Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft
File:                     nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft (raw, json)
Hash identifier:          tJYXTHVRloH4plA0zG5/FQPQ3HUvv/EfPGkkwqIifhQ=
Subject key identifier:   B7:E9:2F:CB:60:AE:63:BD:A9:98:61:B5:30:14:A4:89:C2:8D:86:20
Authority key identifier: 9C:E8:94:F1:D7:73:1E:99:61:71:9B:E1:ED:99:84:68:FC:BA:BE:A9
Certificate issuer:       /CN=9ce894f1d7731e9961719be1ed998468fcbabea9
Certificate serial:       0196775614E505EFC2A991F245B4944A9481
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nOiU8ddzHplhcZvh7ZmEaPy6vqk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft
Manifest number:          14F6
Signing time:             Sun 27 Apr 2025 13:00:52 +0000
Manifest this update:     Sun 27 Apr 2025 13:00:52 +0000
Manifest next update:     Mon 28 Apr 2025 13:00:52 +0000
Files and hashes:         1: nOiU8ddzHplhcZvh7ZmEaPy6vqk.crl (hash: kQLeakKFED4LGltux6UGftMPc22sRt5cAIwxCGORSQY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nOiU8ddzHplhcZvh7ZmEaPy6vqk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 13:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:56:14:e5:05:ef:c2:a9:91:f2:45:b4:94:4a:94:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ce894f1d7731e9961719be1ed998468fcbabea9
        Validity
            Not Before: Apr 27 13:00:52 2025 GMT
            Not After : Apr 28 13:00:52 2025 GMT
        Subject: CN=b7e92fcb60ae63bda99861b53014a489c28d8620
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:81:9a:b6:5f:38:b5:2e:82:93:40:26:aa:27:
                    2b:94:7f:fe:07:25:11:a2:7e:e3:57:c5:a0:6a:31:
                    75:05:2f:3c:dd:46:49:75:b8:7d:9f:c5:d4:0f:aa:
                    2b:bb:5c:54:6a:a9:a9:05:ab:da:99:b1:81:4f:34:
                    4d:b8:c8:c8:e7:08:db:55:fe:23:a2:e0:8d:39:2d:
                    6b:f6:0a:99:d5:33:fd:b7:23:9e:47:8c:1c:d6:62:
                    48:b8:e6:37:c4:7d:86:47:44:99:d7:f8:1d:5d:7c:
                    11:51:c5:b6:d7:fb:6d:40:e7:4a:b2:51:22:7d:38:
                    3c:f8:ca:b5:80:25:0a:22:47:db:62:d2:2e:44:2b:
                    20:b5:3f:f0:08:75:c4:1f:8d:81:21:2d:ae:49:22:
                    ad:0a:af:e5:f4:9f:bc:b4:af:68:ef:b2:76:66:ab:
                    b2:ca:68:21:fc:9c:12:76:0e:0b:ac:26:2b:6e:00:
                    67:97:b9:7d:d9:6e:ba:09:b0:d7:43:92:2f:b7:a0:
                    b8:fa:78:ec:ca:79:1b:f0:93:06:57:2c:6e:35:cc:
                    7a:87:c9:99:fb:cb:88:bb:1c:61:07:4a:51:b2:18:
                    f7:fe:65:88:33:a7:e9:78:ff:f5:0b:69:df:bc:ea:
                    68:c2:22:7e:dd:b5:6d:22:c2:77:dc:f6:48:5d:39:
                    c8:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:E9:2F:CB:60:AE:63:BD:A9:98:61:B5:30:14:A4:89:C2:8D:86:20
