Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.mft
File:                     9j_pwTQEHOvaVoufkI4q7zirf3U.mft (raw, json)
Hash identifier:          mcLrcjPZOfIX0IKA1YyOv7g6leuL6Cu+VmYR6fWQZ2E=
Subject key identifier:   FA:7D:F1:0B:69:86:C5:5B:45:C4:F1:C4:B9:ED:A5:A3:7A:03:4D:AE
Authority key identifier: F6:3F:E9:C1:34:04:1C:EB:DA:56:8B:9F:90:8E:2A:EF:38:AB:7F:75
Certificate issuer:       /CN=f63fe9c134041cebda568b9f908e2aef38ab7f75
Certificate serial:       01967BD8048C5F8C2A483FE80EAFFE663CBC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9j_pwTQEHOvaVoufkI4q7zirf3U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.mft
Manifest number:          0B66
Signing time:             Mon 28 Apr 2025 10:01:16 +0000
Manifest this update:     Mon 28 Apr 2025 10:01:16 +0000
Manifest next update:     Tue 29 Apr 2025 10:01:16 +0000
Files and hashes:         1: 9j_pwTQEHOvaVoufkI4q7zirf3U.crl (hash: 01Cpou8Vq8tPv9Ki390vb7w6OjwFkKI6CDZlLWHuxcA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9j_pwTQEHOvaVoufkI4q7zirf3U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7b:d8:04:8c:5f:8c:2a:48:3f:e8:0e:af:fe:66:3c:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f63fe9c134041cebda568b9f908e2aef38ab7f75
        Validity
            Not Before: Apr 28 10:01:16 2025 GMT
            Not After : Apr 29 10:01:16 2025 GMT
        Subject: CN=fa7df10b6986c55b45c4f1c4b9eda5a37a034dae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:63:ad:29:02:2a:7c:92:00:7d:ec:23:0c:ab:
                    c0:9a:76:18:51:19:a6:12:fa:71:9a:74:1c:b4:87:
                    b9:b0:37:dd:a0:ff:94:82:c2:ec:00:52:6f:68:10:
                    59:db:aa:b4:78:23:ca:ae:21:1f:a7:6d:b4:41:79:
                    0d:f5:f3:f2:ed:0c:94:cd:fc:99:5e:97:07:ed:a4:
                    85:ff:87:04:82:c0:ef:03:11:d7:1b:8c:c4:7f:dd:
                    ef:ed:6b:66:04:08:9a:ac:cd:ea:41:37:4c:69:86:
                    f0:8f:b5:4c:cd:e6:cd:51:06:db:5b:80:c5:35:dd:
                    66:20:aa:67:64:9c:c1:c0:b7:82:b2:ea:af:14:86:
                    02:b5:6f:e8:58:28:7a:86:16:7c:c1:4c:71:a7:1f:
                    74:7e:c3:a4:55:23:3c:94:1d:fc:e3:87:13:13:c1:
                    dd:34:77:9a:d2:0b:41:1f:0d:38:b9:e1:59:c6:63:
                    94:bc:0d:ff:2c:94:83:48:ec:d0:93:47:5d:5b:e6:
                    fd:36:1d:dc:41:ea:3a:dd:d5:eb:79:89:ec:0e:f4:
                    e4:0d:3b:b0:f4:df:c2:24:b1:af:78:5f:1e:d2:83:
                    ca:62:15:d1:67:f5:57:84:07:35:60:6a:bb:f8:44:
                    2b:09:92:0a:f4:69:63:07:31:e0:b4:51:df:7a:41:
                    8b:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:7D:F1:0B:69:86:C5:5B:45:C4:F1:C4:B9:ED:A5:A3:7A:03:4D:AE
            X509v3 Authority Key Identifier:
