Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft
File:                     Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft (raw, json)
Hash identifier:          RZMmtwpAG0KUlgHZuIL7uDe8lqlcEqXWz/aTVx59XCM=
Subject key identifier:   4C:A8:5D:87:06:2B:D9:2B:56:A3:2F:93:37:4C:1E:71:61:29:30:C8
Authority key identifier: 16:86:F7:BE:9B:A1:71:C3:27:46:AB:4E:D2:0B:E8:82:BD:30:43:56
Certificate issuer:       /CN=1686f7be9ba171c32746ab4ed20be882bd304356
Certificate serial:       0196AB7A957A3D1B1E5D91A88FDD2BCD89A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Fob3vpuhccMnRqtO0gvogr0wQ1Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft
Manifest number:          02BA
Signing time:             Wed 07 May 2025 16:00:59 +0000
Manifest this update:     Wed 07 May 2025 16:00:59 +0000
Manifest next update:     Thu 08 May 2025 16:00:59 +0000
Files and hashes:         1: Fob3vpuhccMnRqtO0gvogr0wQ1Y.crl (hash: vpjmotxyzUGnY/yc7kbTsK1rYzFeR2DQvrv0dFZyf0Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Fob3vpuhccMnRqtO0gvogr0wQ1Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 13:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ab:7a:95:7a:3d:1b:1e:5d:91:a8:8f:dd:2b:cd:89:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1686f7be9ba171c32746ab4ed20be882bd304356
        Validity
            Not Before: May  7 16:00:59 2025 GMT
            Not After : May  8 16:00:59 2025 GMT
        Subject: CN=4ca85d87062bd92b56a32f93374c1e71612930c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:cf:eb:45:02:a3:7f:22:89:48:c3:d0:17:a4:
                    94:fb:a1:f6:64:5f:dc:9e:5c:f3:2a:70:82:ee:d0:
                    47:d3:a0:1c:1b:52:2e:79:0a:89:9d:f3:bf:90:90:
                    2e:8b:68:d8:c8:9b:58:1b:06:ef:e3:bd:72:fc:06:
                    12:f8:da:99:e3:3c:6b:47:37:8f:d2:4b:6f:62:52:
                    9f:99:d1:ba:10:0a:bc:58:36:70:d8:09:b0:2c:13:
                    8b:9c:04:c4:a0:f0:9a:76:19:96:2a:a5:37:32:18:
                    f3:97:38:db:4a:78:59:e1:ed:0e:de:87:2e:0a:78:
                    0d:1b:14:aa:e4:3d:52:03:80:b5:66:48:aa:8c:62:
                    82:ef:cb:4b:72:02:98:2f:11:2d:d7:06:e1:e6:df:
                    09:24:23:c6:63:eb:72:66:51:ee:f1:1e:ed:c9:c4:
                    f0:14:34:b8:ce:38:b1:c8:92:48:69:ca:38:2b:53:
                    cd:02:79:a9:4b:03:b7:2d:79:94:88:ab:31:25:7d:
                    18:d0:45:16:62:79:77:34:08:a5:e7:d5:85:95:57:
                    ed:c7:d4:89:e7:04:32:97:da:7a:e6:81:9a:7a:f7:
                    39:be:d3:5f:67:11:b3:c1:f6:38:66:d1:c5:30:92:
                    8f:d1:37:3d:70:04:31:f7:36:36:11:6d:fc:45:60:
                    52:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:A8:5D:87:06:2B:D9:2B:56:A3:2F:93:37:4C:1E:71:61:29:30:C8
