Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft
File:                     TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft (raw, json)
Hash identifier:          dqDW29vlKtDG6euwqN+tnJ6O3Pd9JC+qSATSvQPnjGI=
Subject key identifier:   82:AB:C0:6A:65:1B:AF:B1:19:66:10:0B:8A:1B:89:CA:CD:33:97:B4
Authority key identifier: 4E:91:16:2B:B0:D9:B5:51:BF:5F:7B:1C:15:EE:31:5A:51:A6:77:F4
Certificate issuer:       /CN=4e91162bb0d9b551bf5f7b1c15ee315a51a677f4
Certificate serial:       019654251623B5DAEFA7F820763CB5516FB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft
Manifest number:          0A70
Signing time:             Sun 20 Apr 2025 17:00:38 +0000
Manifest this update:     Sun 20 Apr 2025 17:00:38 +0000
Manifest next update:     Mon 21 Apr 2025 17:00:38 +0000
Files and hashes:         1: TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl (hash: w1roI1ugA+Ex7EPmSm4h0dgL2WusirbXdKMlwG3iouc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:25:16:23:b5:da:ef:a7:f8:20:76:3c:b5:51:6f:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e91162bb0d9b551bf5f7b1c15ee315a51a677f4
        Validity
            Not Before: Apr 20 17:00:38 2025 GMT
            Not After : Apr 21 17:00:38 2025 GMT
        Subject: CN=82abc06a651bafb11966100b8a1b89cacd3397b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:61:3c:f3:89:0c:9f:f8:4e:54:63:b4:bc:b5:
                    55:4d:ad:ca:05:4f:f7:04:6f:f0:d5:e9:78:44:21:
                    4d:2b:ce:03:b6:30:40:7f:48:39:f4:81:d0:6a:74:
                    c6:6c:1b:36:2c:25:d1:60:aa:64:98:8e:5b:a4:18:
                    7d:58:33:03:4a:fb:73:5a:a4:a7:42:fa:b7:e6:68:
                    75:48:85:66:da:b3:89:d7:c7:05:cc:7d:06:3d:bb:
                    bb:bf:73:1c:ec:dc:90:cc:9a:b6:40:4c:88:4d:8f:
                    b7:b6:97:01:49:ae:b5:46:fd:9a:3d:59:04:b9:0d:
                    7d:76:6f:1c:56:96:42:c4:f4:4e:c9:d6:cd:c1:d8:
                    7b:19:0f:4c:da:59:13:db:ef:bc:9b:a0:77:27:8b:
                    8d:f1:12:67:26:c2:bb:cc:b9:9a:ab:31:b7:94:8f:
                    2c:99:d7:5b:03:7a:2c:7c:a7:29:ef:57:3b:2f:55:
                    f0:51:06:f7:d5:2f:43:7f:f9:db:0d:bb:b4:b8:bf:
                    20:58:a3:46:a5:c6:be:e1:4a:4f:d6:18:22:75:97:
                    9f:ed:ba:12:59:92:78:24:ed:58:59:9d:2e:26:93:
                    99:c3:8f:5b:02:c3:aa:6d:11:0e:1b:0c:51:6c:5a:
                    6d:b8:af:b1:1e:f5:16:9f:26:77:c8:a7:06:a6:f1:
                    f6:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:AB:C0:6A:65:1B:AF:B1:19:66:10:0B:8A:1B:89:CA:CD:33:97:B4
