Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
File:                     VkQtN4qHkyt22vks6Pye80Hrx1k.mft (raw, json)
Hash identifier:          saSM9J/4yhT8vwG1ugF76ZWjbxQXMxivmXF5y3PTZ3g=
Subject key identifier:   27:BD:8B:32:00:67:D8:2D:22:2F:C2:69:91:5A:A8:1B:18:CD:D9:77
Authority key identifier: 56:44:2D:37:8A:87:93:2B:76:DA:F9:2C:E8:FC:9E:F3:41:EB:C7:59
Certificate issuer:       /CN=56442d378a87932b76daf92ce8fc9ef341ebc759
Certificate serial:       01961245F76D0DC4C877B0B9C503CBE8006B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
Manifest number:          0A9D
Signing time:             Mon 07 Apr 2025 22:01:37 +0000
Manifest this update:     Mon 07 Apr 2025 22:01:37 +0000
Manifest next update:     Tue 08 Apr 2025 22:01:37 +0000
Files and hashes:         1: VkQtN4qHkyt22vks6Pye80Hrx1k.crl (hash: KMfEcbjjFo985jXlHupCc1MIdM333Ispodb33MyQVcs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 22:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:12:45:f7:6d:0d:c4:c8:77:b0:b9:c5:03:cb:e8:00:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56442d378a87932b76daf92ce8fc9ef341ebc759
        Validity
            Not Before: Apr  7 22:01:37 2025 GMT
            Not After : Apr  8 22:01:37 2025 GMT
        Subject: CN=27bd8b320067d82d222fc269915aa81b18cdd977
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:db:32:64:1a:9a:51:cd:7e:9a:5c:29:75:c2:
                    26:b5:2c:46:51:9b:1b:e3:f9:09:ce:35:d9:b5:47:
                    fb:e5:75:08:3f:ec:c4:dc:57:eb:f4:04:56:cf:1a:
                    b2:0f:b1:32:4e:14:b7:14:dd:63:07:ce:76:48:11:
                    02:b5:eb:f8:d2:cb:e8:b7:59:42:0b:ab:00:1a:71:
                    1f:90:cb:1d:48:58:12:8e:87:78:b7:de:62:34:c8:
                    bf:1f:a4:7d:e4:de:d3:9d:94:4a:46:fc:fd:a6:36:
                    81:8e:78:8c:c5:81:97:ca:0b:19:16:95:71:10:fd:
                    a0:53:61:7d:3c:7c:b4:c0:a5:5c:40:32:93:05:7f:
                    a2:a6:e6:b1:f6:1a:8b:43:7c:05:59:68:5b:25:07:
                    31:ab:c4:36:db:d0:33:57:8c:0f:08:14:60:01:72:
                    f6:db:e7:d4:4f:c9:61:93:e2:91:2e:3e:3d:30:f2:
                    fd:4b:83:73:10:a4:36:a9:c9:d9:df:4e:03:37:24:
                    3d:d0:60:c3:24:2e:89:39:c3:30:b9:04:85:1f:69:
                    df:70:49:56:23:00:24:ea:f5:eb:8a:f6:31:fc:59:
                    c5:e6:53:01:8e:19:7b:ca:b8:97:79:70:79:a6:0f:
                    8c:c2:b7:18:3a:af:71:d4:5c:5c:38:c2:56:db:86:
                    da:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:BD:8B:32:00:67:D8:2D:22:2F:C2:69:91:5A:A8:1B:18:CD:D9:77
