Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft
File:                     rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft (raw, json)
Hash identifier:          N16wixA2BIbhF0cjTO+k1eA1s/HFK6pl6ENboSWSLns=
Subject key identifier:   98:02:00:D6:04:75:A0:B1:85:F5:8F:ED:9D:A8:2D:65:86:A8:13:D0
Authority key identifier: AD:D9:20:79:94:BA:9C:7D:91:EA:7E:47:9F:EF:D1:B8:09:9F:62:CE
Certificate issuer:       /CN=add9207994ba9c7d91ea7e479fefd1b8099f62ce
Certificate serial:       01963FF9796E8841EE150CD47EC3DDED2512
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft
Manifest number:          14FD
Signing time:             Wed 16 Apr 2025 19:00:36 +0000
Manifest this update:     Wed 16 Apr 2025 19:00:36 +0000
Manifest next update:     Thu 17 Apr 2025 19:00:36 +0000
Files and hashes:         1: rdkgeZS6nH2R6n5Hn-_RuAmfYs4.crl (hash: vo1TNSLK0XyWgcmZuA2aB81Rj/M5MiEvxEgGg7eURqI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 13:16:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3f:f9:79:6e:88:41:ee:15:0c:d4:7e:c3:dd:ed:25:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=add9207994ba9c7d91ea7e479fefd1b8099f62ce
        Validity
            Not Before: Apr 16 19:00:36 2025 GMT
            Not After : Apr 17 19:00:36 2025 GMT
        Subject: CN=980200d60475a0b185f58fed9da82d6586a813d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:19:77:95:2d:2e:96:5e:84:95:0c:32:fc:c6:
                    56:4e:9b:bb:49:f6:2d:49:ac:91:0f:c7:ab:fa:5b:
                    5b:9f:c9:da:96:d6:eb:7b:9a:47:09:62:81:4c:2f:
                    75:09:38:7b:f5:bb:8e:d4:d2:93:d9:bf:f5:49:15:
                    3e:94:b7:bf:2d:99:46:4a:31:65:89:ad:28:74:98:
                    f5:0a:24:c7:62:a7:c3:e3:64:e8:25:a6:dd:16:f2:
                    a5:f1:b1:83:11:33:ef:40:1f:77:89:fa:30:29:6e:
                    b5:c3:3b:83:ec:c6:5c:29:e1:fb:9e:b9:29:f5:64:
                    40:93:1d:34:23:31:3c:d5:9a:95:b5:f5:3b:5f:af:
                    d8:e3:95:3a:21:fb:5c:1e:5d:fc:b1:e3:81:05:9b:
                    60:30:0b:b8:c2:bd:07:a6:7f:83:df:54:eb:de:fb:
                    00:78:f2:bd:c1:50:d4:60:64:6b:e6:0a:0b:0b:76:
                    42:78:40:7e:7b:ef:a7:b4:15:65:cd:f3:c6:55:cc:
                    3a:a9:a3:f3:a6:a7:d7:89:cb:da:8e:41:2a:e2:9e:
                    ca:84:74:48:03:f5:49:e1:19:60:75:85:c9:a7:97:
                    b8:25:33:a5:ba:98:ca:6e:9d:b7:a7:4a:7c:59:3d:
                    aa:f3:3b:dc:e0:11:b7:8e:ad:dd:30:0a:54:08:50:
                    10:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:02:00:D6:04:75:A0:B1:85:F5:8F:ED:9D:A8:2D:65:86:A8:13:D0
