Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft
File:                     K5Ro565AOUbluk3mHMHEej2b794.mft (raw, json)
Hash identifier:          lLpqmtVUUH/6D1SZF4/8sRzvYnUNurGz3K1yZd9ccFU=
Subject key identifier:   A8:DB:BE:7F:57:68:64:CD:EF:57:4E:AA:F1:66:A6:4F:0A:C8:11:86
Authority key identifier: 2B:94:68:E7:AE:40:39:46:E5:BA:4D:E6:1C:C1:C4:7A:3D:9B:EF:DE
Certificate issuer:       /CN=2b9468e7ae403946e5ba4de61cc1c47a3d9befde
Certificate serial:       019673E6BC6F77AD360A4C684D65EF91E021
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K5Ro565AOUbluk3mHMHEej2b794.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft
Manifest number:          09C7
Signing time:             Sat 26 Apr 2025 21:00:23 +0000
Manifest this update:     Sat 26 Apr 2025 21:00:23 +0000
Manifest next update:     Sun 27 Apr 2025 21:00:23 +0000
Files and hashes:         1: K5Ro565AOUbluk3mHMHEej2b794.crl (hash: SKhLieIbbX4d4SMhdBZlCvyie3FaueglRdp9hroobxI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K5Ro565AOUbluk3mHMHEej2b794.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 20:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:73:e6:bc:6f:77:ad:36:0a:4c:68:4d:65:ef:91:e0:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b9468e7ae403946e5ba4de61cc1c47a3d9befde
        Validity
            Not Before: Apr 26 21:00:23 2025 GMT
            Not After : Apr 27 21:00:23 2025 GMT
        Subject: CN=a8dbbe7f576864cdef574eaaf166a64f0ac81186
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:fd:c5:c7:d6:65:ac:b6:d3:22:21:61:7c:72:
                    2f:cd:19:ac:71:30:84:d1:16:a4:57:b9:4e:10:8c:
                    bf:45:ac:7e:32:89:4d:07:5d:38:95:9d:a4:04:84:
                    c7:24:69:66:4d:19:8a:11:da:7e:44:b5:24:b6:3f:
                    ce:b7:b4:ab:ff:6c:0e:23:a4:88:1b:52:36:79:62:
                    a7:15:7f:e4:58:e7:27:14:a6:71:01:ad:f0:3c:dd:
                    81:9f:02:7f:53:b6:aa:49:1e:0f:28:34:35:02:c2:
                    bc:b0:51:9c:49:74:69:56:da:e8:8f:fd:e7:4e:84:
                    3f:65:e5:0c:37:f8:a7:62:dc:78:ad:cb:72:83:a3:
                    28:a9:33:69:3b:03:8a:d1:6e:11:a7:fe:a5:01:2a:
                    15:3c:89:f1:75:48:5e:a7:e9:9d:d7:57:96:1d:81:
                    71:c3:14:cf:f0:e5:39:9b:6a:50:83:3a:fc:6c:53:
                    8b:09:ce:d0:dc:cd:f7:43:2f:bf:47:43:2a:ff:92:
                    0a:6d:01:18:c9:ad:1b:92:8a:ad:e1:0c:bc:77:dd:
                    f8:6f:60:d3:4b:78:c7:bd:76:e1:69:be:21:02:10:
                    fb:d7:f3:57:ba:1b:b5:c9:ea:1d:28:8e:f1:05:81:
                    94:9c:2f:ed:b1:17:76:f5:26:99:97:f2:5c:db:bb:
                    af:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:DB:BE:7F:57:68:64:CD:EF:57:4E:AA:F1:66:A6:4F:0A:C8:11:86
