Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
File:                     FLklHG89i7aaegPOrN0q58LIzjc.mft (raw, json)
Hash identifier:          eWqZhgbsFKLA5ox7EMPxGcqxY/OqE+O1rvnNUCTicMQ=
Subject key identifier:   56:B1:FB:D2:8E:49:37:24:26:3F:65:44:9D:58:5E:9F:3E:6C:4F:86
Authority key identifier: 14:B9:25:1C:6F:3D:8B:B6:9A:7A:03:CE:AC:DD:2A:E7:C2:C8:CE:37
Certificate issuer:       /CN=14b9251c6f3d8bb69a7a03ceacdd2ae7c2c8ce37
Certificate serial:       01974A43FBF1A8C203E467EA60E349B8C44A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
Manifest number:          E7
Signing time:             Sat 07 Jun 2025 12:00:58 +0000
Manifest this update:     Sat 07 Jun 2025 12:00:58 +0000
Manifest next update:     Sun 08 Jun 2025 12:00:58 +0000
Files and hashes:         1: FLklHG89i7aaegPOrN0q58LIzjc.crl (hash: D0I2RPdQSFlmZ9svNMQGrwP8eozn8JAC7A0OnI0L3s4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:43:fb:f1:a8:c2:03:e4:67:ea:60:e3:49:b8:c4:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14b9251c6f3d8bb69a7a03ceacdd2ae7c2c8ce37
        Validity
            Not Before: Jun  7 12:00:58 2025 GMT
            Not After : Jun  8 12:00:58 2025 GMT
        Subject: CN=56b1fbd28e493724263f65449d585e9f3e6c4f86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:12:78:7f:a3:16:74:87:39:f4:e6:62:d7:79:
                    71:81:45:e3:9c:0c:15:3e:11:fb:82:08:68:24:90:
                    0d:03:a0:a3:22:9a:a8:fe:21:c7:b5:94:9f:6c:62:
                    58:93:93:f6:41:74:d5:ee:0c:7e:09:36:7c:54:62:
                    0d:f1:32:1c:62:ae:33:a7:23:f0:d6:b3:e6:5e:94:
                    17:71:1d:5f:68:d6:b1:50:93:73:56:d1:74:fd:5a:
                    71:59:2b:0f:b5:48:1b:23:a8:e0:23:94:7b:76:52:
                    43:f6:53:1d:02:99:d4:8e:5d:3e:fe:71:9e:10:ba:
                    bb:62:f6:94:f5:c8:5e:c8:91:73:c1:fd:47:47:79:
                    72:a8:7e:7a:d0:f8:f9:41:db:68:ff:79:22:75:c7:
                    d4:b4:f8:85:19:de:9a:f8:19:a5:29:e8:3a:4b:a0:
                    aa:b2:55:5f:c0:8c:5b:cc:da:cf:96:c0:70:7f:a4:
                    7f:4f:35:5a:b2:db:f7:3d:7a:e1:01:a2:20:8f:71:
                    bb:c0:28:3f:a5:d5:cc:6c:1c:27:40:06:cf:d3:6a:
                    b6:69:c9:b9:31:87:95:61:3c:c2:0c:e3:af:2f:8f:
                    dc:d9:5a:31:34:b3:7a:70:6e:a9:b2:1e:54:04:db:
                    3f:1d:11:57:26:68:85:31:c8:55:ec:a6:7c:df:e0:
                    87:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:B1:FB:D2:8E:49:37:24:26:3F:65:44:9D:58:5E:9F:3E:6C:4F:86
