Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
File:                     idSzdf1Mr9XfusQG3SWmHSLdNso.mft (raw, json)
Hash identifier:          Cbj2DZCxhq5ipJTW+zBAHndGQEdijFukwDX5BS/26cI=
Subject key identifier:   17:02:CE:75:1C:AF:34:EE:9B:BB:B1:E5:76:8D:75:F4:2D:B9:48:62
Authority key identifier: 89:D4:B3:75:FD:4C:AF:D5:DF:BA:C4:06:DD:25:A6:1D:22:DD:36:CA
Certificate issuer:       /CN=89d4b375fd4cafd5dfbac406dd25a61d22dd36ca
Certificate serial:       01967BD71257E8D0DCEBD1568438867AC6C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
Manifest number:          108F
Signing time:             Mon 28 Apr 2025 10:00:14 +0000
Manifest this update:     Mon 28 Apr 2025 10:00:14 +0000
Manifest next update:     Tue 29 Apr 2025 10:00:14 +0000
Files and hashes:         1: idSzdf1Mr9XfusQG3SWmHSLdNso.crl (hash: cY/Nc3LASMdY0u4i9JzfdH2LIP9hwHxP5RV3BXZGlZM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7b:d7:12:57:e8:d0:dc:eb:d1:56:84:38:86:7a:c6:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89d4b375fd4cafd5dfbac406dd25a61d22dd36ca
        Validity
            Not Before: Apr 28 10:00:14 2025 GMT
            Not After : Apr 29 10:00:14 2025 GMT
        Subject: CN=1702ce751caf34ee9bbbb1e5768d75f42db94862
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:a8:dc:09:f5:8a:f9:d3:ad:81:64:06:e4:51:
                    2e:ac:8f:21:1b:ab:b9:de:20:c4:ac:e7:c1:6b:8f:
                    f5:bd:14:26:53:98:d2:52:0e:8b:9e:f3:ce:ca:47:
                    70:91:57:fa:85:e9:09:6e:f9:23:8e:4f:c1:de:55:
                    76:d4:db:3f:3a:f7:e7:0a:69:4e:00:41:d8:d6:70:
                    c6:99:14:3c:d9:2c:a5:99:f6:63:5d:06:cb:12:1e:
                    b6:a1:17:ba:08:b6:03:2b:52:9e:34:12:7d:19:65:
                    b6:3f:51:ae:83:f2:97:0b:7c:1c:d7:57:0d:7e:13:
                    41:ca:7b:87:75:8c:1f:81:0c:31:2f:b3:b2:0c:9d:
                    97:54:dc:01:88:b3:21:2d:66:37:e2:a9:f0:dc:6c:
                    8b:78:b7:00:ee:3a:c8:11:4a:cb:41:3d:30:de:58:
                    aa:dc:6f:84:f3:76:a8:b5:12:79:b6:a5:49:52:e7:
                    c5:0b:95:89:18:9b:09:d9:c4:b5:e8:1d:3a:2b:f7:
                    b5:e2:74:c9:c0:08:6c:05:56:07:86:a4:66:5f:f0:
                    2f:8e:b8:8a:6c:4c:46:c6:ac:09:c1:0e:b0:ac:da:
                    2f:bd:71:9a:22:5b:a3:dc:5a:09:32:83:98:8e:2d:
                    29:b0:ee:25:68:dc:8f:f3:e5:e8:ef:6d:27:0f:6e:
                    1d:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:02:CE:75:1C:AF:34:EE:9B:BB:B1:E5:76:8D:75:F4:2D:B9:48:62
