Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
File:                     7HDF2GfeIA8BSGsaiAqUuEldciA.mft (raw, json)
Hash identifier:          lXoCZpAiLBNVbjzF2/C8ODvmC3PxxSJ2NJRLEaAnxWk=
Subject key identifier:   32:8F:F4:2E:7D:26:07:6E:FD:7A:AA:B5:0D:76:A1:90:E2:BF:7B:68
Authority key identifier: EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20
Certificate issuer:       /CN=ec70c5d867de200f01486b1a880a94b8495d7220
Certificate serial:       01964D46F59303C99763945CA18791C1E9B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
Manifest number:          0DBC
Signing time:             Sat 19 Apr 2025 09:00:17 +0000
Manifest this update:     Sat 19 Apr 2025 09:00:17 +0000
Manifest next update:     Sun 20 Apr 2025 09:00:17 +0000
Files and hashes:         1: 7HDF2GfeIA8BSGsaiAqUuEldciA.crl (hash: qC5Y8e7jGzA0X1r0y7rQX7Bi5jlZGDWTGCsgad7fihY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:46:f5:93:03:c9:97:63:94:5c:a1:87:91:c1:e9:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec70c5d867de200f01486b1a880a94b8495d7220
        Validity
            Not Before: Apr 19 09:00:17 2025 GMT
            Not After : Apr 20 09:00:17 2025 GMT
        Subject: CN=328ff42e7d26076efd7aaab50d76a190e2bf7b68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:c4:97:ab:f0:b6:d6:41:52:59:ef:81:ba:81:
                    29:2d:3f:24:21:3f:d1:6f:1c:7b:0c:01:f1:81:51:
                    9b:d4:4c:c4:51:23:d7:50:f4:46:fe:0e:74:c7:33:
                    ec:f9:8c:8a:02:5a:af:4f:35:4a:4f:f6:06:89:ab:
                    88:84:8b:20:37:0c:13:8d:eb:6c:bd:11:6d:b4:88:
                    e8:4f:ef:3b:f7:2e:2b:0b:07:3b:01:49:0b:c6:64:
                    a5:7a:ff:83:2d:e5:35:da:c2:3d:92:93:40:61:70:
                    9f:ec:c3:7f:66:22:3f:cc:a7:1d:5f:78:bd:e7:34:
                    b9:c7:91:cd:99:18:6e:21:40:6f:4c:c4:82:4d:fc:
                    57:50:db:7c:60:9e:d3:60:2d:37:b3:e3:eb:f3:e1:
                    bd:60:d3:10:23:b8:ae:a7:3a:08:13:9f:90:cc:53:
                    e4:9f:47:b1:30:67:3a:e9:c5:ce:12:cb:70:a3:06:
                    d3:46:15:f5:72:d1:17:ef:74:15:18:3c:d4:2f:85:
                    0f:2a:e0:65:2c:d2:75:71:d2:f5:07:a5:c7:b2:ab:
                    86:2d:ee:7b:3f:12:6c:6a:91:08:44:eb:d9:7d:43:
                    0f:4f:40:83:cf:5b:91:67:98:c6:b9:4e:90:d9:b8:
                    b9:ad:b3:a8:ef:b6:ce:50:e8:79:ba:9d:47:c3:2b:
                    69:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:8F:F4:2E:7D:26:07:6E:FD:7A:AA:B5:0D:76:A1:90:E2:BF:7B:68
            X509v3 Authority Key Identifier:
                keyid:EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:60:9f:11:c0:d4:70:4f:36:f7:fd:96:d4:64:28:10:13:5b:
         d6:e1:04:7d:c4:32:47:bb:ec:bd:3e:fa:9e:08:4c:d0:a8:a6:
         54:ba:fa:86:a4:a9:8d:f3:8a:26:55:d0:68:bd:b9:c1:82:c5:
         74:65:7f:3c:c7:ee:ed:1b:82:a8:31:d7:f9:13:a8:23:61:19:
         cd:db:fc:f1:74:f3:7b:03:9c:3c:21:b0:82:38:9d:03:70:0a:
         be:f9:7c:1e:97:dc:20:e4:d0:55:36:17:b7:99:84:32:85:c9:
         75:dc:cd:9e:97:e8:e4:ed:eb:79:86:4b:ab:3d:4a:4e:57:29:
         66:7f:57:79:8b:5d:44:68:11:b2:af:a2:31:84:7f:95:5e:ae:
         f8:30:6b:8c:0b:de:36:b8:62:1c:75:65:c9:e3:54:e4:21:35:
         01:e3:59:00:74:9d:85:b5:df:15:e9:df:44:9d:2c:6c:77:ae:
         86:ed:a8:a2:f6:55:62:3a:14:2e:84:5a:06:f7:c6:0f:34:06:
         4e:87:d8:49:e2:3d:c4:34:52:c0:87:69:ec:61:58:02:91:42:
         b7:20:41:0d:c1:aa:5f:38:77:49:be:e1:8e:4f:56:05:53:22:
         da:c3:44:42:52:16:59:e8:62:77:c3:67:de:16:58:10:cd:ca:
         17:02:bc:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNRvWTA8mXY5RcoYeRwem2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNzBjNWQ4NjdkZTIwMGYwMTQ4NmIxYTg4MGE5NGI4NDk1
ZDcyMjAwHhcNMjUwNDE5MDkwMDE3WhcNMjUwNDIwMDkwMDE3WjAzMTEwLwYDVQQD
EygzMjhmZjQyZTdkMjYwNzZlZmQ3YWFhYjUwZDc2YTE5MGUyYmY3YjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MSXq/C21kFSWe+BuoEpLT8kIT/R
bxx7DAHxgVGb1EzEUSPXUPRG/g50xzPs+YyKAlqvTzVKT/YGiauIhIsgNwwTjets
vRFttIjoT+879y4rCwc7AUkLxmSlev+DLeU12sI9kpNAYXCf7MN/ZiI/zKcdX3i9
5zS5x5HNmRhuIUBvTMSCTfxXUNt8YJ7TYC03s+Pr8+G9YNMQI7iupzoIE5+QzFPk
n0exMGc66cXOEstwowbTRhX1ctEX73QVGDzUL4UPKuBlLNJ1cdL1B6XHsquGLe57
PxJsapEIROvZfUMPT0CDz1uRZ5jGuU6Q2bi5rbOo77bOUOh5up1HwytpNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDKP9C59Jgdu/XqqtQ12oZDiv3toMB8GA1UdIwQY
MBaAFOxwxdhn3iAPAUhrGogKlLhJXXIgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQt
YzVhZDE1M2MyZDQ2LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQtYzVhZDE1M2MyZDQ2
LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPGCfEcDU
cE829/2W1GQoEBNb1uEEfcQyR7vsvT76nghM0KimVLr6hqSpjfOKJlXQaL25wYLF
dGV/PMfu7RuCqDHX+ROoI2EZzdv88XTzewOcPCGwgjidA3AKvvl8HpfcIOTQVTYX
t5mEMoXJddzNnpfo5O3reYZLqz1KTlcpZn9XeYtdRGgRsq+iMYR/lV6u+DBrjAve
NrhiHHVlyeNU5CE1AeNZAHSdhbXfFenfRJ0sbHeuhu2oovZVYjoULoRaBvfGDzQG
TofYSeI9xDRSwIdp7GFYApFCtyBBDcGqXzh3Sb7hjk9WBVMi2sNEQlIWWehid8Nn
3hZYEM3KFwK8Gg==
-----END CERTIFICATE-----