            X509v3 Authority Key Identifier:
                keyid:14:B9:25:1C:6F:3D:8B:B6:9A:7A:03:CE:AC:DD:2A:E7:C2:C8:CE:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:c1:28:88:86:3c:8e:e3:58:f4:db:1e:09:6b:05:4a:4c:b4:
         a1:d7:e6:b8:cc:43:30:35:64:55:a1:59:94:31:b7:5b:1b:3c:
         53:57:c8:4f:04:3a:7e:96:c7:51:6c:1d:42:d7:ab:86:49:f0:
         c3:ed:27:f1:c8:ce:dd:87:60:ec:f6:f5:c7:c5:84:6a:d5:9d:
         43:42:16:96:27:76:76:e1:22:23:e3:e8:e6:e3:83:58:53:6a:
         05:d5:94:84:af:d1:d2:2b:c8:08:8d:ac:a6:99:0c:15:fe:5e:
         27:5a:9c:a4:83:5f:48:a8:de:89:ba:a5:01:04:e3:9a:12:02:
         c8:e7:db:5d:fe:5b:45:36:5e:a3:a5:e9:19:05:71:35:18:39:
         b6:b0:e7:ea:ab:8a:1a:aa:d3:b4:d7:bb:cd:e8:58:fb:08:f7:
         59:cc:44:e9:5d:b6:ea:d5:ee:10:ab:46:5b:10:53:b6:c6:83:
         41:a2:48:e5:6d:78:04:c8:34:13:a6:c1:23:73:81:a8:56:90:
         91:a9:f3:ba:a5:08:f0:1c:c8:c9:b5:2f:1e:50:b5:7f:7d:8e:
         c3:4d:3f:13:a9:dc:a8:6e:6a:d1:1a:fc:ef:50:42:30:22:7a:
         44:8c:c2:4a:ac:ed:1a:7f:38:78:9a:95:89:f3:81:86:e2:36:
         91:e9:0d:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKQ/vxqMID5GfqYONJuMRKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YjkyNTFjNmYzZDhiYjY5YTdhMDNjZWFjZGQyYWU3YzJj
OGNlMzcwHhcNMjUwNjA3MTIwMDU4WhcNMjUwNjA4MTIwMDU4WjAzMTEwLwYDVQQD
Eyg1NmIxZmJkMjhlNDkzNzI0MjYzZjY1NDQ5ZDU4NWU5ZjNlNmM0Zjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hJ4f6MWdIc59OZi13lxgUXjnAwV
PhH7gghoJJANA6CjIpqo/iHHtZSfbGJYk5P2QXTV7gx+CTZ8VGIN8TIcYq4zpyPw
1rPmXpQXcR1faNaxUJNzVtF0/VpxWSsPtUgbI6jgI5R7dlJD9lMdApnUjl0+/nGe
ELq7YvaU9cheyJFzwf1HR3lyqH560Pj5Qdto/3kidcfUtPiFGd6a+BmlKeg6S6Cq
slVfwIxbzNrPlsBwf6R/TzVastv3PXrhAaIgj3G7wCg/pdXMbBwnQAbP02q2acm5
MYeVYTzCDOOvL4/c2VoxNLN6cG6psh5UBNs/HRFXJmiFMchV7KZ83+CHDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFax+9KOSTckJj9lRJ1YXp8+bE+GMB8GA1UdIwQY
MBaAFBS5JRxvPYu2mnoDzqzdKufCyM43MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9iMzBkNjYtOGZiMC00ZTlkLTk4ZWMt
YzJkOGE1OWIwMGQzLzEvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9iMzBkNjYtOGZiMC00ZTlkLTk4ZWMtYzJkOGE1OWIwMGQz
LzEvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ8EoiIY8
juNY9NseCWsFSky0odfmuMxDMDVkVaFZlDG3Wxs8U1fITwQ6fpbHUWwdQterhknw
w+0n8cjO3Ydg7Pb1x8WEatWdQ0IWlid2duEiI+Po5uODWFNqBdWUhK/R0ivICI2s
ppkMFf5eJ1qcpINfSKjeibqlAQTjmhICyOfbXf5bRTZeo6XpGQVxNRg5trDn6quK
GqrTtNe7zehY+wj3WcxE6V226tXuEKtGWxBTtsaDQaJI5W14BMg0E6bBI3OBqFaQ
kanzuqUI8BzIybUvHlC1f32Ow00/E6ncqG5q0Rr871BCMCJ6RIzCSqztGn84eJqV
ifOBhuI2kekNZQ==
-----END CERTIFICATE-----