Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
File:                     gU3w5sDcpazuCDqMcwTUXz0z1W0.mft (raw, json)
Hash identifier:          oepb2IkHbPvHK7ZJYYY9XZgDyCn/CxLzCeVQYPie+r4=
Subject key identifier:   EE:B0:F2:87:2B:C3:AC:B3:90:D1:B1:26:41:37:B2:14:61:78:9A:02
Authority key identifier: 81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D
Certificate issuer:       /CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
Certificate serial:       019677C36A9D2FF2E2430C78407FD1F7F2A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
Manifest number:          0BF0
Signing time:             Sun 27 Apr 2025 15:00:17 +0000
Manifest this update:     Sun 27 Apr 2025 15:00:17 +0000
Manifest next update:     Mon 28 Apr 2025 15:00:17 +0000
Files and hashes:         1: gU3w5sDcpazuCDqMcwTUXz0z1W0.crl (hash: xvD3yO90NBq6SGNkLStyfRB75gCf9N5VPLfGecafbnQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:c3:6a:9d:2f:f2:e2:43:0c:78:40:7f:d1:f7:f2:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
        Validity
            Not Before: Apr 27 15:00:17 2025 GMT
            Not After : Apr 28 15:00:17 2025 GMT
        Subject: CN=eeb0f2872bc3acb390d1b1264137b21461789a02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:82:ba:07:f7:41:97:ba:fe:8a:da:04:ce:2c:
                    ea:e2:47:01:a3:46:b9:87:df:2e:d6:65:b3:bd:0a:
                    83:81:23:cd:6e:7b:cd:75:5d:84:0d:f1:77:f0:c9:
                    7d:d0:75:a0:24:66:4a:42:e9:99:c4:4d:26:fb:f3:
                    ab:ab:1e:94:df:65:98:75:6f:12:c7:fd:52:2e:e5:
                    f5:76:b6:fe:f4:ca:0a:f3:ea:7a:b4:8a:6e:3b:12:
                    61:b9:67:f8:1f:3b:eb:ab:b3:00:56:06:36:ce:81:
                    87:4a:69:3c:89:9e:d1:d4:f4:30:50:2a:61:73:e7:
                    64:f1:f4:58:98:ee:ea:90:8f:36:ee:87:67:95:32:
                    70:00:80:30:4b:2d:74:87:9c:71:01:00:b3:3e:7a:
                    35:cf:51:dd:a2:30:6b:52:45:25:32:cc:cb:af:82:
                    d1:c3:c3:4c:51:13:5a:66:c3:3e:ea:38:0c:64:7f:
                    52:7b:3c:c2:8a:91:de:0b:3d:b2:82:09:32:6c:b8:
                    b7:21:f8:b9:d5:72:b2:ba:d0:58:a2:43:25:eb:04:
                    dd:2e:af:c8:c8:d4:ca:06:7b:6d:f4:f1:8a:1c:db:
                    a7:83:a3:b9:59:5c:26:41:a3:2e:71:b4:06:b7:36:
                    cf:99:53:f8:80:91:47:b2:9f:02:c5:e1:6f:19:ea:
                    ea:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:B0:F2:87:2B:C3:AC:B3:90:D1:B1:26:41:37:B2:14:61:78:9A:02
            X509v3 Authority Key Identifier:
                keyid:81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:26:83:67:4c:19:24:bd:1c:b6:b2:2c:41:61:4c:2a:cd:47:
         35:43:d9:c7:fb:89:32:b1:e0:db:7e:fd:d3:e8:9a:13:da:a3:
         ad:df:2b:56:dc:6d:16:9a:e5:4d:e2:94:c6:9f:30:f6:97:c3:
         1f:de:1c:82:75:d0:f9:5b:8f:29:97:09:0c:f9:95:ed:e1:0f:
         bc:4f:76:98:ea:7e:84:d6:02:e7:5a:4a:7c:c8:1f:55:68:e8:
         bf:40:06:e3:b1:06:27:c2:0c:c2:bf:be:2d:35:71:a4:f8:d9:
         d0:b0:1a:3d:c8:95:a8:77:36:b8:e8:d2:e6:ae:37:15:ec:e7:
         5d:78:55:7b:34:7e:19:bc:92:b7:bb:25:e1:d7:05:75:c4:63:
         d1:71:1a:c9:b6:4b:5d:5d:c8:72:ee:ce:84:36:99:1d:d6:56:
         e0:45:9f:26:5e:29:54:1e:da:c0:64:71:54:68:0a:d4:19:19:
         f9:c6:11:93:7f:47:1b:7c:43:d7:e2:09:e2:1d:07:27:6f:93:
         96:37:28:9b:a3:eb:45:9d:dc:44:dd:46:7f:6f:c2:c0:1f:b9:
         e9:e8:5a:50:a2:6b:4f:e1:56:54:4a:52:53:75:4f:c8:61:52:
         52:e8:aa:34:1a:3f:5d:44:e2:49:94:89:fe:35:2e:07:5a:7e:
         0c:5d:2b:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3w2qdL/LiQwx4QH/R9/KlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNGRmMGU2YzBkY2E1YWNlZTA4M2E4YzczMDRkNDVmM2Qz
M2Q1NmQwHhcNMjUwNDI3MTUwMDE3WhcNMjUwNDI4MTUwMDE3WjAzMTEwLwYDVQQD
EyhlZWIwZjI4NzJiYzNhY2IzOTBkMWIxMjY0MTM3YjIxNDYxNzg5YTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIK6B/dBl7r+itoEzizq4kcBo0a5
h98u1mWzvQqDgSPNbnvNdV2EDfF38Ml90HWgJGZKQumZxE0m+/Orqx6U32WYdW8S
x/1SLuX1drb+9MoK8+p6tIpuOxJhuWf4Hzvrq7MAVgY2zoGHSmk8iZ7R1PQwUCph
c+dk8fRYmO7qkI827odnlTJwAIAwSy10h5xxAQCzPno1z1HdojBrUkUlMszLr4LR
w8NMURNaZsM+6jgMZH9SezzCipHeCz2yggkybLi3Ifi51XKyutBYokMl6wTdLq/I
yNTKBntt9PGKHNung6O5WVwmQaMucbQGtzbPmVP4gJFHsp8CxeFvGerqSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO6w8ocrw6yzkNGxJkE3shRheJoCMB8GA1UdIwQY
MBaAFIFN8ObA3KWs7gg6jHME1F89M9VtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzIt
ZDBkMmYyY2E4Y2JjLzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzItZDBkMmYyY2E4Y2Jj
LzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMCaDZ0wZ
JL0ctrIsQWFMKs1HNUPZx/uJMrHg23790+iaE9qjrd8rVtxtFprlTeKUxp8w9pfD
H94cgnXQ+VuPKZcJDPmV7eEPvE92mOp+hNYC51pKfMgfVWjov0AG47EGJ8IMwr++
LTVxpPjZ0LAaPciVqHc2uOjS5q43FeznXXhVezR+GbySt7sl4dcFdcRj0XEaybZL
XV3Icu7OhDaZHdZW4EWfJl4pVB7awGRxVGgK1BkZ+cYRk39HG3xD1+IJ4h0HJ2+T
ljcom6PrRZ3cRN1Gf2/CwB+56ehaUKJrT+FWVEpSU3VPyGFSUuiqNBo/XUTiSZSJ
/jUuB1p+DF0rTw==
-----END CERTIFICATE-----