                keyid:F6:3F:E9:C1:34:04:1C:EB:DA:56:8B:9F:90:8E:2A:EF:38:AB:7F:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9j_pwTQEHOvaVoufkI4q7zirf3U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:1e:2d:50:5e:b6:5a:e3:a1:56:eb:e7:48:14:60:9b:73:55:
         5c:17:ea:c0:30:96:b7:8c:9b:99:40:74:38:01:f3:f7:d3:a9:
         8a:96:9e:53:70:c7:0b:f2:74:a4:4f:9a:f4:a2:c8:cf:57:b0:
         55:dc:c7:56:76:60:de:9e:31:3b:f2:ce:1b:fc:c9:2e:f3:c5:
         c5:90:2e:52:15:e6:5e:65:0d:d6:8e:ae:04:fd:bd:25:19:53:
         aa:e3:3b:c3:8d:4e:f7:fb:2c:cb:9a:ca:1d:57:3d:63:6d:e7:
         0a:2e:0c:a8:c8:de:8c:77:79:ac:25:d6:b7:1f:53:60:04:31:
         7d:09:ac:35:2d:b7:36:9d:d4:48:fb:6a:5f:7f:5d:83:b1:a3:
         f0:00:49:4f:f6:6a:ef:ee:70:fe:44:1c:d0:bb:ea:50:1c:f9:
         ff:33:2c:4c:3d:e6:88:74:35:3f:2d:75:27:cb:25:9f:65:75:
         c3:da:b0:1b:fe:10:7e:4d:e7:a6:fe:75:dc:d0:85:0a:42:08:
         1d:0d:75:68:b9:53:74:d1:a2:55:36:cf:1a:db:19:12:9d:18:
         ca:75:41:03:c3:42:87:0a:e5:96:34:b7:18:a8:0e:f6:dc:2e:
         17:82:3c:40:13:11:12:cb:64:9d:87:e5:66:dd:60:63:5d:69:
         bf:99:c2:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ72ASMX4wqSD/oDq/+Zjy8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2M2ZlOWMxMzQwNDFjZWJkYTU2OGI5ZjkwOGUyYWVmMzhh
YjdmNzUwHhcNMjUwNDI4MTAwMTE2WhcNMjUwNDI5MTAwMTE2WjAzMTEwLwYDVQQD
EyhmYTdkZjEwYjY5ODZjNTViNDVjNGYxYzRiOWVkYTVhMzdhMDM0ZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWOtKQIqfJIAfewjDKvAmnYYURmm
EvpxmnQctIe5sDfdoP+UgsLsAFJvaBBZ26q0eCPKriEfp220QXkN9fPy7QyUzfyZ
XpcH7aSF/4cEgsDvAxHXG4zEf93v7WtmBAiarM3qQTdMaYbwj7VMzebNUQbbW4DF
Nd1mIKpnZJzBwLeCsuqvFIYCtW/oWCh6hhZ8wUxxpx90fsOkVSM8lB3844cTE8Hd
NHea0gtBHw04ueFZxmOUvA3/LJSDSOzQk0ddW+b9Nh3cQeo63dXreYnsDvTkDTuw
9N/CJLGveF8e0oPKYhXRZ/VXhAc1YGq7+EQrCZIK9GljBzHgtFHfekGLPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPp98QtphsVbRcTxxLntpaN6A02uMB8GA1UdIwQY
MBaAFPY/6cE0BBzr2laLn5COKu84q391MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWpfcHdUUUVIT3ZhVm91ZmtJNHE3emlyZjNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMzlkM2EtMjc4NC00MjU1LTkwNjYt
NWFlYzc2NmE0OWI0LzEvOWpfcHdUUUVIT3ZhVm91ZmtJNHE3emlyZjNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMzlkM2EtMjc4NC00MjU1LTkwNjYtNWFlYzc2NmE0OWI0
LzEvOWpfcHdUUUVIT3ZhVm91ZmtJNHE3emlyZjNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJB4tUF62
WuOhVuvnSBRgm3NVXBfqwDCWt4ybmUB0OAHz99OpipaeU3DHC/J0pE+a9KLIz1ew
VdzHVnZg3p4xO/LOG/zJLvPFxZAuUhXmXmUN1o6uBP29JRlTquM7w41O9/ssy5rK
HVc9Y23nCi4MqMjejHd5rCXWtx9TYAQxfQmsNS23Np3USPtqX39dg7Gj8ABJT/Zq
7+5w/kQc0LvqUBz5/zMsTD3miHQ1Py11J8sln2V1w9qwG/4Qfk3npv513NCFCkII
HQ11aLlTdNGiVTbPGtsZEp0YynVBA8NChwrlljS3GKgO9twuF4I8QBMREstknYfl
Zt1gY11pv5nCkg==
-----END CERTIFICATE-----