Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft
File:                     K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft (raw, json)
Hash identifier:          RwyN0ZKlSb7X7eqBOi9jkyW8m3vUG6locny0gZha5ko=
Subject key identifier:   A0:96:D1:FA:28:2F:C0:C7:ED:50:60:D2:D8:31:CD:F8:85:68:13:CA
Authority key identifier: 2B:B2:D0:23:41:C1:19:49:A8:C8:71:53:F8:66:C0:F6:8F:1B:BD:73
Certificate issuer:       /CN=2bb2d02341c11949a8c87153f866c0f68f1bbd73
Certificate serial:       0196862438698162A0D50092B5935116D575
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K7LQI0HBGUmoyHFT-GbA9o8bvXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft
Manifest number:          06E4
Signing time:             Wed 30 Apr 2025 10:00:42 +0000
Manifest this update:     Wed 30 Apr 2025 10:00:42 +0000
Manifest next update:     Thu 01 May 2025 10:00:42 +0000
Files and hashes:         1: K7LQI0HBGUmoyHFT-GbA9o8bvXM.crl (hash: J2QEv3huZ01LJIp96k61c1/4hEQL/nEjDKK4eZ65oSE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K7LQI0HBGUmoyHFT-GbA9o8bvXM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 09:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:86:24:38:69:81:62:a0:d5:00:92:b5:93:51:16:d5:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2bb2d02341c11949a8c87153f866c0f68f1bbd73
        Validity
            Not Before: Apr 30 10:00:42 2025 GMT
            Not After : May  1 10:00:42 2025 GMT
        Subject: CN=a096d1fa282fc0c7ed5060d2d831cdf8856813ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:7c:a6:da:71:ff:cf:fc:23:69:b7:03:84:f3:
                    42:a4:05:c6:d5:05:e8:d8:31:d0:ce:a5:57:27:7a:
                    65:08:3d:06:df:ee:10:20:17:ba:91:1c:a1:35:d5:
                    76:03:ac:25:84:fa:da:95:80:bc:f9:46:d4:68:41:
                    78:e1:00:e6:41:92:e0:f9:c5:b9:99:20:89:e8:f5:
                    80:85:cb:cc:58:ca:01:9b:e5:f8:5d:a9:d6:f0:b7:
                    47:7d:05:28:f5:a6:f4:79:8b:e9:8e:ab:1d:0b:86:
                    d2:16:d0:b7:6d:d7:4b:90:6c:43:1b:ba:fc:d8:b5:
                    be:3e:89:50:6a:c6:e2:d4:a3:f8:47:66:b1:fa:15:
                    84:e5:37:e8:eb:66:9d:90:ea:17:89:98:55:d7:64:
                    48:e5:ab:4a:9f:ea:b5:94:87:32:c7:27:7b:20:6b:
                    93:90:9a:84:5c:2e:78:0f:fc:42:20:11:04:4e:91:
                    c9:cf:25:ad:8c:14:c7:f7:a1:9e:c0:72:49:35:84:
                    78:0d:13:ce:a1:a4:a1:be:f1:9d:15:df:12:ed:5d:
                    3a:a0:ee:35:08:e8:ad:f6:38:6f:c4:7a:7c:43:9b:
                    92:36:d4:a8:38:df:4d:7f:a8:21:4b:4d:5d:ef:30:
                    76:94:98:0b:8b:aa:0a:1f:b2:c6:20:4d:44:92:54:
                    e6:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:96:D1:FA:28:2F:C0:C7:ED:50:60:D2:D8:31:CD:F8:85:68:13:CA
