Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft
File:                     FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft (raw, json)
Hash identifier:          E7YF8q2iyflfZetDXAW0uBJQlW/JJxE9WnVpQWq/f4s=
Subject key identifier:   4B:F5:2E:51:33:29:5F:53:47:90:D4:19:F0:2F:22:28:90:0E:DD:45
Authority key identifier: 14:C7:35:25:9F:DB:7B:83:F2:77:AD:F1:2D:08:CC:98:B5:A6:10:0A
Certificate issuer:       /CN=14c735259fdb7b83f277adf12d08cc98b5a6100a
Certificate serial:       01964D7EE6F8051A3AD18FAA007B961CA4C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FMc1JZ_be4Pyd63xLQjMmLWmEAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft
Manifest number:          081B
Signing time:             Sat 19 Apr 2025 10:01:24 +0000
Manifest this update:     Sat 19 Apr 2025 10:01:24 +0000
Manifest next update:     Sun 20 Apr 2025 10:01:24 +0000
Files and hashes:         1: FMc1JZ_be4Pyd63xLQjMmLWmEAo.crl (hash: ok+nYXAVOERqZr7JUi4P0SGtQCrWF05SRAofwraX4d0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FMc1JZ_be4Pyd63xLQjMmLWmEAo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7e:e6:f8:05:1a:3a:d1:8f:aa:00:7b:96:1c:a4:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14c735259fdb7b83f277adf12d08cc98b5a6100a
        Validity
            Not Before: Apr 19 10:01:24 2025 GMT
            Not After : Apr 20 10:01:24 2025 GMT
        Subject: CN=4bf52e5133295f534790d419f02f2228900edd45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:62:61:5f:3b:cc:db:78:20:a7:3f:42:ba:ef:
                    22:16:40:a9:37:6d:91:39:e7:f6:27:17:e5:c3:0f:
                    de:9a:87:8f:d9:13:db:3b:c8:eb:4c:4d:a6:24:a1:
                    c8:f8:0c:cb:04:c3:33:25:16:ce:e7:67:b5:6e:db:
                    b5:1a:dc:f9:c8:c1:76:fe:1b:77:7d:5c:49:3f:65:
                    5c:fc:09:75:12:96:7d:8a:3f:da:6f:d3:0d:ac:4d:
                    c9:fc:45:67:32:0a:2c:a2:97:3c:41:35:2a:47:cd:
                    31:3c:29:c3:60:bb:44:74:9a:a4:3b:3c:ef:b3:03:
                    ed:4d:69:21:5a:f3:39:37:ff:6b:c4:90:d5:1a:b5:
                    36:ba:a8:88:6e:15:78:8a:c2:e4:44:e1:05:8b:e1:
                    93:fe:86:65:4e:ff:59:b9:2d:b5:d5:38:5b:7c:3a:
                    97:36:b7:e6:8c:1b:de:6d:c7:31:bb:d0:8e:97:d2:
                    3c:4b:cf:e7:ee:da:18:54:e5:d2:99:c4:00:71:0f:
                    ab:54:89:69:23:b8:7c:20:4b:c8:c4:e6:a5:a5:a3:
                    b8:ec:cc:35:c7:ae:de:a2:e3:23:c1:6b:9b:71:d1:
                    a4:21:9c:96:2c:68:28:ef:70:50:e9:74:ae:33:5d:
                    92:59:80:0e:8b:85:37:4b:0d:dd:02:a2:69:8f:7c:
                    71:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:F5:2E:51:33:29:5F:53:47:90:D4:19:F0:2F:22:28:90:0E:DD:45
            X509v3 Authority Key Identifier:
                keyid:14:C7:35:25:9F:DB:7B:83:F2:77:AD:F1:2D:08:CC:98:B5:A6:10:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMc1JZ_be4Pyd63xLQjMmLWmEAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:91:b7:95:10:47:14:58:a5:d6:b1:48:17:cc:f2:76:75:c1:
         10:b2:12:1c:83:a9:ea:f9:94:56:00:60:c2:6e:e6:39:88:d4:
         32:b2:83:59:df:2e:29:6c:7c:9e:ed:dd:e5:ff:ff:5a:97:6f:
         42:45:58:0a:0e:56:1f:ae:38:c0:27:58:7b:1e:cc:8c:38:de:
         e7:2f:d8:4f:91:1c:fd:72:75:9a:db:d7:e2:55:44:25:3b:3b:
         b4:20:91:7c:fe:ce:ca:a1:d6:1f:38:a4:a8:35:aa:e9:9d:0d:
         8e:e8:14:30:34:88:a7:9b:b9:56:aa:ac:38:ab:af:70:28:29:
         d0:82:d1:e4:cf:2a:3d:23:43:bc:e9:85:c8:0d:cf:61:ff:a0:
         87:bb:26:41:25:2e:98:93:a1:19:70:91:d3:eb:fb:c4:a7:44:
         68:99:9f:ee:ef:6b:76:41:5d:5a:aa:35:e5:ad:77:7e:47:35:
         88:ea:73:1a:3e:33:18:ef:08:7c:5c:3b:be:6f:5b:bc:13:63:
         0a:3c:9f:18:f7:50:ba:a8:0b:ae:42:d7:bb:26:80:d5:e7:f4:
         5e:31:55:53:84:6c:cd:41:4c:17:bf:b5:d2:47:fe:47:a1:fa:
         de:95:0e:df:fa:cd:e6:59:5a:58:5d:8b:c5:a0:75:dc:6f:0c:
         58:04:57:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfub4BRo60Y+qAHuWHKTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YzczNTI1OWZkYjdiODNmMjc3YWRmMTJkMDhjYzk4YjVh
NjEwMGEwHhcNMjUwNDE5MTAwMTI0WhcNMjUwNDIwMTAwMTI0WjAzMTEwLwYDVQQD
Eyg0YmY1MmU1MTMzMjk1ZjUzNDc5MGQ0MTlmMDJmMjIyODkwMGVkZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2JhXzvM23ggpz9Cuu8iFkCpN22R
Oef2Jxflww/emoeP2RPbO8jrTE2mJKHI+AzLBMMzJRbO52e1btu1Gtz5yMF2/ht3
fVxJP2Vc/Al1EpZ9ij/ab9MNrE3J/EVnMgosopc8QTUqR80xPCnDYLtEdJqkOzzv
swPtTWkhWvM5N/9rxJDVGrU2uqiIbhV4isLkROEFi+GT/oZlTv9ZuS211ThbfDqX
NrfmjBvebccxu9COl9I8S8/n7toYVOXSmcQAcQ+rVIlpI7h8IEvIxOalpaO47Mw1
x67eouMjwWubcdGkIZyWLGgo73BQ6XSuM12SWYAOi4U3Sw3dAqJpj3xxRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEv1LlEzKV9TR5DUGfAvIiiQDt1FMB8GA1UdIwQY
MBaAFBTHNSWf23uD8net8S0IzJi1phAKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk1jMUpaX2JlNFB5ZDYzeExRak1tTFdtRUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9kZTJiMTYtZmEyYi00YTExLTk1YWIt
ZGJlYWY3ODQ4MTdhLzEvRk1jMUpaX2JlNFB5ZDYzeExRak1tTFdtRUFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9kZTJiMTYtZmEyYi00YTExLTk1YWItZGJlYWY3ODQ4MTdh
LzEvRk1jMUpaX2JlNFB5ZDYzeExRak1tTFdtRUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsZG3lRBH
FFil1rFIF8zydnXBELISHIOp6vmUVgBgwm7mOYjUMrKDWd8uKWx8nu3d5f//Wpdv
QkVYCg5WH644wCdYex7MjDje5y/YT5Ec/XJ1mtvX4lVEJTs7tCCRfP7OyqHWHzik
qDWq6Z0NjugUMDSIp5u5VqqsOKuvcCgp0ILR5M8qPSNDvOmFyA3PYf+gh7smQSUu
mJOhGXCR0+v7xKdEaJmf7u9rdkFdWqo15a13fkc1iOpzGj4zGO8IfFw7vm9bvBNj
CjyfGPdQuqgLrkLXuyaA1ef0XjFVU4RszUFMF7+10kf+R6H63pUO3/rN5llaWF2L
xaB13G8MWARXlQ==
-----END CERTIFICATE-----