Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft
File:                     fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft (raw, json)
Hash identifier:          700gXB1ainWjd69TeEw8PNqmuDRGlMjnLJ584zt5D3g=
Subject key identifier:   F0:46:59:F9:67:FA:CA:C5:79:55:15:5A:79:DD:95:50:96:6D:FA:18
Authority key identifier: 7D:0B:CA:BE:C4:37:9F:2D:3B:94:18:74:10:D2:E6:E0:31:A7:41:71
Certificate issuer:       /CN=7d0bcabec4379f2d3b94187410d2e6e031a74171
Certificate serial:       0196827E129C7C9009D97FED6163F206A145
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fQvKvsQ3ny07lBh0ENLm4DGnQXE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft
Manifest number:          14A5
Signing time:             Tue 29 Apr 2025 17:00:22 +0000
Manifest this update:     Tue 29 Apr 2025 17:00:22 +0000
Manifest next update:     Wed 30 Apr 2025 17:00:22 +0000
Files and hashes:         1: fQvKvsQ3ny07lBh0ENLm4DGnQXE.crl (hash: +qiA0pz3XBY6Cv+mmuCY+ep7kOZGoS8ALeb9wQT1ei4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fQvKvsQ3ny07lBh0ENLm4DGnQXE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 17:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:82:7e:12:9c:7c:90:09:d9:7f:ed:61:63:f2:06:a1:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d0bcabec4379f2d3b94187410d2e6e031a74171
        Validity
            Not Before: Apr 29 17:00:22 2025 GMT
            Not After : Apr 30 17:00:22 2025 GMT
        Subject: CN=f04659f967facac57955155a79dd9550966dfa18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:b9:5e:32:20:7b:2f:fc:5c:8a:9d:5d:a9:d5:
                    84:ec:c4:a5:03:f2:4d:82:71:83:4c:f0:91:6c:dc:
                    1a:60:47:59:92:d1:0b:ce:45:f6:b8:7d:aa:c9:58:
                    51:ab:2e:3a:df:e3:06:6f:28:32:a5:77:23:b5:17:
                    0d:0e:98:b0:2f:8c:59:f8:2e:e5:39:26:8a:60:26:
                    7a:c5:a9:6f:64:ee:ff:6d:3c:12:77:dc:f0:ff:17:
                    99:1c:f7:57:0c:f4:2d:03:17:bf:78:93:7b:4c:c5:
                    92:c9:45:f8:51:b3:f7:f1:e8:54:b1:22:50:57:6b:
                    13:2e:ed:ac:9a:2a:b6:d5:c9:e2:89:0a:92:fe:c3:
                    14:60:0b:34:32:af:5c:4f:e3:21:dd:05:3e:2b:a3:
                    df:54:0c:b5:06:0e:c8:56:52:e1:8f:cb:83:86:bf:
                    9a:d4:ea:35:5f:ce:95:12:7f:91:06:a4:f0:52:ae:
                    b8:cf:d5:71:aa:f4:8a:5e:48:e5:06:95:45:1a:e6:
                    54:ec:3f:c5:61:2b:90:c9:8c:87:1a:df:e8:c5:85:
                    27:2c:8c:c9:c5:01:08:0e:2d:6f:36:e1:41:57:f8:
                    53:6d:25:c1:5c:3f:ae:8b:0b:41:8a:8f:de:64:13:
                    bc:f4:c2:35:15:46:61:92:83:be:c2:fb:6d:65:58:
                    10:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:46:59:F9:67:FA:CA:C5:79:55:15:5A:79:DD:95:50:96:6D:FA:18
