Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
File:                     PO7GxHlRspnHCAZYPXkdUM2BbF8.mft (raw, json)
Hash identifier:          jxCGaEKJtPX1jXdZULPZ66CGNmM7sBB1cCBbFTjmDZ4=
Subject key identifier:   9C:C6:48:57:78:66:02:47:8E:5F:F9:F2:E9:B1:E1:9D:F3:84:9B:1E
Authority key identifier: 3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F
Certificate issuer:       /CN=3ceec6c47951b299c70806583d791d50cd816c5f
Certificate serial:       0196816B4B64DB1D6C0BA605523E62793DB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
Manifest number:          0164
Signing time:             Tue 29 Apr 2025 12:00:14 +0000
Manifest this update:     Tue 29 Apr 2025 12:00:14 +0000
Manifest next update:     Wed 30 Apr 2025 12:00:14 +0000
Files and hashes:         1: PO7GxHlRspnHCAZYPXkdUM2BbF8.crl (hash: 79ShQPtjMYXDGKD1O1CjgWd81DPM50riVwNHNYehmxQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 09:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:81:6b:4b:64:db:1d:6c:0b:a6:05:52:3e:62:79:3d:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ceec6c47951b299c70806583d791d50cd816c5f
        Validity
            Not Before: Apr 29 12:00:14 2025 GMT
            Not After : Apr 30 12:00:14 2025 GMT
        Subject: CN=9cc64857786602478e5ff9f2e9b1e19df3849b1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:bf:bd:5f:93:fd:e6:e9:fb:cf:44:94:ca:c0:
                    6f:40:35:68:4f:91:57:c1:28:69:55:1e:64:05:81:
                    d1:53:4c:53:76:56:6f:45:e0:eb:13:b2:87:80:b7:
                    72:bf:d2:1a:bf:b2:ed:e2:3c:e7:00:3a:87:80:6d:
                    78:de:a3:2e:50:c8:d0:d0:80:44:c9:67:f6:d4:12:
                    35:2f:46:c3:86:fc:64:02:72:23:c7:93:ec:37:42:
                    ec:4a:da:3d:05:e9:93:ef:a7:3b:31:ae:c5:6f:21:
                    36:97:70:8c:1f:8b:63:19:b6:3d:93:89:94:91:41:
                    c9:83:63:e4:7e:cc:64:bc:22:b5:05:2b:dd:b4:78:
                    bd:e3:45:21:d3:33:2e:20:49:21:a1:4f:0e:1a:79:
                    5f:1b:e6:0d:10:8e:f8:2d:ef:b2:66:9b:c9:7c:74:
                    16:a0:3f:8f:ea:c3:93:39:77:b7:ca:de:30:b7:b6:
                    6d:c6:25:c8:3c:d4:93:4b:12:f4:ba:ab:10:9e:72:
                    c2:77:2a:67:94:13:aa:c4:b9:0a:0b:4d:f3:cc:24:
                    3e:ef:3e:78:8f:08:c1:de:a8:6c:85:2d:ca:75:cd:
                    16:be:9c:f6:c3:35:cc:39:e6:c3:5d:2d:97:b3:b2:
                    8e:22:9e:e1:f6:9a:02:24:96:46:7f:58:f2:7a:96:
                    0d:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:C6:48:57:78:66:02:47:8E:5F:F9:F2:E9:B1:E1:9D:F3:84:9B:1E
            X509v3 Authority Key Identifier:
                keyid:3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:2b:61:f3:fd:42:6c:84:d7:58:f9:6f:5c:03:52:14:73:7d:
         c2:6c:b0:02:1a:06:ef:c9:c9:5e:a6:6c:4f:44:68:73:78:ca:
         b2:41:73:b5:b8:6f:dc:d5:94:d7:24:43:97:b5:c8:41:5b:5f:
         da:5c:b6:17:76:de:ba:c2:bc:28:b0:f3:5b:59:87:09:3d:46:
         bc:fe:b8:3c:43:0f:cf:24:9d:70:a5:8b:c4:c5:29:cb:4a:07:
         f0:74:bd:8a:58:fc:3d:f1:a9:da:48:77:73:a9:5b:3f:d1:69:
         a8:46:41:b1:f8:9e:6d:d4:fe:72:04:69:a9:c8:a9:83:a7:76:
         b1:0a:9d:e6:31:a2:d3:cd:2c:05:e7:1f:68:e4:52:e2:bc:76:
         0f:b2:a3:18:d0:fb:27:72:61:4c:db:16:39:3e:ce:9a:79:78:
         52:2e:a2:a5:61:05:43:66:1f:56:9c:c1:86:73:dc:44:06:83:
         f3:c2:e7:c0:cb:87:bf:fe:dc:2a:60:8c:35:b2:9a:8b:2b:53:
         6f:e3:3b:e0:21:d4:94:78:0b:67:b2:9e:a1:21:99:b8:81:13:
         65:5a:23:9b:e7:e4:1c:3b:8e:1f:18:d1:26:2e:56:c2:29:30:
         69:f3:ab:ec:4b:48:7d:73:a7:0d:bf:95:b7:f3:dc:ee:e1:ad:
         bf:a1:2a:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaBa0tk2x1sC6YFUj5ieT2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZWVjNmM0Nzk1MWIyOTljNzA4MDY1ODNkNzkxZDUwY2Q4
MTZjNWYwHhcNMjUwNDI5MTIwMDE0WhcNMjUwNDMwMTIwMDE0WjAzMTEwLwYDVQQD
Eyg5Y2M2NDg1Nzc4NjYwMjQ3OGU1ZmY5ZjJlOWIxZTE5ZGYzODQ5YjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkr+9X5P95un7z0SUysBvQDVoT5FX
wShpVR5kBYHRU0xTdlZvReDrE7KHgLdyv9Iav7Lt4jznADqHgG143qMuUMjQ0IBE
yWf21BI1L0bDhvxkAnIjx5PsN0LsSto9BemT76c7Ma7FbyE2l3CMH4tjGbY9k4mU
kUHJg2PkfsxkvCK1BSvdtHi940Uh0zMuIEkhoU8OGnlfG+YNEI74Le+yZpvJfHQW
oD+P6sOTOXe3yt4wt7ZtxiXIPNSTSxL0uqsQnnLCdypnlBOqxLkKC03zzCQ+7z54
jwjB3qhshS3Kdc0Wvpz2wzXMOebDXS2Xs7KOIp7h9poCJJZGf1jyepYNdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJzGSFd4ZgJHjl/58umx4Z3zhJseMB8GA1UdIwQY
MBaAFDzuxsR5UbKZxwgGWD15HVDNgWxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2It
YTcyZWFkMjk1MzI1LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2ItYTcyZWFkMjk1MzI1
LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQCth8/1C
bITXWPlvXANSFHN9wmywAhoG78nJXqZsT0Roc3jKskFztbhv3NWU1yRDl7XIQVtf
2ly2F3beusK8KLDzW1mHCT1GvP64PEMPzySdcKWLxMUpy0oH8HS9ilj8PfGp2kh3
c6lbP9FpqEZBsfiebdT+cgRpqcipg6d2sQqd5jGi080sBecfaORS4rx2D7KjGND7
J3JhTNsWOT7Omnl4Ui6ipWEFQ2YfVpzBhnPcRAaD88LnwMuHv/7cKmCMNbKaiytT
b+M74CHUlHgLZ7KeoSGZuIETZVojm+fkHDuOHxjRJi5WwikwafOr7EtIfXOnDb+V
t/Pc7uGtv6EqMA==
-----END CERTIFICATE-----