Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/74ac9d-2a53-4ae5-ba72-62afcb9972d7/1/iZFbtGEcVfYprTpMz-NXwECh3BI.mft
File:                     iZFbtGEcVfYprTpMz-NXwECh3BI.mft (raw, json)
Hash identifier:          4nkB1TZvFUMgSedffG5y0zJgKI6RLzuzhTcdJG3ky2U=
Subject key identifier:   F3:3D:B5:F5:AB:C1:29:F5:54:F3:27:6E:7D:68:AF:0C:F4:7E:21:35
Authority key identifier: 89:91:5B:B4:61:1C:55:F6:29:AD:3A:4C:CF:E3:57:C0:40:A1:DC:12
Certificate issuer:       /CN=89915bb4611c55f629ad3a4ccfe357c040a1dc12
Certificate serial:       01967755BB2C2EEF05677F20472E2C520A6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iZFbtGEcVfYprTpMz-NXwECh3BI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/74ac9d-2a53-4ae5-ba72-62afcb9972d7/1/iZFbtGEcVfYprTpMz-NXwECh3BI.mft
Manifest number:          04DB
Signing time:             Sun 27 Apr 2025 13:00:29 +0000
Manifest this update:     Sun 27 Apr 2025 13:00:29 +0000
Manifest next update:     Mon 28 Apr 2025 13:00:29 +0000
Files and hashes:         1: iZFbtGEcVfYprTpMz-NXwECh3BI.crl (hash: KLi5KhPMkpvHwuXrIn6CfvSIxb88Lx6IOuFhn1mPD70=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/74ac9d-2a53-4ae5-ba72-62afcb9972d7/1/iZFbtGEcVfYprTpMz-NXwECh3BI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/74ac9d-2a53-4ae5-ba72-62afcb9972d7/1/iZFbtGEcVfYprTpMz-NXwECh3BI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iZFbtGEcVfYprTpMz-NXwECh3BI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 13:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:55:bb:2c:2e:ef:05:67:7f:20:47:2e:2c:52:0a:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89915bb4611c55f629ad3a4ccfe357c040a1dc12
        Validity
            Not Before: Apr 27 13:00:29 2025 GMT
            Not After : Apr 28 13:00:29 2025 GMT
        Subject: CN=f33db5f5abc129f554f3276e7d68af0cf47e2135
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:33:48:77:3e:ae:a9:39:87:f2:8c:72:23:f0:
                    6f:08:f2:57:52:c0:ae:c9:32:e4:b6:ce:ab:3f:69:
                    00:04:12:3f:ee:97:12:08:eb:fc:4c:c6:06:9a:37:
                    9d:48:14:5f:f6:f4:0b:d5:a1:eb:02:ae:ec:5f:57:
                    b8:77:0a:28:91:41:b2:5a:d5:b5:93:d2:e4:62:81:
                    8f:ca:a1:ad:f9:11:40:0d:2a:5d:eb:d5:d4:10:be:
                    84:46:e5:5d:a0:65:c8:db:e7:72:b6:97:91:c0:cb:
                    a9:3a:b4:3c:e8:c3:11:f2:cc:a4:d5:2a:c7:08:4c:
                    fb:30:6d:c1:07:4f:98:9b:60:6b:05:64:12:34:63:
                    17:79:35:2c:4e:93:55:d5:f3:0d:0a:bc:51:9c:7c:
                    e3:9e:83:49:db:a8:f5:39:b3:05:7b:7d:d7:66:ac:
                    28:a7:a8:93:07:0c:40:33:c5:ab:ba:a1:bf:fc:c6:
                    03:4f:e7:07:08:6b:ac:69:24:e5:83:7b:02:10:18:
                    6d:ac:62:5e:9d:e5:0c:35:ca:64:cd:8a:f3:0b:3b:
                    32:06:03:38:7b:e3:5d:6c:98:71:cf:55:bb:1e:4b:
                    2a:88:8d:e9:44:64:93:df:1d:8a:9c:62:02:5e:dc:
                    13:bd:bc:2e:49:25:53:c4:8c:24:21:21:42:08:a6:
                    62:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:3D:B5:F5:AB:C1:29:F5:54:F3:27:6E:7D:68:AF:0C:F4:7E:21:35
