Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft
File:                     KAYV5gBqhh9mz3MH0w_JNQx2994.mft (raw, json)
Hash identifier:          NqQo7xxbscatiIozE4Ag9r+/PJw7c4NcvooCqMK3JAo=
Subject key identifier:   4E:13:01:36:EB:43:3B:52:E9:53:D7:E8:B5:05:B5:27:A7:9C:CA:09
Authority key identifier: 28:06:15:E6:00:6A:86:1F:66:CF:73:07:D3:0F:C9:35:0C:76:F7:DE
Certificate issuer:       /CN=280615e6006a861f66cf7307d30fc9350c76f7de
Certificate serial:       0196579392D0883E625E01B4AFA66EE8913A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KAYV5gBqhh9mz3MH0w_JNQx2994.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft
Manifest number:          14FC
Signing time:             Mon 21 Apr 2025 09:00:11 +0000
Manifest this update:     Mon 21 Apr 2025 09:00:11 +0000
Manifest next update:     Tue 22 Apr 2025 09:00:11 +0000
Files and hashes:         1: KAYV5gBqhh9mz3MH0w_JNQx2994.crl (hash: VXRFz8DBCqsYvtpe1YGVXec+waYV6we9IzJAocPjYV0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KAYV5gBqhh9mz3MH0w_JNQx2994.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 09:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:93:92:d0:88:3e:62:5e:01:b4:af:a6:6e:e8:91:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=280615e6006a861f66cf7307d30fc9350c76f7de
        Validity
            Not Before: Apr 21 09:00:11 2025 GMT
            Not After : Apr 22 09:00:11 2025 GMT
        Subject: CN=4e130136eb433b52e953d7e8b505b527a79cca09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:65:a6:87:21:de:80:96:84:dc:5b:a9:72:9f:
                    d5:1a:be:54:a6:1b:16:3a:56:f1:40:11:85:b9:7e:
                    e5:2e:e1:61:1b:e4:35:09:74:37:b0:c5:df:22:b5:
                    c2:c9:32:23:5e:1e:92:8f:22:c0:c7:30:9d:57:2c:
                    87:f2:12:33:94:7e:4c:65:e5:d9:38:cf:0e:bc:5e:
                    f7:66:e8:ae:30:73:79:9c:b1:dc:eb:ef:d3:c4:e7:
                    3f:59:6b:e1:a6:18:f8:68:c8:8f:e0:e2:5f:27:50:
                    84:02:27:25:52:37:77:0b:6e:b8:c0:7f:c0:7f:f6:
                    66:1b:78:28:d7:3b:65:2e:e0:ef:87:b6:43:0d:ea:
                    8a:2d:a5:2e:1d:7c:0a:54:37:b2:ae:6e:d1:61:43:
                    ee:30:1b:ac:e0:7f:58:e4:c1:ab:57:1b:62:e8:e3:
                    4e:0d:a9:f4:57:13:36:64:4c:c7:8c:83:00:a2:67:
                    e9:c5:f1:58:64:c1:52:8f:a9:a9:93:46:6f:66:54:
                    aa:42:85:37:fd:30:47:f2:e9:cf:28:22:aa:4e:f1:
                    b1:60:ef:7b:b0:74:f9:12:ce:ce:76:28:cb:7b:77:
                    22:27:42:d6:c4:2d:21:af:33:11:25:1e:3a:d7:09:
                    f7:7f:c1:af:28:f0:34:a0:36:31:f5:dc:c2:ab:81:
                    21:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:13:01:36:EB:43:3B:52:E9:53:D7:E8:B5:05:B5:27:A7:9C:CA:09
