Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/8f5e59-7f71-4cf2-a619-3f0295eee951/1/fgdwhBDMdkNEuM-k8-NopeJStlA.mft
File:                     fgdwhBDMdkNEuM-k8-NopeJStlA.mft (raw, json)
Hash identifier:          cUsdxWQEoVkb5VTdGXcCotQDK9UDR4M6tKbd/0JUgG4=
Subject key identifier:   97:68:30:D5:BE:54:0A:E5:D5:C0:E0:5F:EB:ED:69:60:20:A4:24:11
Authority key identifier: 7E:07:70:84:10:CC:76:43:44:B8:CF:A4:F3:E3:68:A5:E2:52:B6:50
Certificate issuer:       /CN=7e07708410cc764344b8cfa4f3e368a5e252b650
Certificate serial:       019656133B8FF7EC8DEA155CBC97E41FC42E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fgdwhBDMdkNEuM-k8-NopeJStlA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/8f5e59-7f71-4cf2-a619-3f0295eee951/1/fgdwhBDMdkNEuM-k8-NopeJStlA.mft
Manifest number:          0925
Signing time:             Mon 21 Apr 2025 02:00:23 +0000
Manifest this update:     Mon 21 Apr 2025 02:00:23 +0000
Manifest next update:     Tue 22 Apr 2025 02:00:23 +0000
Files and hashes:         1: fgdwhBDMdkNEuM-k8-NopeJStlA.crl (hash: 1a+YD3878QTs9jQJ51mSAYn02l3CSoSahOLD4cjjDFE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/8f5e59-7f71-4cf2-a619-3f0295eee951/1/fgdwhBDMdkNEuM-k8-NopeJStlA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/8f5e59-7f71-4cf2-a619-3f0295eee951/1/fgdwhBDMdkNEuM-k8-NopeJStlA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fgdwhBDMdkNEuM-k8-NopeJStlA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:56:13:3b:8f:f7:ec:8d:ea:15:5c:bc:97:e4:1f:c4:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7e07708410cc764344b8cfa4f3e368a5e252b650
        Validity
            Not Before: Apr 21 02:00:23 2025 GMT
            Not After : Apr 22 02:00:23 2025 GMT
        Subject: CN=976830d5be540ae5d5c0e05febed696020a42411
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:1b:e0:24:7b:ce:62:97:e3:34:41:12:44:61:
                    2b:28:41:20:0a:58:f9:7d:63:01:9e:24:2b:4e:27:
                    e9:63:a5:e0:d2:73:e7:ed:40:56:e6:eb:5e:d8:80:
                    6b:09:e5:fe:76:3a:38:07:07:c5:95:7b:8f:88:20:
                    da:80:7f:7e:29:cd:52:a7:88:63:d4:a0:e4:49:b1:
                    77:66:63:49:dd:21:1b:2c:5d:4f:47:2d:2e:7b:0c:
                    7f:22:7b:f8:84:1b:75:04:e6:55:54:48:f3:bd:7e:
                    0a:b5:76:69:ba:fb:71:d7:d2:37:f8:97:a7:da:3c:
                    26:ce:4e:0b:ba:ee:71:99:37:27:44:30:a8:88:a4:
                    21:da:8b:8b:35:44:e1:ee:93:e4:db:83:c3:94:5f:
                    59:05:76:d9:b2:03:a3:40:04:55:aa:33:18:b4:cf:
                    4e:8c:1b:1c:d5:05:fb:8d:ed:2b:94:47:7d:78:66:
                    16:36:f3:02:0a:4f:b4:e5:06:05:14:f9:a1:6c:09:
                    48:44:e3:99:75:b2:cb:43:0a:a3:0a:f7:32:0a:83:
                    66:d5:31:a6:7f:0d:f4:19:ed:fb:46:e6:f1:5e:f5:
                    a4:b9:18:81:96:86:af:97:af:d0:db:0f:d9:a7:b4:
                    dc:35:d7:52:37:07:b5:e8:92:37:93:bd:15:f5:ba:
                    89:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:68:30:D5:BE:54:0A:E5:D5:C0:E0:5F:EB:ED:69:60:20:A4:24:11