            X509v3 Authority Key Identifier:
                keyid:4E:91:16:2B:B0:D9:B5:51:BF:5F:7B:1C:15:EE:31:5A:51:A6:77:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:db:1f:80:61:1a:11:cf:a7:3a:c7:a2:b7:d6:bc:d1:3c:39:
         73:52:c9:c4:2c:3f:c8:2f:c0:4b:70:1f:69:00:d4:ee:09:e1:
         df:59:05:97:5c:b9:39:51:a2:06:5f:44:36:7d:31:29:1f:7a:
         a3:fc:8f:ec:92:6c:c5:6b:71:d3:4b:2a:bd:8f:de:da:3f:da:
         14:32:1d:3a:a0:a7:1d:c9:3b:0d:7b:d6:33:12:f5:11:13:3c:
         49:51:b7:fb:8e:35:4c:ee:61:49:14:8b:6c:83:0a:c4:53:b9:
         ab:83:d4:e1:10:e9:4a:43:1a:f9:8e:dc:3f:07:8e:e2:e0:28:
         f5:94:b7:38:3b:82:55:1f:fa:a1:bd:9e:92:14:c1:fb:66:b0:
         e6:2f:e1:87:f8:24:26:56:ad:45:00:89:11:af:ae:84:0a:b9:
         e2:ee:18:65:c6:99:94:0d:9d:a7:b0:3f:97:56:a9:0c:ba:f5:
         e7:04:44:62:49:47:c3:04:78:2c:51:9e:0e:39:ef:e1:6d:31:
         40:1f:79:ea:3e:ca:19:d0:9d:6f:07:5f:39:a1:f9:be:cd:c8:
         bb:5b:ea:07:64:b5:0e:f1:96:8c:6a:de:6e:9b:d9:a3:1e:b2:
         98:16:ca:88:19:71:c1:05:05:2a:81:b7:7f:0c:36:71:0e:59:
         a5:91:a2:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUJRYjtdrvp/ggdjy1UW+zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlOTExNjJiYjBkOWI1NTFiZjVmN2IxYzE1ZWUzMTVhNTFh
Njc3ZjQwHhcNMjUwNDIwMTcwMDM4WhcNMjUwNDIxMTcwMDM4WjAzMTEwLwYDVQQD
Eyg4MmFiYzA2YTY1MWJhZmIxMTk2NjEwMGI4YTFiODljYWNkMzM5N2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWE884kMn/hOVGO0vLVVTa3KBU/3
BG/w1el4RCFNK84DtjBAf0g59IHQanTGbBs2LCXRYKpkmI5bpBh9WDMDSvtzWqSn
Qvq35mh1SIVm2rOJ18cFzH0GPbu7v3Mc7NyQzJq2QEyITY+3tpcBSa61Rv2aPVkE
uQ19dm8cVpZCxPROydbNwdh7GQ9M2lkT2++8m6B3J4uN8RJnJsK7zLmaqzG3lI8s
mddbA3osfKcp71c7L1XwUQb31S9Df/nbDbu0uL8gWKNGpca+4UpP1hgidZef7boS
WZJ4JO1YWZ0uJpOZw49bAsOqbREOGwxRbFptuK+xHvUWnyZ3yKcGpvH2FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIKrwGplG6+xGWYQC4obicrNM5e0MB8GA1UdIwQY
MBaAFE6RFiuw2bVRv197HBXuMVpRpnf0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yMjljM2YtOTk3Mi00M2Q2LThlNDIt
NTcxM2YxNzQ5YzFkLzEvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yMjljM2YtOTk3Mi00M2Q2LThlNDItNTcxM2YxNzQ5YzFk
LzEvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm9sfgGEa
Ec+nOseit9a80Tw5c1LJxCw/yC/AS3AfaQDU7gnh31kFl1y5OVGiBl9ENn0xKR96
o/yP7JJsxWtx00sqvY/e2j/aFDIdOqCnHck7DXvWMxL1ERM8SVG3+441TO5hSRSL
bIMKxFO5q4PU4RDpSkMa+Y7cPweO4uAo9ZS3ODuCVR/6ob2ekhTB+2aw5i/hh/gk
JlatRQCJEa+uhAq54u4YZcaZlA2dp7A/l1apDLr15wREYklHwwR4LFGeDjnv4W0x
QB956j7KGdCdbwdfOaH5vs3Iu1vqB2S1DvGWjGrebpvZox6ymBbKiBlxwQUFKoG3
fww2cQ5ZpZGiGA==
-----END CERTIFICATE-----