Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/6da562-a836-48cc-aa57-8c4bb4485f34/1/9jOGnDZCtefqAii_DgspXO_MTd8.mft
File:                     9jOGnDZCtefqAii_DgspXO_MTd8.mft (raw, json)
Hash identifier:          Gk25x6UGvuwJgSuiqb6+mdhL3t0cOLOxUvgjTC22mtk=
Subject key identifier:   71:5B:9D:FA:57:36:77:5F:33:1F:B4:8C:D6:31:40:CF:81:D1:EE:4C
Authority key identifier: F6:33:86:9C:36:42:B5:E7:EA:02:28:BF:0E:0B:29:5C:EF:CC:4D:DF
Certificate issuer:       /CN=f633869c3642b5e7ea0228bf0e0b295cefcc4ddf
Certificate serial:       019676B0B44743DDBC892CF7476821DAE762
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9jOGnDZCtefqAii_DgspXO_MTd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/6da562-a836-48cc-aa57-8c4bb4485f34/1/9jOGnDZCtefqAii_DgspXO_MTd8.mft
Manifest number:          0F85
Signing time:             Sun 27 Apr 2025 10:00:13 +0000
Manifest this update:     Sun 27 Apr 2025 10:00:13 +0000
Manifest next update:     Mon 28 Apr 2025 10:00:13 +0000
Files and hashes:         1: 9jOGnDZCtefqAii_DgspXO_MTd8.crl (hash: f0qOZQV9sHnlavEP7rXPExyPsV8wcsIW17AynrSGd4Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/6da562-a836-48cc-aa57-8c4bb4485f34/1/9jOGnDZCtefqAii_DgspXO_MTd8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/6da562-a836-48cc-aa57-8c4bb4485f34/1/9jOGnDZCtefqAii_DgspXO_MTd8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9jOGnDZCtefqAii_DgspXO_MTd8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:29:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:b0:b4:47:43:dd:bc:89:2c:f7:47:68:21:da:e7:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f633869c3642b5e7ea0228bf0e0b295cefcc4ddf
        Validity
            Not Before: Apr 27 10:00:13 2025 GMT
            Not After : Apr 28 10:00:13 2025 GMT
        Subject: CN=715b9dfa5736775f331fb48cd63140cf81d1ee4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:75:ca:9c:e5:af:8e:ee:92:ad:12:58:d9:cb:
                    cf:66:fe:07:3b:e7:81:49:1f:8b:3e:8e:73:88:10:
                    55:b3:cd:18:2b:ed:9f:78:49:ed:df:a4:7e:71:2e:
                    43:2a:2f:6e:ff:c7:a3:77:4b:9b:34:f3:19:f5:85:
                    bf:8a:0d:16:28:aa:e9:93:07:c7:26:a9:7b:17:eb:
                    26:55:44:70:db:e4:18:86:b9:88:fc:04:60:96:c8:
                    1a:8a:c5:fd:c3:d9:ae:e0:54:96:5f:f7:4d:c8:4a:
                    44:de:28:12:d8:56:82:fb:ac:36:19:f1:f4:c9:81:
                    85:4f:28:80:d4:97:12:5b:bb:20:5b:59:f9:50:16:
                    5c:61:9e:ca:06:1d:89:ee:70:a5:5b:44:90:df:13:
                    02:29:99:87:e0:3f:38:ea:e0:29:bc:f6:b8:f3:ec:
                    6e:c5:28:55:19:2c:9f:97:5b:03:3b:f1:5f:19:a2:
                    a9:73:c5:d4:9d:24:f3:ff:05:bc:a2:38:c6:6b:4a:
                    2b:81:cb:14:5d:c3:46:91:53:5a:31:e5:7f:1a:5f:
                    f0:5a:20:c9:23:0f:b9:f7:9c:54:a3:58:ba:e1:3a:
                    62:dc:26:4a:c3:9c:cc:7a:b0:bd:f1:41:79:19:cb:
                    b2:be:98:76:64:73:75:d5:68:f2:f7:0f:cb:66:de:
                    62:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:5B:9D:FA:57:36:77:5F:33:1F:B4:8C:D6:31:40:CF:81:D1:EE:4C
