Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
File:                     SVfItkDqWWxdEac7PSZu54w_Cds.mft (raw, json)
Hash identifier:          KLtZIlgUtKVJQlJD6zH4mEl6ESSh8umaJvy+k8OrPf0=
Subject key identifier:   DD:85:E5:57:8E:14:A9:AD:3A:78:ED:B6:21:37:85:02:72:2B:42:E2
Authority key identifier: 49:57:C8:B6:40:EA:59:6C:5D:11:A7:3B:3D:26:6E:E7:8C:3F:09:DB
Certificate issuer:       /CN=4957c8b640ea596c5d11a73b3d266ee78c3f09db
Certificate serial:       019749311A82090086362D34D08FE4A55596
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
Manifest number:          080A
Signing time:             Sat 07 Jun 2025 07:00:44 +0000
Manifest this update:     Sat 07 Jun 2025 07:00:44 +0000
Manifest next update:     Sun 08 Jun 2025 07:00:44 +0000
Files and hashes:         1: SVfItkDqWWxdEac7PSZu54w_Cds.crl (hash: v18QqO9GY8FGrZh4K//t+jQApa7C1BhGD7dyQem4f/o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:1a:82:09:00:86:36:2d:34:d0:8f:e4:a5:55:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4957c8b640ea596c5d11a73b3d266ee78c3f09db
        Validity
            Not Before: Jun  7 07:00:44 2025 GMT
            Not After : Jun  8 07:00:44 2025 GMT
        Subject: CN=dd85e5578e14a9ad3a78edb621378502722b42e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:e1:4b:e7:d6:40:9a:76:88:61:8b:e0:0e:58:
                    ce:91:20:70:cd:83:36:8a:be:cf:3d:90:62:96:75:
                    3c:5f:49:2e:13:43:c8:c0:a4:fa:f6:e9:91:2d:c4:
                    b5:6b:b3:b3:ed:54:db:80:9e:ac:45:4b:76:94:4b:
                    59:21:db:8e:59:96:a0:61:de:41:3b:41:50:7f:30:
                    86:53:57:c9:45:01:0b:2f:4a:18:7b:23:91:38:d6:
                    70:54:37:81:bf:e1:fb:a9:13:23:77:b4:5c:8f:b5:
                    29:25:fa:58:f2:d0:56:58:6d:2d:42:63:0e:07:2c:
                    7a:38:57:6a:29:c3:14:c8:12:85:84:f9:90:89:be:
                    29:28:a8:d0:3d:62:b7:d9:3f:d2:c1:5a:04:22:45:
                    af:ee:da:30:8f:37:e0:00:21:7e:b4:7e:0f:62:4c:
                    12:a7:ea:7d:e4:5d:e9:6f:ee:b9:54:d8:61:28:a4:
                    10:3c:05:ef:dd:08:9e:ce:4f:f9:19:e0:2c:31:2f:
                    6e:75:8d:6d:44:ca:79:e8:4b:63:34:fb:79:51:39:
                    f4:13:e1:ab:6b:3c:b3:62:8c:16:73:8c:a2:b5:c6:
                    5b:69:c5:88:b8:a7:ef:71:2c:e2:dd:5e:bc:1a:2d:
                    17:78:ad:6e:33:24:f9:dd:77:44:63:cd:f4:52:4f:
                    2d:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:85:E5:57:8E:14:A9:AD:3A:78:ED:B6:21:37:85:02:72:2B:42:E2
