Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
File:                     s1IytLD6jIPU_4wSROhk67yt1os.mft (raw, json)
Hash identifier:          8OLqamAzguC43lOoxkaK0aje6Pz5Ok9LJ2o2A9R/bpY=
Subject key identifier:   01:06:6C:94:7C:A6:0B:8E:25:F9:18:F0:56:FD:EC:F5:8F:C8:99:B1
Authority key identifier: B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B
Certificate issuer:       /CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
Certificate serial:       01964D7E89BBEA8B8214B20D02A39BE1A6E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
Manifest number:          0F71
Signing time:             Sat 19 Apr 2025 10:01:00 +0000
Manifest this update:     Sat 19 Apr 2025 10:01:00 +0000
Manifest next update:     Sun 20 Apr 2025 10:01:00 +0000
Files and hashes:         1: s1IytLD6jIPU_4wSROhk67yt1os.crl (hash: IsNi1YG1CCxtqPrvL78T4qSqVyFzxlCXm19ANV7Lses=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7e:89:bb:ea:8b:82:14:b2:0d:02:a3:9b:e1:a6:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
        Validity
            Not Before: Apr 19 10:01:00 2025 GMT
            Not After : Apr 20 10:01:00 2025 GMT
        Subject: CN=01066c947ca60b8e25f918f056fdecf58fc899b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:cb:9a:c7:5b:57:cf:84:9e:13:6c:e3:06:b6:
                    3c:2a:fd:ed:7f:a7:64:b0:1a:ec:6d:c8:e8:4a:56:
                    94:a3:74:e0:82:11:42:0b:cd:b2:31:d6:ac:8b:69:
                    17:aa:b6:e7:5b:20:83:5e:27:90:06:6a:b9:f6:46:
                    08:cf:1a:24:21:c4:9f:68:fa:a0:98:f4:93:d4:af:
                    2c:09:c5:9f:f3:06:12:bf:ee:03:ad:21:6a:5e:bf:
                    da:e8:bd:7a:17:15:2d:11:82:42:94:59:e9:ce:51:
                    2e:ec:26:b8:9d:66:fc:eb:4a:2f:1e:26:e6:ba:61:
                    ba:20:92:90:3b:43:d8:0c:43:fc:07:08:56:ea:8e:
                    f8:32:ef:cf:09:b1:d3:40:d1:6d:66:87:66:a8:ba:
                    c0:a9:98:3c:75:03:b8:e9:63:30:5e:a3:02:49:4d:
                    ce:88:b9:7d:f2:9a:aa:af:fd:45:8e:81:95:90:6c:
                    4a:3e:78:d5:2a:ba:77:f6:fa:9a:64:d9:2f:a0:a6:
                    60:e2:1d:9d:e3:77:bd:2d:af:87:41:72:51:4c:7d:
                    da:49:4f:91:61:df:b3:7a:cb:68:24:73:1d:a7:65:
                    ec:49:55:ed:79:0f:6c:b5:6a:70:74:64:27:09:5e:
                    5f:ea:82:71:1d:f5:0d:7d:01:6f:67:de:84:c1:ae:
                    c0:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:06:6C:94:7C:A6:0B:8E:25:F9:18:F0:56:FD:EC:F5:8F:C8:99:B1
            X509v3 Authority Key Identifier:
                keyid:B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:bc:50:ca:61:f5:57:70:00:01:7d:ed:6c:d9:2e:04:3a:63:
         f8:fb:17:85:97:8c:e9:f8:31:8c:5c:7d:f6:18:98:46:86:17:
         c2:03:a1:ab:6a:b6:e6:09:96:39:4c:f8:16:04:5e:08:9f:34:
         d8:31:70:77:23:02:33:e9:11:99:fe:89:1a:f6:01:79:93:29:
         20:ed:02:53:2f:48:6a:7f:b5:58:be:93:c7:2a:c9:83:28:e0:
         23:aa:d2:76:31:cb:77:c8:6c:07:21:68:f8:c8:81:d0:0a:dc:
         8c:f7:75:db:f1:34:04:0e:e8:1e:c0:1c:10:6f:f2:bb:59:db:
         f4:70:92:57:0d:e5:7e:dd:e3:4e:ec:30:cb:6d:b1:bf:a0:0d:
         ae:a1:13:6f:a5:e8:ac:de:5f:ba:f0:c9:c2:3a:e1:f8:c3:26:
         e1:76:ba:39:91:ef:77:65:9f:07:9c:6e:13:e7:7f:63:c7:bf:
         68:be:47:bb:ba:ab:a1:9f:0b:c3:24:4a:67:b8:6f:bf:d6:a4:
         dc:47:63:59:99:1e:e7:15:28:f8:8e:91:80:2f:29:78:e9:3e:
         41:f7:ff:62:cc:2b:57:48:de:30:3b:a3:eb:d8:09:1b:81:c6:
         5d:0e:80:ac:0c:f7:e3:4c:c7:31:ce:a5:3a:ec:69:fe:54:b8:
         4b:d6:50:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfom76ouCFLINAqOb4abiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTIzMmI0YjBmYThjODNkNGZmOGMxMjQ0ZTg2NGViYmNh
ZGQ2OGIwHhcNMjUwNDE5MTAwMTAwWhcNMjUwNDIwMTAwMTAwWjAzMTEwLwYDVQQD
EygwMTA2NmM5NDdjYTYwYjhlMjVmOTE4ZjA1NmZkZWNmNThmYzg5OWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsuax1tXz4SeE2zjBrY8Kv3tf6dk
sBrsbcjoSlaUo3TgghFCC82yMdasi2kXqrbnWyCDXieQBmq59kYIzxokIcSfaPqg
mPST1K8sCcWf8wYSv+4DrSFqXr/a6L16FxUtEYJClFnpzlEu7Ca4nWb860ovHibm
umG6IJKQO0PYDEP8BwhW6o74Mu/PCbHTQNFtZodmqLrAqZg8dQO46WMwXqMCSU3O
iLl98pqqr/1FjoGVkGxKPnjVKrp39vqaZNkvoKZg4h2d43e9La+HQXJRTH3aSU+R
Yd+zestoJHMdp2XsSVXteQ9stWpwdGQnCV5f6oJxHfUNfQFvZ96Ewa7AXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAEGbJR8pguOJfkY8Fb97PWPyJmxMB8GA1UdIwQY
MBaAFLNSMrSw+oyD1P+MEkToZOu8rdaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEt
YjkxMjJlNTIxMDU4LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEtYjkxMjJlNTIxMDU4
LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADrxQymH1
V3AAAX3tbNkuBDpj+PsXhZeM6fgxjFx99hiYRoYXwgOhq2q25gmWOUz4FgReCJ80
2DFwdyMCM+kRmf6JGvYBeZMpIO0CUy9Ian+1WL6TxyrJgyjgI6rSdjHLd8hsByFo
+MiB0ArcjPd12/E0BA7oHsAcEG/yu1nb9HCSVw3lft3jTuwwy22xv6ANrqETb6Xo
rN5fuvDJwjrh+MMm4Xa6OZHvd2WfB5xuE+d/Y8e/aL5Hu7qroZ8LwyRKZ7hvv9ak
3EdjWZke5xUo+I6RgC8peOk+Qff/YswrV0jeMDuj69gJG4HGXQ6ArAz340zHMc6l
Ouxp/lS4S9ZQtw==
-----END CERTIFICATE-----