Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
File:                     FLklHG89i7aaegPOrN0q58LIzjc.mft (raw, json)
Hash identifier:          SpH1Rs+dZRqma2wJx8+k2SHxz8+VrX9XTN7pZGapipg=
Subject key identifier:   60:52:86:19:D2:AB:D5:43:FD:5A:98:80:03:C6:FB:08:4A:22:85:E5
Authority key identifier: 14:B9:25:1C:6F:3D:8B:B6:9A:7A:03:CE:AC:DD:2A:E7:C2:C8:CE:37
Certificate issuer:       /CN=14b9251c6f3d8bb69a7a03ceacdd2ae7c2c8ce37
Certificate serial:       019675D515E7685170AAA84D019B7ED55E80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
Manifest number:          79
Signing time:             Sun 27 Apr 2025 06:00:21 +0000
Manifest this update:     Sun 27 Apr 2025 06:00:21 +0000
Manifest next update:     Mon 28 Apr 2025 06:00:21 +0000
Files and hashes:         1: FLklHG89i7aaegPOrN0q58LIzjc.crl (hash: uMEIyOPHVT5RHtjY2li3oUXrw5G9h8fTSt4T9wWJTFE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:75:d5:15:e7:68:51:70:aa:a8:4d:01:9b:7e:d5:5e:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14b9251c6f3d8bb69a7a03ceacdd2ae7c2c8ce37
        Validity
            Not Before: Apr 27 06:00:21 2025 GMT
            Not After : Apr 28 06:00:21 2025 GMT
        Subject: CN=60528619d2abd543fd5a988003c6fb084a2285e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:fb:21:aa:7c:33:38:dd:9d:97:79:64:ed:7a:
                    c2:9a:f0:1c:9b:15:d7:05:be:3c:b4:ff:78:71:9d:
                    f5:6a:bc:fd:60:05:be:b0:7f:6a:62:f4:a6:b7:60:
                    8e:c3:a5:51:7b:c4:62:06:40:6e:ef:23:68:42:2c:
                    a5:87:63:3c:95:e5:f7:f3:1a:3e:ba:e6:95:0c:ff:
                    6e:aa:74:c7:dd:d9:9d:fb:c8:aa:34:df:39:62:61:
                    05:dc:8f:c5:63:a0:86:66:f7:ba:f9:42:36:d2:bf:
                    a9:8a:cb:e6:e9:e1:b2:fc:a9:b0:e8:a1:a3:8b:19:
                    8e:86:9f:97:c8:3a:9f:ad:3d:f5:79:ef:e9:5f:80:
                    35:14:47:d6:3c:17:fa:06:26:bc:d3:35:f6:40:2b:
                    13:67:19:a1:02:4f:96:c2:71:c0:df:87:f6:ee:6d:
                    24:f8:6c:62:a0:c5:de:11:a8:10:67:61:59:36:e6:
                    d2:cd:5f:2b:24:c1:1e:6c:07:be:c7:0c:67:db:18:
                    5c:3e:d1:8f:5d:07:b4:a6:ed:e2:30:24:a4:05:2d:
                    77:68:52:19:f9:4f:7b:3a:ce:ce:92:89:8a:05:d8:
                    7e:e0:3b:e9:dd:6c:25:7b:74:6e:15:ee:87:65:c1:
                    d8:5a:68:b1:b0:b3:21:0f:2e:be:a7:f8:9d:db:af:
                    0f:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:52:86:19:D2:AB:D5:43:FD:5A:98:80:03:C6:FB:08:4A:22:85:E5
