Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
File:                     t38R7tTnnIXMxWLfPR8oPjOdou0.mft (raw, json)
Hash identifier:          cKdhm8TM1YPw8WnrW/moDmuO0CRany+1EXJEAdU7t+A=
Subject key identifier:   FB:11:1B:3E:73:E4:95:67:EC:66:A8:E6:45:3A:0E:57:EE:D6:AA:2E
Authority key identifier: B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED
Certificate issuer:       /CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
Certificate serial:       01967DC5901DE1CFB2EA0689B6BF74D39BDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
Manifest number:          0BB5
Signing time:             Mon 28 Apr 2025 19:00:21 +0000
Manifest this update:     Mon 28 Apr 2025 19:00:21 +0000
Manifest next update:     Tue 29 Apr 2025 19:00:21 +0000
Files and hashes:         1: t38R7tTnnIXMxWLfPR8oPjOdou0.crl (hash: O+ayrgcbRPkcZU+Xw0YjMJdXvqsja4ZVSO6YG3ZJ5y8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 15:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7d:c5:90:1d:e1:cf:b2:ea:06:89:b6:bf:74:d3:9b:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
        Validity
            Not Before: Apr 28 19:00:21 2025 GMT
            Not After : Apr 29 19:00:21 2025 GMT
        Subject: CN=fb111b3e73e49567ec66a8e6453a0e57eed6aa2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:eb:95:d8:0f:a2:af:12:9a:74:4e:5c:47:dd:
                    15:61:a8:98:80:97:63:ef:d3:60:9c:37:bf:9e:94:
                    2e:63:43:6d:03:44:50:c6:fc:c8:37:dc:89:6c:18:
                    ce:8f:5d:ac:8d:17:d0:cc:85:19:97:30:d6:33:1b:
                    f9:ae:ec:48:6a:9b:db:f4:ad:1f:3a:c1:0e:de:60:
                    9f:39:49:47:69:a4:e2:60:1c:f1:1e:d9:f6:8e:b3:
                    8d:84:92:f6:57:06:95:bc:5a:b1:51:c3:31:90:d3:
                    99:8a:b4:87:5d:a5:20:db:0e:cd:9f:59:6d:50:c1:
                    3e:23:55:be:b1:10:fa:23:90:bf:87:e1:c3:8f:92:
                    46:46:58:a6:5e:21:35:7a:a5:b8:a0:c8:ca:81:5d:
                    d9:5b:0b:e9:55:0b:5f:42:b9:bb:85:62:a4:00:4d:
                    cd:a1:9b:e3:04:e4:45:1a:83:43:da:9e:ad:d9:e7:
                    eb:6e:72:f1:17:49:e6:30:30:67:e7:d4:3a:01:aa:
                    b3:ac:b9:d7:aa:da:29:57:43:b1:a6:f8:48:a7:cd:
                    cd:57:6e:02:5b:33:71:53:be:e6:0a:cd:68:87:7d:
                    95:dc:57:ea:1d:54:9e:d5:35:54:a9:9c:2c:6c:2a:
                    64:a0:3a:6d:36:9e:cc:94:9c:bb:36:ac:6b:2b:32:
                    57:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:11:1B:3E:73:E4:95:67:EC:66:A8:E6:45:3A:0E:57:EE:D6:AA:2E
            X509v3 Authority Key Identifier:
                keyid:B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:f7:21:4e:2f:b3:11:c9:4f:9f:09:d3:3e:03:f2:97:da:52:
         be:1c:7e:25:52:1d:eb:4b:73:d6:ce:bb:26:92:3a:ff:e9:41:
         e1:dd:82:bd:d4:9d:4d:11:8a:0d:9b:a5:a1:ac:d0:40:eb:8f:
         c2:76:f7:76:cd:98:04:dd:e4:81:a9:65:ab:a1:b8:96:4c:8a:
         92:ca:75:af:e0:88:e3:cd:aa:df:86:bc:d5:8b:9c:fb:af:b3:
         51:7f:1a:43:cb:8e:a5:50:a1:bb:65:c6:99:f5:37:23:bc:26:
         6c:da:2b:61:78:6c:c4:2f:2e:ef:9b:17:24:86:b7:4b:d7:18:
         e0:df:90:c9:74:9f:a5:92:12:e9:69:0c:a3:4c:51:c6:85:89:
         24:ed:48:a5:60:b6:f4:eb:4f:33:8a:8a:42:66:dd:f4:56:99:
         9c:a9:75:d9:3b:c5:92:6e:85:1f:ae:22:e5:85:bd:45:23:43:
         4d:d6:ba:01:cd:7a:d0:8e:94:77:bd:16:ac:14:88:01:9c:d6:
         73:48:b3:1e:35:ad:47:3b:c7:55:43:e5:0d:55:7b:c1:3d:41:
         9b:91:0b:21:29:bd:f0:c8:81:cf:af:bb:61:cf:66:66:97:bc:
         50:04:30:b6:24:ee:69:50:1b:26:ef:43:cd:50:f7:c9:b3:62:
         31:3c:f4:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ9xZAd4c+y6gaJtr9005vcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3N2YxMWVlZDRlNzljODVjY2M1NjJkZjNkMWYyODNlMzM5
ZGEyZWQwHhcNMjUwNDI4MTkwMDIxWhcNMjUwNDI5MTkwMDIxWjAzMTEwLwYDVQQD
EyhmYjExMWIzZTczZTQ5NTY3ZWM2NmE4ZTY0NTNhMGU1N2VlZDZhYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueuV2A+irxKadE5cR90VYaiYgJdj
79NgnDe/npQuY0NtA0RQxvzIN9yJbBjOj12sjRfQzIUZlzDWMxv5ruxIapvb9K0f
OsEO3mCfOUlHaaTiYBzxHtn2jrONhJL2VwaVvFqxUcMxkNOZirSHXaUg2w7Nn1lt
UME+I1W+sRD6I5C/h+HDj5JGRlimXiE1eqW4oMjKgV3ZWwvpVQtfQrm7hWKkAE3N
oZvjBORFGoND2p6t2efrbnLxF0nmMDBn59Q6AaqzrLnXqtopV0OxpvhIp83NV24C
WzNxU77mCs1oh32V3FfqHVSe1TVUqZwsbCpkoDptNp7MlJy7NqxrKzJXtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPsRGz5z5JVn7Gao5kU6Dlfu1qouMB8GA1UdIwQY
MBaAFLd/Ee7U55yFzMVi3z0fKD4znaLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzkt
MGM3NzU1OWQ5ZGIwLzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzktMGM3NzU1OWQ5ZGIw
LzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAPchTi+z
EclPnwnTPgPyl9pSvhx+JVId60tz1s67JpI6/+lB4d2CvdSdTRGKDZuloazQQOuP
wnb3ds2YBN3kgallq6G4lkyKksp1r+CI482q34a81Yuc+6+zUX8aQ8uOpVChu2XG
mfU3I7wmbNorYXhsxC8u75sXJIa3S9cY4N+QyXSfpZIS6WkMo0xRxoWJJO1IpWC2
9OtPM4qKQmbd9FaZnKl12TvFkm6FH64i5YW9RSNDTda6Ac160I6Ud70WrBSIAZzW
c0izHjWtRzvHVUPlDVV7wT1Bm5ELISm98MiBz6+7Yc9mZpe8UAQwtiTuaVAbJu9D
zVD3ybNiMTz0DA==
-----END CERTIFICATE-----