Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
File:                     SVfItkDqWWxdEac7PSZu54w_Cds.mft (raw, json)
Hash identifier:          5S4aUYB8tcqsKIfKPipQ9zE4W3rjzB4qnoJ31yp/vvE=
Subject key identifier:   D4:C6:6E:11:B5:D3:58:E5:59:4C:DE:08:3B:5B:35:3D:14:07:F7:C4
Authority key identifier: 49:57:C8:B6:40:EA:59:6C:5D:11:A7:3B:3D:26:6E:E7:8C:3F:09:DB
Certificate issuer:       /CN=4957c8b640ea596c5d11a73b3d266ee78c3f09db
Certificate serial:       01968BEF6F3B7F426E0A3C180B40C2FAA060
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
Manifest number:          07A8
Signing time:             Thu 01 May 2025 13:00:46 +0000
Manifest this update:     Thu 01 May 2025 13:00:46 +0000
Manifest next update:     Fri 02 May 2025 13:00:46 +0000
Files and hashes:         1: SVfItkDqWWxdEac7PSZu54w_Cds.crl (hash: 4C8nl/xiquTesTZqSIMht452iNgbN/mqU6gH9nhFxgI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8b:ef:6f:3b:7f:42:6e:0a:3c:18:0b:40:c2:fa:a0:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4957c8b640ea596c5d11a73b3d266ee78c3f09db
        Validity
            Not Before: May  1 13:00:46 2025 GMT
            Not After : May  2 13:00:46 2025 GMT
        Subject: CN=d4c66e11b5d358e5594cde083b5b353d1407f7c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:bf:96:a6:36:75:56:3c:65:0f:e2:c1:7f:96:
                    1d:9e:61:1f:29:7a:f0:77:1b:e4:11:97:66:ee:b7:
                    ab:79:45:8b:24:0c:b2:60:10:c4:c4:9e:c3:31:22:
                    4f:6e:77:a4:26:ab:a3:8d:7d:47:5e:01:f9:22:77:
                    5a:24:43:e9:15:e2:70:30:90:c4:6a:3c:80:77:26:
                    10:3a:26:db:e6:5b:50:f8:0c:2b:e7:fc:30:e2:df:
                    db:00:35:98:ee:fa:08:f3:91:84:8b:9b:23:25:2f:
                    66:b2:48:14:ab:e2:34:06:dc:c6:eb:f2:3c:96:94:
                    ea:14:9d:2a:85:47:59:d8:ee:83:52:a0:87:f9:fa:
                    89:cb:12:5b:57:73:57:fd:9c:e7:53:92:61:24:06:
                    12:04:d7:d6:c1:9b:0a:76:18:e3:1d:10:bc:fe:32:
                    f6:59:5e:61:76:95:86:35:b7:8f:d0:e4:50:5a:57:
                    0c:e4:eb:04:f2:68:0d:00:1e:e7:e3:5e:8b:f3:f2:
                    60:40:69:13:db:ac:c9:0c:90:d3:b3:a4:0b:b5:e1:
                    0b:9c:04:d0:ec:33:fc:e6:6d:8e:c1:fe:12:9b:f2:
                    8c:43:47:2a:f6:3e:e5:50:05:c8:56:75:72:a2:5c:
                    7d:3f:36:18:32:df:15:f9:02:5d:1d:f5:6d:8d:07:
                    70:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:C6:6E:11:B5:D3:58:E5:59:4C:DE:08:3B:5B:35:3D:14:07:F7:C4