            X509v3 Authority Key Identifier:
                keyid:14:B9:25:1C:6F:3D:8B:B6:9A:7A:03:CE:AC:DD:2A:E7:C2:C8:CE:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:02:85:d0:ad:22:18:55:5f:d1:51:d7:5d:ee:2f:a0:a3:f1:
         83:de:d0:02:45:60:70:4d:02:35:55:ba:e6:51:e1:4b:0c:10:
         11:aa:83:0f:d0:68:96:e8:84:43:f1:c2:52:77:d1:20:cd:63:
         fa:60:1f:4c:21:63:6c:cd:cb:02:80:5f:81:b9:1e:1e:55:41:
         e0:3d:e5:ec:85:d8:58:a6:f2:61:0a:79:82:25:cc:4d:ff:72:
         22:2b:cb:20:0e:15:23:c8:f9:30:33:a7:f5:e1:38:6e:35:e0:
         1c:82:0b:c0:b8:b2:5e:42:7d:b3:52:77:de:9b:5b:e7:02:de:
         ab:c9:a2:b1:e8:68:e7:0b:53:78:5e:6d:58:d1:c6:de:aa:1b:
         b3:ea:b8:72:db:54:f5:f7:11:ac:92:12:01:45:eb:ea:3b:ec:
         70:de:a8:ac:17:3f:08:dc:2c:92:1b:43:87:6f:ae:76:5d:4b:
         aa:f2:f9:13:41:c2:1f:39:48:bd:33:0c:26:1c:07:90:c3:7d:
         c9:16:a2:83:72:2b:e9:7c:e0:03:03:22:59:b2:65:d2:48:1b:
         a9:a9:40:a6:12:fb:55:70:45:04:90:9a:74:c7:33:00:6d:db:
         a3:c7:0e:bd:1c:61:8d:ae:51:2d:5a:4e:b6:25:46:1f:4a:60:
         a9:16:eb:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ11RXnaFFwqqhNAZt+1V6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YjkyNTFjNmYzZDhiYjY5YTdhMDNjZWFjZGQyYWU3YzJj
OGNlMzcwHhcNMjUwNDI3MDYwMDIxWhcNMjUwNDI4MDYwMDIxWjAzMTEwLwYDVQQD
Eyg2MDUyODYxOWQyYWJkNTQzZmQ1YTk4ODAwM2M2ZmIwODRhMjI4NWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfshqnwzON2dl3lk7XrCmvAcmxXX
Bb48tP94cZ31arz9YAW+sH9qYvSmt2COw6VRe8RiBkBu7yNoQiylh2M8leX38xo+
uuaVDP9uqnTH3dmd+8iqNN85YmEF3I/FY6CGZve6+UI20r+pisvm6eGy/Kmw6KGj
ixmOhp+XyDqfrT31ee/pX4A1FEfWPBf6Bia80zX2QCsTZxmhAk+WwnHA34f27m0k
+GxioMXeEagQZ2FZNubSzV8rJMEebAe+xwxn2xhcPtGPXQe0pu3iMCSkBS13aFIZ
+U97Os7OkomKBdh+4Dvp3Wwle3RuFe6HZcHYWmixsLMhDy6+p/id268P+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGBShhnSq9VD/VqYgAPG+whKIoXlMB8GA1UdIwQY
MBaAFBS5JRxvPYu2mnoDzqzdKufCyM43MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9iMzBkNjYtOGZiMC00ZTlkLTk4ZWMt
YzJkOGE1OWIwMGQzLzEvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9iMzBkNjYtOGZiMC00ZTlkLTk4ZWMtYzJkOGE1OWIwMGQz
LzEvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVQKF0K0i
GFVf0VHXXe4voKPxg97QAkVgcE0CNVW65lHhSwwQEaqDD9BoluiEQ/HCUnfRIM1j
+mAfTCFjbM3LAoBfgbkeHlVB4D3l7IXYWKbyYQp5giXMTf9yIivLIA4VI8j5MDOn
9eE4bjXgHIILwLiyXkJ9s1J33ptb5wLeq8miseho5wtTeF5tWNHG3qobs+q4cttU
9fcRrJISAUXr6jvscN6orBc/CNwskhtDh2+udl1LqvL5E0HCHzlIvTMMJhwHkMN9
yRaig3Ir6XzgAwMiWbJl0kgbqalAphL7VXBFBJCadMczAG3bo8cOvRxhja5RLVpO
tiVGH0pgqRbraA==
-----END CERTIFICATE-----