Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e2b95d-0b26-402d-96ec-68691dabbdf3/1/fIIwKK7_xZmu_6XeW5DMrTNJfbk.mft
File:                     fIIwKK7_xZmu_6XeW5DMrTNJfbk.mft (raw, json)
Hash identifier:          wRDNdcswd7w9M7Hzd3KdEGYPPLYFaAvkJc+aSiIqBQA=
Subject key identifier:   29:07:AA:DB:3D:86:30:4E:C5:94:A7:FF:A9:96:BF:58:0D:50:DA:BE
Authority key identifier: 7C:82:30:28:AE:FF:C5:99:AE:FF:A5:DE:5B:90:CC:AD:33:49:7D:B9
Certificate issuer:       /CN=7c823028aeffc599aeffa5de5b90ccad33497db9
Certificate serial:       01967DC64F4CAADE97FAA586178E0987B581
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fIIwKK7_xZmu_6XeW5DMrTNJfbk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/e2b95d-0b26-402d-96ec-68691dabbdf3/1/fIIwKK7_xZmu_6XeW5DMrTNJfbk.mft
Manifest number:          04A2
Signing time:             Mon 28 Apr 2025 19:01:10 +0000
Manifest this update:     Mon 28 Apr 2025 19:01:10 +0000
Manifest next update:     Tue 29 Apr 2025 19:01:10 +0000
Files and hashes:         1: fIIwKK7_xZmu_6XeW5DMrTNJfbk.crl (hash: wqvEQRaJBl2jP0SN1pikgDpN+xCtn0CGPiYL2rIHLAY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/e2b95d-0b26-402d-96ec-68691dabbdf3/1/fIIwKK7_xZmu_6XeW5DMrTNJfbk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/e2b95d-0b26-402d-96ec-68691dabbdf3/1/fIIwKK7_xZmu_6XeW5DMrTNJfbk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fIIwKK7_xZmu_6XeW5DMrTNJfbk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 15:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7d:c6:4f:4c:aa:de:97:fa:a5:86:17:8e:09:87:b5:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c823028aeffc599aeffa5de5b90ccad33497db9
        Validity
            Not Before: Apr 28 19:01:10 2025 GMT
            Not After : Apr 29 19:01:10 2025 GMT
        Subject: CN=2907aadb3d86304ec594a7ffa996bf580d50dabe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:67:9e:f0:34:ae:f7:08:14:90:0c:17:03:af:
                    ce:71:b4:dd:0a:07:e1:aa:b3:1f:35:bb:54:f3:2a:
                    a0:57:75:8a:1b:f9:94:4b:5e:b7:78:20:ff:63:e3:
                    00:4d:b5:2e:0c:e7:db:da:c2:68:a4:d6:3c:86:c3:
                    b0:bc:66:53:95:7a:24:06:21:14:9f:3f:f9:db:d2:
                    0d:ae:9e:bf:89:25:c6:f4:2f:e6:9d:ae:95:84:37:
                    33:3f:92:80:42:8e:f7:51:4d:38:c5:be:b0:f9:90:
                    73:30:c7:c6:35:89:e8:94:f7:2a:29:7c:1b:5e:f8:
                    93:39:38:33:f6:c5:3c:9b:11:83:26:5e:24:63:51:
                    61:95:ff:e9:aa:70:fc:75:01:ee:5b:78:30:7e:e1:
                    99:fa:84:52:37:6e:dd:09:95:86:8a:1a:dc:2b:71:
                    d7:81:b8:6c:cd:12:85:46:ce:27:f3:e0:f5:45:8c:
                    64:62:01:78:6a:64:e5:60:1a:a5:75:d3:22:dd:f8:
                    8a:ad:f1:ff:1a:2f:2f:49:d8:cd:5a:2f:83:bb:58:
                    f4:88:00:28:60:a4:40:b4:05:96:3c:02:54:8e:e7:
                    bd:85:16:10:00:cd:8a:11:3e:25:5c:ed:33:47:e3:
                    ad:66:30:50:4e:2f:21:09:c9:2f:a3:2f:4e:5f:8a:
                    e3:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:07:AA:DB:3D:86:30:4E:C5:94:A7:FF:A9:96:BF:58:0D:50:DA:BE
