Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a88dca-290f-4656-afc5-339b4c36bfea/1/F1yfOANJZKGpKvgMdo-D0IVAeT4.mft
File:                     F1yfOANJZKGpKvgMdo-D0IVAeT4.mft (raw, json)
Hash identifier:          aPOSxJHZZGUD89KdnY/3UTj0ovTrkEemLTgbs6s3+Fc=
Subject key identifier:   98:64:05:42:28:BE:73:36:74:1B:71:4B:73:55:5E:64:1B:C2:7D:CF
Authority key identifier: 17:5C:9F:38:03:49:64:A1:A9:2A:F8:0C:76:8F:83:D0:85:40:79:3E
Certificate issuer:       /CN=175c9f38034964a1a92af80c768f83d08540793e
Certificate serial:       01967E33A16F4151BF3C8625CEA7A01499B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F1yfOANJZKGpKvgMdo-D0IVAeT4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/a88dca-290f-4656-afc5-339b4c36bfea/1/F1yfOANJZKGpKvgMdo-D0IVAeT4.mft
Manifest number:          14A2
Signing time:             Mon 28 Apr 2025 21:00:34 +0000
Manifest this update:     Mon 28 Apr 2025 21:00:34 +0000
Manifest next update:     Tue 29 Apr 2025 21:00:34 +0000
Files and hashes:         1: F1yfOANJZKGpKvgMdo-D0IVAeT4.crl (hash: 69cKt9pgvdZD0e1OvTfqci0h2uqZRns4kungHRCj2wo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/81/a88dca-290f-4656-afc5-339b4c36bfea/1/F1yfOANJZKGpKvgMdo-D0IVAeT4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/81/a88dca-290f-4656-afc5-339b4c36bfea/1/F1yfOANJZKGpKvgMdo-D0IVAeT4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/F1yfOANJZKGpKvgMdo-D0IVAeT4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 21:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7e:33:a1:6f:41:51:bf:3c:86:25:ce:a7:a0:14:99:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=175c9f38034964a1a92af80c768f83d08540793e
        Validity
            Not Before: Apr 28 21:00:34 2025 GMT
            Not After : Apr 29 21:00:34 2025 GMT
        Subject: CN=9864054228be7336741b714b73555e641bc27dcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:fc:66:99:9c:78:7c:fb:9a:1a:03:ce:1d:a7:
                    f6:36:c9:91:e7:1b:ce:5a:07:81:b1:92:a0:96:16:
                    ae:cf:82:95:05:04:e9:be:1f:08:1f:bf:61:35:9f:
                    13:b3:9f:26:f3:a2:47:e1:5a:6f:be:53:2e:c9:ed:
                    bd:f4:06:53:d4:af:5b:b2:40:2f:b0:77:4c:e6:95:
                    e0:1b:1e:e4:2c:21:79:e9:23:95:40:a1:5c:2b:eb:
                    64:3a:fa:ab:ac:f3:1c:d1:d5:51:d8:83:0b:6d:57:
                    e2:52:79:95:78:6e:df:c5:be:74:97:df:0d:c9:06:
                    31:e5:61:ac:04:44:61:92:ae:f7:f1:d4:a1:df:ea:
                    27:3b:5c:11:33:1b:44:9a:b4:f3:79:c4:0f:7a:7e:
                    50:c7:b3:5a:b6:f8:6e:db:fb:a6:6a:f2:dc:3d:af:
                    f4:e4:a5:cf:5b:34:f6:20:1e:97:6b:0e:e7:fe:95:
                    dc:ff:cb:1a:90:31:fc:6a:90:f0:55:10:7f:96:41:
                    00:b1:c0:4e:55:8b:91:0a:8d:00:27:ef:83:66:0d:
                    6b:95:44:9f:46:4b:67:74:e7:b1:73:9f:50:9f:58:
                    d4:62:37:e0:fa:59:1f:b2:b4:02:b3:7b:2f:03:89:
                    30:f4:fb:86:fb:c8:7b:99:f4:38:cb:75:0c:ea:3a:
                    4e:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:64:05:42:28:BE:73:36:74:1B:71:4B:73:55:5E:64:1B:C2:7D:CF
