Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/6fc5cf-998b-4e3d-9dfa-1c3864a7c2de/1/vWCuPD0yPaOUps4F9rI9fPTdE0g.mft
File:                     vWCuPD0yPaOUps4F9rI9fPTdE0g.mft (raw, json)
Hash identifier:          uh8IW3VarnBjDFRA3QwwSwQVXD+Xjquk6F9F++XAHtI=
Subject key identifier:   13:6F:3D:69:7D:D0:51:33:EC:FB:81:29:AC:E3:9A:09:03:CA:00:DD
Authority key identifier: BD:60:AE:3C:3D:32:3D:A3:94:A6:CE:05:F6:B2:3D:7C:F4:DD:13:48
Certificate issuer:       /CN=bd60ae3c3d323da394a6ce05f6b23d7cf4dd1348
Certificate serial:       019680902E5880AF876B93736965F95AE70C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vWCuPD0yPaOUps4F9rI9fPTdE0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/6fc5cf-998b-4e3d-9dfa-1c3864a7c2de/1/vWCuPD0yPaOUps4F9rI9fPTdE0g.mft
Manifest number:          0F0C
Signing time:             Tue 29 Apr 2025 08:00:54 +0000
Manifest this update:     Tue 29 Apr 2025 08:00:54 +0000
Manifest next update:     Wed 30 Apr 2025 08:00:54 +0000
Files and hashes:         1: vWCuPD0yPaOUps4F9rI9fPTdE0g.crl (hash: iaBxoZxHa7cq6AiehK/bWCQlEgabzUcLR5FemCRp2oQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/6fc5cf-998b-4e3d-9dfa-1c3864a7c2de/1/vWCuPD0yPaOUps4F9rI9fPTdE0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/6fc5cf-998b-4e3d-9dfa-1c3864a7c2de/1/vWCuPD0yPaOUps4F9rI9fPTdE0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vWCuPD0yPaOUps4F9rI9fPTdE0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 08:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:80:90:2e:58:80:af:87:6b:93:73:69:65:f9:5a:e7:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bd60ae3c3d323da394a6ce05f6b23d7cf4dd1348
        Validity
            Not Before: Apr 29 08:00:54 2025 GMT
            Not After : Apr 30 08:00:54 2025 GMT
        Subject: CN=136f3d697dd05133ecfb8129ace39a0903ca00dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:32:58:3a:94:eb:62:c3:78:bb:d5:e9:c9:4f:
                    19:ea:22:cc:dd:3f:b4:f2:d4:64:7c:12:07:68:37:
                    63:b6:b1:19:d8:11:24:28:03:31:4a:60:b7:73:94:
                    ae:74:e6:06:97:fb:cb:59:86:dd:11:8f:a3:74:50:
                    ac:a3:e2:25:6b:2a:fa:fe:09:6f:ab:0c:4f:e0:f2:
                    4a:89:bf:34:b1:1b:2f:3d:05:0c:3c:23:ff:4d:1b:
                    70:24:53:30:30:42:63:21:23:47:75:f8:79:18:2e:
                    4a:c2:a1:a0:28:4b:63:01:64:14:db:a4:56:9f:33:
                    68:95:90:59:f3:b3:59:fb:52:76:4f:e0:0e:6f:4f:
                    d9:a7:49:a3:f9:a6:be:53:07:c0:60:6f:b7:ba:0b:
                    92:15:b4:5d:48:f1:b7:f5:55:61:c8:40:65:65:63:
                    25:99:a8:bb:9d:62:ee:0b:23:97:77:57:5d:16:64:
                    8b:0c:b8:92:30:85:ad:ed:09:75:86:f9:f6:9a:b1:
                    a6:e7:14:79:09:4d:07:6a:90:49:e5:19:17:60:c7:
                    c7:3c:b9:7d:20:96:ee:71:db:d4:39:0d:55:36:9b:
                    1c:e0:16:6e:7f:b6:57:f4:8b:a0:35:61:61:13:a5:
                    f3:c1:1b:e8:3f:87:77:02:ff:f6:e9:63:8b:e9:23:
                    c2:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:6F:3D:69:7D:D0:51:33:EC:FB:81:29:AC:E3:9A:09:03:CA:00:DD
