Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
File:                     RmSgU4XAYmgVApGX6xUGSF09bRw.mft (raw, json)
Hash identifier:          XgUfRsxMtbX5q+WosvRGNk7P3GbW5WdbooMgM+RtW7o=
Subject key identifier:   F2:31:17:8A:93:C9:42:57:9C:00:07:AD:9C:56:39:CC:D5:28:9F:D3
Authority key identifier: 46:64:A0:53:85:C0:62:68:15:02:91:97:EB:15:06:48:5D:3D:6D:1C
Certificate issuer:       /CN=4664a05385c0626815029197eb1506485d3d6d1c
Certificate serial:       019686C93D8AE494B55F761EF9B470FA40A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
Manifest number:          066D
Signing time:             Wed 30 Apr 2025 13:00:57 +0000
Manifest this update:     Wed 30 Apr 2025 13:00:57 +0000
Manifest next update:     Thu 01 May 2025 13:00:57 +0000
Files and hashes:         1: RmSgU4XAYmgVApGX6xUGSF09bRw.crl (hash: y4ca+kE2k8fqskk8M4M7XYt4yB0NzSTMq4g6ua7Q+ho=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 13:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:86:c9:3d:8a:e4:94:b5:5f:76:1e:f9:b4:70:fa:40:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4664a05385c0626815029197eb1506485d3d6d1c
        Validity
            Not Before: Apr 30 13:00:57 2025 GMT
            Not After : May  1 13:00:57 2025 GMT
        Subject: CN=f231178a93c942579c0007ad9c5639ccd5289fd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:ad:3c:85:ab:21:11:a8:e0:38:28:7f:e6:e4:
                    5c:33:13:34:e6:a4:fc:1d:4c:38:dc:7c:1a:90:ff:
                    34:07:69:4c:c4:df:8f:b8:5b:2a:f5:e5:f4:0d:a3:
                    fb:6f:a3:e6:c4:30:e5:40:71:86:ca:06:db:6b:04:
                    0b:5e:ac:5a:57:e2:99:e9:eb:f1:2a:49:c0:f0:e9:
                    f9:96:98:97:d4:81:b3:fb:fb:e5:50:37:58:9f:97:
                    57:41:2d:f3:35:03:1c:26:d4:74:6e:ba:af:b0:80:
                    d7:60:7c:28:ca:af:a8:42:b6:76:8b:75:6c:c0:f1:
                    07:06:6d:d1:10:24:89:bc:98:a9:bc:05:58:a2:e8:
                    dc:9f:dc:07:ea:57:33:8b:22:7a:3c:66:12:17:66:
                    30:96:67:f6:72:63:2b:73:44:61:82:79:c9:4a:26:
                    11:f0:9e:05:4d:67:ce:3d:60:02:15:26:a2:b5:1c:
                    f9:d7:13:a8:37:41:b9:01:28:39:d1:00:d1:52:91:
                    07:64:64:0b:b8:b1:2d:3c:71:f8:77:bb:be:6f:f3:
                    45:d1:6e:14:c0:3b:02:0b:aa:df:41:94:51:f3:f5:
                    61:42:a5:53:32:15:f5:73:fe:ad:51:35:eb:a5:ac:
                    74:d1:c5:89:16:40:ef:0b:4f:25:92:01:a9:68:35:
                    ef:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:31:17:8A:93:C9:42:57:9C:00:07:AD:9C:56:39:CC:D5:28:9F:D3
