Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.mft
File:                     FAd8W3ds23z3vDXWtELjZ3arDG4.mft (raw, json)
Hash identifier:          qXF483JAbx+Nhugmr2XrrcIt+1KhKF+TM91sYqUZcWg=
Subject key identifier:   E9:A2:5F:7B:3B:7F:1F:43:D0:3C:93:78:45:4B:1F:6A:96:6A:2D:AC
Authority key identifier: 14:07:7C:5B:77:6C:DB:7C:F7:BC:35:D6:B4:42:E3:67:76:AB:0C:6E
Certificate issuer:       /CN=14077c5b776cdb7cf7bc35d6b442e36776ab0c6e
Certificate serial:       0196760D1A6A8421ABEC3716C2979C803562
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FAd8W3ds23z3vDXWtELjZ3arDG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.mft
Manifest number:          150C
Signing time:             Sun 27 Apr 2025 07:01:32 +0000
Manifest this update:     Sun 27 Apr 2025 07:01:32 +0000
Manifest next update:     Mon 28 Apr 2025 07:01:32 +0000
Files and hashes:         1: FAd8W3ds23z3vDXWtELjZ3arDG4.crl (hash: ajazHvJOO3Mov+75Vo0+XEv3v552Q9ja6mIeegi4h34=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FAd8W3ds23z3vDXWtELjZ3arDG4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0d:1a:6a:84:21:ab:ec:37:16:c2:97:9c:80:35:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14077c5b776cdb7cf7bc35d6b442e36776ab0c6e
        Validity
            Not Before: Apr 27 07:01:32 2025 GMT
            Not After : Apr 28 07:01:32 2025 GMT
        Subject: CN=e9a25f7b3b7f1f43d03c9378454b1f6a966a2dac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:16:f6:29:57:86:56:36:24:56:2a:00:37:e7:
                    cf:9a:d9:d8:a3:af:81:b1:70:d7:4c:19:ad:38:6a:
                    3c:5f:ca:22:ad:7c:4b:3c:1e:91:4f:91:82:f6:bc:
                    cc:92:da:f6:8c:5f:24:76:fc:a5:7a:c0:03:db:25:
                    02:64:aa:d6:5b:79:34:62:bb:f3:77:12:f2:67:3e:
                    0a:83:e6:88:6f:e7:fa:c7:1f:56:c9:42:8c:8f:cb:
                    b9:39:93:7a:3b:a4:94:b3:bf:6d:f0:72:8f:9d:59:
                    1e:6c:af:c8:d3:ff:9a:1f:c8:72:de:61:91:77:b0:
                    b3:b0:cd:b1:c4:26:db:a9:3e:d3:82:86:1d:c8:26:
                    5c:f7:73:2c:3b:5f:6a:f4:07:2f:ad:0d:d0:5f:2f:
                    90:73:77:3a:a4:a2:ab:2c:a6:17:88:88:92:58:23:
                    1f:66:43:31:74:19:6d:26:35:7f:1b:77:9a:21:1d:
                    b3:9d:ac:8d:66:20:0d:1b:55:88:63:8b:5d:76:2b:
                    0f:42:20:8c:03:7c:e9:93:4f:97:e4:22:33:1e:b4:
                    84:cb:88:d9:a2:7a:d3:f1:d0:b4:78:3f:c2:cd:b9:
                    bd:87:62:c3:42:63:f6:31:49:a8:9e:3d:65:c0:59:
                    9d:2b:64:f9:10:22:ca:cf:6c:e2:03:95:70:3c:31:
                    83:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:A2:5F:7B:3B:7F:1F:43:D0:3C:93:78:45:4B:1F:6A:96:6A:2D:AC
            X509v3 Authority Key Identifier:
                keyid:14:07:7C:5B:77:6C:DB:7C:F7:BC:35:D6:B4:42:E3:67:76:AB:0C:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FAd8W3ds23z3vDXWtELjZ3arDG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:d1:9b:5f:a3:bd:87:0a:39:5f:e3:b2:8b:94:d7:a6:08:ab:
         93:d4:44:a2:24:d7:1e:58:d5:ad:c6:75:6e:66:6f:3f:39:1f:
         7e:42:08:7a:f6:c0:4d:fc:9b:e1:c3:c0:65:34:2a:a9:1d:a7:
         eb:56:c6:64:76:66:6f:6c:d7:39:56:89:36:1d:1a:eb:5c:41:
         07:28:7a:ae:cc:32:42:99:bc:ef:8b:bf:12:81:fb:f1:9a:33:
         ae:e2:ea:4b:a4:40:3d:2e:f5:6d:1b:ac:3c:9a:26:0d:2d:4c:
         2e:fc:9d:5e:74:e4:a1:f9:6c:30:24:10:4f:db:c3:15:be:c5:
         af:c3:02:ca:74:49:a5:47:1d:bc:4e:b8:9b:7b:fb:0c:0a:4f:
         93:83:45:c2:44:f4:c3:95:91:1d:e1:33:3b:01:50:3f:b5:2c:
         90:e7:b3:cc:98:9d:3f:5e:66:d2:52:50:79:a4:37:52:a9:f5:
         35:10:88:71:f5:1d:7b:30:89:96:2f:ee:e7:da:47:d6:8d:e0:
         56:9f:1c:44:4e:f8:12:cc:1d:34:66:70:46:83:fd:b1:23:a7:
         5f:6e:d2:9d:1b:f5:96:6b:65:90:ff:8c:e9:0a:dc:0c:24:46:
         03:d0:38:06:c5:6c:86:f2:4d:63:20:3f:54:2c:7f:01:3f:a3:
         b4:f3:89:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DRpqhCGr7DcWwpecgDViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0MDc3YzViNzc2Y2RiN2NmN2JjMzVkNmI0NDJlMzY3NzZh
YjBjNmUwHhcNMjUwNDI3MDcwMTMyWhcNMjUwNDI4MDcwMTMyWjAzMTEwLwYDVQQD
EyhlOWEyNWY3YjNiN2YxZjQzZDAzYzkzNzg0NTRiMWY2YTk2NmEyZGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xb2KVeGVjYkVioAN+fPmtnYo6+B
sXDXTBmtOGo8X8oirXxLPB6RT5GC9rzMktr2jF8kdvylesAD2yUCZKrWW3k0Yrvz
dxLyZz4Kg+aIb+f6xx9WyUKMj8u5OZN6O6SUs79t8HKPnVkebK/I0/+aH8hy3mGR
d7CzsM2xxCbbqT7TgoYdyCZc93MsO19q9AcvrQ3QXy+Qc3c6pKKrLKYXiIiSWCMf
ZkMxdBltJjV/G3eaIR2znayNZiANG1WIY4tddisPQiCMA3zpk0+X5CIzHrSEy4jZ
onrT8dC0eD/Czbm9h2LDQmP2MUmonj1lwFmdK2T5ECLKz2ziA5VwPDGDgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOmiX3s7fx9D0DyTeEVLH2qWai2sMB8GA1UdIwQY
MBaAFBQHfFt3bNt897w11rRC42d2qwxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkFkOFczZHMyM3ozdkRYV3RFTGpaM2FyREc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9iNzExZDctZWEwNi00ZTQyLTk4Zjct
NjNhNGNhZWRiMzhlLzEvRkFkOFczZHMyM3ozdkRYV3RFTGpaM2FyREc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9iNzExZDctZWEwNi00ZTQyLTk4ZjctNjNhNGNhZWRiMzhl
LzEvRkFkOFczZHMyM3ozdkRYV3RFTGpaM2FyREc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAftGbX6O9
hwo5X+Oyi5TXpgirk9REoiTXHljVrcZ1bmZvPzkffkIIevbATfyb4cPAZTQqqR2n
61bGZHZmb2zXOVaJNh0a61xBByh6rswyQpm874u/EoH78ZozruLqS6RAPS71bRus
PJomDS1MLvydXnTkoflsMCQQT9vDFb7Fr8MCynRJpUcdvE64m3v7DApPk4NFwkT0
w5WRHeEzOwFQP7UskOezzJidP15m0lJQeaQ3Uqn1NRCIcfUdezCJli/u59pH1o3g
Vp8cRE74EswdNGZwRoP9sSOnX27SnRv1lmtlkP+M6QrcDCRGA9A4BsVshvJNYyA/
VCx/AT+jtPOJVA==
-----END CERTIFICATE-----