            X509v3 Authority Key Identifier:
                keyid:7D:0B:CA:BE:C4:37:9F:2D:3B:94:18:74:10:D2:E6:E0:31:A7:41:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQvKvsQ3ny07lBh0ENLm4DGnQXE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:24:ce:aa:87:a5:64:1c:b8:c4:2d:5d:a5:4a:02:f5:7e:a0:
         8d:31:62:f3:a4:e8:71:17:4e:54:80:5b:1c:ae:83:b5:2b:a4:
         ef:b7:9c:e5:d9:c5:dc:76:be:16:45:cf:a8:bd:b6:79:36:e9:
         ba:28:1f:c9:a3:83:55:27:26:3d:aa:d2:89:e5:6c:40:d8:92:
         d0:f2:7c:49:60:01:29:82:f7:d7:f5:6a:d0:fe:ed:88:d2:68:
         8d:bf:80:82:c8:56:f6:a6:8f:5d:58:d6:c1:9a:48:e2:c2:96:
         81:86:b5:ba:20:3f:d6:45:dc:26:79:7a:2f:a3:cb:6c:f1:83:
         6e:77:41:b0:17:4c:e7:be:ba:70:15:f8:f5:a5:e3:c1:fc:70:
         94:f7:60:ef:f1:70:fc:f3:73:77:ae:60:93:e2:ca:42:16:82:
         b8:28:d2:09:c3:cc:05:8e:5a:58:e9:44:25:c1:58:1a:ff:05:
         88:a4:c8:d3:d9:57:81:01:6f:4b:cb:fd:02:09:b8:9b:e5:fe:
         29:3b:51:b9:c5:2e:14:fa:85:44:5e:5c:fc:5e:42:84:39:27:
         cb:83:81:99:10:71:87:d2:e1:15:94:6b:9f:2f:48:87:ce:73:
         41:73:e1:83:83:22:d8:20:3f:0f:cd:6b:2b:07:20:b4:3c:20:
         fc:bf:94:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCfhKcfJAJ2X/tYWPyBqFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMGJjYWJlYzQzNzlmMmQzYjk0MTg3NDEwZDJlNmUwMzFh
NzQxNzEwHhcNMjUwNDI5MTcwMDIyWhcNMjUwNDMwMTcwMDIyWjAzMTEwLwYDVQQD
EyhmMDQ2NTlmOTY3ZmFjYWM1Nzk1NTE1NWE3OWRkOTU1MDk2NmRmYTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLleMiB7L/xcip1dqdWE7MSlA/JN
gnGDTPCRbNwaYEdZktELzkX2uH2qyVhRqy463+MGbygypXcjtRcNDpiwL4xZ+C7l
OSaKYCZ6xalvZO7/bTwSd9zw/xeZHPdXDPQtAxe/eJN7TMWSyUX4UbP38ehUsSJQ
V2sTLu2smiq21cniiQqS/sMUYAs0Mq9cT+Mh3QU+K6PfVAy1Bg7IVlLhj8uDhr+a
1Oo1X86VEn+RBqTwUq64z9VxqvSKXkjlBpVFGuZU7D/FYSuQyYyHGt/oxYUnLIzJ
xQEIDi1vNuFBV/hTbSXBXD+uiwtBio/eZBO89MI1FUZhkoO+wvttZVgQvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPBGWfln+srFeVUVWnndlVCWbfoYMB8GA1UdIwQY
MBaAFH0Lyr7EN58tO5QYdBDS5uAxp0FxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlF2S3ZzUTNueTA3bEJoMEVOTG00REduUVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS83NDFkYzMtMjI2ZC00N2ZiLThmZjIt
OTcxNWNkNjk4ZTMyLzEvZlF2S3ZzUTNueTA3bEJoMEVOTG00REduUVhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS83NDFkYzMtMjI2ZC00N2ZiLThmZjItOTcxNWNkNjk4ZTMy
LzEvZlF2S3ZzUTNueTA3bEJoMEVOTG00REduUVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQSTOqoel
ZBy4xC1dpUoC9X6gjTFi86TocRdOVIBbHK6DtSuk77ec5dnF3Ha+FkXPqL22eTbp
uigfyaODVScmParSieVsQNiS0PJ8SWABKYL31/Vq0P7tiNJojb+AgshW9qaPXVjW
wZpI4sKWgYa1uiA/1kXcJnl6L6PLbPGDbndBsBdM5766cBX49aXjwfxwlPdg7/Fw
/PNzd65gk+LKQhaCuCjSCcPMBY5aWOlEJcFYGv8FiKTI09lXgQFvS8v9Agm4m+X+
KTtRucUuFPqFRF5c/F5ChDkny4OBmRBxh9LhFZRrny9Ih85zQXPhg4Mi2CA/D81r
KwcgtDwg/L+U3g==
-----END CERTIFICATE-----