Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
File:                     iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft (raw, json)
Hash identifier:          QQWcJSQ21fmuT8NJ23XUeADBdoC+C/36sSZEWomqJMg=
Subject key identifier:   84:F9:54:E2:E9:2B:AF:20:49:18:D6:F5:F9:6A:6E:2E:F6:78:D5:7F
Authority key identifier: 89:36:DF:4A:C2:F4:67:EA:66:C1:19:7A:86:29:D3:F6:4B:B5:63:F0
Certificate issuer:       /CN=8936df4ac2f467ea66c1197a8629d3f64bb563f0
Certificate serial:       019643D61331A2B1C86CDDFB4EA73711CA10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
Manifest number:          113A
Signing time:             Thu 17 Apr 2025 13:00:25 +0000
Manifest this update:     Thu 17 Apr 2025 13:00:25 +0000
Manifest next update:     Fri 18 Apr 2025 13:00:25 +0000
Files and hashes:         1: iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl (hash: RW/9yXNGuux9IF7C0xIVAQinE7rwVcQEcuZ8VooNI1c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 13:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:43:d6:13:31:a2:b1:c8:6c:dd:fb:4e:a7:37:11:ca:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8936df4ac2f467ea66c1197a8629d3f64bb563f0
        Validity
            Not Before: Apr 17 13:00:25 2025 GMT
            Not After : Apr 18 13:00:25 2025 GMT
        Subject: CN=84f954e2e92baf204918d6f5f96a6e2ef678d57f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:d2:56:cc:bd:a3:ba:f3:48:21:6c:3f:4f:67:
                    21:1a:5d:4d:2e:f1:c6:a1:c2:10:94:7f:3f:bd:04:
                    f0:8b:08:47:a5:7a:5c:19:7c:3a:fe:5f:81:1f:8a:
                    07:11:48:a7:b6:02:75:d8:17:92:62:78:9b:13:b6:
                    cf:ed:1e:05:39:9b:91:05:e7:c7:47:f2:9c:07:62:
                    04:20:8d:b0:4a:c6:e7:5a:c0:b1:ea:94:c7:7b:28:
                    03:1d:13:58:42:99:21:60:e8:8a:a5:a0:c8:c2:58:
                    c4:59:e6:98:ee:d4:27:59:02:ea:a7:b0:ae:cc:97:
                    b9:30:b7:34:db:b7:4b:6c:46:25:78:0e:92:2b:51:
                    c3:c7:bd:dd:46:a0:73:ed:52:c1:6d:99:7a:c2:9d:
                    fc:6f:43:46:44:09:e0:a7:c5:ea:ac:55:85:87:b6:
                    58:4b:f0:14:f1:4a:88:15:db:dd:ef:f8:19:0d:38:
                    34:e5:0c:a2:a0:0a:1e:cd:33:79:4b:28:12:01:46:
                    f5:40:f2:b3:f7:03:4b:87:63:f1:92:15:08:45:5b:
                    c6:6f:f3:c6:de:18:a6:86:e0:51:f1:29:86:27:c9:
                    72:e9:70:53:f2:d4:e7:c2:8b:1f:a1:0c:ba:fc:a8:
                    73:63:b5:23:34:e6:15:25:ff:30:ec:61:81:74:1b:
                    92:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:F9:54:E2:E9:2B:AF:20:49:18:D6:F5:F9:6A:6E:2E:F6:78:D5:7F
