Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
File:                     _tPwXKP9-ef5nGXMagpnJPWTGnA.mft (raw, json)
Hash identifier:          A1cZN7Z0e/aLFJLFg1MeGSZ0eO4jEbkvsP2fvSsJAKY=
Subject key identifier:   77:7A:94:F0:B9:A6:29:9D:65:F4:F1:C0:7C:CC:0E:72:F1:79:31:BB
Authority key identifier: FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70
Certificate issuer:       /CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
Certificate serial:       0196911677D5FD8C4B952B97F48A751580AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
Manifest number:          1518
Signing time:             Fri 02 May 2025 13:01:30 +0000
Manifest this update:     Fri 02 May 2025 13:01:30 +0000
Manifest next update:     Sat 03 May 2025 13:01:30 +0000
Files and hashes:         1: _tPwXKP9-ef5nGXMagpnJPWTGnA.crl (hash: fj1772jRIlpYIjv3AxCOPaaUrwZAVXYNXC1I0RK/uC4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:91:16:77:d5:fd:8c:4b:95:2b:97:f4:8a:75:15:80:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
        Validity
            Not Before: May  2 13:01:30 2025 GMT
            Not After : May  3 13:01:30 2025 GMT
        Subject: CN=777a94f0b9a6299d65f4f1c07ccc0e72f17931bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:b6:5f:30:74:97:e7:dc:6b:1b:8d:08:51:64:
                    a1:76:fb:c8:eb:e9:d9:dd:e1:a5:55:ba:54:6d:36:
                    d1:89:7b:8d:9c:a5:fa:66:15:0d:60:0e:ae:4d:fd:
                    7c:c0:8c:79:0c:82:03:c8:12:45:9b:10:59:f0:41:
                    40:47:d1:7d:32:19:16:00:2e:97:62:2d:6e:33:2e:
                    5e:2a:17:7d:58:81:71:de:76:ca:70:cc:b4:91:01:
                    1e:97:ac:5f:d0:fb:b3:59:db:3d:6b:be:a9:3f:32:
                    46:e8:4a:90:76:76:7e:2b:c9:d8:44:c4:13:2c:c2:
                    43:df:23:8d:7e:49:af:a5:dd:e2:16:3e:73:17:60:
                    3b:cd:99:48:d1:c3:4e:5c:b7:c3:fe:8b:08:33:6b:
                    55:e1:11:c0:d1:42:10:e5:6c:7b:8b:b6:ea:f4:6d:
                    3c:34:f4:69:51:05:52:6c:54:f0:24:04:06:5c:b9:
                    fa:45:05:d8:5e:7c:e2:6c:03:12:53:eb:48:0d:b6:
                    ad:25:f6:69:93:d5:c0:92:37:e9:61:0e:b0:1a:78:
                    57:b9:4b:6a:3d:e0:de:89:e5:38:b1:8c:3c:a5:90:
                    46:ca:94:a7:97:8f:f6:f4:59:bd:32:b1:fa:02:19:
                    8b:0e:5e:3f:f5:3c:a7:f4:6b:7a:07:9c:22:ca:fc:
                    8e:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:7A:94:F0:B9:A6:29:9D:65:F4:F1:C0:7C:CC:0E:72:F1:79:31:BB
            X509v3 Authority Key Identifier:
                keyid:FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:b8:1b:78:90:ff:ba:67:35:2d:05:be:e3:e5:70:b6:b0:b9:
         78:b3:b0:7b:e2:c5:9d:bf:32:c9:09:1a:ff:02:4d:7f:27:42:
         f5:44:38:6e:99:56:3e:01:54:c4:e8:97:0d:c2:ee:2b:08:ec:
         f4:8f:30:d5:b7:b8:2f:b9:a3:64:fa:61:55:8b:43:85:4a:e2:
         94:2d:3c:a5:a7:36:c1:c8:44:56:64:a0:7f:d0:83:46:3f:6e:
         ac:d5:c4:b3:ae:27:e9:36:30:b6:82:1b:ba:e8:54:7f:21:88:
         f3:0b:eb:9a:c4:48:a5:e5:02:25:d9:fa:d5:07:57:76:e8:e6:
         e7:80:7b:61:9f:e1:29:ec:81:66:7d:d7:ef:37:50:55:d7:6f:
         f8:63:21:40:97:0b:33:de:a5:37:65:65:1d:7f:dd:42:cc:2c:
         86:47:63:1f:12:b2:c0:78:c9:c7:23:7a:24:56:de:d6:65:e7:
         31:0a:a2:88:d6:59:2e:fc:2a:0b:ab:12:a8:5f:58:7b:1e:9a:
         08:10:1a:c3:07:76:bc:fd:27:e0:d7:eb:54:bb:65:ad:a3:6f:
         7b:dc:eb:01:22:48:f8:7b:70:80:b5:25:e1:92:98:31:01:c1:
         63:8d:2f:1a:a0:0c:a4:62:15:35:e4:df:50:6c:77:70:30:77:
         36:13:4c:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaRFnfV/YxLlSuX9Ip1FYCsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDNmMDVjYTNmZGY5ZTdmOTljNjVjYzZhMGE2NzI0ZjU5
MzFhNzAwHhcNMjUwNTAyMTMwMTMwWhcNMjUwNTAzMTMwMTMwWjAzMTEwLwYDVQQD
Eyg3NzdhOTRmMGI5YTYyOTlkNjVmNGYxYzA3Y2NjMGU3MmYxNzkzMWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17ZfMHSX59xrG40IUWShdvvI6+nZ
3eGlVbpUbTbRiXuNnKX6ZhUNYA6uTf18wIx5DIIDyBJFmxBZ8EFAR9F9MhkWAC6X
Yi1uMy5eKhd9WIFx3nbKcMy0kQEel6xf0PuzWds9a76pPzJG6EqQdnZ+K8nYRMQT
LMJD3yONfkmvpd3iFj5zF2A7zZlI0cNOXLfD/osIM2tV4RHA0UIQ5Wx7i7bq9G08
NPRpUQVSbFTwJAQGXLn6RQXYXnzibAMSU+tIDbatJfZpk9XAkjfpYQ6wGnhXuUtq
PeDeieU4sYw8pZBGypSnl4/29Fm9MrH6AhmLDl4/9Tyn9Gt6B5wiyvyO/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHd6lPC5pimdZfTxwHzMDnLxeTG7MB8GA1UdIwQY
MBaAFP7T8Fyj/fnn+ZxlzGoKZyT1kxpwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWIt
YWM1ZWU2MjViYWJjLzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWItYWM1ZWU2MjViYWJj
LzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf7gbeJD/
umc1LQW+4+VwtrC5eLOwe+LFnb8yyQka/wJNfydC9UQ4bplWPgFUxOiXDcLuKwjs
9I8w1be4L7mjZPphVYtDhUrilC08pac2wchEVmSgf9CDRj9urNXEs64n6TYwtoIb
uuhUfyGI8wvrmsRIpeUCJdn61QdXdujm54B7YZ/hKeyBZn3X7zdQVddv+GMhQJcL
M96lN2VlHX/dQswshkdjHxKywHjJxyN6JFbe1mXnMQqiiNZZLvwqC6sSqF9Yex6a
CBAawwd2vP0n4NfrVLtlraNve9zrASJI+HtwgLUl4ZKYMQHBY40vGqAMpGIVNeTf
UGx3cDB3NhNM+A==
-----END CERTIFICATE-----