            X509v3 Authority Key Identifier:
                keyid:56:44:2D:37:8A:87:93:2B:76:DA:F9:2C:E8:FC:9E:F3:41:EB:C7:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:db:59:8b:9b:a6:7c:0a:9f:c4:ee:13:68:a8:12:63:94:f3:
         95:32:e7:ec:c9:8a:85:01:72:76:31:5c:6d:fa:40:23:91:60:
         12:cb:54:34:87:be:8b:cc:49:9f:4b:e1:a6:ed:86:5e:ac:15:
         a3:07:5e:46:f2:70:76:c4:1b:0f:bd:b1:26:ea:f0:9a:29:b1:
         80:b2:6c:c9:f3:9a:d2:e9:f9:a1:10:9b:ba:75:fa:5d:9c:c1:
         40:f2:19:0f:c3:29:95:49:4b:40:41:fb:50:10:92:7f:58:75:
         f0:d8:e0:fc:d7:de:f7:6d:82:0e:92:40:09:0f:96:14:38:c4:
         8c:ac:c3:cb:c3:8a:30:a8:06:f0:aa:ba:5f:d6:8d:0c:e5:a8:
         22:9b:58:cb:e5:b0:44:97:01:5c:69:83:7c:9a:47:c0:b4:29:
         1a:8b:ee:67:a7:d3:e2:b5:51:92:dc:88:56:6a:4d:8a:60:81:
         10:74:3d:f0:fc:64:58:7b:9b:86:64:03:03:61:36:47:68:58:
         68:cb:81:f3:e0:60:27:bd:65:da:d5:07:bb:01:89:0a:f2:73:
         2f:42:3d:5c:93:fa:f9:e5:0f:f3:89:6f:40:fb:7f:aa:aa:54:
         f9:ec:5b:13:d9:96:ba:1d:13:a6:68:f9:02:6f:41:9a:ad:a0:
         e6:3a:cc:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYSRfdtDcTId7C5xQPL6ABrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NDQyZDM3OGE4NzkzMmI3NmRhZjkyY2U4ZmM5ZWYzNDFl
YmM3NTkwHhcNMjUwNDA3MjIwMTM3WhcNMjUwNDA4MjIwMTM3WjAzMTEwLwYDVQQD
EygyN2JkOGIzMjAwNjdkODJkMjIyZmMyNjk5MTVhYTgxYjE4Y2RkOTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9syZBqaUc1+mlwpdcImtSxGUZsb
4/kJzjXZtUf75XUIP+zE3Ffr9ARWzxqyD7EyThS3FN1jB852SBECtev40svot1lC
C6sAGnEfkMsdSFgSjod4t95iNMi/H6R95N7TnZRKRvz9pjaBjniMxYGXygsZFpVx
EP2gU2F9PHy0wKVcQDKTBX+ipuax9hqLQ3wFWWhbJQcxq8Q229AzV4wPCBRgAXL2
2+fUT8lhk+KRLj49MPL9S4NzEKQ2qcnZ304DNyQ90GDDJC6JOcMwuQSFH2nfcElW
IwAk6vXrivYx/FnF5lMBjhl7yriXeXB5pg+MwrcYOq9x1FxcOMJW24bavQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCe9izIAZ9gtIi/CaZFaqBsYzdl3MB8GA1UdIwQY
MBaAFFZELTeKh5Mrdtr5LOj8nvNB68dZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy80ZjMyNTQtNTQ0Mi00Yzg3LThiMTQt
OTgxM2YwOTA2YzRiLzEvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy80ZjMyNTQtNTQ0Mi00Yzg3LThiMTQtOTgxM2YwOTA2YzRi
LzEvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANttZi5um
fAqfxO4TaKgSY5TzlTLn7MmKhQFydjFcbfpAI5FgEstUNIe+i8xJn0vhpu2GXqwV
owdeRvJwdsQbD72xJurwmimxgLJsyfOa0un5oRCbunX6XZzBQPIZD8MplUlLQEH7
UBCSf1h18Njg/Nfe922CDpJACQ+WFDjEjKzDy8OKMKgG8Kq6X9aNDOWoIptYy+Ww
RJcBXGmDfJpHwLQpGovuZ6fT4rVRktyIVmpNimCBEHQ98PxkWHubhmQDA2E2R2hY
aMuB8+BgJ71l2tUHuwGJCvJzL0I9XJP6+eUP84lvQPt/qqpU+exbE9mWuh0Tpmj5
Am9Bmq2g5jrM+w==
-----END CERTIFICATE-----