Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
File:                     gU3w5sDcpazuCDqMcwTUXz0z1W0.mft (raw, json)
Hash identifier:          OvGT7HCTYPmFR0oqyGgMs00a7vLcMfu1xnCp0iM6w+E=
Subject key identifier:   FD:8F:06:9D:06:63:6D:22:31:A7:8C:77:5B:82:0B:4A:05:A9:DD:C7
Authority key identifier: 81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D
Certificate issuer:       /CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
Certificate serial:       019578D8C00E73C9C08739131CC313F86416
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
Manifest number:          0B6C
Signing time:             Sun 09 Mar 2025 03:00:25 +0000
Manifest this update:     Sun 09 Mar 2025 03:00:25 +0000
Manifest next update:     Mon 10 Mar 2025 03:00:25 +0000
Files and hashes:         1: gU3w5sDcpazuCDqMcwTUXz0z1W0.crl (hash: RofkN2aTqGUTiekIX42rL9+jGilSva3A4KTGB7doWwI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 10 Mar 2025 03:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:78:d8:c0:0e:73:c9:c0:87:39:13:1c:c3:13:f8:64:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
        Validity
            Not Before: Mar  9 03:00:25 2025 GMT
            Not After : Mar 10 03:00:25 2025 GMT
        Subject: CN=fd8f069d06636d2231a78c775b820b4a05a9ddc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:c3:61:23:3d:bc:59:36:4e:20:b6:dd:7b:a1:
                    3c:a9:67:15:31:89:87:50:95:a1:59:ef:97:be:f3:
                    c7:d7:35:39:9f:8e:a9:41:6c:03:c9:4e:2f:bf:7a:
                    f2:0d:89:c6:e1:c6:de:ed:69:fa:93:6e:a6:72:46:
                    c0:96:61:62:92:02:44:69:7b:4a:3a:53:47:ad:94:
                    d1:14:2a:58:b6:7b:ee:21:42:6a:2a:6d:60:8a:ca:
                    08:61:77:68:8b:97:95:2a:ac:49:51:1a:b0:84:0b:
                    cf:3f:6d:97:d6:ca:bb:18:e1:63:62:89:d3:98:74:
                    b0:e7:f6:71:64:de:71:43:9a:db:49:f1:84:fb:77:
                    4b:58:7d:91:79:a3:ba:e4:c1:24:a3:cf:36:78:b5:
                    44:3e:5c:21:08:c4:00:8f:66:48:c6:58:df:0c:90:
                    12:72:16:45:56:a6:55:4b:49:00:05:0e:29:44:35:
                    70:5b:52:a2:db:f1:7c:ca:da:f2:15:2e:20:c2:2f:
                    23:a6:7a:05:68:19:85:80:f5:24:1e:d1:f2:b2:e7:
                    5b:35:2c:7e:ea:cc:b3:0b:b8:21:69:cd:30:7d:a9:
                    84:da:21:93:f6:01:30:e9:66:a0:3c:3c:5a:88:d7:
                    2a:35:a6:a0:73:2f:89:64:73:c0:74:4c:1a:8a:e1:
                    51:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:8F:06:9D:06:63:6D:22:31:A7:8C:77:5B:82:0B:4A:05:A9:DD:C7
            X509v3 Authority Key Identifier:
                keyid:81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:3d:21:61:4b:85:88:9a:a5:ee:7d:ff:7f:21:57:7c:80:e0:
         57:fd:1b:60:a2:ce:30:e5:12:af:0b:f5:0a:16:1c:b4:e0:f8:
         df:10:95:4c:58:6e:73:51:04:77:c4:2d:8a:7f:87:ab:22:3d:
         d5:8d:08:46:33:fc:72:26:a2:b9:42:53:e8:09:15:25:81:d9:
         d6:4e:10:9a:de:ff:34:a7:32:ee:f0:30:5f:39:2b:78:38:8a:
         00:30:81:25:9e:de:99:e5:7e:8b:91:3a:7b:62:e8:9e:f5:31:
         54:2a:7a:4e:81:eb:d9:d1:3d:c1:c1:b6:f8:62:58:84:2f:59:
         0f:0d:ce:c0:cb:b6:ee:e2:c8:40:bb:98:38:3e:6b:c9:81:26:
         7e:61:1d:d4:7f:6d:61:f0:98:aa:78:e2:d5:0b:09:d9:21:58:
         fc:14:5e:26:67:71:0d:3b:5e:27:ff:a0:8c:5e:87:a8:89:66:
         b4:cf:8a:fa:33:b2:6c:bf:10:b4:f3:59:cb:cf:8e:9c:83:88:
         4e:c5:92:99:a6:90:13:c5:b5:d4:59:dd:83:62:f5:1a:3e:61:
         1a:58:39:9a:ab:7b:0c:61:38:77:8a:46:ec:ea:fe:d4:d9:23:
         1a:e5:1f:02:f3:00:5f:3c:46:1b:c5:c3:9e:c3:f2:3d:8e:f7:
         20:c8:4f:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV42MAOc8nAhzkTHMMT+GQWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNGRmMGU2YzBkY2E1YWNlZTA4M2E4YzczMDRkNDVmM2Qz
M2Q1NmQwHhcNMjUwMzA5MDMwMDI1WhcNMjUwMzEwMDMwMDI1WjAzMTEwLwYDVQQD
EyhmZDhmMDY5ZDA2NjM2ZDIyMzFhNzhjNzc1YjgyMGI0YTA1YTlkZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMNhIz28WTZOILbde6E8qWcVMYmH
UJWhWe+XvvPH1zU5n46pQWwDyU4vv3ryDYnG4cbe7Wn6k26mckbAlmFikgJEaXtK
OlNHrZTRFCpYtnvuIUJqKm1gisoIYXdoi5eVKqxJURqwhAvPP22X1sq7GOFjYonT
mHSw5/ZxZN5xQ5rbSfGE+3dLWH2ReaO65MEko882eLVEPlwhCMQAj2ZIxljfDJAS
chZFVqZVS0kABQ4pRDVwW1Ki2/F8ytryFS4gwi8jpnoFaBmFgPUkHtHysudbNSx+
6syzC7ghac0wfamE2iGT9gEw6WagPDxaiNcqNaagcy+JZHPAdEwaiuFRPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP2PBp0GY20iMaeMd1uCC0oFqd3HMB8GA1UdIwQY
MBaAFIFN8ObA3KWs7gg6jHME1F89M9VtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzIt
ZDBkMmYyY2E4Y2JjLzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzItZDBkMmYyY2E4Y2Jj
LzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiD0hYUuF
iJql7n3/fyFXfIDgV/0bYKLOMOUSrwv1ChYctOD43xCVTFhuc1EEd8Qtin+HqyI9
1Y0IRjP8ciaiuUJT6AkVJYHZ1k4Qmt7/NKcy7vAwXzkreDiKADCBJZ7emeV+i5E6
e2LonvUxVCp6ToHr2dE9wcG2+GJYhC9ZDw3OwMu27uLIQLuYOD5ryYEmfmEd1H9t
YfCYqnji1QsJ2SFY/BReJmdxDTteJ/+gjF6HqIlmtM+K+jOybL8QtPNZy8+OnIOI
TsWSmaaQE8W11Fndg2L1Gj5hGlg5mqt7DGE4d4pG7Or+1NkjGuUfAvMAXzxGG8XD
nsPyPY73IMhPnQ==
-----END CERTIFICATE-----