            X509v3 Authority Key Identifier:
                keyid:AD:D9:20:79:94:BA:9C:7D:91:EA:7E:47:9F:EF:D1:B8:09:9F:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:ce:38:68:95:44:31:19:34:7c:57:8c:07:9e:6b:76:5c:de:
         a4:ef:dd:d3:5d:82:48:72:00:ba:bb:54:e5:19:62:1b:fb:8f:
         54:3e:7c:fb:08:a1:d6:a4:9e:eb:88:f2:f8:3d:72:29:b7:d4:
         27:d2:65:73:77:5c:fb:d2:65:77:c8:0d:46:54:ac:4b:ff:ea:
         f8:de:2a:c1:88:f7:92:2f:1b:1a:ec:b1:df:b0:3b:b0:d4:3a:
         4d:9d:2c:06:d4:e4:f8:c1:29:a2:4b:9b:64:db:e3:49:e7:41:
         04:8b:74:bc:91:d8:7b:16:73:67:ee:95:30:c2:ab:95:9a:a7:
         44:f4:74:81:a8:f6:cd:11:3f:82:84:bc:cf:ee:eb:4f:ac:12:
         b6:ac:57:93:c2:77:a5:b2:ad:0b:34:ce:01:76:86:42:a0:54:
         02:1b:04:42:c6:28:11:e3:47:1f:35:f6:ea:91:69:97:b1:a4:
         af:aa:99:d7:11:83:11:45:ca:f7:65:ee:b2:51:e8:c9:ea:1f:
         8b:be:98:dd:d1:d7:8b:24:4a:7b:e0:0e:60:4d:6f:84:1f:97:
         df:b4:df:fe:e4:03:8e:f0:70:91:4f:7f:f9:05:d0:34:c5:29:
         57:24:92:07:58:1e:cb:04:47:e0:ac:45:2e:bc:10:cd:5a:d5:
         29:11:9c:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY/+XluiEHuFQzUfsPd7SUSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDkyMDc5OTRiYTljN2Q5MWVhN2U0NzlmZWZkMWI4MDk5
ZjYyY2UwHhcNMjUwNDE2MTkwMDM2WhcNMjUwNDE3MTkwMDM2WjAzMTEwLwYDVQQD
Eyg5ODAyMDBkNjA0NzVhMGIxODVmNThmZWQ5ZGE4MmQ2NTg2YTgxM2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRl3lS0ull6ElQwy/MZWTpu7SfYt
SayRD8er+ltbn8naltbre5pHCWKBTC91CTh79buO1NKT2b/1SRU+lLe/LZlGSjFl
ia0odJj1CiTHYqfD42ToJabdFvKl8bGDETPvQB93ifowKW61wzuD7MZcKeH7nrkp
9WRAkx00IzE81ZqVtfU7X6/Y45U6IftcHl38seOBBZtgMAu4wr0Hpn+D31Tr3vsA
ePK9wVDUYGRr5goLC3ZCeEB+e++ntBVlzfPGVcw6qaPzpqfXicvajkEq4p7KhHRI
A/VJ4RlgdYXJp5e4JTOlupjKbp23p0p8WT2q8zvc4BG3jq3dMApUCFAQswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJgCANYEdaCxhfWP7Z2oLWWGqBPQMB8GA1UdIwQY
MBaAFK3ZIHmUupx9kep+R5/v0bgJn2LOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80N2E5YzktZDQ1Ny00NTc5LWIyYjAt
ZTUyMTI1NzRmOWVjLzEvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC80N2E5YzktZDQ1Ny00NTc5LWIyYjAtZTUyMTI1NzRmOWVj
LzEvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGc44aJVE
MRk0fFeMB55rdlzepO/d012CSHIAurtU5RliG/uPVD58+wih1qSe64jy+D1yKbfU
J9Jlc3dc+9Jld8gNRlSsS//q+N4qwYj3ki8bGuyx37A7sNQ6TZ0sBtTk+MEpokub
ZNvjSedBBIt0vJHYexZzZ+6VMMKrlZqnRPR0gaj2zRE/goS8z+7rT6wStqxXk8J3
pbKtCzTOAXaGQqBUAhsEQsYoEeNHHzX26pFpl7Gkr6qZ1xGDEUXK92XuslHoyeof
i76Y3dHXiyRKe+AOYE1vhB+X37Tf/uQDjvBwkU9/+QXQNMUpVySSB1geywRH4KxF
LrwQzVrVKRGciA==
-----END CERTIFICATE-----