            X509v3 Authority Key Identifier:
                keyid:16:86:F7:BE:9B:A1:71:C3:27:46:AB:4E:D2:0B:E8:82:BD:30:43:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fob3vpuhccMnRqtO0gvogr0wQ1Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:d3:e4:91:83:77:ed:3c:dd:ff:86:c7:ab:f2:d8:ab:34:5a:
         99:2f:b8:77:70:e4:3f:91:8d:9d:8e:b5:3e:27:01:de:28:d7:
         8e:47:76:d9:c9:cf:b7:b5:be:11:77:1f:21:12:d1:74:f0:78:
         2b:4d:ed:c5:21:d9:29:80:fb:cb:83:15:19:5a:75:da:b1:df:
         da:46:8e:87:de:2c:24:fb:74:d4:9c:ef:bf:4d:c0:6a:db:90:
         2f:fe:43:29:c1:ef:b7:75:c2:66:da:dc:49:94:d5:3a:27:c3:
         89:05:f0:84:6c:d9:e6:47:96:ac:ed:cf:1f:87:16:1a:3c:db:
         a3:0b:1b:39:fe:ee:70:e2:02:d8:4f:19:02:cd:5b:ae:76:82:
         46:30:12:40:07:75:f1:02:c2:b7:5f:d3:4a:26:74:1e:8b:48:
         d3:87:18:20:4d:85:ac:f9:87:36:e8:1e:bd:98:20:ed:50:34:
         12:b2:19:c4:dd:61:13:29:9b:9d:b4:5f:a2:75:ae:11:67:e2:
         11:c3:e2:0b:08:a8:e0:8b:8b:53:80:ea:3d:9c:59:53:37:ac:
         17:e3:d0:f3:73:dc:d7:b7:81:8a:9b:bc:b2:d1:c5:ea:a6:aa:
         6b:1d:b4:46:92:4b:64:64:fa:71:74:c1:60:7b:a5:46:19:f6:
         ab:59:f5:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZarepV6PRseXZGoj90rzYmkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODZmN2JlOWJhMTcxYzMyNzQ2YWI0ZWQyMGJlODgyYmQz
MDQzNTYwHhcNMjUwNTA3MTYwMDU5WhcNMjUwNTA4MTYwMDU5WjAzMTEwLwYDVQQD
Eyg0Y2E4NWQ4NzA2MmJkOTJiNTZhMzJmOTMzNzRjMWU3MTYxMjkzMGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8/rRQKjfyKJSMPQF6SU+6H2ZF/c
nlzzKnCC7tBH06AcG1IueQqJnfO/kJAui2jYyJtYGwbv471y/AYS+NqZ4zxrRzeP
0ktvYlKfmdG6EAq8WDZw2AmwLBOLnATEoPCadhmWKqU3MhjzlzjbSnhZ4e0O3ocu
CngNGxSq5D1SA4C1ZkiqjGKC78tLcgKYLxEt1wbh5t8JJCPGY+tyZlHu8R7tycTw
FDS4zjixyJJIaco4K1PNAnmpSwO3LXmUiKsxJX0Y0EUWYnl3NAil59WFlVftx9SJ
5wQyl9p65oGaevc5vtNfZxGzwfY4ZtHFMJKP0Tc9cAQx9zY2EW38RWBSgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEyoXYcGK9krVqMvkzdMHnFhKTDIMB8GA1UdIwQY
MBaAFBaG976boXHDJ0arTtIL6IK9MENWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9iM3ZwdWhjY01uUnF0TzBndm9ncjB3UTFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy83Y2E4MDgtYzc5NS00MGVmLThhNDkt
NzRhOThjYjY2ZmZmLzEvRm9iM3ZwdWhjY01uUnF0TzBndm9ncjB3UTFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy83Y2E4MDgtYzc5NS00MGVmLThhNDktNzRhOThjYjY2ZmZm
LzEvRm9iM3ZwdWhjY01uUnF0TzBndm9ncjB3UTFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ9PkkYN3
7Tzd/4bHq/LYqzRamS+4d3DkP5GNnY61PicB3ijXjkd22cnPt7W+EXcfIRLRdPB4
K03txSHZKYD7y4MVGVp12rHf2kaOh94sJPt01Jzvv03AatuQL/5DKcHvt3XCZtrc
SZTVOifDiQXwhGzZ5keWrO3PH4cWGjzbowsbOf7ucOIC2E8ZAs1brnaCRjASQAd1
8QLCt1/TSiZ0HotI04cYIE2FrPmHNugevZgg7VA0ErIZxN1hEymbnbRfonWuEWfi
EcPiCwio4IuLU4DqPZxZUzesF+PQ83Pc17eBipu8stHF6qaqax20RpJLZGT6cXTB
YHulRhn2q1n1uw==
-----END CERTIFICATE-----