Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
File:                     FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft (raw, json)
Hash identifier:          CtG+32/wF1AE7NgwrJ7035TRrNjSiJQ5VS83dvoX0i0=
Subject key identifier:   47:FF:D2:B3:02:EA:5A:88:72:46:5A:1D:5C:7E:AF:C1:12:C9:C1:92
Authority key identifier: 16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08
Certificate issuer:       /CN=16536fc756a5864aaa2c1e77bb764248dabe2608
Certificate serial:       0196767A663D61697CEF8A83133FF987D5FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
Manifest number:          0561
Signing time:             Sun 27 Apr 2025 09:00:54 +0000
Manifest this update:     Sun 27 Apr 2025 09:00:54 +0000
Manifest next update:     Mon 28 Apr 2025 09:00:54 +0000
Files and hashes:         1: FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl (hash: QJTEIpisT0qTg8/UEQ83GiJFwzXtFRXfBo074GVcNR0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:29:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:7a:66:3d:61:69:7c:ef:8a:83:13:3f:f9:87:d5:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16536fc756a5864aaa2c1e77bb764248dabe2608
        Validity
            Not Before: Apr 27 09:00:54 2025 GMT
            Not After : Apr 28 09:00:54 2025 GMT
        Subject: CN=47ffd2b302ea5a8872465a1d5c7eafc112c9c192
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:4e:e0:17:9d:50:03:39:ca:74:df:6c:d3:1d:
                    01:f9:dc:d9:11:94:b5:4a:85:8b:b7:3d:22:eb:23:
                    d4:02:80:d9:21:88:45:51:a9:42:41:10:46:29:e4:
                    19:e9:a3:eb:c3:5a:85:a9:82:e5:f1:d9:a8:e8:d2:
                    cb:01:2b:f2:0e:98:ad:39:70:33:37:80:d7:0e:48:
                    80:ba:ce:22:ff:0e:b2:72:5d:71:6f:1a:c2:c2:45:
                    9a:be:75:1a:a2:37:c7:81:44:9f:25:0a:d3:2a:34:
                    3e:22:a2:83:f4:8b:35:f6:ba:21:6d:08:81:f2:6e:
                    eb:9f:31:bb:af:ab:5e:d3:e0:91:51:b9:db:60:cc:
                    51:4e:32:4c:b0:b6:85:db:8d:8a:6e:ac:5d:25:d0:
                    6e:15:80:ed:85:58:e5:61:b6:10:0a:a6:8f:d0:be:
                    6c:17:88:dc:97:e5:47:a7:3c:98:db:bf:b9:a2:73:
                    fa:b3:99:07:e5:9b:9f:c0:3d:38:0b:61:c3:90:c0:
                    ab:cd:8f:f0:43:fb:59:04:11:69:21:f8:8b:52:99:
                    e8:04:e9:05:7f:5f:36:5f:dc:0e:25:25:3e:40:d1:
                    2f:11:a5:1a:d8:9c:3d:e1:57:8e:c7:7d:df:46:fd:
                    37:f7:55:a3:5a:c9:7e:bc:8f:ab:90:6d:b6:b2:a1:
                    1f:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:FF:D2:B3:02:EA:5A:88:72:46:5A:1D:5C:7E:AF:C1:12:C9:C1:92
            X509v3 Authority Key Identifier:
                keyid:16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:b0:02:82:d1:57:36:78:08:65:0f:eb:ef:e1:b8:83:30:c4:
         fa:da:c2:7a:f2:a9:dd:89:af:aa:56:93:1a:5f:56:eb:f8:e2:
         d5:f7:af:5c:eb:d8:90:f7:ad:ba:32:f5:cd:88:dd:de:1b:07:
         2a:19:7e:12:eb:0c:fe:54:79:5e:dc:6b:25:13:74:6f:95:40:
         f1:a0:b1:2a:19:ea:a7:1f:73:ce:33:46:cb:ba:6a:75:aa:c4:
         7d:bc:9b:ec:d7:8f:4e:b0:c7:a7:44:98:63:06:3a:a3:1f:34:
         0e:9a:40:08:3e:26:15:e2:3a:e0:8a:bd:3d:04:cf:b7:74:ac:
         98:34:78:f4:bb:29:a1:ab:a7:ba:a1:12:6c:fb:ad:08:21:8b:
         df:a0:60:74:76:67:86:a8:19:70:8e:2e:27:1c:39:fa:d8:c5:
         82:b3:fe:85:83:5d:ed:1b:00:57:da:5d:f1:33:b5:79:d0:3d:
         ed:f6:4e:a6:5e:63:e1:ea:14:eb:77:7a:05:fe:c7:72:bb:ff:
         58:9c:de:05:8b:1f:56:40:89:f9:ea:a5:d2:17:53:33:b5:00:
         b5:a5:db:8d:87:35:62:26:e4:0a:dc:2a:49:e6:e1:84:d1:08:
         02:de:d3:cc:04:8f:bc:99:d9:3f:ac:9a:bb:61:5c:fe:c1:df:
         52:2a:00:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2emY9YWl874qDEz/5h9X+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NTM2ZmM3NTZhNTg2NGFhYTJjMWU3N2JiNzY0MjQ4ZGFi
ZTI2MDgwHhcNMjUwNDI3MDkwMDU0WhcNMjUwNDI4MDkwMDU0WjAzMTEwLwYDVQQD
Eyg0N2ZmZDJiMzAyZWE1YTg4NzI0NjVhMWQ1YzdlYWZjMTEyYzljMTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn07gF51QAznKdN9s0x0B+dzZEZS1
SoWLtz0i6yPUAoDZIYhFUalCQRBGKeQZ6aPrw1qFqYLl8dmo6NLLASvyDpitOXAz
N4DXDkiAus4i/w6ycl1xbxrCwkWavnUaojfHgUSfJQrTKjQ+IqKD9Is19rohbQiB
8m7rnzG7r6te0+CRUbnbYMxRTjJMsLaF242KbqxdJdBuFYDthVjlYbYQCqaP0L5s
F4jcl+VHpzyY27+5onP6s5kH5ZufwD04C2HDkMCrzY/wQ/tZBBFpIfiLUpnoBOkF
f182X9wOJSU+QNEvEaUa2Jw94VeOx33fRv0391WjWsl+vI+rkG22sqEfWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEf/0rMC6lqIckZaHVx+r8ESycGSMB8GA1UdIwQY
MBaAFBZTb8dWpYZKqiwed7t2QkjaviYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQt
N2YzZWI3NTQ2MTAyLzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQtN2YzZWI3NTQ2MTAy
LzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfbACgtFX
NngIZQ/r7+G4gzDE+trCevKp3YmvqlaTGl9W6/ji1fevXOvYkPetujL1zYjd3hsH
Khl+EusM/lR5XtxrJRN0b5VA8aCxKhnqpx9zzjNGy7pqdarEfbyb7NePTrDHp0SY
YwY6ox80DppACD4mFeI64Iq9PQTPt3SsmDR49LspoaunuqESbPutCCGL36BgdHZn
hqgZcI4uJxw5+tjFgrP+hYNd7RsAV9pd8TO1edA97fZOpl5j4eoU63d6Bf7Hcrv/
WJzeBYsfVkCJ+eql0hdTM7UAtaXbjYc1YibkCtwqSebhhNEIAt7TzASPvJnZP6ya
u2Fc/sHfUioAGQ==
-----END CERTIFICATE-----