Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft
File:                     CvFmObpIfvljxWzLMm8lCNGoPv0.mft (raw, json)
Hash identifier:          R2GXfd2rYSx/KTf1Fel7RaHxl0Wxjd/gwOuFMlVv1/U=
Subject key identifier:   D3:04:CA:75:CA:7D:E8:CD:0B:39:7A:2D:94:F9:A1:43:A9:DD:40:E5
Authority key identifier: 0A:F1:66:39:BA:48:7E:F9:63:C5:6C:CB:32:6F:25:08:D1:A8:3E:FD
Certificate issuer:       /CN=0af16639ba487ef963c56ccb326f2508d1a83efd
Certificate serial:       019677FAC50DFA6C84A58ABC3092B9785DF5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CvFmObpIfvljxWzLMm8lCNGoPv0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft
Manifest number:          07FF
Signing time:             Sun 27 Apr 2025 16:00:45 +0000
Manifest this update:     Sun 27 Apr 2025 16:00:45 +0000
Manifest next update:     Mon 28 Apr 2025 16:00:45 +0000
Files and hashes:         1: CvFmObpIfvljxWzLMm8lCNGoPv0.crl (hash: PCRUaAEA+p6opcJaHntXOqPsJ678z+/gpT/JY0nXt0E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CvFmObpIfvljxWzLMm8lCNGoPv0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fa:c5:0d:fa:6c:84:a5:8a:bc:30:92:b9:78:5d:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0af16639ba487ef963c56ccb326f2508d1a83efd
        Validity
            Not Before: Apr 27 16:00:45 2025 GMT
            Not After : Apr 28 16:00:45 2025 GMT
        Subject: CN=d304ca75ca7de8cd0b397a2d94f9a143a9dd40e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c4:5e:e3:47:22:26:56:d2:12:36:48:60:59:
                    e7:a9:23:6d:58:98:88:21:5a:8d:dc:14:ff:bf:fb:
                    7c:5a:7e:ba:07:8c:8d:58:49:94:48:59:f7:32:d9:
                    cf:8f:05:8d:36:b9:cf:22:4c:ef:f4:f7:85:0a:88:
                    c7:b1:11:b0:a2:5e:05:1e:75:35:1f:02:bf:75:eb:
                    3b:58:da:bd:7e:20:b4:8c:48:a0:ea:ea:42:58:c8:
                    64:a5:e5:79:cf:6a:97:fc:21:44:d9:a0:28:2e:d1:
                    2f:57:66:f9:80:a1:d9:9c:5c:3f:af:3c:86:18:b8:
                    c9:a5:70:bd:2d:f7:8a:13:d4:a5:8e:48:ee:92:53:
                    a1:cd:04:50:2a:b9:3c:a2:b1:c6:1e:a8:bd:04:e1:
                    c3:c0:6c:3b:56:54:83:54:cf:51:98:16:b1:2b:b9:
                    d1:ad:e8:43:39:ff:91:be:79:f9:8b:69:9a:ee:12:
                    c2:ba:05:0b:13:78:05:5a:ec:59:6a:1d:57:8c:ac:
                    43:af:3b:12:6f:06:06:9a:9a:10:b1:5e:a9:0d:8d:
                    47:36:e4:16:78:17:e5:7e:a7:f1:26:68:c7:a3:7d:
                    1a:4b:14:10:2f:42:4d:ce:1b:60:b8:75:4c:ae:8c:
                    cf:25:d8:3f:72:ed:8e:b3:b1:e1:99:d8:28:04:11:
                    43:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:04:CA:75:CA:7D:E8:CD:0B:39:7A:2D:94:F9:A1:43:A9:DD:40:E5
            X509v3 Authority Key Identifier:
                keyid:0A:F1:66:39:BA:48:7E:F9:63:C5:6C:CB:32:6F:25:08:D1:A8:3E:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CvFmObpIfvljxWzLMm8lCNGoPv0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:41:84:bb:1c:0d:c4:d5:95:0c:47:da:18:98:84:82:3f:2e:
         e0:98:0e:c8:45:86:65:78:81:89:12:18:6b:df:a7:ed:01:83:
         c4:5c:cc:73:d9:b7:3a:d1:6f:56:cc:b6:4f:82:3d:66:2f:7a:
         86:37:b1:b2:88:2e:24:45:60:bb:be:20:86:0e:bb:b2:6d:61:
         dc:11:d1:b2:9e:06:9d:da:31:66:b9:17:7e:0b:ac:e6:a8:9c:
         32:5b:ba:dc:2c:4a:e6:d2:50:47:e7:93:98:a4:0e:cc:18:85:
         32:9e:4a:23:8f:64:9d:82:10:b1:e9:f6:d5:be:94:81:79:0f:
         d8:05:99:14:f1:0c:a1:9c:a1:96:7d:17:f9:b5:95:24:e0:76:
         94:61:6b:f6:9e:6e:b3:98:27:f2:fa:99:9b:81:0e:38:8d:05:
         c3:9d:25:31:cb:6d:b7:1f:3c:f3:35:d2:f6:25:56:9c:62:1c:
         f8:4a:0b:a7:66:de:6e:02:f0:15:8d:1d:29:b5:45:d8:7a:00:
         ad:dd:63:a4:17:7b:67:00:3b:a4:3a:2d:9b:59:ad:a5:2d:1e:
         bf:1b:99:54:4c:d3:ea:6a:ae:a5:a4:dc:a1:b6:44:68:c2:93:
         b5:13:d1:6f:84:a8:df:4e:de:56:53:c9:b5:5a:9f:c1:f3:5d:
         67:b4:4f:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+sUN+myEpYq8MJK5eF31MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZjE2NjM5YmE0ODdlZjk2M2M1NmNjYjMyNmYyNTA4ZDFh
ODNlZmQwHhcNMjUwNDI3MTYwMDQ1WhcNMjUwNDI4MTYwMDQ1WjAzMTEwLwYDVQQD
EyhkMzA0Y2E3NWNhN2RlOGNkMGIzOTdhMmQ5NGY5YTE0M2E5ZGQ0MGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8Re40ciJlbSEjZIYFnnqSNtWJiI
IVqN3BT/v/t8Wn66B4yNWEmUSFn3MtnPjwWNNrnPIkzv9PeFCojHsRGwol4FHnU1
HwK/des7WNq9fiC0jEig6upCWMhkpeV5z2qX/CFE2aAoLtEvV2b5gKHZnFw/rzyG
GLjJpXC9LfeKE9SljkjuklOhzQRQKrk8orHGHqi9BOHDwGw7VlSDVM9RmBaxK7nR
rehDOf+Rvnn5i2ma7hLCugULE3gFWuxZah1XjKxDrzsSbwYGmpoQsV6pDY1HNuQW
eBflfqfxJmjHo30aSxQQL0JNzhtguHVMrozPJdg/cu2Os7HhmdgoBBFD3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNMEynXKfejNCzl6LZT5oUOp3UDlMB8GA1UdIwQY
MBaAFArxZjm6SH75Y8VsyzJvJQjRqD79MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3ZGbU9icElmdmxqeFd6TE1tOGxDTkdvUHYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9mYzdlMmQtN2I3Ni00NjhmLTg1Mjkt
M2M2Mzc2NTE1MDdkLzEvQ3ZGbU9icElmdmxqeFd6TE1tOGxDTkdvUHYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9mYzdlMmQtN2I3Ni00NjhmLTg1MjktM2M2Mzc2NTE1MDdk
LzEvQ3ZGbU9icElmdmxqeFd6TE1tOGxDTkdvUHYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAekGEuxwN
xNWVDEfaGJiEgj8u4JgOyEWGZXiBiRIYa9+n7QGDxFzMc9m3OtFvVsy2T4I9Zi96
hjexsoguJEVgu74ghg67sm1h3BHRsp4GndoxZrkXfgus5qicMlu63CxK5tJQR+eT
mKQOzBiFMp5KI49knYIQsen21b6UgXkP2AWZFPEMoZyhln0X+bWVJOB2lGFr9p5u
s5gn8vqZm4EOOI0Fw50lMctttx888zXS9iVWnGIc+EoLp2bebgLwFY0dKbVF2HoA
rd1jpBd7ZwA7pDotm1mtpS0evxuZVEzT6mqupaTcobZEaMKTtRPRb4So307eVlPJ
tVqfwfNdZ7RPrA==
-----END CERTIFICATE-----