            X509v3 Authority Key Identifier:
                keyid:89:36:DF:4A:C2:F4:67:EA:66:C1:19:7A:86:29:D3:F6:4B:B5:63:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:98:e0:e5:40:3c:78:0a:2e:8b:95:cb:0b:02:2a:0b:ad:b6:
         92:9c:83:0a:47:dd:dd:06:be:b7:d2:c7:05:73:4d:9d:21:f6:
         e7:b0:df:96:07:12:53:63:d9:ad:04:00:1b:6f:72:d6:e4:1f:
         b3:01:db:64:c7:b0:47:33:32:35:74:a3:ae:a1:5c:e4:15:c9:
         07:ff:ea:fb:c3:e6:59:cd:45:72:7d:a8:78:dc:53:92:4a:db:
         56:2b:c1:ad:bb:a8:3b:f1:90:4f:fc:6c:c3:02:06:c1:72:de:
         b8:72:bf:96:0c:10:da:0e:5b:d1:47:54:7a:43:bd:e9:3b:fc:
         31:a7:ec:fa:2e:7d:79:11:74:ed:14:0e:b8:44:25:de:d3:89:
         3e:08:7c:7d:22:ed:1e:7b:0b:c4:80:1a:cc:8a:b0:32:3e:38:
         92:5a:c4:49:63:73:25:82:5a:3a:8e:12:8a:58:6e:e7:c7:90:
         05:ee:ef:a9:7f:aa:38:90:53:df:87:3a:8a:8d:b6:bc:1a:89:
         ac:5d:d5:a8:01:8a:75:df:32:23:67:0c:52:9b:c5:00:eb:84:
         0b:5b:3b:62:89:d7:22:d3:a8:6f:56:7c:f9:41:d8:01:77:d5:
         ec:d3:f5:9c:69:1b:54:80:5d:0f:7a:3f:e5:c6:85:c9:9a:ee:
         30:ac:07:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZD1hMxorHIbN37Tqc3EcoQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MzZkZjRhYzJmNDY3ZWE2NmMxMTk3YTg2MjlkM2Y2NGJi
NTYzZjAwHhcNMjUwNDE3MTMwMDI1WhcNMjUwNDE4MTMwMDI1WjAzMTEwLwYDVQQD
Eyg4NGY5NTRlMmU5MmJhZjIwNDkxOGQ2ZjVmOTZhNmUyZWY2NzhkNTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodJWzL2juvNIIWw/T2chGl1NLvHG
ocIQlH8/vQTwiwhHpXpcGXw6/l+BH4oHEUintgJ12BeSYnibE7bP7R4FOZuRBefH
R/KcB2IEII2wSsbnWsCx6pTHeygDHRNYQpkhYOiKpaDIwljEWeaY7tQnWQLqp7Cu
zJe5MLc027dLbEYleA6SK1HDx73dRqBz7VLBbZl6wp38b0NGRAngp8XqrFWFh7ZY
S/AU8UqIFdvd7/gZDTg05QyioAoezTN5SygSAUb1QPKz9wNLh2PxkhUIRVvGb/PG
3himhuBR8SmGJ8ly6XBT8tTnwosfoQy6/KhzY7UjNOYVJf8w7GGBdBuSbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIT5VOLpK68gSRjW9flqbi72eNV/MB8GA1UdIwQY
MBaAFIk230rC9GfqZsEZeoYp0/ZLtWPwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi83ODk1ZjgtYWMzMS00Nzk4LTg0MDQt
NGUyNzhkZDQ4YTNmLzEvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi83ODk1ZjgtYWMzMS00Nzk4LTg0MDQtNGUyNzhkZDQ4YTNm
LzEvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArZjg5UA8
eAoui5XLCwIqC622kpyDCkfd3Qa+t9LHBXNNnSH257DflgcSU2PZrQQAG29y1uQf
swHbZMewRzMyNXSjrqFc5BXJB//q+8PmWc1Fcn2oeNxTkkrbVivBrbuoO/GQT/xs
wwIGwXLeuHK/lgwQ2g5b0UdUekO96Tv8Mafs+i59eRF07RQOuEQl3tOJPgh8fSLt
HnsLxIAazIqwMj44klrESWNzJYJaOo4Silhu58eQBe7vqX+qOJBT34c6io22vBqJ
rF3VqAGKdd8yI2cMUpvFAOuEC1s7YonXItOob1Z8+UHYAXfV7NP1nGkbVIBdD3o/
5caFyZruMKwHiw==
-----END CERTIFICATE-----