Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/a7573b-7fe4-4de8-8882-43bcdb740323/1/FyesE93M6XjmP3r186adq0mS1kU.mft
File:                     FyesE93M6XjmP3r186adq0mS1kU.mft (raw, json)
Hash identifier:          pqWcm7a940aPRuuI/ePrHfgKeUPUGypF7gDm6CSW13c=
Subject key identifier:   09:14:A8:02:64:4F:47:1A:E2:BC:FB:44:81:F3:AF:46:CF:CD:82:D0
Authority key identifier: 17:27:AC:13:DD:CC:E9:78:E6:3F:7A:F5:F3:A6:9D:AB:49:92:D6:45
Certificate issuer:       /CN=1727ac13ddcce978e63f7af5f3a69dab4992d645
Certificate serial:       01967CB2E55CD28DB219A9FCFE36B2909C9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FyesE93M6XjmP3r186adq0mS1kU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/a7573b-7fe4-4de8-8882-43bcdb740323/1/FyesE93M6XjmP3r186adq0mS1kU.mft
Manifest number:          0871
Signing time:             Mon 28 Apr 2025 14:00:20 +0000
Manifest this update:     Mon 28 Apr 2025 14:00:20 +0000
Manifest next update:     Tue 29 Apr 2025 14:00:20 +0000
Files and hashes:         1: FyesE93M6XjmP3r186adq0mS1kU.crl (hash: 2EdeBQCejLRtGzaWTbdf+8h7m5i3lDkXxRfclBL+CzM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/a7573b-7fe4-4de8-8882-43bcdb740323/1/FyesE93M6XjmP3r186adq0mS1kU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/a7573b-7fe4-4de8-8882-43bcdb740323/1/FyesE93M6XjmP3r186adq0mS1kU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FyesE93M6XjmP3r186adq0mS1kU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 14:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7c:b2:e5:5c:d2:8d:b2:19:a9:fc:fe:36:b2:90:9c:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1727ac13ddcce978e63f7af5f3a69dab4992d645
        Validity
            Not Before: Apr 28 14:00:20 2025 GMT
            Not After : Apr 29 14:00:20 2025 GMT
        Subject: CN=0914a802644f471ae2bcfb4481f3af46cfcd82d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:14:ca:a3:63:54:66:c8:01:52:df:56:7b:c2:
                    fb:3f:30:71:3d:6f:b6:10:98:52:37:51:ed:a7:83:
                    bf:80:cd:8f:14:f8:6a:e6:3b:f8:c9:06:07:ec:f2:
                    e7:2d:ac:c3:46:1c:ce:3a:c6:ca:04:b1:1d:ed:58:
                    60:aa:a8:34:48:9c:f8:9d:34:6c:07:39:f7:a7:a6:
                    9d:c5:fc:45:77:e0:43:4a:08:f6:c4:ab:82:4a:1b:
                    3f:0d:e4:d4:d9:67:e1:95:9a:10:1d:2d:ea:be:87:
                    00:1a:8b:c2:22:0b:65:14:27:2f:51:24:fd:3f:d3:
                    eb:e7:bc:48:61:34:51:17:df:ca:17:23:14:60:79:
                    9d:4f:68:58:07:7e:78:74:29:8f:ba:9f:ba:4b:c9:
                    8e:94:b2:69:62:a6:22:06:20:e5:a3:86:25:11:aa:
                    e4:5e:b0:e7:b6:60:cf:94:29:d1:d8:ab:a3:58:4a:
                    55:b3:03:2b:eb:64:9c:02:9c:54:0f:c1:eb:ab:ca:
                    e5:39:41:78:bb:42:01:6d:76:81:e0:2a:ca:a6:ad:
                    45:f8:d8:a6:63:ab:cd:ee:14:af:bf:e6:43:9b:0a:
                    c6:4e:91:3d:29:00:76:c0:7a:9b:aa:66:fe:a7:31:
                    e2:8b:12:b3:c4:a5:ed:60:c0:91:a6:0b:ff:09:80:
                    ee:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:14:A8:02:64:4F:47:1A:E2:BC:FB:44:81:F3:AF:46:CF:CD:82:D0
