKXqeTBlDiktwTIiR3mhEOBdxak+gkpwGQTU3JcMxFDvo5i
su+cPLn6Z1gYycVjHYbpeRpZPqWx6YunC4M3rMJBMdA8IBI/U8uEoGQgyl1sZzoU
nzCorvTYozDXZg==
-----END CERTIFICATE-----