            X509v3 Authority Key Identifier:
                keyid:BD:60:AE:3C:3D:32:3D:A3:94:A6:CE:05:F6:B2:3D:7C:F4:DD:13:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vWCuPD0yPaOUps4F9rI9fPTdE0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/6fc5cf-998b-4e3d-9dfa-1c3864a7c2de/1/vWCuPD0yPaOUps4F9rI9fPTdE0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/6fc5cf-998b-4e3d-9dfa-1c3864a7c2de/1/vWCuPD0yPaOUps4F9rI9fPTdE0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:1b:30:db:11:e4:3b:98:3f:59:a6:18:48:64:9f:9b:f1:c3:
         ce:52:33:ad:68:ec:7a:7e:58:77:54:88:0c:02:29:ee:32:03:
         ed:a4:49:5d:4b:ef:ca:73:0a:8f:aa:28:a4:9a:43:5d:b5:14:
         b4:50:f5:15:87:c0:a2:63:15:85:26:d7:2d:49:3b:02:14:87:
         c4:a7:d9:2e:bc:5e:32:13:19:6a:fc:f4:35:c7:10:74:fd:1c:
         71:f5:44:40:24:ed:90:da:4c:8b:c0:e7:20:f9:d0:b6:53:8c:
         eb:38:a4:8d:8e:6f:57:42:4b:5b:9e:95:ec:f3:45:e7:5e:1e:
         31:84:79:66:c8:c6:11:d2:c2:52:2b:04:b4:88:89:82:a5:9e:
         3d:21:c4:8a:bd:69:d1:e6:8a:71:87:ba:70:8f:d5:1d:75:68:
         62:d9:7f:10:54:e1:fb:86:cb:5f:8d:21:38:8b:22:90:d7:06:
         b7:72:9b:c9:80:70:a1:4e:33:1f:d0:0c:01:60:f2:69:d0:ae:
         cf:6c:46:f9:db:be:77:c8:fd:4a:73:a0:23:fc:12:d9:dd:31:
         c8:f3:0b:3d:57:0b:4c:bc:f0:ce:a4:20:f6:17:08:25:41:04:
         02:85:50:84:88:bb:42:02:f4:54:64:e4:a8:68:9b:d9:4c:e1:
         13:05:57:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAkC5YgK+Ha5NzaWX5WucMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNjBhZTNjM2QzMjNkYTM5NGE2Y2UwNWY2YjIzZDdjZjRk
ZDEzNDgwHhcNMjUwNDI5MDgwMDU0WhcNMjUwNDMwMDgwMDU0WjAzMTEwLwYDVQQD
EygxMzZmM2Q2OTdkZDA1MTMzZWNmYjgxMjlhY2UzOWEwOTAzY2EwMGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jJYOpTrYsN4u9XpyU8Z6iLM3T+0
8tRkfBIHaDdjtrEZ2BEkKAMxSmC3c5SudOYGl/vLWYbdEY+jdFCso+Ilayr6/glv
qwxP4PJKib80sRsvPQUMPCP/TRtwJFMwMEJjISNHdfh5GC5KwqGgKEtjAWQU26RW
nzNolZBZ87NZ+1J2T+AOb0/Zp0mj+aa+UwfAYG+3uguSFbRdSPG39VVhyEBlZWMl
mai7nWLuCyOXd1ddFmSLDLiSMIWt7Ql1hvn2mrGm5xR5CU0HapBJ5RkXYMfHPLl9
IJbucdvUOQ1VNpsc4BZuf7ZX9IugNWFhE6XzwRvoP4d3Av/26WOL6SPCmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBNvPWl90FEz7PuBKazjmgkDygDdMB8GA1UdIwQY
MBaAFL1grjw9Mj2jlKbOBfayPXz03RNIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdldDdVBEMHlQYU9VcHM0RjlySTlmUFRkRTBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS82ZmM1Y2YtOTk4Yi00ZTNkLTlkZmEt
MWMzODY0YTdjMmRlLzEvdldDdVBEMHlQYU9VcHM0RjlySTlmUFRkRTBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS82ZmM1Y2YtOTk4Yi00ZTNkLTlkZmEtMWMzODY0YTdjMmRl
LzEvdldDdVBEMHlQYU9VcHM0RjlySTlmUFRkRTBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjhsw2xHk
O5g/WaYYSGSfm/HDzlIzrWjsen5Yd1SIDAIp7jID7aRJXUvvynMKj6oopJpDXbUU
tFD1FYfAomMVhSbXLUk7AhSHxKfZLrxeMhMZavz0NccQdP0ccfVEQCTtkNpMi8Dn
IPnQtlOM6zikjY5vV0JLW56V7PNF514eMYR5ZsjGEdLCUisEtIiJgqWePSHEir1p
0eaKcYe6cI/VHXVoYtl/EFTh+4bLX40hOIsikNcGt3KbyYBwoU4zH9AMAWDyadCu
z2xG+du+d8j9SnOgI/wS2d0xyPMLPVcLTLzwzqQg9hcIJUEEAoVQhIi7QgL0VGTk
qGib2UzhEwVX5w==
-----END CERTIFICATE-----