            X509v3 Authority Key Identifier:
                keyid:17:27:AC:13:DD:CC:E9:78:E6:3F:7A:F5:F3:A6:9D:AB:49:92:D6:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyesE93M6XjmP3r186adq0mS1kU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7573b-7fe4-4de8-8882-43bcdb740323/1/FyesE93M6XjmP3r186adq0mS1kU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7573b-7fe4-4de8-8882-43bcdb740323/1/FyesE93M6XjmP3r186adq0mS1kU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:7c:61:bf:ac:7e:08:9b:5e:79:c6:ae:0d:6a:be:9e:c9:97:
         8b:04:6b:f9:57:22:a8:0c:3f:af:75:d5:65:95:79:a4:8a:2a:
         7a:3c:9c:3d:7a:2a:a5:ec:90:2f:52:de:cf:6b:e5:f2:d5:1d:
         d7:60:e3:3e:ec:d4:d8:06:38:c6:8b:a5:5a:9e:d8:38:ec:cb:
         d8:f9:f1:e3:9e:5c:4f:9e:01:64:95:0a:1a:50:4c:f6:2c:95:
         cf:4d:8c:f7:6b:b0:93:50:6b:90:70:f1:34:42:d8:6f:dc:91:
         52:69:a9:15:ac:ad:b2:79:18:ee:e7:6f:c8:c3:37:f2:d8:88:
         9f:9e:39:48:a1:8a:e7:92:2a:4f:76:a5:0f:9d:44:67:83:39:
         09:34:3c:f8:7d:1a:0f:5c:45:aa:32:cb:bb:8c:04:cb:4c:d0:
         b0:35:bb:4c:13:5e:71:98:4b:33:f5:8f:10:2f:e9:d8:54:34:
         3c:f2:de:d1:7b:41:a7:1d:d6:a7:ca:ec:b5:80:1d:d1:85:48:
         b6:e5:10:aa:0c:1a:a8:b5:76:d4:b9:e7:16:5e:75:85:c1:90:
         60:ec:44:26:c2:c9:8d:e3:0b:e1:3a:d5:07:2f:cb:4b:61:5f:
         f8:77:8b:ab:a6:5e:e3:aa:a9:31:35:ab:0c:94:a1:b3:46:3c:
         9a:2f:10:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ8suVc0o2yGan8/jaykJyaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MjdhYzEzZGRjY2U5NzhlNjNmN2FmNWYzYTY5ZGFiNDk5
MmQ2NDUwHhcNMjUwNDI4MTQwMDIwWhcNMjUwNDI5MTQwMDIwWjAzMTEwLwYDVQQD
EygwOTE0YTgwMjY0NGY0NzFhZTJiY2ZiNDQ4MWYzYWY0NmNmY2Q4MmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBTKo2NUZsgBUt9We8L7PzBxPW+2
EJhSN1Htp4O/gM2PFPhq5jv4yQYH7PLnLazDRhzOOsbKBLEd7Vhgqqg0SJz4nTRs
Bzn3p6adxfxFd+BDSgj2xKuCShs/DeTU2WfhlZoQHS3qvocAGovCIgtlFCcvUST9
P9Pr57xIYTRRF9/KFyMUYHmdT2hYB354dCmPup+6S8mOlLJpYqYiBiDlo4YlEark
XrDntmDPlCnR2KujWEpVswMr62ScApxUD8Hrq8rlOUF4u0IBbXaB4CrKpq1F+Nim
Y6vN7hSvv+ZDmwrGTpE9KQB2wHqbqmb+pzHiixKzxKXtYMCRpgv/CYDuKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAkUqAJkT0ca4rz7RIHzr0bPzYLQMB8GA1UdIwQY
MBaAFBcnrBPdzOl45j969fOmnatJktZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnllc0U5M002WGptUDNyMTg2YWRxMG1TMWtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hNzU3M2ItN2ZlNC00ZGU4LTg4ODIt
NDNiY2RiNzQwMzIzLzEvRnllc0U5M002WGptUDNyMTg2YWRxMG1TMWtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hNzU3M2ItN2ZlNC00ZGU4LTg4ODItNDNiY2RiNzQwMzIz
LzEvRnllc0U5M002WGptUDNyMTg2YWRxMG1TMWtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg3xhv6x+
CJteecauDWq+nsmXiwRr+VciqAw/r3XVZZV5pIoqejycPXoqpeyQL1Lez2vl8tUd
12DjPuzU2AY4xoulWp7YOOzL2Pnx455cT54BZJUKGlBM9iyVz02M92uwk1BrkHDx
NELYb9yRUmmpFaytsnkY7udvyMM38tiIn545SKGK55IqT3alD51EZ4M5CTQ8+H0a
D1xFqjLLu4wEy0zQsDW7TBNecZhLM/WPEC/p2FQ0PPLe0XtBpx3Wp8rstYAd0YVI
tuUQqgwaqLV21LnnFl51hcGQYOxEJsLJjeML4TrVBy/LS2Ff+HeLq6Ze46qpMTWr
DJShs0Y8mi8QTQ==
-----END CERTIFICATE-----