            X509v3 Authority Key Identifier:
                keyid:49:57:C8:B6:40:EA:59:6C:5D:11:A7:3B:3D:26:6E:E7:8C:3F:09:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:ff:2d:cf:17:a9:ae:33:24:f4:f9:ac:a1:1c:a4:46:7e:c9:
         51:7a:ab:52:a6:17:09:bf:db:0d:b7:ce:39:89:22:60:c1:69:
         d1:14:b2:e4:c2:01:73:91:fa:dd:33:45:4f:c0:01:38:a5:b4:
         75:7b:be:ec:5f:27:2e:ac:44:c1:91:89:0e:d4:86:61:de:38:
         a6:ca:93:5a:00:7e:e6:ab:33:4e:c0:0e:79:99:80:09:7a:69:
         bd:81:55:c5:0e:8c:4c:f2:19:8e:c5:c1:93:da:20:75:87:bd:
         83:0c:40:a6:cd:39:5b:39:a5:2f:24:3d:c8:9a:a3:e3:3e:e3:
         ea:a7:14:90:a7:de:a5:e9:12:81:95:24:f7:87:08:76:15:aa:
         12:16:79:7d:34:b3:d5:b2:87:a8:4f:26:1b:30:5b:23:83:4d:
         fc:32:36:5d:fd:35:09:ab:b7:e8:a5:68:81:92:d2:e4:14:67:
         57:32:8b:2a:f2:8e:19:1f:30:a4:df:76:13:f2:51:eb:a3:1c:
         c3:10:28:f6:e9:63:88:d9:99:62:a2:cc:ad:df:de:e5:6a:ea:
         9a:c5:d2:2f:22:49:e4:f2:61:d8:f1:1d:1a:f4:69:f3:57:1b:
         ba:2e:d5:f2:1d:c0:67:3c:e5:71:ad:b4:bb:11:f9:40:66:2f:
         aa:54:72:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMRqCCQCGNi000I/kpVWWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NTdjOGI2NDBlYTU5NmM1ZDExYTczYjNkMjY2ZWU3OGMz
ZjA5ZGIwHhcNMjUwNjA3MDcwMDQ0WhcNMjUwNjA4MDcwMDQ0WjAzMTEwLwYDVQQD
EyhkZDg1ZTU1NzhlMTRhOWFkM2E3OGVkYjYyMTM3ODUwMjcyMmI0MmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OFL59ZAmnaIYYvgDljOkSBwzYM2
ir7PPZBilnU8X0kuE0PIwKT69umRLcS1a7Oz7VTbgJ6sRUt2lEtZIduOWZagYd5B
O0FQfzCGU1fJRQELL0oYeyORONZwVDeBv+H7qRMjd7Rcj7UpJfpY8tBWWG0tQmMO
Byx6OFdqKcMUyBKFhPmQib4pKKjQPWK32T/SwVoEIkWv7towjzfgACF+tH4PYkwS
p+p95F3pb+65VNhhKKQQPAXv3Qiezk/5GeAsMS9udY1tRMp56EtjNPt5UTn0E+Gr
azyzYowWc4yitcZbacWIuKfvcSzi3V68Gi0XeK1uMyT53XdEY830Uk8twwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN2F5VeOFKmtOnjttiE3hQJyK0LiMB8GA1UdIwQY
MBaAFElXyLZA6llsXRGnOz0mbueMPwnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wY2VlYzMtNDgyYS00MWE1LTk3ZWIt
YmZlMWUxNzNkOGYwLzEvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wY2VlYzMtNDgyYS00MWE1LTk3ZWItYmZlMWUxNzNkOGYw
LzEvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALf8tzxep
rjMk9PmsoRykRn7JUXqrUqYXCb/bDbfOOYkiYMFp0RSy5MIBc5H63TNFT8ABOKW0
dXu+7F8nLqxEwZGJDtSGYd44psqTWgB+5qszTsAOeZmACXppvYFVxQ6MTPIZjsXB
k9ogdYe9gwxAps05WzmlLyQ9yJqj4z7j6qcUkKfepekSgZUk94cIdhWqEhZ5fTSz
1bKHqE8mGzBbI4NN/DI2Xf01Cau36KVogZLS5BRnVzKLKvKOGR8wpN92E/JR66Mc
wxAo9uljiNmZYqLMrd/e5WrqmsXSLyJJ5PJh2PEdGvRp81cbui7V8h3AZzzlca20
uxH5QGYvqlRy5w==
-----END CERTIFICATE-----