            X509v3 Authority Key Identifier:
                keyid:7E:07:70:84:10:CC:76:43:44:B8:CF:A4:F3:E3:68:A5:E2:52:B6:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fgdwhBDMdkNEuM-k8-NopeJStlA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/8f5e59-7f71-4cf2-a619-3f0295eee951/1/fgdwhBDMdkNEuM-k8-NopeJStlA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/8f5e59-7f71-4cf2-a619-3f0295eee951/1/fgdwhBDMdkNEuM-k8-NopeJStlA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:67:75:23:4e:ab:5a:3e:89:a6:d8:c3:4c:1c:ec:71:40:17:
         68:b1:dc:68:46:0c:73:92:da:af:23:aa:33:21:fd:5d:53:c6:
         8a:89:c1:23:47:35:bc:6f:91:8a:9d:c9:fe:9e:06:a2:55:18:
         40:97:39:ec:60:f7:3a:b5:a6:6f:e1:9c:ff:03:12:78:43:85:
         fb:8b:7c:37:74:73:c5:fd:3a:a4:f5:25:54:89:a7:59:f9:11:
         be:a3:9e:66:90:c7:dd:3a:59:65:92:ee:b2:1a:39:f1:5b:86:
         63:8c:4a:71:ec:e0:5f:56:f8:27:f7:bf:7e:7c:b8:31:ce:ab:
         b8:f0:97:8b:f3:73:87:a5:aa:40:f1:b6:01:96:30:c9:6e:d3:
         d8:bc:87:40:41:9c:41:27:05:74:b5:53:fa:d2:17:96:3b:5d:
         45:b0:d4:4a:2d:8a:cf:37:92:22:7c:2c:be:42:cf:cd:70:0f:
         5c:06:30:51:60:89:54:b2:e6:38:c6:3c:23:39:d0:e4:21:b4:
         25:ef:d3:de:9e:9a:b5:d6:b2:a6:a3:38:de:54:81:ba:6e:2e:
         07:45:34:c0:54:24:84:d4:19:dd:b4:50:cb:92:28:b2:9b:d1:
         37:d5:b6:70:ba:f1:e0:fd:4d:57:b7:f5:cc:f1:8d:89:ad:a2:
         be:0f:33:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWEzuP9+yN6hVcvJfkH8QuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMDc3MDg0MTBjYzc2NDM0NGI4Y2ZhNGYzZTM2OGE1ZTI1
MmI2NTAwHhcNMjUwNDIxMDIwMDIzWhcNMjUwNDIyMDIwMDIzWjAzMTEwLwYDVQQD
Eyg5NzY4MzBkNWJlNTQwYWU1ZDVjMGUwNWZlYmVkNjk2MDIwYTQyNDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhvgJHvOYpfjNEESRGErKEEgClj5
fWMBniQrTifpY6Xg0nPn7UBW5ute2IBrCeX+djo4BwfFlXuPiCDagH9+Kc1Sp4hj
1KDkSbF3ZmNJ3SEbLF1PRy0uewx/Inv4hBt1BOZVVEjzvX4KtXZpuvtx19I3+Jen
2jwmzk4Luu5xmTcnRDCoiKQh2ouLNUTh7pPk24PDlF9ZBXbZsgOjQARVqjMYtM9O
jBsc1QX7je0rlEd9eGYWNvMCCk+05QYFFPmhbAlIROOZdbLLQwqjCvcyCoNm1TGm
fw30Ge37RubxXvWkuRiBloavl6/Q2w/Zp7TcNddSNwe16JI3k70V9bqJRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdoMNW+VArl1cDgX+vtaWAgpCQRMB8GA1UdIwQY
MBaAFH4HcIQQzHZDRLjPpPPjaKXiUrZQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmdkd2hCRE1ka05FdU0tazgtTm9wZUpTdGxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS84ZjVlNTktN2Y3MS00Y2YyLWE2MTkt
M2YwMjk1ZWVlOTUxLzEvZmdkd2hCRE1ka05FdU0tazgtTm9wZUpTdGxBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS84ZjVlNTktN2Y3MS00Y2YyLWE2MTktM2YwMjk1ZWVlOTUx
LzEvZmdkd2hCRE1ka05FdU0tazgtTm9wZUpTdGxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADWd1I06r
Wj6JptjDTBzscUAXaLHcaEYMc5LaryOqMyH9XVPGionBI0c1vG+Rip3J/p4GolUY
QJc57GD3OrWmb+Gc/wMSeEOF+4t8N3Rzxf06pPUlVImnWfkRvqOeZpDH3TpZZZLu
sho58VuGY4xKcezgX1b4J/e/fny4Mc6ruPCXi/Nzh6WqQPG2AZYwyW7T2LyHQEGc
QScFdLVT+tIXljtdRbDUSi2KzzeSInwsvkLPzXAPXAYwUWCJVLLmOMY8IznQ5CG0
Je/T3p6atdaypqM43lSBum4uB0U0wFQkhNQZ3bRQy5IospvRN9W2cLrx4P1NV7f1
zPGNia2ivg8zzQ==
-----END CERTIFICATE-----