Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft
File:                     eH0Q8i5f-ksg99W3goxVuVCal1k.mft (raw, json)
Hash identifier:          l7rOS8DwXsmkXwP6ogZ7MzPbFgixxa+MA+1FIZEmHTE=
Subject key identifier:   17:96:52:25:9F:A0:74:46:A0:85:94:05:69:4D:1C:A6:00:BE:CB:09
Authority key identifier: 78:7D:10:F2:2E:5F:FA:4B:20:F7:D5:B7:82:8C:55:B9:50:9A:97:59
Certificate issuer:       /CN=787d10f22e5ffa4b20f7d5b7828c55b9509a9759
Certificate serial:       01964E2367066994AA3F0C7B45C6ECEBFB79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eH0Q8i5f-ksg99W3goxVuVCal1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft
Manifest number:          14F8
Signing time:             Sat 19 Apr 2025 13:01:05 +0000
Manifest this update:     Sat 19 Apr 2025 13:01:05 +0000
Manifest next update:     Sun 20 Apr 2025 13:01:05 +0000
Files and hashes:         1: eH0Q8i5f-ksg99W3goxVuVCal1k.crl (hash: /id3jyL0WKnqcOsgh7WXQHHx2MlcuIMWHYpSjYciWes=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eH0Q8i5f-ksg99W3goxVuVCal1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4e:23:67:06:69:94:aa:3f:0c:7b:45:c6:ec:eb:fb:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=787d10f22e5ffa4b20f7d5b7828c55b9509a9759
        Validity
            Not Before: Apr 19 13:01:05 2025 GMT
            Not After : Apr 20 13:01:05 2025 GMT
        Subject: CN=179652259fa07446a0859405694d1ca600becb09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:19:66:36:e3:93:8f:56:8f:16:f2:dc:5c:c4:
                    28:14:4b:97:fb:78:26:9b:e5:e7:b6:fc:75:1c:c6:
                    7b:ba:2c:4f:d8:fd:4c:3c:9e:91:a7:85:91:f8:64:
                    1c:8e:08:f5:82:08:cf:a7:40:d3:6a:03:f0:f8:cd:
                    0a:f6:f2:c0:24:f8:ef:af:8a:18:8a:d1:f4:21:73:
                    f3:26:e5:53:0f:66:e7:40:74:34:53:b6:c1:22:56:
                    51:50:a2:03:e2:bc:a5:e4:4c:ab:b6:35:53:c1:72:
                    ed:c6:ff:e7:6e:99:44:9f:1f:ec:27:b2:ff:e4:ed:
                    cb:a2:57:42:be:cf:45:ec:20:38:e8:21:a8:3d:a1:
                    4a:3e:54:29:31:09:2c:95:38:67:50:77:a7:eb:3f:
                    5b:09:98:be:52:d5:5f:e7:85:7d:af:97:2c:ab:c7:
                    e7:b4:ea:bf:e2:b8:cf:12:f8:c9:b3:a6:8b:76:9b:
                    d9:ad:da:6e:f8:77:b2:db:27:f7:14:f0:e9:21:54:
                    63:15:2d:b0:a5:72:9e:cc:45:50:e9:12:a3:fa:b6:
                    d9:ad:5a:6a:35:ff:78:b7:05:0e:90:6a:21:45:53:
                    df:27:f2:3e:df:79:d0:7d:45:a1:e8:0a:69:f2:6a:
                    57:10:b7:77:37:6f:5d:da:9e:b4:ee:be:45:70:bf:
                    4b:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:96:52:25:9F:A0:74:46:A0:85:94:05:69:4D:1C:A6:00:BE:CB:09
            X509v3 Authority Key Identifier:
                keyid:78:7D:10:F2:2E:5F:FA:4B:20:F7:D5:B7:82:8C:55:B9:50:9A:97:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eH0Q8i5f-ksg99W3goxVuVCal1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:d8:7e:5c:13:2c:1f:23:7e:5c:75:7d:e8:8b:61:a2:06:47:
         29:e3:22:12:e5:8d:d7:0b:84:4e:94:90:12:25:ac:74:bb:da:
         80:f7:2e:8f:ff:cf:ae:3e:39:bb:99:5b:06:c2:ef:ce:41:46:
         b6:a0:88:c1:0b:31:72:6e:d5:24:36:86:a0:cc:40:29:d0:1f:
         f7:30:48:51:ff:44:f5:44:71:35:ba:02:c7:b1:ef:c7:5c:db:
         4c:cd:3a:eb:97:3e:d8:c7:62:da:1e:5f:ef:32:8d:b8:46:ef:
         22:01:fc:5d:da:73:8f:87:98:55:d8:1a:95:13:65:c5:8f:e8:
         77:3a:8c:3a:4c:16:95:c1:ef:e6:f4:0c:0d:60:c9:39:64:a7:
         14:e0:21:41:fd:e8:5d:9e:cd:9e:ba:a1:5f:62:d7:0c:cd:d6:
         ce:8d:d7:46:ec:57:9d:ba:30:79:52:8f:b4:79:10:c7:35:0e:
         f2:f8:a1:16:2b:97:b6:b2:0d:8f:5e:70:53:ab:72:04:44:cc:
         df:69:11:93:3d:30:58:02:6f:e0:ee:7a:45:05:1d:91:2a:1b:
         69:13:0d:9a:e1:61:5b:fb:37:dd:13:43:5d:fc:28:b3:99:4b:
         3c:6e:e8:1d:a7:6b:98:1f:7d:e5:80:a2:e9:27:f5:87:8e:54:
         b8:60:43:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZOI2cGaZSqPwx7Rcbs6/t5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4N2QxMGYyMmU1ZmZhNGIyMGY3ZDViNzgyOGM1NWI5NTA5
YTk3NTkwHhcNMjUwNDE5MTMwMTA1WhcNMjUwNDIwMTMwMTA1WjAzMTEwLwYDVQQD
EygxNzk2NTIyNTlmYTA3NDQ2YTA4NTk0MDU2OTRkMWNhNjAwYmVjYjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxlmNuOTj1aPFvLcXMQoFEuX+3gm
m+Xntvx1HMZ7uixP2P1MPJ6Rp4WR+GQcjgj1ggjPp0DTagPw+M0K9vLAJPjvr4oY
itH0IXPzJuVTD2bnQHQ0U7bBIlZRUKID4ryl5EyrtjVTwXLtxv/nbplEnx/sJ7L/
5O3LoldCvs9F7CA46CGoPaFKPlQpMQkslThnUHen6z9bCZi+UtVf54V9r5csq8fn
tOq/4rjPEvjJs6aLdpvZrdpu+Hey2yf3FPDpIVRjFS2wpXKezEVQ6RKj+rbZrVpq
Nf94twUOkGohRVPfJ/I+33nQfUWh6App8mpXELd3N29d2p607r5FcL9LtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBeWUiWfoHRGoIWUBWlNHKYAvssJMB8GA1UdIwQY
MBaAFHh9EPIuX/pLIPfVt4KMVblQmpdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUgwUThpNWYta3NnOTlXM2dveFZ1VkNhbDFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hYjgwNTUtMzg5Yy00M2VkLWFiZGUt
YmYwZGUyYmIxYzNjLzEvZUgwUThpNWYta3NnOTlXM2dveFZ1VkNhbDFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9hYjgwNTUtMzg5Yy00M2VkLWFiZGUtYmYwZGUyYmIxYzNj
LzEvZUgwUThpNWYta3NnOTlXM2dveFZ1VkNhbDFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjdh+XBMs
HyN+XHV96IthogZHKeMiEuWN1wuETpSQEiWsdLvagPcuj//Prj45u5lbBsLvzkFG
tqCIwQsxcm7VJDaGoMxAKdAf9zBIUf9E9URxNboCx7Hvx1zbTM0665c+2Mdi2h5f
7zKNuEbvIgH8Xdpzj4eYVdgalRNlxY/odzqMOkwWlcHv5vQMDWDJOWSnFOAhQf3o
XZ7NnrqhX2LXDM3Wzo3XRuxXnboweVKPtHkQxzUO8vihFiuXtrINj15wU6tyBETM
32kRkz0wWAJv4O56RQUdkSobaRMNmuFhW/s33RNDXfwos5lLPG7oHadrmB995YCi
6Sf1h45UuGBD6w==
-----END CERTIFICATE-----