            X509v3 Authority Key Identifier:
                keyid:7C:82:30:28:AE:FF:C5:99:AE:FF:A5:DE:5B:90:CC:AD:33:49:7D:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fIIwKK7_xZmu_6XeW5DMrTNJfbk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e2b95d-0b26-402d-96ec-68691dabbdf3/1/fIIwKK7_xZmu_6XeW5DMrTNJfbk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e2b95d-0b26-402d-96ec-68691dabbdf3/1/fIIwKK7_xZmu_6XeW5DMrTNJfbk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:76:f1:7f:63:df:14:c3:0f:5e:1f:ba:9c:a3:79:5f:e3:23:
         a2:2d:8c:bb:e3:a0:62:da:bc:0b:9d:d5:2d:e2:fc:3d:33:62:
         53:f9:b3:16:69:24:0e:13:7b:99:cc:94:65:86:0a:a3:e3:9b:
         a7:a5:82:d2:81:81:53:44:a6:dd:52:5f:0d:70:bc:fb:43:74:
         28:d6:90:4b:4b:35:f1:a6:9e:e0:f7:72:69:ce:da:0a:84:3f:
         8d:ca:13:19:a2:e9:75:d8:c8:d9:44:89:43:46:ca:76:2e:7e:
         3c:72:99:16:37:20:58:7b:46:81:87:3b:22:27:07:30:de:dd:
         39:ac:12:c8:bb:92:9e:a5:0a:40:f9:17:2c:23:ec:d3:02:29:
         fa:5a:e6:04:12:9e:bb:3a:3f:75:82:61:41:db:bf:fe:7f:25:
         33:77:29:d1:38:5c:33:34:11:05:0f:53:db:3b:1b:9a:f3:02:
         a9:8f:1a:0d:5e:39:f2:21:1b:00:33:9f:5a:90:2e:a6:81:e2:
         5c:87:05:7c:94:c4:7a:d5:6b:10:77:06:6d:95:ee:f4:6a:e8:
         ca:d9:15:f1:c1:7d:7c:69:a1:9e:43:8f:ee:d5:a5:97:de:ac:
         40:5d:28:bc:31:c2:45:28:82:09:22:e0:39:e3:09:4e:a4:38:
         ac:03:0a:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ9xk9Mqt6X+qWGF44Jh7WBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjODIzMDI4YWVmZmM1OTlhZWZmYTVkZTViOTBjY2FkMzM0
OTdkYjkwHhcNMjUwNDI4MTkwMTEwWhcNMjUwNDI5MTkwMTEwWjAzMTEwLwYDVQQD
EygyOTA3YWFkYjNkODYzMDRlYzU5NGE3ZmZhOTk2YmY1ODBkNTBkYWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWee8DSu9wgUkAwXA6/OcbTdCgfh
qrMfNbtU8yqgV3WKG/mUS163eCD/Y+MATbUuDOfb2sJopNY8hsOwvGZTlXokBiEU
nz/529INrp6/iSXG9C/mna6VhDczP5KAQo73UU04xb6w+ZBzMMfGNYnolPcqKXwb
XviTOTgz9sU8mxGDJl4kY1Fhlf/pqnD8dQHuW3gwfuGZ+oRSN27dCZWGihrcK3HX
gbhszRKFRs4n8+D1RYxkYgF4amTlYBqlddMi3fiKrfH/Gi8vSdjNWi+Du1j0iAAo
YKRAtAWWPAJUjue9hRYQAM2KET4lXO0zR+OtZjBQTi8hCckvoy9OX4rjhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCkHqts9hjBOxZSn/6mWv1gNUNq+MB8GA1UdIwQY
MBaAFHyCMCiu/8WZrv+l3luQzK0zSX25MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZklJd0tLN194Wm11XzZYZVc1RE1yVE5KZmJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lMmI5NWQtMGIyNi00MDJkLTk2ZWMt
Njg2OTFkYWJiZGYzLzEvZklJd0tLN194Wm11XzZYZVc1RE1yVE5KZmJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lMmI5NWQtMGIyNi00MDJkLTk2ZWMtNjg2OTFkYWJiZGYz
LzEvZklJd0tLN194Wm11XzZYZVc1RE1yVE5KZmJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ3bxf2Pf
FMMPXh+6nKN5X+Mjoi2Mu+OgYtq8C53VLeL8PTNiU/mzFmkkDhN7mcyUZYYKo+Ob
p6WC0oGBU0Sm3VJfDXC8+0N0KNaQS0s18aae4Pdyac7aCoQ/jcoTGaLpddjI2USJ
Q0bKdi5+PHKZFjcgWHtGgYc7IicHMN7dOawSyLuSnqUKQPkXLCPs0wIp+lrmBBKe
uzo/dYJhQdu//n8lM3cp0ThcMzQRBQ9T2zsbmvMCqY8aDV458iEbADOfWpAupoHi
XIcFfJTEetVrEHcGbZXu9GroytkV8cF9fGmhnkOP7tWll96sQF0ovDHCRSiCCSLg
OeMJTqQ4rAMKDw==
-----END CERTIFICATE-----