Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft
File:                     0IpNevM5v1JVcjk3VdHPszzdta0.mft (raw, json)
Hash identifier:          f3WA51dYBLoSW5joRqjTWtpuZBLfaMVatfB48hbI7a0=
Subject key identifier:   68:A6:10:5D:7C:33:94:B9:80:0C:AE:D5:A4:36:F0:94:4D:64:A8:75
Authority key identifier: D0:8A:4D:7A:F3:39:BF:52:55:72:39:37:55:D1:CF:B3:3C:DD:B5:AD
Certificate issuer:       /CN=d08a4d7af339bf525572393755d1cfb33cddb5ad
Certificate serial:       019650B63B80F8FA591EEC355C07C7797063
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0IpNevM5v1JVcjk3VdHPszzdta0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft
Manifest number:          14F8
Signing time:             Sun 20 Apr 2025 01:00:42 +0000
Manifest this update:     Sun 20 Apr 2025 01:00:42 +0000
Manifest next update:     Mon 21 Apr 2025 01:00:42 +0000
Files and hashes:         1: 0IpNevM5v1JVcjk3VdHPszzdta0.crl (hash: wtNqsjdc47rAdtGRcqpKOAuALXZpOR9m8N3WmopAI4I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0IpNevM5v1JVcjk3VdHPszzdta0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:b6:3b:80:f8:fa:59:1e:ec:35:5c:07:c7:79:70:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d08a4d7af339bf525572393755d1cfb33cddb5ad
        Validity
            Not Before: Apr 20 01:00:42 2025 GMT
            Not After : Apr 21 01:00:42 2025 GMT
        Subject: CN=68a6105d7c3394b9800caed5a436f0944d64a875
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:28:c6:1f:0a:95:c6:1d:10:12:ee:bd:df:f1:
                    81:af:61:09:87:0c:ea:70:d1:64:92:25:fd:11:96:
                    9d:cb:e9:e0:fd:c0:bb:7b:f7:51:bc:ab:3e:c1:c2:
                    38:c1:b6:59:5a:cf:c0:c1:77:4d:bb:0c:1f:d8:a0:
                    4c:b3:5e:28:c1:56:17:54:98:cb:da:30:1b:49:8f:
                    60:32:32:71:65:5d:b4:a7:b1:81:74:3e:76:93:f3:
                    b4:fe:d3:05:19:a1:a0:b2:b0:16:a0:07:65:00:10:
                    c2:a4:98:48:cb:95:21:64:19:f3:06:e1:ee:de:eb:
                    f1:b8:e4:da:30:68:79:4a:77:55:2e:0e:28:42:81:
                    bc:5e:84:98:af:56:4f:66:cd:c1:0b:97:95:24:b8:
                    f9:92:8a:3b:dc:2a:f5:1a:d8:9c:76:9a:8d:90:5e:
                    50:d2:a5:ed:dd:da:d2:6e:f6:74:13:05:62:11:e9:
                    1d:56:bf:aa:d9:ba:be:d7:d0:45:bb:e4:2d:06:d1:
                    cb:40:e8:45:89:1d:bb:0f:ee:26:a3:44:79:80:05:
                    bc:fb:66:2e:61:63:62:6a:06:ad:38:bf:a5:75:5e:
                    42:2c:64:e4:f4:cb:97:ad:87:3a:ab:3a:0b:8a:73:
                    b3:07:be:57:12:bf:3e:93:15:09:8d:c5:94:00:74:
                    7a:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:A6:10:5D:7C:33:94:B9:80:0C:AE:D5:A4:36:F0:94:4D:64:A8:75
            X509v3 Authority Key Identifier:
                keyid:D0:8A:4D:7A:F3:39:BF:52:55:72:39:37:55:D1:CF:B3:3C:DD:B5:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0IpNevM5v1JVcjk3VdHPszzdta0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:72:a5:1a:ff:1b:90:07:e4:4f:dd:63:3c:a3:d3:5f:9d:02:
         ea:94:89:e0:c0:b0:07:19:53:bd:32:57:c7:b3:5f:e4:12:c0:
         70:38:fc:cc:a6:c9:50:eb:2c:17:d6:43:8b:3d:fb:d9:19:78:
         fb:e0:5b:12:f4:72:f1:72:ac:5a:4b:a6:31:a2:36:fe:ab:c7:
         a7:c0:36:45:b1:8d:97:7e:a8:07:3b:e1:a7:dd:45:da:d0:ec:
         17:a1:6d:c5:b7:8d:9c:af:f2:40:62:33:57:79:72:39:18:71:
         ed:74:27:36:d6:bb:c8:32:73:0e:8b:d1:d8:3e:c6:b8:8b:85:
         7a:e7:fc:96:a0:ad:3a:b8:b3:61:3e:a0:39:ae:a2:31:09:f4:
         4e:fc:96:20:89:89:76:ac:2e:36:3e:ff:53:96:24:65:0c:ae:
         16:59:f8:d7:24:31:ec:f5:93:54:5b:fb:34:2e:ec:a3:3c:a6:
         62:c1:97:51:bc:af:cd:88:f4:6b:7a:99:89:89:72:1a:05:27:
         c6:91:de:5d:66:28:b4:c6:c1:5b:c0:ee:46:73:73:e2:4e:e6:
         4f:72:fc:73:ef:be:a5:f0:d7:85:0f:14:90:30:ac:f9:ec:6c:
         28:aa:f3:d5:84:e8:61:4a:85:88:5f:f6:2e:06:21:ac:14:91:
         1c:31:55:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQtjuA+PpZHuw1XAfHeXBjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGE0ZDdhZjMzOWJmNTI1NTcyMzkzNzU1ZDFjZmIzM2Nk
ZGI1YWQwHhcNMjUwNDIwMDEwMDQyWhcNMjUwNDIxMDEwMDQyWjAzMTEwLwYDVQQD
Eyg2OGE2MTA1ZDdjMzM5NGI5ODAwY2FlZDVhNDM2ZjA5NDRkNjRhODc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSjGHwqVxh0QEu693/GBr2EJhwzq
cNFkkiX9EZady+ng/cC7e/dRvKs+wcI4wbZZWs/AwXdNuwwf2KBMs14owVYXVJjL
2jAbSY9gMjJxZV20p7GBdD52k/O0/tMFGaGgsrAWoAdlABDCpJhIy5UhZBnzBuHu
3uvxuOTaMGh5SndVLg4oQoG8XoSYr1ZPZs3BC5eVJLj5koo73Cr1GticdpqNkF5Q
0qXt3drSbvZ0EwViEekdVr+q2bq+19BFu+QtBtHLQOhFiR27D+4mo0R5gAW8+2Yu
YWNiagatOL+ldV5CLGTk9MuXrYc6qzoLinOzB75XEr8+kxUJjcWUAHR6HQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGimEF18M5S5gAyu1aQ28JRNZKh1MB8GA1UdIwQY
MBaAFNCKTXrzOb9SVXI5N1XRz7M83bWtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMElwTmV2TTV2MUpWY2prM1ZkSFBzenpkdGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8xNWZiOGEtOTI2MS00NjJkLWE1YWMt
ZDVhMWVhOWVkYjA4LzEvMElwTmV2TTV2MUpWY2prM1ZkSFBzenpkdGEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8xNWZiOGEtOTI2MS00NjJkLWE1YWMtZDVhMWVhOWVkYjA4
LzEvMElwTmV2TTV2MUpWY2prM1ZkSFBzenpkdGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJnKlGv8b
kAfkT91jPKPTX50C6pSJ4MCwBxlTvTJXx7Nf5BLAcDj8zKbJUOssF9ZDiz372Rl4
++BbEvRy8XKsWkumMaI2/qvHp8A2RbGNl36oBzvhp91F2tDsF6FtxbeNnK/yQGIz
V3lyORhx7XQnNta7yDJzDovR2D7GuIuFeuf8lqCtOrizYT6gOa6iMQn0TvyWIImJ
dqwuNj7/U5YkZQyuFln41yQx7PWTVFv7NC7sozymYsGXUbyvzYj0a3qZiYlyGgUn
xpHeXWYotMbBW8DuRnNz4k7mT3L8c+++pfDXhQ8UkDCs+exsKKrz1YToYUqFiF/2
LgYhrBSRHDFVIA==
-----END CERTIFICATE-----