Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
File:                     1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft (raw, json)
Hash identifier:          5G2GPd82mhWORmyDwfANAllZmm0h6FueQxx89GIRkSA=
Subject key identifier:   C0:45:D8:6D:5F:93:86:0F:7B:B2:92:55:11:81:76:36:96:DD:DC:43
Authority key identifier: D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5
Certificate issuer:       /CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
Certificate serial:       0196808FCAF26EE5934EABFDD4A3E903C975
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
Manifest number:          022C
Signing time:             Tue 29 Apr 2025 08:00:29 +0000
Manifest this update:     Tue 29 Apr 2025 08:00:29 +0000
Manifest next update:     Wed 30 Apr 2025 08:00:29 +0000
Files and hashes:         1: 1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl (hash: cn2k5OmwL4gPzpiFXU03nRD4FWlO2807eE9xgmc8bWA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 08:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:80:8f:ca:f2:6e:e5:93:4e:ab:fd:d4:a3:e9:03:c9:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
        Validity
            Not Before: Apr 29 08:00:29 2025 GMT
            Not After : Apr 30 08:00:29 2025 GMT
        Subject: CN=c045d86d5f93860f7bb292551181763696dddc43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:a6:ab:cf:2b:e4:89:25:e2:cb:03:f3:1d:25:
                    be:01:fa:6b:de:7b:9b:6b:d3:fe:9b:43:94:a6:22:
                    8d:82:c1:c5:26:a7:7f:ad:26:da:97:7d:e7:dc:ce:
                    6b:d2:52:66:ec:b6:e1:11:4b:72:97:90:01:59:d7:
                    55:0e:fb:2f:57:3d:41:1d:90:46:3a:5d:35:1d:05:
                    6f:f3:09:5c:15:f0:28:5f:a5:de:6f:f6:37:e4:61:
                    ca:2f:ab:37:d1:98:4d:71:a4:b7:d8:ae:0b:28:75:
                    0b:7e:a9:e2:ca:ea:cb:df:b7:dc:d3:9d:0d:4d:fc:
                    0e:bd:b4:e8:fd:dc:cb:a0:40:26:90:59:a0:d3:6f:
                    5e:31:6c:c2:95:6b:82:d3:fa:7c:34:ea:60:14:b9:
                    dd:b8:3b:51:b5:cd:74:a2:c4:bd:59:32:da:58:f1:
                    84:b4:e9:82:f6:79:cf:39:02:3c:ff:21:8b:c5:23:
                    10:23:b9:77:7f:15:db:08:b2:df:94:7f:59:74:98:
                    e9:12:87:89:e0:c4:68:68:d7:e1:1f:c6:a1:4f:dd:
                    b1:ef:3c:e4:ec:c9:74:ea:f4:9c:da:03:2f:8a:30:
                    f7:25:66:0f:c9:53:d1:3f:f8:8b:7b:b1:c0:b8:be:
                    52:ef:69:2c:be:8e:ca:7c:71:a0:bb:43:08:d7:ed:
                    76:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:45:D8:6D:5F:93:86:0F:7B:B2:92:55:11:81:76:36:96:DD:DC:43
            X509v3 Authority Key Identifier:
                keyid:D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:b7:6f:b0:b7:05:54:4a:fb:18:df:ce:18:65:a0:45:da:2f:
         0a:ca:fa:12:b0:e0:e6:5b:bd:06:a9:bc:ff:63:fc:db:50:e8:
         31:3b:e4:94:a8:8f:3e:f2:55:00:23:4c:a6:91:87:26:44:fb:
         a1:75:34:32:cc:d3:31:c7:24:4d:26:15:82:34:ad:a9:a4:cc:
         f9:69:5d:08:ab:00:6b:42:36:8b:db:21:5d:b3:31:f8:d9:5e:
         4f:27:b7:33:65:3e:2c:91:ac:df:6b:3d:d8:12:36:77:97:2f:
         67:ee:68:81:81:0d:7e:ff:96:5f:b5:05:8b:26:09:d8:f1:bd:
         f5:ae:7b:59:fd:31:cb:43:7d:b9:b4:9b:e4:a5:7e:2b:54:68:
         0c:57:e9:9d:97:f2:b8:c3:a0:05:e3:d5:d0:c7:fa:68:ac:eb:
         af:6a:64:11:be:3d:9b:aa:37:ec:65:2e:ab:bd:a0:9b:98:b8:
         0e:79:8f:92:c5:77:b5:92:fe:0c:17:bd:cb:7d:ad:43:9c:e6:
         7e:13:f4:cc:37:03:65:de:bd:be:16:46:88:19:55:56:fb:ba:
         7d:e4:2f:e7:a0:43:da:cc:9e:7d:7c:a6:fa:10:ce:5e:83:38:
         2d:8b:e9:2c:7f:77:f6:b7:ae:80:85:64:cf:b4:9f:96:e7:47:
         0d:42:46:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAj8rybuWTTqv91KPpA8l1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjYyM2RhNGNkMmVlZGRjMmM4N2M1MTVjNjI1MThjNDMx
ZDNmYjUwHhcNMjUwNDI5MDgwMDI5WhcNMjUwNDMwMDgwMDI5WjAzMTEwLwYDVQQD
EyhjMDQ1ZDg2ZDVmOTM4NjBmN2JiMjkyNTUxMTgxNzYzNjk2ZGRkYzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KarzyvkiSXiywPzHSW+Afpr3nub
a9P+m0OUpiKNgsHFJqd/rSbal33n3M5r0lJm7LbhEUtyl5ABWddVDvsvVz1BHZBG
Ol01HQVv8wlcFfAoX6Xeb/Y35GHKL6s30ZhNcaS32K4LKHULfqniyurL37fc050N
TfwOvbTo/dzLoEAmkFmg029eMWzClWuC0/p8NOpgFLnduDtRtc10osS9WTLaWPGE
tOmC9nnPOQI8/yGLxSMQI7l3fxXbCLLflH9ZdJjpEoeJ4MRoaNfhH8ahT92x7zzk
7Ml06vSc2gMvijD3JWYPyVPRP/iLe7HAuL5S72ksvo7KfHGgu0MI1+12nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMBF2G1fk4YPe7KSVRGBdjaW3dxDMB8GA1UdIwQY
MBaAFNX2I9pM0u7dwsh8UVxiUYxDHT+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3Mzkt
MDRmMWRjZWMzMjBlLzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3MzktMDRmMWRjZWMzMjBl
LzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZbdvsLcF
VEr7GN/OGGWgRdovCsr6ErDg5lu9Bqm8/2P821DoMTvklKiPPvJVACNMppGHJkT7
oXU0MszTMcckTSYVgjStqaTM+WldCKsAa0I2i9shXbMx+NleTye3M2U+LJGs32s9
2BI2d5cvZ+5ogYENfv+WX7UFiyYJ2PG99a57Wf0xy0N9ubSb5KV+K1RoDFfpnZfy
uMOgBePV0Mf6aKzrr2pkEb49m6o37GUuq72gm5i4DnmPksV3tZL+DBe9y32tQ5zm
fhP0zDcDZd69vhZGiBlVVvu6feQv56BD2syefXym+hDOXoM4LYvpLH939reugIVk
z7SfludHDUJGNw==
-----END CERTIFICATE-----