            X509v3 Authority Key Identifier:
                keyid:2B:94:68:E7:AE:40:39:46:E5:BA:4D:E6:1C:C1:C4:7A:3D:9B:EF:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Ro565AOUbluk3mHMHEej2b794.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:1b:f4:dd:a6:9d:a3:ba:71:67:f6:32:35:82:b3:d9:dd:07:
         32:0f:18:fb:9f:ab:e3:a0:1e:c2:5f:84:7f:dd:7d:03:16:94:
         20:f4:e0:1f:41:ab:f8:d3:81:cf:97:17:4e:0b:2c:8a:19:8f:
         07:d6:f2:16:cb:3e:0c:4f:63:e1:ca:38:63:72:81:5d:9d:48:
         a4:62:5a:32:dc:3c:6c:46:af:e1:84:74:ec:85:20:24:68:3a:
         6d:21:35:b0:35:03:19:05:57:f2:25:3f:e4:37:99:46:bf:a6:
         18:22:98:0e:4a:0f:27:ca:5f:75:05:73:37:4e:f0:6c:d5:5b:
         d7:d1:bc:da:e4:a3:b4:30:b6:0a:12:a8:91:31:47:55:e6:cb:
         14:b3:e2:eb:f7:7a:ef:0c:9e:be:83:48:32:93:2d:99:cf:f3:
         dc:e0:83:3e:60:19:45:5c:f3:2d:37:7b:46:13:f2:a9:f8:33:
         b2:5a:3f:29:2d:ab:97:e4:ac:8b:68:d1:26:f5:89:8c:bf:bb:
         5e:8f:e7:d5:4b:33:b8:a5:41:37:43:4d:c1:ed:2a:3d:15:51:
         ed:37:02:6b:89:16:7b:96:6b:e9:bf:f7:2f:d5:4f:4d:a8:67:
         67:42:d6:0e:d7:0a:dc:ac:0c:71:9d:92:5e:c3:5d:34:33:e3:
         9c:80:1a:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZz5rxvd602CkxoTWXvkeAhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTQ2OGU3YWU0MDM5NDZlNWJhNGRlNjFjYzFjNDdhM2Q5
YmVmZGUwHhcNMjUwNDI2MjEwMDIzWhcNMjUwNDI3MjEwMDIzWjAzMTEwLwYDVQQD
EyhhOGRiYmU3ZjU3Njg2NGNkZWY1NzRlYWFmMTY2YTY0ZjBhYzgxMTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnv3Fx9ZlrLbTIiFhfHIvzRmscTCE
0RakV7lOEIy/Rax+MolNB104lZ2kBITHJGlmTRmKEdp+RLUktj/Ot7Sr/2wOI6SI
G1I2eWKnFX/kWOcnFKZxAa3wPN2BnwJ/U7aqSR4PKDQ1AsK8sFGcSXRpVtroj/3n
ToQ/ZeUMN/inYtx4rctyg6MoqTNpOwOK0W4Rp/6lASoVPInxdUhep+md11eWHYFx
wxTP8OU5m2pQgzr8bFOLCc7Q3M33Qy+/R0Mq/5IKbQEYya0bkoqt4Qy8d934b2DT
S3jHvXbhab4hAhD71/NXuhu1yeodKI7xBYGUnC/tsRd29SaZl/Jc27uvQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKjbvn9XaGTN71dOqvFmpk8KyBGGMB8GA1UdIwQY
MBaAFCuUaOeuQDlG5bpN5hzBxHo9m+/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVSbzU2NUFPVWJsdWszbUhNSEVlajJiNzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi80YjVjMTgtODQ3Mi00MWRiLWI1NTct
MjI2OWMxYWYyYWQzLzEvSzVSbzU2NUFPVWJsdWszbUhNSEVlajJiNzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi80YjVjMTgtODQ3Mi00MWRiLWI1NTctMjI2OWMxYWYyYWQz
LzEvSzVSbzU2NUFPVWJsdWszbUhNSEVlajJiNzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaRv03aad
o7pxZ/YyNYKz2d0HMg8Y+5+r46Aewl+Ef919AxaUIPTgH0Gr+NOBz5cXTgssihmP
B9byFss+DE9j4co4Y3KBXZ1IpGJaMtw8bEav4YR07IUgJGg6bSE1sDUDGQVX8iU/
5DeZRr+mGCKYDkoPJ8pfdQVzN07wbNVb19G82uSjtDC2ChKokTFHVebLFLPi6/d6
7wyevoNIMpMtmc/z3OCDPmAZRVzzLTd7RhPyqfgzslo/KS2rl+Ssi2jRJvWJjL+7
Xo/n1UszuKVBN0NNwe0qPRVR7TcCa4kWe5Zr6b/3L9VPTahnZ0LWDtcK3KwMcZ2S
XsNdNDPjnIAagQ==
-----END CERTIFICATE-----