            X509v3 Authority Key Identifier:
                keyid:49:57:C8:B6:40:EA:59:6C:5D:11:A7:3B:3D:26:6E:E7:8C:3F:09:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:81:a7:e1:72:2c:d8:25:91:d7:e1:41:7b:a3:6c:09:3f:70:
         cc:cf:66:58:d1:c8:c1:6f:3d:16:cc:d0:a4:bc:3e:63:a2:68:
         3b:2a:dd:3e:c7:1f:06:4d:5e:e8:12:c0:13:fb:2a:2f:7e:41:
         2e:ee:e0:aa:11:92:86:95:7e:dd:62:40:e9:96:64:69:6e:0c:
         fe:7a:33:93:b7:b6:f4:9e:fe:d7:13:71:4a:b2:76:dc:f3:ac:
         64:c4:d5:32:0f:23:43:35:10:e9:e3:d1:2d:5f:98:13:58:b3:
         78:24:13:98:ae:c4:25:b4:c6:0a:fe:36:cd:2b:f7:76:24:5f:
         06:64:ca:11:70:82:51:bf:d0:fb:c9:66:cd:e4:d0:e9:26:ff:
         39:8c:2a:a0:e8:73:ce:f7:26:bf:e4:e5:39:ff:bd:38:56:5d:
         6f:54:21:f5:67:5b:aa:4b:0d:bb:7e:a6:ef:25:8d:f5:e4:86:
         f4:f9:80:e0:ef:12:84:64:2b:a6:41:89:fc:68:99:51:5d:60:
         34:71:e1:5d:e5:c2:e1:f0:bb:1e:22:da:b2:0c:e8:e6:5d:05:
         e9:8e:38:6f:f3:18:89:75:41:aa:3d:a8:52:72:27:b2:a3:ba:
         dc:64:51:d5:c3:14:3d:c2:69:14:40:51:68:43:44:a5:21:42:
         6b:44:ba:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaL7287f0JuCjwYC0DC+qBgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NTdjOGI2NDBlYTU5NmM1ZDExYTczYjNkMjY2ZWU3OGMz
ZjA5ZGIwHhcNMjUwNTAxMTMwMDQ2WhcNMjUwNTAyMTMwMDQ2WjAzMTEwLwYDVQQD
EyhkNGM2NmUxMWI1ZDM1OGU1NTk0Y2RlMDgzYjViMzUzZDE0MDdmN2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlb+WpjZ1VjxlD+LBf5YdnmEfKXrw
dxvkEZdm7rereUWLJAyyYBDExJ7DMSJPbnekJqujjX1HXgH5IndaJEPpFeJwMJDE
ajyAdyYQOibb5ltQ+Awr5/ww4t/bADWY7voI85GEi5sjJS9mskgUq+I0BtzG6/I8
lpTqFJ0qhUdZ2O6DUqCH+fqJyxJbV3NX/ZznU5JhJAYSBNfWwZsKdhjjHRC8/jL2
WV5hdpWGNbeP0ORQWlcM5OsE8mgNAB7n416L8/JgQGkT26zJDJDTs6QLteELnATQ
7DP85m2Owf4Sm/KMQ0cq9j7lUAXIVnVyolx9PzYYMt8V+QJdHfVtjQdwIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNTGbhG101jlWUzeCDtbNT0UB/fEMB8GA1UdIwQY
MBaAFElXyLZA6llsXRGnOz0mbueMPwnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wY2VlYzMtNDgyYS00MWE1LTk3ZWIt
YmZlMWUxNzNkOGYwLzEvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wY2VlYzMtNDgyYS00MWE1LTk3ZWItYmZlMWUxNzNkOGYw
LzEvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAYGn4XIs
2CWR1+FBe6NsCT9wzM9mWNHIwW89FszQpLw+Y6JoOyrdPscfBk1e6BLAE/sqL35B
Lu7gqhGShpV+3WJA6ZZkaW4M/nozk7e29J7+1xNxSrJ23POsZMTVMg8jQzUQ6ePR
LV+YE1izeCQTmK7EJbTGCv42zSv3diRfBmTKEXCCUb/Q+8lmzeTQ6Sb/OYwqoOhz
zvcmv+TlOf+9OFZdb1Qh9WdbqksNu36m7yWN9eSG9PmA4O8ShGQrpkGJ/GiZUV1g
NHHhXeXC4fC7HiLasgzo5l0F6Y44b/MYiXVBqj2oUnInsqO63GRR1cMUPcJpFEBR
aENEpSFCa0S6Nw==
-----END CERTIFICATE-----