Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
File:                     GhREUllzKqZzbCSCNEZZR_wjdNA.mft (raw, json)
Hash identifier:          HFG+e/+BtfVkcugV5FTPrqdAxLjpcy0DlDoBFdEIF5E=
Subject key identifier:   A9:4A:1B:67:B4:0B:9D:7A:DC:9F:FF:20:13:40:E2:A5:D7:D3:25:81
Authority key identifier: 1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0
Certificate issuer:       /CN=1a14445259732aa6736c248234465947fc2374d0
Certificate serial:       019677C357D9A8CAE8E388880EC7EE8A987E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
Manifest number:          0B8C
Signing time:             Sun 27 Apr 2025 15:00:12 +0000
Manifest this update:     Sun 27 Apr 2025 15:00:12 +0000
Manifest next update:     Mon 28 Apr 2025 15:00:12 +0000
Files and hashes:         1: GhREUllzKqZzbCSCNEZZR_wjdNA.crl (hash: r9n4yc8mrmKc/LUdp7hgy4SMaVNBZEmr5oKEQngn6kk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:c3:57:d9:a8:ca:e8:e3:88:88:0e:c7:ee:8a:98:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a14445259732aa6736c248234465947fc2374d0
        Validity
            Not Before: Apr 27 15:00:12 2025 GMT
            Not After : Apr 28 15:00:12 2025 GMT
        Subject: CN=a94a1b67b40b9d7adc9fff201340e2a5d7d32581
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:91:5e:36:ab:c1:a6:d5:36:01:d9:b3:c2:e2:
                    d5:b8:a9:9a:2a:57:21:db:e5:58:37:1a:4a:32:22:
                    e3:00:16:a1:6c:0e:74:58:79:bc:14:b9:0a:bd:e7:
                    2e:51:32:d2:15:cd:8f:7d:ae:d3:29:88:c0:25:b4:
                    2f:79:d9:5b:b2:49:ca:e2:1a:91:0f:c6:f6:90:34:
                    ae:f8:74:5a:25:12:9b:70:41:0f:cd:c4:9e:45:1f:
                    b7:85:dc:3f:3d:3b:bd:02:c0:a5:95:a3:a7:e8:97:
                    83:e5:35:3e:63:3b:5d:f2:05:76:88:1f:b5:72:98:
                    e7:b1:81:2e:be:ff:63:62:bd:e6:ee:21:18:e0:ed:
                    c6:31:27:91:7b:f1:3d:b3:cb:42:5b:55:26:9d:83:
                    c0:40:91:12:a2:d6:ca:74:9d:ce:8f:dd:ff:76:55:
                    32:37:8c:95:78:ad:98:a8:12:e7:03:b4:03:4f:11:
                    0e:68:52:17:7c:14:cc:e7:bd:5b:f4:5a:99:39:19:
                    fe:e5:4c:bc:0a:77:a8:f0:55:10:fa:67:82:c7:55:
                    af:1b:8d:6b:04:23:3b:7c:b3:21:87:56:10:be:15:
                    a2:a2:1f:7f:b6:ac:33:b3:a2:22:49:49:11:7a:94:
                    8b:b4:c6:05:ec:cd:f0:ec:61:88:c8:6b:28:77:fd:
                    97:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:4A:1B:67:B4:0B:9D:7A:DC:9F:FF:20:13:40:E2:A5:D7:D3:25:81
            X509v3 Authority Key Identifier:
                keyid:1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:73:c7:83:9a:92:c6:25:4e:3c:10:c2:b5:c8:fc:2d:2e:f4:
         7a:10:5f:32:7c:cb:5a:c6:28:b7:fb:d0:b8:40:70:d8:4f:47:
         d6:50:6a:1d:e8:0c:de:1b:86:e1:60:c7:3c:4e:5e:a5:d4:e7:
         06:69:40:d1:20:08:0b:3c:6a:24:0e:f4:42:1a:ee:ef:14:2e:
         a1:8a:8a:fb:a0:49:fb:31:73:0d:d5:cc:6c:5e:3c:ec:af:93:
         83:35:3c:4f:2e:5d:d8:a8:e1:31:75:de:c0:3d:24:43:94:9f:
         48:27:18:ef:ac:45:7e:42:64:7e:93:55:38:53:04:4f:4a:90:
         3c:33:86:88:13:83:ca:db:8d:17:33:5a:d5:16:62:6f:2e:f7:
         d3:20:f1:42:0c:8d:49:82:52:e6:7e:39:80:6a:9b:6b:65:cd:
         45:d6:09:38:23:77:14:80:11:e6:c6:68:5d:03:df:21:c9:a4:
         26:c1:d9:cd:ab:8c:64:f6:ab:a7:8e:a7:1c:20:f0:b9:ce:3f:
         cc:bd:11:db:ee:58:bd:8e:19:57:13:e2:51:fd:a2:c0:88:f7:
         f2:96:62:ec:19:ac:19:17:01:3b:e2:8e:ce:0f:94:b2:73:a9:
         c5:af:73:0a:ec:58:c3:e5:df:7d:ef:dd:34:24:77:b8:43:87:
         18:e2:3a:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3w1fZqMro44iIDsfuiph+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTQ0NDUyNTk3MzJhYTY3MzZjMjQ4MjM0NDY1OTQ3ZmMy
Mzc0ZDAwHhcNMjUwNDI3MTUwMDEyWhcNMjUwNDI4MTUwMDEyWjAzMTEwLwYDVQQD
EyhhOTRhMWI2N2I0MGI5ZDdhZGM5ZmZmMjAxMzQwZTJhNWQ3ZDMyNTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZFeNqvBptU2AdmzwuLVuKmaKlch
2+VYNxpKMiLjABahbA50WHm8FLkKvecuUTLSFc2Pfa7TKYjAJbQvedlbsknK4hqR
D8b2kDSu+HRaJRKbcEEPzcSeRR+3hdw/PTu9AsCllaOn6JeD5TU+Yztd8gV2iB+1
cpjnsYEuvv9jYr3m7iEY4O3GMSeRe/E9s8tCW1UmnYPAQJESotbKdJ3Oj93/dlUy
N4yVeK2YqBLnA7QDTxEOaFIXfBTM571b9FqZORn+5Uy8Cneo8FUQ+meCx1WvG41r
BCM7fLMhh1YQvhWioh9/tqwzs6IiSUkRepSLtMYF7M3w7GGIyGsod/2XewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKlKG2e0C5163J//IBNA4qXX0yWBMB8GA1UdIwQY
MBaAFBoURFJZcyqmc2wkgjRGWUf8I3TQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMt
MzgxZjIzZjE4M2Q3LzEvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMtMzgxZjIzZjE4M2Q3
LzEvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdXPHg5qS
xiVOPBDCtcj8LS70ehBfMnzLWsYot/vQuEBw2E9H1lBqHegM3huG4WDHPE5epdTn
BmlA0SAICzxqJA70Qhru7xQuoYqK+6BJ+zFzDdXMbF487K+TgzU8Ty5d2KjhMXXe
wD0kQ5SfSCcY76xFfkJkfpNVOFMET0qQPDOGiBODytuNFzNa1RZiby730yDxQgyN
SYJS5n45gGqba2XNRdYJOCN3FIAR5sZoXQPfIcmkJsHZzauMZParp46nHCDwuc4/
zL0R2+5YvY4ZVxPiUf2iwIj38pZi7BmsGRcBO+KOzg+UsnOpxa9zCuxYw+Xffe/d
NCR3uEOHGOI6TA==
-----END CERTIFICATE-----