            X509v3 Authority Key Identifier:
                keyid:89:D4:B3:75:FD:4C:AF:D5:DF:BA:C4:06:DD:25:A6:1D:22:DD:36:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:82:b8:4b:2f:07:b9:0f:32:32:f6:61:23:71:04:9c:3f:fd:
         11:4d:78:f4:93:f7:d3:f6:f4:27:70:20:06:89:a6:e3:f6:82:
         cd:1f:29:07:6a:d2:e8:f7:08:f2:08:4e:47:ec:9c:95:d8:db:
         e1:d9:b4:9b:c1:59:5f:49:15:bf:ab:90:ca:75:97:92:79:83:
         83:a2:f9:72:72:5f:1f:82:cc:14:83:95:80:db:40:e1:50:85:
         26:bd:7e:d5:a2:ee:52:2a:15:d0:17:eb:3f:af:01:71:8b:0d:
         1b:78:33:56:51:42:1e:f7:4a:d7:cf:d0:58:89:e0:b0:3f:9f:
         9f:93:2f:49:cd:6b:b3:9c:81:a2:35:c9:12:03:be:0d:ef:82:
         99:e1:c5:16:3b:8f:5b:76:b8:5f:b2:f9:9d:e6:5f:72:be:ec:
         14:e2:16:4c:e7:59:d5:94:0b:f6:f1:8b:f8:23:04:de:52:a2:
         f3:f0:37:57:ac:9e:00:65:68:e4:d6:35:d9:2d:c9:a9:71:22:
         e3:d8:68:cf:5a:5b:95:7c:a9:c3:6b:43:a9:02:10:cf:6d:38:
         f6:54:c8:9d:29:05:2d:68:e9:e4:69:e4:dd:ce:82:fc:61:b4:
         42:02:b6:ac:62:cd:53:ba:fc:60:1e:96:da:c3:fd:47:48:05:
         f0:3b:69:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ71xJX6NDc69FWhDiGesbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZDRiMzc1ZmQ0Y2FmZDVkZmJhYzQwNmRkMjVhNjFkMjJk
ZDM2Y2EwHhcNMjUwNDI4MTAwMDE0WhcNMjUwNDI5MTAwMDE0WjAzMTEwLwYDVQQD
EygxNzAyY2U3NTFjYWYzNGVlOWJiYmIxZTU3NjhkNzVmNDJkYjk0ODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6jcCfWK+dOtgWQG5FEurI8hG6u5
3iDErOfBa4/1vRQmU5jSUg6LnvPOykdwkVf6hekJbvkjjk/B3lV21Ns/OvfnCmlO
AEHY1nDGmRQ82SylmfZjXQbLEh62oRe6CLYDK1KeNBJ9GWW2P1Gug/KXC3wc11cN
fhNBynuHdYwfgQwxL7OyDJ2XVNwBiLMhLWY34qnw3GyLeLcA7jrIEUrLQT0w3liq
3G+E83aotRJ5tqVJUufFC5WJGJsJ2cS16B06K/e14nTJwAhsBVYHhqRmX/AvjriK
bExGxqwJwQ6wrNovvXGaIluj3FoJMoOYji0psO4laNyP8+Xo720nD24dzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBcCznUcrzTum7ux5XaNdfQtuUhiMB8GA1UdIwQY
MBaAFInUs3X9TK/V37rEBt0lph0i3TbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9iY2FkOGQtOGU1NS00YTgxLWIzOTMt
Mjc0MjUxMjUyMDc3LzEvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9iY2FkOGQtOGU1NS00YTgxLWIzOTMtMjc0MjUxMjUyMDc3
LzEvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtYK4Sy8H
uQ8yMvZhI3EEnD/9EU149JP30/b0J3AgBomm4/aCzR8pB2rS6PcI8ghOR+ycldjb
4dm0m8FZX0kVv6uQynWXknmDg6L5cnJfH4LMFIOVgNtA4VCFJr1+1aLuUioV0Bfr
P68BcYsNG3gzVlFCHvdK18/QWIngsD+fn5MvSc1rs5yBojXJEgO+De+CmeHFFjuP
W3a4X7L5neZfcr7sFOIWTOdZ1ZQL9vGL+CME3lKi8/A3V6yeAGVo5NY12S3JqXEi
49hoz1pblXypw2tDqQIQz2049lTInSkFLWjp5Gnk3c6C/GG0QgK2rGLNU7r8YB6W
2sP9R0gF8Dtpyg==
-----END CERTIFICATE-----