            X509v3 Authority Key Identifier:
                keyid:17:5C:9F:38:03:49:64:A1:A9:2A:F8:0C:76:8F:83:D0:85:40:79:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1yfOANJZKGpKvgMdo-D0IVAeT4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a88dca-290f-4656-afc5-339b4c36bfea/1/F1yfOANJZKGpKvgMdo-D0IVAeT4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a88dca-290f-4656-afc5-339b4c36bfea/1/F1yfOANJZKGpKvgMdo-D0IVAeT4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:78:c4:92:93:ec:1d:8c:84:cd:ca:8a:4b:ee:75:22:b9:35:
         69:8a:02:06:31:b5:06:36:c6:f9:c4:3d:5e:b1:fb:ba:c9:0a:
         10:54:c3:54:b5:df:84:43:a2:ce:3f:64:1c:ae:37:ee:54:e5:
         36:fa:97:5d:f1:f9:75:60:0f:e1:56:e2:c7:b0:db:51:52:b3:
         00:3f:92:96:9d:bb:c2:a0:c6:58:f3:c1:1c:f2:8b:92:24:ed:
         74:63:e6:08:7d:57:97:0f:18:5e:f7:af:c7:c6:e5:f2:1c:dd:
         13:c2:dc:46:36:83:cc:9e:54:f3:ff:fe:ce:bd:39:07:b2:03:
         ee:c5:ae:14:43:a8:58:84:f9:d0:41:6d:62:db:16:87:a6:61:
         67:84:76:29:bf:c0:32:f8:09:b9:f2:5e:9b:4d:36:9c:97:a0:
         0b:38:fd:7d:52:de:3d:58:b5:25:b4:3f:a9:a8:52:27:2a:28:
         fd:3d:f3:9f:1f:34:62:40:04:94:fe:eb:ed:ac:0a:a8:38:66:
         78:7e:74:3c:25:be:87:78:84:ed:df:3d:da:85:7b:31:15:b1:
         80:66:ac:81:31:ac:02:73:d1:61:8c:66:30:5b:e2:b9:d3:1e:
         fa:8c:0b:56:6a:ea:e4:6f:95:ba:a8:22:b0:6d:28:1e:c1:2c:
         36:b1:59:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+M6FvQVG/PIYlzqegFJm3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NWM5ZjM4MDM0OTY0YTFhOTJhZjgwYzc2OGY4M2QwODU0
MDc5M2UwHhcNMjUwNDI4MjEwMDM0WhcNMjUwNDI5MjEwMDM0WjAzMTEwLwYDVQQD
Eyg5ODY0MDU0MjI4YmU3MzM2NzQxYjcxNGI3MzU1NWU2NDFiYzI3ZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7fxmmZx4fPuaGgPOHaf2NsmR5xvO
WgeBsZKglhauz4KVBQTpvh8IH79hNZ8Ts58m86JH4VpvvlMuye299AZT1K9bskAv
sHdM5pXgGx7kLCF56SOVQKFcK+tkOvqrrPMc0dVR2IMLbVfiUnmVeG7fxb50l98N
yQYx5WGsBERhkq738dSh3+onO1wRMxtEmrTzecQPen5Qx7Natvhu2/umavLcPa/0
5KXPWzT2IB6Xaw7n/pXc/8sakDH8apDwVRB/lkEAscBOVYuRCo0AJ++DZg1rlUSf
RktndOexc59Qn1jUYjfg+lkfsrQCs3svA4kw9PuG+8h7mfQ4y3UM6jpO+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJhkBUIovnM2dBtxS3NVXmQbwn3PMB8GA1UdIwQY
MBaAFBdcnzgDSWShqSr4DHaPg9CFQHk+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjF5Zk9BTkpaS0dwS3ZnTWRvLUQwSVZBZVQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hODhkY2EtMjkwZi00NjU2LWFmYzUt
MzM5YjRjMzZiZmVhLzEvRjF5Zk9BTkpaS0dwS3ZnTWRvLUQwSVZBZVQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9hODhkY2EtMjkwZi00NjU2LWFmYzUtMzM5YjRjMzZiZmVh
LzEvRjF5Zk9BTkpaS0dwS3ZnTWRvLUQwSVZBZVQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIXjEkpPs
HYyEzcqKS+51Irk1aYoCBjG1BjbG+cQ9XrH7uskKEFTDVLXfhEOizj9kHK437lTl
NvqXXfH5dWAP4Vbix7DbUVKzAD+Slp27wqDGWPPBHPKLkiTtdGPmCH1Xlw8YXvev
x8bl8hzdE8LcRjaDzJ5U8//+zr05B7ID7sWuFEOoWIT50EFtYtsWh6ZhZ4R2Kb/A
MvgJufJem002nJegCzj9fVLePVi1JbQ/qahSJyoo/T3znx80YkAElP7r7awKqDhm
eH50PCW+h3iE7d892oV7MRWxgGasgTGsAnPRYYxmMFviudMe+owLVmrq5G+Vuqgi
sG0oHsEsNrFZXA==
-----END CERTIFICATE-----