            X509v3 Authority Key Identifier:
                keyid:46:64:A0:53:85:C0:62:68:15:02:91:97:EB:15:06:48:5D:3D:6D:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:ed:7e:6a:29:87:df:32:94:1b:a5:6e:86:ff:f0:32:45:ab:
         c9:57:3b:76:7c:9c:8b:16:de:7b:41:b8:d1:bd:48:74:9d:47:
         c4:b7:e6:22:db:8e:dc:9b:f0:a1:53:96:cd:79:e2:9d:ac:7d:
         4c:e1:93:fe:76:b5:5c:ad:c8:ba:6f:6d:39:db:e8:da:75:61:
         3f:e3:79:14:6e:aa:ae:58:e7:0e:86:49:43:4f:5a:20:4a:05:
         fb:a6:5f:89:7c:58:94:9f:8c:b7:6f:35:31:35:20:11:93:96:
         a7:10:8a:52:3d:06:03:03:8e:b5:3c:9e:3f:d6:1e:91:fd:a3:
         5c:03:4f:f6:01:f7:09:77:70:1c:f9:c5:7e:93:b2:bb:cf:48:
         44:1e:21:17:08:56:9c:b7:f1:81:3c:2e:fe:de:b1:df:c8:28:
         68:db:33:04:12:a6:f2:14:83:b5:08:c0:d3:df:29:37:6b:ed:
         e9:3d:ab:fd:83:05:4d:49:04:8b:a6:7c:38:48:7e:cf:72:47:
         5e:90:0a:36:64:fb:42:cb:80:fc:ec:e0:38:5c:be:57:0a:24:
         c6:c6:b6:54:c0:81:93:1f:bb:2f:e9:8b:a7:84:48:58:fd:3f:
         bd:65:83:53:60:ab:0d:80:47:ac:e2:8a:a5:f6:66:b2:4a:e4:
         1d:a1:a2:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaGyT2K5JS1X3Ye+bRw+kChMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NjRhMDUzODVjMDYyNjgxNTAyOTE5N2ViMTUwNjQ4NWQz
ZDZkMWMwHhcNMjUwNDMwMTMwMDU3WhcNMjUwNTAxMTMwMDU3WjAzMTEwLwYDVQQD
EyhmMjMxMTc4YTkzYzk0MjU3OWMwMDA3YWQ5YzU2MzljY2Q1Mjg5ZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnq08hashEajgOCh/5uRcMxM05qT8
HUw43HwakP80B2lMxN+PuFsq9eX0DaP7b6PmxDDlQHGGygbbawQLXqxaV+KZ6evx
KknA8On5lpiX1IGz+/vlUDdYn5dXQS3zNQMcJtR0brqvsIDXYHwoyq+oQrZ2i3Vs
wPEHBm3RECSJvJipvAVYoujcn9wH6lcziyJ6PGYSF2Ywlmf2cmMrc0RhgnnJSiYR
8J4FTWfOPWACFSaitRz51xOoN0G5ASg50QDRUpEHZGQLuLEtPHH4d7u+b/NF0W4U
wDsCC6rfQZRR8/VhQqVTMhX1c/6tUTXrpax00cWJFkDvC08lkgGpaDXvOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPIxF4qTyUJXnAAHrZxWOczVKJ/TMB8GA1UdIwQY
MBaAFEZkoFOFwGJoFQKRl+sVBkhdPW0cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iZDc2NDYtYWRkOS00ODU5LTlkZTkt
OWM4NDg1NDgzZDU5LzEvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iZDc2NDYtYWRkOS00ODU5LTlkZTktOWM4NDg1NDgzZDU5
LzEvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhu1+aimH
3zKUG6Vuhv/wMkWryVc7dnycixbee0G40b1IdJ1HxLfmItuO3JvwoVOWzXninax9
TOGT/na1XK3Ium9tOdvo2nVhP+N5FG6qrljnDoZJQ09aIEoF+6ZfiXxYlJ+Mt281
MTUgEZOWpxCKUj0GAwOOtTyeP9Yekf2jXANP9gH3CXdwHPnFfpOyu89IRB4hFwhW
nLfxgTwu/t6x38goaNszBBKm8hSDtQjA098pN2vt6T2r/YMFTUkEi6Z8OEh+z3JH
XpAKNmT7QsuA/OzgOFy+Vwokxsa2VMCBkx+7L+mLp4RIWP0/vWWDU2CrDYBHrOKK
pfZmskrkHaGiTQ==
-----END CERTIFICATE-----