Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/233d82-938e-4f35-aa48-d4e9cf26ee10/1/mpVYgYJyucVAD8XaGIE6zOkXWI0.mft
File:                     mpVYgYJyucVAD8XaGIE6zOkXWI0.mft (raw, json)
Hash identifier:          f2/2rice9jWeBZTCUfk3l+q6qkgNAgZoAEG66F5tSz0=
Subject key identifier:   2D:A6:8F:CD:F6:9A:2E:E8:4D:E7:4D:9B:54:35:FB:3C:E1:97:3D:D9
Authority key identifier: 9A:95:58:81:82:72:B9:C5:40:0F:C5:DA:18:81:3A:CC:E9:17:58:8D
Certificate issuer:       /CN=9a9558818272b9c5400fc5da18813acce917588d
Certificate serial:       0196534A45EEFFBB68AEFA4CE1EC6ADE3BCB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mpVYgYJyucVAD8XaGIE6zOkXWI0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/233d82-938e-4f35-aa48-d4e9cf26ee10/1/mpVYgYJyucVAD8XaGIE6zOkXWI0.mft
Manifest number:          14F9
Signing time:             Sun 20 Apr 2025 13:01:38 +0000
Manifest this update:     Sun 20 Apr 2025 13:01:38 +0000
Manifest next update:     Mon 21 Apr 2025 13:01:38 +0000
Files and hashes:         1: mpVYgYJyucVAD8XaGIE6zOkXWI0.crl (hash: dAzZ82kW5+5wwV5LXRWzr811k0/9lD3l0NRSqY7uNlg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/233d82-938e-4f35-aa48-d4e9cf26ee10/1/mpVYgYJyucVAD8XaGIE6zOkXWI0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/233d82-938e-4f35-aa48-d4e9cf26ee10/1/mpVYgYJyucVAD8XaGIE6zOkXWI0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mpVYgYJyucVAD8XaGIE6zOkXWI0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:4a:45:ee:ff:bb:68:ae:fa:4c:e1:ec:6a:de:3b:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a9558818272b9c5400fc5da18813acce917588d
        Validity
            Not Before: Apr 20 13:01:38 2025 GMT
            Not After : Apr 21 13:01:38 2025 GMT
        Subject: CN=2da68fcdf69a2ee84de74d9b5435fb3ce1973dd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:e3:0a:53:c9:71:66:fb:f5:5e:0f:84:e3:97:
                    f0:d9:15:90:46:50:2d:51:e9:ba:79:39:70:f0:de:
                    da:6b:c6:68:ea:53:b9:ba:16:05:b0:30:2f:64:b2:
                    bb:14:91:b0:bf:63:e2:85:7a:db:4e:71:2a:09:3c:
                    15:c6:f7:4c:49:61:e4:a6:75:f8:be:56:56:50:a9:
                    56:cc:1f:2d:8f:56:9f:59:3c:1c:3a:9d:65:fa:0f:
                    20:31:95:ae:9a:96:ad:e4:56:ea:d9:35:fa:2c:d3:
                    96:4b:0f:1b:28:f6:13:c1:35:02:fb:a0:1c:36:39:
                    f7:77:1c:c7:95:b7:9c:cc:02:82:2a:dc:fa:ce:6c:
                    2d:cf:d8:22:74:26:95:4a:74:8a:57:87:e9:c3:8a:
                    d8:de:db:00:4d:53:69:e2:d8:99:98:36:99:54:6f:
                    0b:07:b9:60:87:06:af:33:e4:5d:dc:23:dd:a3:6e:
                    d1:58:f3:12:1a:32:8b:aa:45:f2:be:94:71:42:c2:
                    2b:42:8f:00:00:b9:44:5c:3a:64:ef:67:58:ef:c1:
                    47:36:17:02:a1:bb:59:e8:17:97:71:52:d8:49:c3:
                    c5:ae:d7:98:87:c5:46:c9:e7:15:99:3e:1b:33:71:
                    6a:d7:98:22:78:f7:46:42:89:7a:7b:c8:1b:68:3b:
                    af:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:A6:8F:CD:F6:9A:2E:E8:4D:E7:4D:9B:54:35:FB:3C:E1:97:3D:D9
