Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
File:                     cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft (raw, json)
Hash identifier:          7A3+cZ0OQsTiqecMEMeQPQzFSJfXwCDIaNDWqWq50B8=
Subject key identifier:   56:A8:36:09:67:7E:B0:EA:59:D6:D1:FF:E2:50:9E:39:E6:27:8B:3F
Authority key identifier: 70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4
Certificate issuer:       /CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4
Certificate serial:       019610208A7E7E3C21822372BEFE981B4A3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
Manifest number:          14D7
Signing time:             Mon 07 Apr 2025 12:01:30 +0000
Manifest this update:     Mon 07 Apr 2025 12:01:30 +0000
Manifest next update:     Tue 08 Apr 2025 12:01:30 +0000
Files and hashes:         1: cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl (hash: Yh2Air1xdbCbGOBUZlwlm/dXHCgga0+OyUSI63Jj/3k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 12:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:10:20:8a:7e:7e:3c:21:82:23:72:be:fe:98:1b:4a:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4
        Validity
            Not Before: Apr  7 12:01:30 2025 GMT
            Not After : Apr  8 12:01:30 2025 GMT
        Subject: CN=56a83609677eb0ea59d6d1ffe2509e39e6278b3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:84:1f:7f:b5:68:1b:52:c5:b6:46:3a:9e:aa:
                    05:53:37:38:51:d9:88:25:7d:c9:ad:d7:2e:2e:f9:
                    5f:e3:08:5e:ed:f1:7f:19:59:3f:7a:3b:40:b7:07:
                    af:3a:bc:60:77:32:5a:ab:7b:2d:9c:58:2e:76:fe:
                    02:91:69:07:27:d1:0f:4a:ab:c8:4f:0e:cb:23:92:
                    d9:95:f7:fe:1b:d8:e4:29:d6:55:65:4a:48:77:65:
                    54:b0:b6:6c:21:68:08:59:56:14:f1:43:d6:bf:dd:
                    c7:0e:08:21:b6:45:d0:75:76:99:69:4d:fc:cb:a8:
                    3d:a2:a5:b7:dd:9e:6f:39:15:cd:c3:d4:96:03:32:
                    85:df:99:9e:8f:7d:c8:f8:99:8a:8c:18:93:b2:91:
                    96:68:6b:8c:7a:3b:0f:04:ad:d7:8f:df:9d:54:29:
                    68:e8:c4:51:12:24:3d:44:e2:32:4b:29:e4:59:30:
                    8b:f7:ea:b2:2b:af:33:b0:c7:d4:6d:5a:39:6b:41:
                    28:47:10:99:f1:a8:a4:53:72:28:9e:8f:2e:b6:37:
                    68:00:ac:87:35:1b:6b:40:cf:4f:93:92:43:e2:03:
                    01:32:76:87:17:b6:4e:09:36:f5:c3:d9:1f:e1:55:
                    f7:d6:13:91:c6:59:07:55:4a:09:e2:31:bc:cd:d8:
                    d7:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:A8:36:09:67:7E:B0:EA:59:D6:D1:FF:E2:50:9E:39:E6:27:8B:3F
            X509v3 Authority Key Identifier:
                keyid:70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:28:76:68:af:7f:9d:45:f9:bc:c9:65:88:ea:2c:09:9b:96:
         66:10:a7:bf:6a:cd:f6:15:4c:83:7c:3c:a1:e5:76:ed:a9:53:
         d2:05:89:f4:1b:2f:70:bf:33:d0:d8:37:70:d1:8a:37:a2:c1:
         a0:60:24:87:9f:92:cd:d9:68:05:39:cc:a9:b7:3b:4f:8b:65:
         1b:13:d9:f7:bc:5b:80:7d:e4:8e:4e:87:43:60:76:56:0e:bc:
         f1:ef:2f:74:65:9b:7c:14:59:57:06:c0:10:29:3a:43:67:49:
         93:ec:5c:9a:c0:4c:56:75:3f:80:b9:0d:1e:a2:a9:f2:9d:90:
         71:ac:16:ec:d6:3d:ee:85:88:67:be:53:50:1f:1f:9b:62:be:
         36:e6:74:f2:c6:8f:ac:cf:62:30:11:53:2a:bb:b9:67:ee:92:
         c0:1b:94:0d:27:c0:2e:8d:e4:70:2d:7d:de:5d:75:ce:f1:0c:
         84:b4:bf:f0:cf:8d:8f:63:66:71:d2:62:0c:b1:8b:af:9f:bb:
         03:e4:32:7d:3c:cb:40:95:a0:7a:fe:02:ba:69:f0:94:b5:89:
         02:91:74:b0:62:da:fc:0e:f5:3d:1c:c9:6e:9f:e4:35:00:48:
         90:ed:1d:db:74:b9:3c:5e:5c:b0:05:b3:a1:12:76:45:e1:50:
         18:c0:98:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYQIIp+fjwhgiNyvv6YG0o+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYjQxM2ZhNzgyYTMwNDI4MzBkYTIzYWEzZjM1OTRhN2Q1
ZWEyZjQwHhcNMjUwNDA3MTIwMTMwWhcNMjUwNDA4MTIwMTMwWjAzMTEwLwYDVQQD
Eyg1NmE4MzYwOTY3N2ViMGVhNTlkNmQxZmZlMjUwOWUzOWU2Mjc4YjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5YQff7VoG1LFtkY6nqoFUzc4UdmI
JX3JrdcuLvlf4whe7fF/GVk/ejtAtwevOrxgdzJaq3stnFgudv4CkWkHJ9EPSqvI
Tw7LI5LZlff+G9jkKdZVZUpId2VUsLZsIWgIWVYU8UPWv93HDgghtkXQdXaZaU38
y6g9oqW33Z5vORXNw9SWAzKF35mej33I+JmKjBiTspGWaGuMejsPBK3Xj9+dVClo
6MRREiQ9ROIySynkWTCL9+qyK68zsMfUbVo5a0EoRxCZ8aikU3Iono8utjdoAKyH
NRtrQM9Pk5JD4gMBMnaHF7ZOCTb1w9kf4VX31hORxlkHVUoJ4jG8zdjXiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFaoNglnfrDqWdbR/+JQnjnmJ4s/MB8GA1UdIwQY
MBaAFHC0E/p4KjBCgw2iOqPzWUp9XqL0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2Et
YTMxMzdiYzgzZDBhLzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2EtYTMxMzdiYzgzZDBh
LzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEyh2aK9/
nUX5vMlliOosCZuWZhCnv2rN9hVMg3w8oeV27alT0gWJ9BsvcL8z0Ng3cNGKN6LB
oGAkh5+SzdloBTnMqbc7T4tlGxPZ97xbgH3kjk6HQ2B2Vg688e8vdGWbfBRZVwbA
ECk6Q2dJk+xcmsBMVnU/gLkNHqKp8p2QcawW7NY97oWIZ75TUB8fm2K+NuZ08saP
rM9iMBFTKru5Z+6SwBuUDSfALo3kcC193l11zvEMhLS/8M+Nj2NmcdJiDLGLr5+7
A+QyfTzLQJWgev4CumnwlLWJApF0sGLa/A71PRzJbp/kNQBIkO0d23S5PF5csAWz
oRJ2ReFQGMCYzA==
-----END CERTIFICATE-----