            X509v3 Authority Key Identifier:
                keyid:F6:33:86:9C:36:42:B5:E7:EA:02:28:BF:0E:0B:29:5C:EF:CC:4D:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9jOGnDZCtefqAii_DgspXO_MTd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/6da562-a836-48cc-aa57-8c4bb4485f34/1/9jOGnDZCtefqAii_DgspXO_MTd8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/6da562-a836-48cc-aa57-8c4bb4485f34/1/9jOGnDZCtefqAii_DgspXO_MTd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:ef:d0:da:e4:41:0d:0b:55:5f:1c:93:3d:aa:ca:8d:75:eb:
         43:e4:77:77:1b:bd:44:78:2b:6b:d2:5a:1f:f6:94:a7:5f:4c:
         e2:ec:91:42:2d:77:53:b0:f6:57:77:1e:5c:c8:ed:58:e4:ee:
         5f:99:8e:4d:a6:14:fb:49:24:74:7c:b5:d4:ba:30:47:ff:23:
         ea:83:e4:af:95:b1:93:4c:78:60:14:6e:d7:99:6b:b6:9d:ec:
         e9:cf:34:20:be:3b:18:cb:44:48:7b:d5:75:ca:c3:65:c4:87:
         99:c0:81:fc:42:af:65:73:95:45:ee:18:64:71:ba:ec:8f:86:
         8f:58:50:e1:57:b8:07:f4:7d:69:e1:e7:25:33:7b:1f:d5:d1:
         d5:82:71:44:44:ec:b9:e2:dc:bb:26:ac:30:ce:c4:8e:66:bf:
         e0:18:30:e9:5a:f9:c3:26:e7:61:af:c7:81:64:28:3e:43:f0:
         5b:71:54:c1:36:2e:f4:b7:eb:80:ec:0f:10:85:6f:8e:7e:e0:
         16:1d:e3:f8:91:de:e5:cc:9e:12:7a:d8:d0:70:44:6e:d9:f8:
         aa:59:81:9a:0d:51:1b:07:c6:4a:44:ed:ed:83:6a:0f:d3:a2:
         23:11:ba:49:cd:46:17:ba:f4:d4:04:47:15:71:07:05:6f:6e:
         cd:be:b6:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2sLRHQ928iSz3R2gh2udiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MzM4NjljMzY0MmI1ZTdlYTAyMjhiZjBlMGIyOTVjZWZj
YzRkZGYwHhcNMjUwNDI3MTAwMDEzWhcNMjUwNDI4MTAwMDEzWjAzMTEwLwYDVQQD
Eyg3MTViOWRmYTU3MzY3NzVmMzMxZmI0OGNkNjMxNDBjZjgxZDFlZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHXKnOWvju6SrRJY2cvPZv4HO+eB
SR+LPo5ziBBVs80YK+2feEnt36R+cS5DKi9u/8ejd0ubNPMZ9YW/ig0WKKrpkwfH
Jql7F+smVURw2+QYhrmI/ARglsgaisX9w9mu4FSWX/dNyEpE3igS2FaC+6w2GfH0
yYGFTyiA1JcSW7sgW1n5UBZcYZ7KBh2J7nClW0SQ3xMCKZmH4D846uApvPa48+xu
xShVGSyfl1sDO/FfGaKpc8XUnSTz/wW8ojjGa0orgcsUXcNGkVNaMeV/Gl/wWiDJ
Iw+595xUo1i64Tpi3CZKw5zMerC98UF5Gcuyvph2ZHN11Wjy9w/LZt5iJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHFbnfpXNndfMx+0jNYxQM+B0e5MMB8GA1UdIwQY
MBaAFPYzhpw2QrXn6gIovw4LKVzvzE3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWpPR25EWkN0ZWZxQWlpX0Rnc3BYT19NVGQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82ZGE1NjItYTgzNi00OGNjLWFhNTct
OGM0YmI0NDg1ZjM0LzEvOWpPR25EWkN0ZWZxQWlpX0Rnc3BYT19NVGQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82ZGE1NjItYTgzNi00OGNjLWFhNTctOGM0YmI0NDg1ZjM0
LzEvOWpPR25EWkN0ZWZxQWlpX0Rnc3BYT19NVGQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ+/Q2uRB
DQtVXxyTParKjXXrQ+R3dxu9RHgra9JaH/aUp19M4uyRQi13U7D2V3ceXMjtWOTu
X5mOTaYU+0kkdHy11LowR/8j6oPkr5Wxk0x4YBRu15lrtp3s6c80IL47GMtESHvV
dcrDZcSHmcCB/EKvZXOVRe4YZHG67I+Gj1hQ4Ve4B/R9aeHnJTN7H9XR1YJxRETs
ueLcuyasMM7Ejma/4Bgw6Vr5wybnYa/HgWQoPkPwW3FUwTYu9LfrgOwPEIVvjn7g
Fh3j+JHe5cyeEnrY0HBEbtn4qlmBmg1RGwfGSkTt7YNqD9OiIxG6Sc1GF7r01ARH
FXEHBW9uzb62sw==
-----END CERTIFICATE-----