Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.mft
File:                     wtVzsWdwcfL9bUS4QBthISBZjM8.mft (raw, json)
Hash identifier:          C7iej4qiNmvT1qKlMX83oN6aYpLEQkvqEy6mWm8Pjbk=
Subject key identifier:   21:03:EE:5A:9B:83:93:A9:82:11:60:B1:8C:89:14:C4:95:93:F5:0F
Authority key identifier: C2:D5:73:B1:67:70:71:F2:FD:6D:44:B8:40:1B:61:21:20:59:8C:CF
Certificate issuer:       /CN=c2d573b1677071f2fd6d44b8401b612120598ccf
Certificate serial:       01964F6C29EBB31381B2006919A86B1A7965
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wtVzsWdwcfL9bUS4QBthISBZjM8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.mft
Manifest number:          14F7
Signing time:             Sat 19 Apr 2025 19:00:10 +0000
Manifest this update:     Sat 19 Apr 2025 19:00:10 +0000
Manifest next update:     Sun 20 Apr 2025 19:00:10 +0000
Files and hashes:         1: wtVzsWdwcfL9bUS4QBthISBZjM8.crl (hash: WZkjsImoRX0f0w6Tg/un04yyC95wuhXWaRMOO5AnrTk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wtVzsWdwcfL9bUS4QBthISBZjM8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:6c:29:eb:b3:13:81:b2:00:69:19:a8:6b:1a:79:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2d573b1677071f2fd6d44b8401b612120598ccf
        Validity
            Not Before: Apr 19 19:00:10 2025 GMT
            Not After : Apr 20 19:00:10 2025 GMT
        Subject: CN=2103ee5a9b8393a9821160b18c8914c49593f50f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:36:14:b2:de:c3:8c:ae:13:e8:f4:de:87:52:
                    a9:23:e2:06:c9:6c:68:07:d7:83:51:35:74:42:ea:
                    b0:b9:16:5a:6e:f4:f5:c2:1e:72:cd:f3:93:3b:57:
                    b0:cf:cb:47:12:53:8d:b3:38:c6:c7:ad:cc:5d:74:
                    e7:1d:28:b1:cc:d0:35:f7:6f:eb:f9:b5:ab:21:7a:
                    9e:92:44:4d:f4:19:da:f9:59:00:d8:e3:5c:41:43:
                    c4:f2:52:f2:71:2e:83:b1:24:f2:26:b0:d4:32:2a:
                    69:95:2d:08:16:f1:7a:e9:4f:2d:51:e0:ff:ed:25:
                    a3:49:13:0f:ec:3b:71:e9:6a:af:f1:f6:a5:66:90:
                    5f:a0:79:84:67:5c:47:fa:3a:7c:43:b6:5a:43:f0:
                    49:bf:23:1c:65:96:9b:a6:d1:d2:67:a6:d5:43:e6:
                    5c:75:5b:ff:27:0c:87:66:8f:c9:eb:c7:cb:06:dd:
                    04:62:12:fc:dd:fd:46:fb:e8:1b:32:18:96:44:49:
                    06:94:a3:85:b1:d0:f0:00:cf:03:8e:75:d2:a7:d8:
                    4d:50:a0:81:0e:c8:e4:dd:83:33:90:4a:91:82:5b:
                    23:cb:25:48:a5:98:69:aa:a9:91:5d:76:93:7e:57:
                    ba:71:8c:51:0f:9d:b3:05:a2:83:e9:b4:10:b2:c0:
                    15:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:03:EE:5A:9B:83:93:A9:82:11:60:B1:8C:89:14:C4:95:93:F5:0F
            X509v3 Authority Key Identifier:
                keyid:C2:D5:73:B1:67:70:71:F2:FD:6D:44:B8:40:1B:61:21:20:59:8C:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtVzsWdwcfL9bUS4QBthISBZjM8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:6b:32:fc:f5:2c:f9:2c:75:2d:a6:5c:3f:bb:2e:d6:f5:01:
         5f:a5:78:22:cd:e6:ee:6a:24:c0:1f:da:a8:f4:6a:2f:34:a4:
         55:78:c2:73:99:49:c2:41:3c:e2:d5:e4:97:bf:7c:5e:f9:77:
         07:6d:1b:b9:3a:f0:32:99:8d:21:82:6a:7f:a7:96:60:22:3b:
         ab:59:72:e0:86:95:95:d4:46:a5:96:ae:8a:89:eb:95:5c:3d:
         a0:ae:6b:45:7e:ae:33:8d:4e:57:d8:bc:0c:4c:18:26:14:6d:
         38:a4:0b:bf:fe:e3:f2:04:c1:25:96:dc:02:85:92:04:47:24:
         43:10:5f:c8:2c:33:85:02:44:c2:70:d9:bd:0e:f6:bb:40:18:
         f6:e1:28:bd:11:69:67:63:aa:4d:fe:30:06:b1:1a:00:56:01:
         09:5d:70:53:02:ef:dd:ef:66:80:b3:05:a9:a5:0a:84:16:a9:
         d4:94:7b:51:83:52:95:d7:ce:d8:ef:8d:a3:03:8d:cc:85:b3:
         36:d3:e2:67:a1:83:0f:4f:e6:a3:bd:2a:ad:a5:06:e5:d6:f2:
         e1:b6:0e:7e:ad:b4:45:97:1a:12:bd:97:d4:a5:64:be:1c:56:
         3e:1f:1a:0a:1b:a9:26:01:ee:81:c3:57:36:8e:08:c7:9c:5a:
         1a:01:ba:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPbCnrsxOBsgBpGahrGnllMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDU3M2IxNjc3MDcxZjJmZDZkNDRiODQwMWI2MTIxMjA1
OThjY2YwHhcNMjUwNDE5MTkwMDEwWhcNMjUwNDIwMTkwMDEwWjAzMTEwLwYDVQQD
EygyMTAzZWU1YTliODM5M2E5ODIxMTYwYjE4Yzg5MTRjNDk1OTNmNTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zYUst7DjK4T6PTeh1KpI+IGyWxo
B9eDUTV0QuqwuRZabvT1wh5yzfOTO1ewz8tHElONszjGx63MXXTnHSixzNA192/r
+bWrIXqekkRN9Bna+VkA2ONcQUPE8lLycS6DsSTyJrDUMipplS0IFvF66U8tUeD/
7SWjSRMP7Dtx6Wqv8falZpBfoHmEZ1xH+jp8Q7ZaQ/BJvyMcZZabptHSZ6bVQ+Zc
dVv/JwyHZo/J68fLBt0EYhL83f1G++gbMhiWREkGlKOFsdDwAM8DjnXSp9hNUKCB
Dsjk3YMzkEqRglsjyyVIpZhpqqmRXXaTfle6cYxRD52zBaKD6bQQssAVBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCED7lqbg5OpghFgsYyJFMSVk/UPMB8GA1UdIwQY
MBaAFMLVc7FncHHy/W1EuEAbYSEgWYzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RWenNXZHdjZkw5YlVTNFFCdGhJU0Jaak04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9iNWY1OTEtZDVlYS00N2UyLTllNjkt
MDRkMTJmMmQwNzBhLzEvd3RWenNXZHdjZkw5YlVTNFFCdGhJU0Jaak04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9iNWY1OTEtZDVlYS00N2UyLTllNjktMDRkMTJmMmQwNzBh
LzEvd3RWenNXZHdjZkw5YlVTNFFCdGhJU0Jaak04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKWsy/PUs
+Sx1LaZcP7su1vUBX6V4Is3m7mokwB/aqPRqLzSkVXjCc5lJwkE84tXkl798Xvl3
B20buTrwMpmNIYJqf6eWYCI7q1ly4IaVldRGpZauionrlVw9oK5rRX6uM41OV9i8
DEwYJhRtOKQLv/7j8gTBJZbcAoWSBEckQxBfyCwzhQJEwnDZvQ72u0AY9uEovRFp
Z2OqTf4wBrEaAFYBCV1wUwLv3e9mgLMFqaUKhBap1JR7UYNSldfO2O+NowONzIWz
NtPiZ6GDD0/mo70qraUG5dby4bYOfq20RZcaEr2X1KVkvhxWPh8aChupJgHugcNX
No4Ix5xaGgG6gA==
-----END CERTIFICATE-----