Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
File:                     7HDF2GfeIA8BSGsaiAqUuEldciA.mft (raw, json)
Hash identifier:          jpFhSiT78qgN/zsG59LOj4JQQa3hnOw03eR2susQ2OA=
Subject key identifier:   B4:06:EE:8F:D6:F7:18:C4:EE:A7:C3:B2:F0:C2:8E:4F:F6:56:BF:E3
Authority key identifier: EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20
Certificate issuer:       /CN=ec70c5d867de200f01486b1a880a94b8495d7220
Certificate serial:       01958C2909CDCE33D99A863D17E5B88A6B7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
Manifest number:          0D58
Signing time:             Wed 12 Mar 2025 21:00:54 +0000
Manifest this update:     Wed 12 Mar 2025 21:00:54 +0000
Manifest next update:     Thu 13 Mar 2025 21:00:54 +0000
Files and hashes:         1: 7HDF2GfeIA8BSGsaiAqUuEldciA.crl (hash: ABqiL7QbYDtQAe56SYxfYrMqEaElUB0ehleW33pl7sA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:29:09:cd:ce:33:d9:9a:86:3d:17:e5:b8:8a:6b:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec70c5d867de200f01486b1a880a94b8495d7220
        Validity
            Not Before: Mar 12 21:00:54 2025 GMT
            Not After : Mar 13 21:00:54 2025 GMT
        Subject: CN=b406ee8fd6f718c4eea7c3b2f0c28e4ff656bfe3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:f1:d3:8f:9b:d0:28:20:fa:f6:31:3b:cd:66:
                    81:3b:76:f5:cf:56:64:65:8f:b9:85:bd:b7:66:06:
                    18:eb:91:ad:56:39:33:41:ea:ce:5f:bb:81:87:c3:
                    cb:0d:85:4a:5e:5f:c8:8c:80:68:22:59:19:31:54:
                    09:c4:8c:c2:bc:df:0d:53:ef:a5:17:66:8d:7b:95:
                    dd:fa:96:74:cc:0c:09:87:ae:f0:62:09:f0:91:53:
                    66:0e:e9:0c:31:3e:25:73:b9:b3:45:8e:e8:bf:29:
                    cc:17:97:8d:0b:4b:a4:3d:60:ec:18:6b:c3:04:80:
                    0b:c4:e1:ca:51:91:59:fa:96:7c:5c:41:0d:a1:77:
                    65:16:15:f5:4d:98:3d:bb:3d:78:58:47:70:b1:71:
                    7b:a5:26:b1:c5:d8:57:1b:e8:eb:a1:5e:26:a8:4d:
                    7e:1b:2a:b5:b9:e6:3e:19:c9:bb:ee:04:bf:d0:72:
                    b1:08:e4:7c:2b:0a:f7:ff:e1:ef:35:b5:77:ee:19:
                    cf:03:13:52:f5:3e:e8:6b:26:61:3e:03:2a:56:2e:
                    a8:0d:e1:85:89:3b:da:46:8a:31:13:84:ca:99:da:
                    e7:d4:5e:c8:d7:45:6f:73:54:b5:1a:9b:b5:fa:38:
                    ec:e1:42:6d:56:5b:92:f6:a6:82:98:db:e9:bc:0d:
                    da:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:06:EE:8F:D6:F7:18:C4:EE:A7:C3:B2:F0:C2:8E:4F:F6:56:BF:E3
            X509v3 Authority Key Identifier:
                keyid:EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:c5:d4:a7:23:6d:58:a4:19:1e:bf:d6:79:51:10:4c:58:dd:
         0f:2b:19:04:51:b1:f0:f9:c9:1d:97:56:a3:c7:b7:c6:46:9d:
         ff:0f:22:34:e0:59:ae:34:ea:a4:57:7a:e7:2f:0a:16:62:95:
         14:fd:a2:05:e3:96:2f:0b:52:a6:60:b4:71:87:41:e8:1d:ef:
         70:7a:5d:3e:dd:a1:74:17:d4:20:f1:d4:d1:cc:a4:d6:be:71:
         6e:1e:7d:7d:d3:86:ff:1f:c4:e2:3e:e1:ab:6d:4b:14:f6:10:
         09:ca:9a:1d:44:76:83:1a:33:75:1d:00:3c:8f:0d:c0:49:50:
         62:d0:dd:ea:51:a3:fa:8b:c6:af:66:ed:b8:d1:ec:0a:65:3a:
         e0:27:81:23:c8:9d:5e:50:f6:d4:0a:e9:7a:c9:9f:a4:da:19:
         79:41:12:a2:2c:9f:82:b0:e2:c6:3f:9b:34:22:51:96:0d:3e:
         51:64:d5:17:d9:41:af:1d:33:0f:55:d0:00:39:15:fa:bd:b5:
         26:3b:a5:35:4b:fd:ba:55:9d:6d:8f:0e:65:8e:60:90:4d:18:
         52:2d:22:f7:93:34:5c:50:9a:b1:fe:ef:96:ee:8e:fc:58:1f:
         8e:ef:1e:25:1c:31:8c:ea:05:12:b2:22:0b:35:7f:e8:39:64:
         1b:b6:fe:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMKQnNzjPZmoY9F+W4imt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNzBjNWQ4NjdkZTIwMGYwMTQ4NmIxYTg4MGE5NGI4NDk1
ZDcyMjAwHhcNMjUwMzEyMjEwMDU0WhcNMjUwMzEzMjEwMDU0WjAzMTEwLwYDVQQD
EyhiNDA2ZWU4ZmQ2ZjcxOGM0ZWVhN2MzYjJmMGMyOGU0ZmY2NTZiZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPHTj5vQKCD69jE7zWaBO3b1z1Zk
ZY+5hb23ZgYY65GtVjkzQerOX7uBh8PLDYVKXl/IjIBoIlkZMVQJxIzCvN8NU++l
F2aNe5Xd+pZ0zAwJh67wYgnwkVNmDukMMT4lc7mzRY7ovynMF5eNC0ukPWDsGGvD
BIALxOHKUZFZ+pZ8XEENoXdlFhX1TZg9uz14WEdwsXF7pSaxxdhXG+jroV4mqE1+
Gyq1ueY+Gcm77gS/0HKxCOR8Kwr3/+HvNbV37hnPAxNS9T7oayZhPgMqVi6oDeGF
iTvaRooxE4TKmdrn1F7I10Vvc1S1Gpu1+jjs4UJtVluS9qaCmNvpvA3ahQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLQG7o/W9xjE7qfDsvDCjk/2Vr/jMB8GA1UdIwQY
MBaAFOxwxdhn3iAPAUhrGogKlLhJXXIgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQt
YzVhZDE1M2MyZDQ2LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQtYzVhZDE1M2MyZDQ2
LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn8XUpyNt
WKQZHr/WeVEQTFjdDysZBFGx8PnJHZdWo8e3xkad/w8iNOBZrjTqpFd65y8KFmKV
FP2iBeOWLwtSpmC0cYdB6B3vcHpdPt2hdBfUIPHU0cyk1r5xbh59fdOG/x/E4j7h
q21LFPYQCcqaHUR2gxozdR0API8NwElQYtDd6lGj+ovGr2btuNHsCmU64CeBI8id
XlD21ArpesmfpNoZeUESoiyfgrDixj+bNCJRlg0+UWTVF9lBrx0zD1XQADkV+r21
JjulNUv9ulWdbY8OZY5gkE0YUi0i95M0XFCasf7vlu6O/Fgfju8eJRwxjOoFErIi
CzV/6DlkG7b+aA==
-----END CERTIFICATE-----