Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f01712-72bb-4088-8b61-7fe20f2efed4/1/tpqu8c6hny-Sb1cJYVRc_k7WmvY.mft
File:                     tpqu8c6hny-Sb1cJYVRc_k7WmvY.mft (raw, json)
Hash identifier:          QFMBb/7/PQi60AB7Uo/Cwj+Xr31Hu5CtW8P9rxznTxY=
Subject key identifier:   4E:9D:6C:AE:F2:5E:44:4B:AF:5D:E9:A0:19:B0:7D:32:9E:3A:03:65
Authority key identifier: B6:9A:AE:F1:CE:A1:9F:2F:92:6F:57:09:61:54:5C:FE:4E:D6:9A:F6
Certificate issuer:       /CN=b69aaef1cea19f2f926f570961545cfe4ed69af6
Certificate serial:       01968F272414B554C23C1600AC26472FB428
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tpqu8c6hny-Sb1cJYVRc_k7WmvY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/f01712-72bb-4088-8b61-7fe20f2efed4/1/tpqu8c6hny-Sb1cJYVRc_k7WmvY.mft
Manifest number:          04BB
Signing time:             Fri 02 May 2025 04:00:29 +0000
Manifest this update:     Fri 02 May 2025 04:00:29 +0000
Manifest next update:     Sat 03 May 2025 04:00:29 +0000
Files and hashes:         1: tpqu8c6hny-Sb1cJYVRc_k7WmvY.crl (hash: F7qLxfV9WfwDqkf82sWde5yV5gpYNFbJ2/hlgPwzySs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/f01712-72bb-4088-8b61-7fe20f2efed4/1/tpqu8c6hny-Sb1cJYVRc_k7WmvY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/f01712-72bb-4088-8b61-7fe20f2efed4/1/tpqu8c6hny-Sb1cJYVRc_k7WmvY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tpqu8c6hny-Sb1cJYVRc_k7WmvY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 04:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8f:27:24:14:b5:54:c2:3c:16:00:ac:26:47:2f:b4:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b69aaef1cea19f2f926f570961545cfe4ed69af6
        Validity
            Not Before: May  2 04:00:29 2025 GMT
            Not After : May  3 04:00:29 2025 GMT
        Subject: CN=4e9d6caef25e444baf5de9a019b07d329e3a0365
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:96:56:3e:b3:b4:62:eb:17:6f:24:ba:01:73:
                    30:28:ff:a2:75:a7:74:20:56:7a:f4:6d:a0:23:c2:
                    e7:94:c7:bc:30:22:04:a7:33:0a:98:bc:95:60:4b:
                    e5:0f:2b:36:19:0f:04:a1:bf:9a:97:75:e2:5f:07:
                    a1:ee:7c:2f:e0:b0:4f:d5:8f:0b:c7:d7:e5:53:ea:
                    61:83:be:48:25:1f:ad:58:39:a0:89:7d:17:f4:99:
                    d9:51:44:b2:ad:69:e1:23:b7:de:6c:62:6a:41:12:
                    da:07:6e:c6:cf:17:4c:05:27:5c:3a:e9:c3:1d:2a:
                    ff:86:26:1f:75:f0:47:f9:35:a6:56:55:fd:71:42:
                    f1:c2:cd:f3:80:c7:06:17:85:9e:cc:f3:37:86:89:
                    c1:45:88:4a:c1:65:9c:22:d9:3c:13:6d:f6:b5:29:
                    c0:a0:d5:77:40:de:e7:e4:c2:83:60:f3:af:7f:8b:
                    09:a7:02:f7:66:0f:73:6f:eb:ea:11:be:cc:29:18:
                    3e:c2:df:52:95:6d:ec:6c:42:15:30:1e:71:7d:ac:
                    83:78:85:fc:bc:33:3e:51:3e:c3:b3:5d:cb:4f:f5:
                    cd:0a:60:c0:85:9e:96:69:2e:0c:70:ce:1c:cf:38:
                    8d:e5:97:e8:2f:b3:e8:91:10:16:e6:0c:3a:d6:e1:
                    b7:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:9D:6C:AE:F2:5E:44:4B:AF:5D:E9:A0:19:B0:7D:32:9E:3A:03:65
