Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/bf9999-2341-4acf-84e9-b8866e941963/1/frYDcECoYM2RunejcY7VgMrfXdg.mft
File:                     frYDcECoYM2RunejcY7VgMrfXdg.mft (raw, json)
Hash identifier:          D41ZvdRMZCZKIzNc/2LIAYqdXyc1+zVJKKSdWYAPuVs=
Subject key identifier:   EB:F1:04:76:92:D4:93:25:90:06:02:BA:A7:4C:36:DA:29:42:11:AC
Authority key identifier: 7E:B6:03:70:40:A8:60:CD:91:BA:77:A3:71:8E:D5:80:CA:DF:5D:D8
Certificate issuer:       /CN=7eb6037040a860cd91ba77a3718ed580cadf5dd8
Certificate serial:       01968A383C211E8DAF5E08A1B25AF0899551
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/frYDcECoYM2RunejcY7VgMrfXdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/bf9999-2341-4acf-84e9-b8866e941963/1/frYDcECoYM2RunejcY7VgMrfXdg.mft
Manifest number:          04FB
Signing time:             Thu 01 May 2025 05:01:03 +0000
Manifest this update:     Thu 01 May 2025 05:01:03 +0000
Manifest next update:     Fri 02 May 2025 05:01:03 +0000
Files and hashes:         1: frYDcECoYM2RunejcY7VgMrfXdg.crl (hash: eWfv7x5hWQOYgZ5oPjuqv0rWAvcW2TWRAsWJV+M7nHw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/bf9999-2341-4acf-84e9-b8866e941963/1/frYDcECoYM2RunejcY7VgMrfXdg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/bf9999-2341-4acf-84e9-b8866e941963/1/frYDcECoYM2RunejcY7VgMrfXdg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/frYDcECoYM2RunejcY7VgMrfXdg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 05:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8a:38:3c:21:1e:8d:af:5e:08:a1:b2:5a:f0:89:95:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7eb6037040a860cd91ba77a3718ed580cadf5dd8
        Validity
            Not Before: May  1 05:01:03 2025 GMT
            Not After : May  2 05:01:03 2025 GMT
        Subject: CN=ebf1047692d49325900602baa74c36da294211ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:88:7e:8b:85:5e:d3:2d:40:69:17:9e:59:ca:
                    8a:75:c8:6e:55:5a:81:dc:e7:9d:91:63:4e:39:33:
                    4f:fe:10:95:ee:bc:db:a3:43:c7:40:13:02:f4:49:
                    b2:3d:75:9d:01:f9:3b:ff:0e:2c:8c:c9:9e:ed:03:
                    63:d2:0b:f4:60:f8:fa:22:55:79:85:3a:a7:0f:63:
                    28:79:5d:13:3c:86:fb:a8:ae:62:e1:6d:e1:34:1d:
                    54:49:e1:a9:29:a4:af:ab:d4:e6:01:c5:0c:d7:1b:
                    3a:72:83:bf:45:ec:05:6b:a9:9d:33:9f:87:6a:ab:
                    0a:80:24:dc:26:79:ac:fa:f1:08:5d:dd:05:41:43:
                    ab:65:43:3b:c7:c1:3a:0a:12:c1:bb:c0:05:a1:00:
                    6b:6d:58:6c:0b:a0:05:0d:25:12:fd:87:ca:8f:03:
                    db:c3:cc:b1:bf:be:c1:de:1a:02:7c:4f:fd:89:10:
                    ff:58:d4:3f:03:70:ca:67:61:71:01:c2:c1:bf:52:
                    0b:1b:f7:66:d7:ed:3a:8e:87:36:d6:2d:21:92:12:
                    2a:c4:78:8c:dd:31:07:21:2d:72:25:bc:85:8d:da:
                    19:47:7d:53:a7:60:92:03:89:0a:97:c4:78:f5:67:
                    2c:58:91:af:31:e5:e5:f2:a7:3a:d3:e9:09:96:dc:
                    f3:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:F1:04:76:92:D4:93:25:90:06:02:BA:A7:4C:36:DA:29:42:11:AC