            X509v3 Authority Key Identifier:
                keyid:2B:B2:D0:23:41:C1:19:49:A8:C8:71:53:F8:66:C0:F6:8F:1B:BD:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K7LQI0HBGUmoyHFT-GbA9o8bvXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:86:53:c4:0e:d3:d4:e3:b6:5b:c8:3a:1b:6f:8d:e2:43:74:
         66:2b:fc:de:d6:d9:d6:9c:ac:30:11:41:62:74:d8:ee:c3:35:
         3b:62:58:68:84:41:b3:6b:1d:54:4d:ac:16:29:1c:6c:85:15:
         73:ee:d3:51:7c:95:1f:14:32:2c:07:19:b7:1a:8d:92:e2:2c:
         55:46:49:a5:d1:3a:ec:09:5e:53:47:52:56:3e:59:fc:ad:c2:
         ac:30:3c:d5:5d:8e:72:3e:fe:56:07:a5:62:89:eb:60:76:cd:
         c3:ae:2d:9b:4b:c0:a8:37:e2:18:c9:5e:af:db:12:14:55:5e:
         29:7d:11:9f:b5:26:fd:e1:19:ca:d5:63:d7:4d:99:d7:81:48:
         69:a7:64:00:5a:b5:4e:e5:b7:df:e8:2a:30:d4:b4:20:63:fe:
         db:fc:84:02:3f:63:62:e9:9d:3d:7c:bb:20:c7:51:c8:30:81:
         fc:87:45:09:de:f1:3b:a4:36:02:15:32:ef:ed:71:6e:f4:da:
         f1:98:9d:59:1c:fb:98:ed:94:d4:b3:6f:2f:68:79:dd:9c:b3:
         0a:4b:9d:fc:e8:43:7d:78:ad:a1:f7:46:9a:cf:92:ad:0e:0f:
         58:28:1d:cf:ed:5b:9d:04:59:f9:1d:6f:6e:26:af:1a:6b:d9:
         dc:0c:89:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaGJDhpgWKg1QCStZNRFtV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYjJkMDIzNDFjMTE5NDlhOGM4NzE1M2Y4NjZjMGY2OGYx
YmJkNzMwHhcNMjUwNDMwMTAwMDQyWhcNMjUwNTAxMTAwMDQyWjAzMTEwLwYDVQQD
EyhhMDk2ZDFmYTI4MmZjMGM3ZWQ1MDYwZDJkODMxY2RmODg1NjgxM2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnym2nH/z/wjabcDhPNCpAXG1QXo
2DHQzqVXJ3plCD0G3+4QIBe6kRyhNdV2A6wlhPralYC8+UbUaEF44QDmQZLg+cW5
mSCJ6PWAhcvMWMoBm+X4XanW8LdHfQUo9ab0eYvpjqsdC4bSFtC3bddLkGxDG7r8
2LW+PolQasbi1KP4R2ax+hWE5Tfo62adkOoXiZhV12RI5atKn+q1lIcyxyd7IGuT
kJqEXC54D/xCIBEETpHJzyWtjBTH96GewHJJNYR4DRPOoaShvvGdFd8S7V06oO41
COit9jhvxHp8Q5uSNtSoON9Nf6ghS01d7zB2lJgLi6oKH7LGIE1EklTmjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKCW0fooL8DH7VBg0tgxzfiFaBPKMB8GA1UdIwQY
MBaAFCuy0CNBwRlJqMhxU/hmwPaPG71zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzdMUUkwSEJHVW1veUhGVC1HYkE5bzhidlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kN2E3OTQtNWUzOC00ZTg0LTgxNTYt
NDYwNjU2ZmUzYWI1LzEvSzdMUUkwSEJHVW1veUhGVC1HYkE5bzhidlhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kN2E3OTQtNWUzOC00ZTg0LTgxNTYtNDYwNjU2ZmUzYWI1
LzEvSzdMUUkwSEJHVW1veUhGVC1HYkE5bzhidlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfYZTxA7T
1OO2W8g6G2+N4kN0Ziv83tbZ1pysMBFBYnTY7sM1O2JYaIRBs2sdVE2sFikcbIUV
c+7TUXyVHxQyLAcZtxqNkuIsVUZJpdE67AleU0dSVj5Z/K3CrDA81V2Ocj7+Vgel
YonrYHbNw64tm0vAqDfiGMler9sSFFVeKX0Rn7Um/eEZytVj102Z14FIaadkAFq1
TuW33+gqMNS0IGP+2/yEAj9jYumdPXy7IMdRyDCB/IdFCd7xO6Q2AhUy7+1xbvTa
8ZidWRz7mO2U1LNvL2h53ZyzCkud/OhDfXitofdGms+SrQ4PWCgdz+1bnQRZ+R1v
biavGmvZ3AyJ8A==
-----END CERTIFICATE-----