            X509v3 Authority Key Identifier:
                keyid:9A:95:58:81:82:72:B9:C5:40:0F:C5:DA:18:81:3A:CC:E9:17:58:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mpVYgYJyucVAD8XaGIE6zOkXWI0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/233d82-938e-4f35-aa48-d4e9cf26ee10/1/mpVYgYJyucVAD8XaGIE6zOkXWI0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/233d82-938e-4f35-aa48-d4e9cf26ee10/1/mpVYgYJyucVAD8XaGIE6zOkXWI0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:4d:e7:98:79:e6:fc:a8:a4:70:32:2c:85:99:e6:93:2c:16:
         3a:3d:69:87:e8:0d:3d:b9:32:b2:8b:1a:bd:eb:c8:0b:a1:dc:
         40:23:53:77:f1:8d:72:52:63:df:34:54:10:5c:8b:fa:9b:76:
         f2:61:f3:f8:e4:4d:cd:64:c8:af:74:1c:f1:52:e1:ee:3b:b4:
         5b:f5:d5:03:39:59:39:6a:70:e0:e9:12:38:2c:62:d7:40:6d:
         96:ac:18:5f:e4:5c:1c:37:b9:73:2b:71:25:e6:5a:6c:82:51:
         8a:5a:2e:52:be:90:b4:e1:6d:9e:40:13:c3:21:a7:4a:10:a6:
         3a:b2:4f:9a:fe:30:df:aa:89:20:63:08:fe:79:05:10:9c:79:
         05:f3:8c:f2:b1:01:bb:e0:6b:53:f0:74:7b:6e:de:40:92:02:
         fe:bc:d6:13:d7:01:c1:ab:47:0e:5d:dd:15:92:f1:27:ce:6e:
         d5:42:ce:67:42:3f:fb:22:b5:d8:b2:d1:f5:05:96:c0:6b:e3:
         87:42:60:94:25:a0:cc:1b:23:8b:b7:56:e9:43:0c:79:ff:7e:
         4c:81:a0:33:e3:2b:9f:7c:66:cf:94:95:90:8d:5a:29:f0:c2:
         af:80:02:d3:f0:9d:5c:5d:fb:a3:f0:03:ba:69:de:0b:42:d2:
         a2:f0:2c:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTSkXu/7torvpM4exq3jvLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhOTU1ODgxODI3MmI5YzU0MDBmYzVkYTE4ODEzYWNjZTkx
NzU4OGQwHhcNMjUwNDIwMTMwMTM4WhcNMjUwNDIxMTMwMTM4WjAzMTEwLwYDVQQD
EygyZGE2OGZjZGY2OWEyZWU4NGRlNzRkOWI1NDM1ZmIzY2UxOTczZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieMKU8lxZvv1Xg+E45fw2RWQRlAt
Uem6eTlw8N7aa8Zo6lO5uhYFsDAvZLK7FJGwv2PihXrbTnEqCTwVxvdMSWHkpnX4
vlZWUKlWzB8tj1afWTwcOp1l+g8gMZWumpat5Fbq2TX6LNOWSw8bKPYTwTUC+6Ac
Njn3dxzHlbeczAKCKtz6zmwtz9gidCaVSnSKV4fpw4rY3tsATVNp4tiZmDaZVG8L
B7lghwavM+Rd3CPdo27RWPMSGjKLqkXyvpRxQsIrQo8AALlEXDpk72dY78FHNhcC
obtZ6BeXcVLYScPFrteYh8VGyecVmT4bM3Fq15giePdGQol6e8gbaDuvCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2mj832mi7oTedNm1Q1+zzhlz3ZMB8GA1UdIwQY
MBaAFJqVWIGCcrnFQA/F2hiBOszpF1iNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXBWWWdZSnl1Y1ZBRDhYYUdJRTZ6T2tYV0kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMzNkODItOTM4ZS00ZjM1LWFhNDgt
ZDRlOWNmMjZlZTEwLzEvbXBWWWdZSnl1Y1ZBRDhYYUdJRTZ6T2tYV0kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMzNkODItOTM4ZS00ZjM1LWFhNDgtZDRlOWNmMjZlZTEw
LzEvbXBWWWdZSnl1Y1ZBRDhYYUdJRTZ6T2tYV0kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfU3nmHnm
/KikcDIshZnmkywWOj1ph+gNPbkysosavevIC6HcQCNTd/GNclJj3zRUEFyL+pt2
8mHz+ORNzWTIr3Qc8VLh7ju0W/XVAzlZOWpw4OkSOCxi10BtlqwYX+RcHDe5cytx
JeZabIJRilouUr6QtOFtnkATwyGnShCmOrJPmv4w36qJIGMI/nkFEJx5BfOM8rEB
u+BrU/B0e27eQJIC/rzWE9cBwatHDl3dFZLxJ85u1ULOZ0I/+yK12LLR9QWWwGvj
h0JglCWgzBsji7dW6UMMef9+TIGgM+Mrn3xmz5SVkI1aKfDCr4AC0/CdXF37o/AD
umneC0LSovAsEA==
-----END CERTIFICATE-----