            X509v3 Authority Key Identifier:
                keyid:7E:B6:03:70:40:A8:60:CD:91:BA:77:A3:71:8E:D5:80:CA:DF:5D:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/frYDcECoYM2RunejcY7VgMrfXdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/bf9999-2341-4acf-84e9-b8866e941963/1/frYDcECoYM2RunejcY7VgMrfXdg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/bf9999-2341-4acf-84e9-b8866e941963/1/frYDcECoYM2RunejcY7VgMrfXdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:44:5f:74:41:90:4c:03:f9:2a:24:84:96:af:bf:a6:58:b1:
         c3:6b:f5:e4:bb:56:72:2b:b7:6c:0f:75:f1:ff:f3:69:c9:3b:
         51:5f:9c:71:40:22:16:8b:15:11:0c:fd:c9:2f:22:ae:a4:72:
         e7:31:87:e4:46:b0:96:1c:6e:0f:21:8d:13:6e:06:2d:ff:47:
         43:24:4e:18:e1:65:36:a1:ef:79:8a:8a:b2:15:f4:46:f2:59:
         11:96:ce:b4:a8:ce:c2:3b:91:0f:58:46:8a:03:75:10:64:31:
         2a:04:d1:a4:44:3b:9a:00:f2:a0:58:c6:cf:62:b2:21:24:6f:
         14:f9:33:c4:2b:fd:00:b6:ee:eb:9f:bc:89:de:83:ee:66:e1:
         40:1e:ae:e6:42:73:f8:97:24:03:41:db:c9:c8:eb:ef:8c:7d:
         4a:55:7f:14:b8:9e:7e:8d:7b:80:65:1b:c9:91:7b:0f:6c:fa:
         35:e8:a3:c7:c4:d2:cc:72:0e:57:f2:d3:24:18:92:69:9d:92:
         1c:ef:57:78:54:ff:7d:aa:a4:ad:4e:bc:4d:fa:7d:31:33:e2:
         a4:0b:cd:80:8a:30:2f:41:2b:81:60:7b:45:20:95:92:7b:f8:
         14:05:14:6c:d7:4d:02:93:33:22:0b:53:99:e7:99:ac:cf:33:
         3a:c8:56:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaKODwhHo2vXgihslrwiZVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlYjYwMzcwNDBhODYwY2Q5MWJhNzdhMzcxOGVkNTgwY2Fk
ZjVkZDgwHhcNMjUwNTAxMDUwMTAzWhcNMjUwNTAyMDUwMTAzWjAzMTEwLwYDVQQD
EyhlYmYxMDQ3NjkyZDQ5MzI1OTAwNjAyYmFhNzRjMzZkYTI5NDIxMWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Ih+i4Ve0y1AaReeWcqKdchuVVqB
3OedkWNOOTNP/hCV7rzbo0PHQBMC9EmyPXWdAfk7/w4sjMme7QNj0gv0YPj6IlV5
hTqnD2MoeV0TPIb7qK5i4W3hNB1USeGpKaSvq9TmAcUM1xs6coO/RewFa6mdM5+H
aqsKgCTcJnms+vEIXd0FQUOrZUM7x8E6ChLBu8AFoQBrbVhsC6AFDSUS/YfKjwPb
w8yxv77B3hoCfE/9iRD/WNQ/A3DKZ2FxAcLBv1ILG/dm1+06joc21i0hkhIqxHiM
3TEHIS1yJbyFjdoZR31Tp2CSA4kKl8R49WcsWJGvMeXl8qc60+kJltzzLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOvxBHaS1JMlkAYCuqdMNtopQhGsMB8GA1UdIwQY
MBaAFH62A3BAqGDNkbp3o3GO1YDK313YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnJZRGNFQ29ZTTJSdW5lamNZN1ZnTXJmWGRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9iZjk5OTktMjM0MS00YWNmLTg0ZTkt
Yjg4NjZlOTQxOTYzLzEvZnJZRGNFQ29ZTTJSdW5lamNZN1ZnTXJmWGRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9iZjk5OTktMjM0MS00YWNmLTg0ZTktYjg4NjZlOTQxOTYz
LzEvZnJZRGNFQ29ZTTJSdW5lamNZN1ZnTXJmWGRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMkRfdEGQ
TAP5KiSElq+/plixw2v15LtWciu3bA918f/zack7UV+ccUAiFosVEQz9yS8irqRy
5zGH5EawlhxuDyGNE24GLf9HQyROGOFlNqHveYqKshX0RvJZEZbOtKjOwjuRD1hG
igN1EGQxKgTRpEQ7mgDyoFjGz2KyISRvFPkzxCv9ALbu65+8id6D7mbhQB6u5kJz
+JckA0Hbycjr74x9SlV/FLiefo17gGUbyZF7D2z6Neijx8TSzHIOV/LTJBiSaZ2S
HO9XeFT/faqkrU68Tfp9MTPipAvNgIowL0ErgWB7RSCVknv4FAUUbNdNApMzIgtT
meeZrM8zOshW7Q==
-----END CERTIFICATE-----