            X509v3 Authority Key Identifier:
                keyid:89:91:5B:B4:61:1C:55:F6:29:AD:3A:4C:CF:E3:57:C0:40:A1:DC:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iZFbtGEcVfYprTpMz-NXwECh3BI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/74ac9d-2a53-4ae5-ba72-62afcb9972d7/1/iZFbtGEcVfYprTpMz-NXwECh3BI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/74ac9d-2a53-4ae5-ba72-62afcb9972d7/1/iZFbtGEcVfYprTpMz-NXwECh3BI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:9e:c0:9a:cd:2a:12:8d:80:a8:a6:85:bd:67:95:cc:8a:13:
         19:a3:f4:c9:7c:75:6b:4d:95:36:5f:62:a1:0c:3e:61:fb:de:
         a2:e9:77:ee:92:5c:93:fe:7c:3e:67:ce:c8:33:38:97:ab:96:
         99:cf:44:c4:11:52:17:fb:68:82:a3:30:ad:df:ee:cc:c6:cc:
         ab:2e:26:2b:ee:f1:2c:ad:c2:ea:45:f8:08:51:f1:11:d0:44:
         c2:92:20:e9:ec:5b:0a:f7:53:43:1a:c7:52:e1:81:2e:a2:74:
         53:f4:f3:e7:1e:93:d9:1a:52:45:8a:1e:cf:21:5b:d2:58:32:
         6b:1d:d2:9f:6b:da:46:a7:17:57:2d:11:75:f7:29:c2:e3:e6:
         b9:63:24:b1:d0:35:a3:75:c7:45:d6:11:53:5c:19:8c:ea:e5:
         af:80:7e:c6:e1:58:99:d7:0c:f7:62:b4:54:eb:86:5f:f0:21:
         38:b9:ad:48:ff:81:6c:65:31:b6:d3:6a:76:a8:0e:c2:f1:9e:
         70:29:9e:8b:d0:db:53:95:fd:a6:23:a0:33:1e:68:61:94:d0:
         6b:08:53:52:a0:f6:7f:8e:4f:e1:f5:14:de:3b:17:c3:4e:eb:
         95:4c:61:5f:eb:da:2c:5f:80:9b:93:c9:cc:78:c7:3f:5b:80:
         27:59:92:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3VbssLu8FZ38gRy4sUgptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5OTE1YmI0NjExYzU1ZjYyOWFkM2E0Y2NmZTM1N2MwNDBh
MWRjMTIwHhcNMjUwNDI3MTMwMDI5WhcNMjUwNDI4MTMwMDI5WjAzMTEwLwYDVQQD
EyhmMzNkYjVmNWFiYzEyOWY1NTRmMzI3NmU3ZDY4YWYwY2Y0N2UyMTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DNIdz6uqTmH8oxyI/BvCPJXUsCu
yTLkts6rP2kABBI/7pcSCOv8TMYGmjedSBRf9vQL1aHrAq7sX1e4dwookUGyWtW1
k9LkYoGPyqGt+RFADSpd69XUEL6ERuVdoGXI2+dytpeRwMupOrQ86MMR8syk1SrH
CEz7MG3BB0+Ym2BrBWQSNGMXeTUsTpNV1fMNCrxRnHzjnoNJ26j1ObMFe33XZqwo
p6iTBwxAM8WruqG//MYDT+cHCGusaSTlg3sCEBhtrGJeneUMNcpkzYrzCzsyBgM4
e+NdbJhxz1W7HksqiI3pRGST3x2KnGICXtwTvbwuSSVTxIwkISFCCKZi2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPM9tfWrwSn1VPMnbn1orwz0fiE1MB8GA1UdIwQY
MBaAFImRW7RhHFX2Ka06TM/jV8BAodwSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVpGYnRHRWNWZllwclRwTXotTlh3RUNoM0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NGFjOWQtMmE1My00YWU1LWJhNzIt
NjJhZmNiOTk3MmQ3LzEvaVpGYnRHRWNWZllwclRwTXotTlh3RUNoM0JJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NGFjOWQtMmE1My00YWU1LWJhNzItNjJhZmNiOTk3MmQ3
LzEvaVpGYnRHRWNWZllwclRwTXotTlh3RUNoM0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfp7Ams0q
Eo2AqKaFvWeVzIoTGaP0yXx1a02VNl9ioQw+Yfveoul37pJck/58PmfOyDM4l6uW
mc9ExBFSF/togqMwrd/uzMbMqy4mK+7xLK3C6kX4CFHxEdBEwpIg6exbCvdTQxrH
UuGBLqJ0U/Tz5x6T2RpSRYoezyFb0lgyax3Sn2vaRqcXVy0RdfcpwuPmuWMksdA1
o3XHRdYRU1wZjOrlr4B+xuFYmdcM92K0VOuGX/AhOLmtSP+BbGUxttNqdqgOwvGe
cCmei9DbU5X9piOgMx5oYZTQawhTUqD2f45P4fUU3jsXw07rlUxhX+vaLF+Am5PJ
zHjHP1uAJ1mS+g==
-----END CERTIFICATE-----