Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
File:                     PRf0av89iyHwD-6PY16uNKf0pNc.mft (raw, json)
Hash identifier:          aQpLhQRTI16qjnsj8Y1o1YD3os1r16kZNGCavuD0eDo=
Subject key identifier:   4A:B4:E7:57:C6:DD:7D:DB:15:B0:94:5E:66:12:0E:9E:BF:E6:B2:30
Authority key identifier: 3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7
Certificate issuer:       /CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
Certificate serial:       019659152BD881B953D8AFE28D4FFDB64708
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
Manifest number:          09EE
Signing time:             Mon 21 Apr 2025 16:01:21 +0000
Manifest this update:     Mon 21 Apr 2025 16:01:21 +0000
Manifest next update:     Tue 22 Apr 2025 16:01:21 +0000
Files and hashes:         1: PRf0av89iyHwD-6PY16uNKf0pNc.crl (hash: QMTIbEl9v4BBCUHEmQLm5qOOeeMHz1Mtiyx8vKuMEF4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:15:2b:d8:81:b9:53:d8:af:e2:8d:4f:fd:b6:47:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
        Validity
            Not Before: Apr 21 16:01:21 2025 GMT
            Not After : Apr 22 16:01:21 2025 GMT
        Subject: CN=4ab4e757c6dd7ddb15b0945e66120e9ebfe6b230
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:c7:77:76:84:f3:2c:7e:a8:79:10:38:94:c8:
                    71:d0:15:44:33:fe:16:27:5f:a5:b5:81:01:5f:93:
                    61:ca:e0:0b:ec:9c:ef:5d:15:b1:ae:96:a0:91:88:
                    46:fd:7c:43:79:a6:c7:53:98:01:e9:6c:f6:a7:5b:
                    a9:fb:e9:f4:ac:04:9d:18:b8:04:4a:eb:62:9b:a7:
                    92:92:8e:89:a7:b0:56:b0:0f:cc:b1:92:cc:59:73:
                    17:bc:0e:28:e1:d7:15:96:45:d0:9b:cf:a1:4e:48:
                    f0:39:9f:ff:ad:2c:b9:1e:12:bd:f4:05:ad:ba:00:
                    2e:a8:85:8d:2f:12:28:8f:f9:0e:86:b8:6e:7a:ac:
                    05:ee:a6:54:db:c8:3c:e2:ea:d1:4d:15:53:9c:d8:
                    52:e3:52:7d:e2:ed:5c:fc:65:2b:fd:48:b9:f5:7b:
                    d3:3f:37:bb:41:45:77:73:f0:5d:ff:4d:77:d9:59:
                    8f:d0:01:9d:ea:bf:36:51:c0:a8:08:97:42:bc:65:
                    0e:2d:2c:e0:bb:2a:f1:3f:4b:a5:3d:75:2b:7b:d1:
                    32:4a:eb:30:11:de:c1:de:4d:1c:2c:f1:05:eb:8f:
                    58:57:52:0c:a4:aa:55:14:be:a3:56:44:19:0f:a9:
                    36:96:9e:3b:4e:98:17:e9:c1:c6:fc:53:2e:71:6c:
                    39:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:B4:E7:57:C6:DD:7D:DB:15:B0:94:5E:66:12:0E:9E:BF:E6:B2:30
            X509v3 Authority Key Identifier:
                keyid:3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:87:e5:a3:e5:ea:e2:59:69:90:e4:8e:67:0f:30:59:98:d4:
         d2:d9:44:aa:22:ab:0c:13:d8:0d:e7:ab:80:87:ae:8a:e3:aa:
         46:4c:2b:2f:cc:1c:8a:c8:dd:b7:ab:cc:45:52:6c:a9:a2:db:
         f8:1a:79:60:1a:65:82:68:41:8b:a1:89:3a:6b:e8:22:4c:c2:
         f4:07:f8:41:12:14:06:6c:39:6b:51:49:76:4b:ed:ab:a7:3f:
         d6:c5:02:5f:99:f3:b8:1b:2f:67:9b:7a:6f:ae:6e:ae:32:42:
         f5:48:79:fc:f0:b9:86:8a:15:de:bf:59:d6:80:5d:5c:a9:67:
         2a:d6:74:81:03:f1:01:78:df:d2:ec:3f:d6:9c:e5:51:7d:bd:
         d5:b4:ad:5f:68:20:98:3a:69:86:5b:eb:f8:16:a1:d1:7e:b5:
         5d:da:a8:17:92:27:5f:8e:c2:f7:93:8a:e4:84:1f:2f:af:27:
         22:34:c8:d1:09:ad:e1:4f:bf:19:7b:c7:e2:62:0c:6f:d8:0b:
         01:2a:55:d8:34:24:9f:d1:01:01:8c:2b:25:95:00:60:15:86:
         a8:8e:3d:0e:d2:02:4a:82:4e:c5:82:52:7d:21:b7:23:aa:ad:
         dd:06:db:f8:fa:a7:a0:03:3d:e7:33:9e:3a:a2:75:3c:61:50:
         27:dc:ef:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZFSvYgblT2K/ijU/9tkcIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMTdmNDZhZmYzZDhiMjFmMDBmZWU4ZjYzNWVhZTM0YTdm
NGE0ZDcwHhcNMjUwNDIxMTYwMTIxWhcNMjUwNDIyMTYwMTIxWjAzMTEwLwYDVQQD
Eyg0YWI0ZTc1N2M2ZGQ3ZGRiMTViMDk0NWU2NjEyMGU5ZWJmZTZiMjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMd3doTzLH6oeRA4lMhx0BVEM/4W
J1+ltYEBX5NhyuAL7JzvXRWxrpagkYhG/XxDeabHU5gB6Wz2p1up++n0rASdGLgE
Sutim6eSko6Jp7BWsA/MsZLMWXMXvA4o4dcVlkXQm8+hTkjwOZ//rSy5HhK99AWt
ugAuqIWNLxIoj/kOhrhueqwF7qZU28g84urRTRVTnNhS41J94u1c/GUr/Ui59XvT
Pze7QUV3c/Bd/0132VmP0AGd6r82UcCoCJdCvGUOLSzguyrxP0ulPXUre9EySusw
Ed7B3k0cLPEF649YV1IMpKpVFL6jVkQZD6k2lp47TpgX6cHG/FMucWw5rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEq051fG3X3bFbCUXmYSDp6/5rIwMB8GA1UdIwQY
MBaAFD0X9Gr/PYsh8A/uj2NerjSn9KTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEt
ODUxZWQ1MjlmMjIyLzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEtODUxZWQ1MjlmMjIy
LzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJIflo+Xq
4llpkOSOZw8wWZjU0tlEqiKrDBPYDeergIeuiuOqRkwrL8wcisjdt6vMRVJsqaLb
+Bp5YBplgmhBi6GJOmvoIkzC9Af4QRIUBmw5a1FJdkvtq6c/1sUCX5nzuBsvZ5t6
b65urjJC9Uh5/PC5hooV3r9Z1oBdXKlnKtZ0gQPxAXjf0uw/1pzlUX291bStX2gg
mDpphlvr+Bah0X61XdqoF5InX47C95OK5IQfL68nIjTI0Qmt4U+/GXvH4mIMb9gL
ASpV2DQkn9EBAYwrJZUAYBWGqI49DtICSoJOxYJSfSG3I6qt3Qbb+PqnoAM95zOe
OqJ1PGFQJ9zvng==
-----END CERTIFICATE-----