            X509v3 Authority Key Identifier:
                keyid:B6:9A:AE:F1:CE:A1:9F:2F:92:6F:57:09:61:54:5C:FE:4E:D6:9A:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tpqu8c6hny-Sb1cJYVRc_k7WmvY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f01712-72bb-4088-8b61-7fe20f2efed4/1/tpqu8c6hny-Sb1cJYVRc_k7WmvY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f01712-72bb-4088-8b61-7fe20f2efed4/1/tpqu8c6hny-Sb1cJYVRc_k7WmvY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:fc:c9:dc:93:57:71:cb:82:b2:dd:31:a9:c7:8c:30:8f:85:
         cd:ab:c6:7f:3e:64:6a:7a:d2:ba:b8:2e:b7:7a:53:00:78:eb:
         86:dd:d9:96:41:ce:37:dd:ec:d8:04:f0:5e:00:2e:39:37:f1:
         00:23:a9:18:cb:4d:e1:67:19:df:0c:17:79:02:5d:35:ff:62:
         34:5a:73:ca:28:09:9a:6f:c3:93:1e:01:53:bd:c9:8a:b3:d7:
         d4:4f:0e:30:c3:e8:a2:68:26:9e:99:d1:95:7b:50:f9:ed:0d:
         cb:b3:f5:f0:5b:fc:ea:d7:c6:cd:08:93:44:d3:a5:3f:31:02:
         1e:33:c8:86:c8:05:40:50:12:a4:48:88:ce:2e:f6:db:33:31:
         41:8c:95:c9:a1:32:83:d3:fa:77:3c:85:fe:64:bc:ab:64:6e:
         dd:63:8f:4b:32:43:a8:45:33:8a:88:56:3f:12:f8:2f:29:85:
         52:5c:1c:7e:b9:32:d9:34:49:af:c4:1b:cb:a2:77:34:5e:e7:
         db:7b:f1:1e:4e:88:5a:eb:29:92:2b:31:27:a1:72:2b:9a:56:
         3b:e2:11:8f:e4:9a:48:67:a1:a7:2e:81:e5:fc:ad:b8:95:48:
         e1:6b:f8:54:33:ab:86:09:80:2c:92:4f:27:b6:bc:04:3e:da:
         c5:8c:da:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaPJyQUtVTCPBYArCZHL7QoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2OWFhZWYxY2VhMTlmMmY5MjZmNTcwOTYxNTQ1Y2ZlNGVk
NjlhZjYwHhcNMjUwNTAyMDQwMDI5WhcNMjUwNTAzMDQwMDI5WjAzMTEwLwYDVQQD
Eyg0ZTlkNmNhZWYyNWU0NDRiYWY1ZGU5YTAxOWIwN2QzMjllM2EwMzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ZZWPrO0YusXbyS6AXMwKP+idad0
IFZ69G2gI8LnlMe8MCIEpzMKmLyVYEvlDys2GQ8Eob+al3XiXweh7nwv4LBP1Y8L
x9flU+phg75IJR+tWDmgiX0X9JnZUUSyrWnhI7febGJqQRLaB27GzxdMBSdcOunD
HSr/hiYfdfBH+TWmVlX9cULxws3zgMcGF4WezPM3honBRYhKwWWcItk8E232tSnA
oNV3QN7n5MKDYPOvf4sJpwL3Zg9zb+vqEb7MKRg+wt9SlW3sbEIVMB5xfayDeIX8
vDM+UT7Ds13LT/XNCmDAhZ6WaS4McM4czziN5ZfoL7PokRAW5gw61uG3NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE6dbK7yXkRLr13poBmwfTKeOgNlMB8GA1UdIwQY
MBaAFLaarvHOoZ8vkm9XCWFUXP5O1pr2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHBxdThjNmhueS1TYjFjSllWUmNfazdXbXZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mMDE3MTItNzJiYi00MDg4LThiNjEt
N2ZlMjBmMmVmZWQ0LzEvdHBxdThjNmhueS1TYjFjSllWUmNfazdXbXZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mMDE3MTItNzJiYi00MDg4LThiNjEtN2ZlMjBmMmVmZWQ0
LzEvdHBxdThjNmhueS1TYjFjSllWUmNfazdXbXZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADPzJ3JNX
ccuCst0xqceMMI+FzavGfz5kanrSurgut3pTAHjrht3ZlkHON93s2ATwXgAuOTfx
ACOpGMtN4WcZ3wwXeQJdNf9iNFpzyigJmm/Dkx4BU73JirPX1E8OMMPoomgmnpnR
lXtQ+e0Ny7P18Fv86tfGzQiTRNOlPzECHjPIhsgFQFASpEiIzi722zMxQYyVyaEy
g9P6dzyF/mS8q2Ru3WOPSzJDqEUziohWPxL4LymFUlwcfrky2TRJr8Qby6J3NF7n
23vxHk6IWuspkisxJ6FyK5pWO+IRj+SaSGehpy6B5fytuJVI4Wv4VDOrhgmALJJP
J7a8BD7axYzafA==
-----END CERTIFICATE-----