            X509v3 Authority Key Identifier:
                keyid:28:06:15:E6:00:6A:86:1F:66:CF:73:07:D3:0F:C9:35:0C:76:F7:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KAYV5gBqhh9mz3MH0w_JNQx2994.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:81:7d:02:ef:bf:2c:1c:b3:26:d2:6b:e2:15:b1:39:b0:b8:
         08:fc:3f:6f:ab:a4:3f:73:af:ce:e2:3c:8e:f0:4e:dd:35:eb:
         a5:3f:3f:26:49:89:77:bf:bf:8d:a5:b5:da:ca:da:17:3a:89:
         5e:13:6f:8f:fc:8d:a2:e2:d8:db:14:12:08:38:20:ef:4f:2d:
         f2:37:a8:02:50:8d:91:70:83:c6:48:d1:6b:1d:8d:a5:52:dd:
         ed:aa:41:53:70:76:d6:98:38:69:41:3b:46:9a:75:aa:47:02:
         e8:c6:5f:c1:e9:d6:2a:2d:33:b7:5e:19:ba:8c:3c:7d:11:9a:
         e0:7f:5e:62:6b:3c:a0:62:36:b3:e0:74:ae:cc:c5:d5:85:c8:
         a4:18:20:9d:3f:76:fb:b4:dd:fc:a0:00:83:8e:d9:19:97:df:
         b8:7e:28:dc:fb:f1:c1:23:17:07:af:5d:09:c2:71:f2:26:a0:
         7c:25:1f:d2:b0:47:53:6a:54:88:0e:87:e7:c0:f1:d8:83:36:
         3d:b3:b5:e4:66:29:83:af:82:ec:09:76:47:38:cc:c5:b7:91:
         fc:70:65:9f:00:5e:a6:02:7f:7b:bd:36:ae:8b:a0:99:de:4a:
         ee:c6:7f:6b:ad:e3:6e:3f:d3:21:b6:73:0f:e9:05:93:a3:d3:
         52:48:9c:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXk5LQiD5iXgG0r6Zu6JE6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDYxNWU2MDA2YTg2MWY2NmNmNzMwN2QzMGZjOTM1MGM3
NmY3ZGUwHhcNMjUwNDIxMDkwMDExWhcNMjUwNDIyMDkwMDExWjAzMTEwLwYDVQQD
Eyg0ZTEzMDEzNmViNDMzYjUyZTk1M2Q3ZThiNTA1YjUyN2E3OWNjYTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2WmhyHegJaE3Fupcp/VGr5UphsW
OlbxQBGFuX7lLuFhG+Q1CXQ3sMXfIrXCyTIjXh6SjyLAxzCdVyyH8hIzlH5MZeXZ
OM8OvF73ZuiuMHN5nLHc6+/TxOc/WWvhphj4aMiP4OJfJ1CEAiclUjd3C264wH/A
f/ZmG3go1ztlLuDvh7ZDDeqKLaUuHXwKVDeyrm7RYUPuMBus4H9Y5MGrVxti6ONO
Dan0VxM2ZEzHjIMAomfpxfFYZMFSj6mpk0ZvZlSqQoU3/TBH8unPKCKqTvGxYO97
sHT5Es7OdijLe3ciJ0LWxC0hrzMRJR461wn3f8GvKPA0oDYx9dzCq4EhGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE4TATbrQztS6VPX6LUFtSennMoJMB8GA1UdIwQY
MBaAFCgGFeYAaoYfZs9zB9MPyTUMdvfeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FZVjVnQnFoaDltejNNSDB3X0pOUXgyOTk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNzRhYWQtYzk0Ny00MzExLWFmZjEt
YWU5MmI2YWUxYmZlLzEvS0FZVjVnQnFoaDltejNNSDB3X0pOUXgyOTk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNzRhYWQtYzk0Ny00MzExLWFmZjEtYWU5MmI2YWUxYmZl
LzEvS0FZVjVnQnFoaDltejNNSDB3X0pOUXgyOTk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP4F9Au+/
LByzJtJr4hWxObC4CPw/b6ukP3OvzuI8jvBO3TXrpT8/JkmJd7+/jaW12sraFzqJ
XhNvj/yNouLY2xQSCDgg708t8jeoAlCNkXCDxkjRax2NpVLd7apBU3B21pg4aUE7
Rpp1qkcC6MZfwenWKi0zt14Zuow8fRGa4H9eYms8oGI2s+B0rszF1YXIpBggnT92
+7Td/KAAg47ZGZffuH4o3PvxwSMXB69dCcJx8iagfCUf0rBHU2pUiA6H58Dx2IM2
PbO15GYpg6+C7Al2RzjMxbeR/HBlnwBepgJ/e702rougmd5K7sZ/a63jbj/TIbZz
D+kFk6PTUkic2Q==
-----END CERTIFICATE-----