            X509v3 Authority Key Identifier:
                keyid:9C:E8:94:F1:D7:73:1E:99:61:71:9B:E1:ED:99:84:68:FC:BA:BE:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nOiU8ddzHplhcZvh7ZmEaPy6vqk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:2e:a3:b1:c1:52:88:c2:36:0a:8d:dc:af:95:2e:aa:b2:0b:
         81:7f:97:3a:b0:f8:c1:43:a3:d8:a7:5d:54:b8:55:c1:1f:e2:
         ec:8f:16:64:d6:e2:41:84:93:df:66:64:5e:7b:96:64:a1:e0:
         3c:7c:0f:b3:45:c7:37:22:d4:cb:98:b8:f7:6d:37:35:05:99:
         49:fd:de:8f:24:45:19:71:d8:b8:65:80:e2:95:f2:42:26:01:
         54:fb:63:e9:d5:c0:06:07:b6:4c:0c:13:e9:d3:7e:71:48:9c:
         ec:82:c0:d0:97:83:3a:3a:a4:a3:b5:5e:7f:44:59:fc:5a:7d:
         8c:dd:f3:16:a6:99:63:7a:57:1b:d9:76:d7:80:23:f0:d3:3b:
         34:b9:ed:ea:d8:7f:fa:b3:9e:4f:58:3d:60:98:93:ef:10:4d:
         21:d0:16:08:7d:aa:51:ed:09:e1:1d:93:97:6c:3a:98:28:27:
         be:e7:15:ff:e8:4a:61:49:27:17:37:ff:88:3d:ca:ee:2a:92:
         3f:29:cf:9c:a1:49:8e:bb:74:81:9a:17:ee:69:f4:48:21:7a:
         b2:67:7c:33:63:38:2a:ce:3e:6e:33:7e:02:b2:8a:e5:d2:49:
         01:d4:79:b0:5b:15:c0:b7:1e:fc:ca:84:89:c3:ba:72:22:31:
         f4:0c:fa:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3VhTlBe/CqZHyRbSUSpSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZTg5NGYxZDc3MzFlOTk2MTcxOWJlMWVkOTk4NDY4ZmNi
YWJlYTkwHhcNMjUwNDI3MTMwMDUyWhcNMjUwNDI4MTMwMDUyWjAzMTEwLwYDVQQD
EyhiN2U5MmZjYjYwYWU2M2JkYTk5ODYxYjUzMDE0YTQ4OWMyOGQ4NjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4Gatl84tS6Ck0AmqicrlH/+ByUR
on7jV8WgajF1BS883UZJdbh9n8XUD6oru1xUaqmpBavambGBTzRNuMjI5wjbVf4j
ouCNOS1r9gqZ1TP9tyOeR4wc1mJIuOY3xH2GR0SZ1/gdXXwRUcW21/ttQOdKslEi
fTg8+Mq1gCUKIkfbYtIuRCsgtT/wCHXEH42BIS2uSSKtCq/l9J+8tK9o77J2Zquy
ymgh/JwSdg4LrCYrbgBnl7l92W66CbDXQ5Ivt6C4+njsynkb8JMGVyxuNcx6h8mZ
+8uIuxxhB0pRshj3/mWIM6fpeP/1C2nfvOpowiJ+3bVtIsJ33PZIXTnIMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLfpL8tgrmO9qZhhtTAUpInCjYYgMB8GA1UdIwQY
MBaAFJzolPHXcx6ZYXGb4e2ZhGj8ur6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk9pVThkZHpIcGxoY1p2aDdabUVhUHk2dnFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xZjk2OWMtZTM4Ny00NmZkLTg2MjQt
ZGM3ZjBjMDk0YjM5LzEvbk9pVThkZHpIcGxoY1p2aDdabUVhUHk2dnFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8xZjk2OWMtZTM4Ny00NmZkLTg2MjQtZGM3ZjBjMDk0YjM5
LzEvbk9pVThkZHpIcGxoY1p2aDdabUVhUHk2dnFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIi6jscFS
iMI2Co3cr5UuqrILgX+XOrD4wUOj2KddVLhVwR/i7I8WZNbiQYST32ZkXnuWZKHg
PHwPs0XHNyLUy5i49203NQWZSf3ejyRFGXHYuGWA4pXyQiYBVPtj6dXABge2TAwT
6dN+cUic7ILA0JeDOjqko7Vef0RZ/Fp9jN3zFqaZY3pXG9l214Aj8NM7NLnt6th/
+rOeT1g9YJiT7xBNIdAWCH2qUe0J4R2Tl2w6mCgnvucV/+hKYUknFzf/iD3K7iqS
PynPnKFJjrt0gZoX7mn0SCF6smd8M2M4Ks4+bjN+ArKK5dJJAdR5sFsVwLce/MqE
icO6ciIx9Az6lg==
-----END CERTIFICATE-----