Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft
File:                     FSj8hxfpGa4HJhquKNjIRWTIpxI.mft (raw, json)
Hash identifier:          k49ItqwHP83ZDJUVtNI6wQ7o0S1cbTkKI3i/DdiYXUI=
Subject key identifier:   B1:2A:5E:F0:C1:97:5A:19:F1:1B:9F:C2:D8:96:3A:39:BA:79:0E:45
Authority key identifier: 15:28:FC:87:17:E9:19:AE:07:26:1A:AE:28:D8:C8:45:64:C8:A7:12
Certificate issuer:       /CN=1528fc8717e919ae07261aae28d8c84564c8a712
Certificate serial:       019684360B82D5192653937DBD57F1391BCB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FSj8hxfpGa4HJhquKNjIRWTIpxI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft
Manifest number:          0E76
Signing time:             Wed 30 Apr 2025 01:00:56 +0000
Manifest this update:     Wed 30 Apr 2025 01:00:56 +0000
Manifest next update:     Thu 01 May 2025 01:00:56 +0000
Files and hashes:         1: FSj8hxfpGa4HJhquKNjIRWTIpxI.crl (hash: z1sRD+C/uwRUBA5mt53u5IOxWYUD3cf3ERRt3I6vZWw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FSj8hxfpGa4HJhquKNjIRWTIpxI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:84:36:0b:82:d5:19:26:53:93:7d:bd:57:f1:39:1b:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1528fc8717e919ae07261aae28d8c84564c8a712
        Validity
            Not Before: Apr 30 01:00:56 2025 GMT
            Not After : May  1 01:00:56 2025 GMT
        Subject: CN=b12a5ef0c1975a19f11b9fc2d8963a39ba790e45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:3f:a1:b4:57:ce:21:49:dd:b5:8a:02:be:c2:
                    f5:eb:ca:b6:b4:88:19:2c:45:87:8e:73:e6:77:e5:
                    81:48:e3:0e:83:45:3e:68:6a:24:69:eb:a3:4f:f9:
                    f6:5f:95:4f:b1:77:5a:c8:a7:74:cc:42:67:d8:cc:
                    df:ea:bd:3c:d9:98:54:9c:2e:92:0c:e4:a6:c5:3e:
                    62:ac:ab:e5:9d:cd:43:35:7f:73:6b:5c:2f:43:ab:
                    70:f7:fd:2f:c0:20:1a:25:46:b6:f2:01:8a:a5:5a:
                    80:5d:e9:90:d9:fd:41:b4:b7:5a:c5:6c:2a:a5:83:
                    cb:b8:c8:c1:c6:64:2e:46:67:e8:6a:ec:a1:62:6e:
                    c0:0e:31:35:bd:f1:3f:81:56:62:4d:0e:bb:0a:03:
                    e6:5b:8c:76:06:1d:dc:e7:08:55:18:8c:8a:8c:d5:
                    d8:16:52:a2:d2:55:d9:1a:1e:31:98:a1:27:70:db:
                    c5:5c:f8:80:49:fe:52:ce:0e:36:a4:f5:ec:cd:e8:
                    58:04:a1:c3:85:24:b7:f6:be:63:8f:4f:dc:2e:56:
                    46:55:a0:cb:bd:93:5d:70:53:e1:f3:48:ec:2b:a0:
                    07:ef:39:0c:47:6c:f3:61:3c:0f:7a:67:b9:30:d0:
                    c4:4b:09:03:d0:d4:0a:72:16:88:fb:ff:77:f1:f0:
                    68:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:2A:5E:F0:C1:97:5A:19:F1:1B:9F:C2:D8:96:3A:39:BA:79:0E:45
            X509v3 Authority Key Identifier:
                keyid:15:28:FC:87:17:E9:19:AE:07:26:1A:AE:28:D8:C8:45:64:C8:A7:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FSj8hxfpGa4HJhquKNjIRWTIpxI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:69:75:0b:ee:ce:50:d3:b3:1b:ab:5c:a2:00:28:8e:c6:71:
         6d:45:56:8a:be:d6:7d:64:86:ac:a6:ae:f4:6f:c9:48:f2:ec:
         5a:32:30:de:ad:bc:1c:57:e3:3a:eb:38:c4:d5:c0:73:8e:c9:
         f0:18:04:a5:fd:4d:a5:dd:8c:a2:62:85:b0:b0:4d:4a:63:9c:
         75:86:8e:13:81:50:8d:3d:ee:0c:19:7b:e6:12:c8:42:3f:bb:
         b5:26:d9:01:e7:c7:01:cb:bb:db:e6:06:7c:b0:12:88:1d:f9:
         a8:c4:f8:be:eb:d8:4a:95:fb:cd:94:90:32:c5:ee:df:05:b4:
         fb:d8:e6:28:e6:9b:99:67:d3:44:42:d9:14:02:3e:20:0d:d0:
         e4:af:f5:4e:26:5a:5f:76:f8:c8:f3:6d:4c:fb:e7:a3:17:30:
         a7:72:68:7c:7e:ab:40:57:f5:60:a3:ff:6a:1b:17:b4:11:ce:
         31:69:6c:e6:27:62:a5:68:b0:2e:c2:dc:27:cf:f4:c8:f9:28:
         4f:83:71:b8:f9:4a:63:4b:22:e2:81:26:66:d6:65:04:76:02:
         a1:f1:ef:d4:76:dd:9f:21:cd:58:11:6d:9a:b9:b4:02:36:8c:
         f6:19:51:f8:ec:3f:31:0c:e9:a5:ee:f0:db:44:4e:d5:01:2c:
         9c:5a:5b:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaENguC1RkmU5N9vVfxORvLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MjhmYzg3MTdlOTE5YWUwNzI2MWFhZTI4ZDhjODQ1NjRj
OGE3MTIwHhcNMjUwNDMwMDEwMDU2WhcNMjUwNTAxMDEwMDU2WjAzMTEwLwYDVQQD
EyhiMTJhNWVmMGMxOTc1YTE5ZjExYjlmYzJkODk2M2EzOWJhNzkwZTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlD+htFfOIUndtYoCvsL168q2tIgZ
LEWHjnPmd+WBSOMOg0U+aGokaeujT/n2X5VPsXdayKd0zEJn2Mzf6r082ZhUnC6S
DOSmxT5irKvlnc1DNX9za1wvQ6tw9/0vwCAaJUa28gGKpVqAXemQ2f1BtLdaxWwq
pYPLuMjBxmQuRmfoauyhYm7ADjE1vfE/gVZiTQ67CgPmW4x2Bh3c5whVGIyKjNXY
FlKi0lXZGh4xmKEncNvFXPiASf5Szg42pPXszehYBKHDhSS39r5jj0/cLlZGVaDL
vZNdcFPh80jsK6AH7zkMR2zzYTwPeme5MNDESwkD0NQKchaI+/938fBo7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLEqXvDBl1oZ8RufwtiWOjm6eQ5FMB8GA1UdIwQY
MBaAFBUo/IcX6RmuByYarijYyEVkyKcSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlNqOGh4ZnBHYTRISmhxdUtOaklSV1RJcHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82ZGZiYjYtNGFmYS00YmJjLTlkMTkt
NjcxMDcyZjkxYTEzLzEvRlNqOGh4ZnBHYTRISmhxdUtOaklSV1RJcHhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy82ZGZiYjYtNGFmYS00YmJjLTlkMTktNjcxMDcyZjkxYTEz
LzEvRlNqOGh4ZnBHYTRISmhxdUtOaklSV1RJcHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcWl1C+7O
UNOzG6tcogAojsZxbUVWir7WfWSGrKau9G/JSPLsWjIw3q28HFfjOus4xNXAc47J
8BgEpf1Npd2MomKFsLBNSmOcdYaOE4FQjT3uDBl75hLIQj+7tSbZAefHAcu72+YG
fLASiB35qMT4vuvYSpX7zZSQMsXu3wW0+9jmKOabmWfTRELZFAI+IA3Q5K/1TiZa
X3b4yPNtTPvnoxcwp3JofH6rQFf1YKP/ahsXtBHOMWls5idipWiwLsLcJ8/0yPko
T4NxuPlKY0si4oEmZtZlBHYCofHv1HbdnyHNWBFtmrm0AjaM9hlR+Ow/MQzppe7w
20RO1QEsnFpbIA==
-----END CERTIFICATE-----