Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
File:                     r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft (raw, json)
Hash identifier:          itajR8+UZGjZM7fIAuc3ON6fU+NdGl1TeW6VEbBUEOg=
Subject key identifier:   90:81:C2:D3:E8:91:26:CB:3B:FC:74:71:E1:9C:AD:CD:4E:A2:96:E3
Authority key identifier: AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30
Certificate issuer:       /CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
Certificate serial:       019677FB94CEF46F2E897D711B7CA9E0C91A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
Manifest number:          0DA5
Signing time:             Sun 27 Apr 2025 16:01:38 +0000
Manifest this update:     Sun 27 Apr 2025 16:01:38 +0000
Manifest next update:     Mon 28 Apr 2025 16:01:38 +0000
Files and hashes:         1: r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl (hash: Z+iget3c7af9ArYx4Mvl1ZhiuP3lxtyVssVAXgyqtjQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fb:94:ce:f4:6f:2e:89:7d:71:1b:7c:a9:e0:c9:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
        Validity
            Not Before: Apr 27 16:01:38 2025 GMT
            Not After : Apr 28 16:01:38 2025 GMT
        Subject: CN=9081c2d3e89126cb3bfc7471e19cadcd4ea296e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:16:fd:ab:43:b2:0e:d4:18:a9:09:ff:a5:a6:
                    2a:c5:c9:8a:9f:ce:7b:12:29:6e:e2:a4:9b:b9:41:
                    c5:c0:f9:08:a3:ac:0e:bb:09:f9:b3:d7:26:61:52:
                    b2:69:bd:48:64:ef:e7:b5:97:0a:83:e1:e1:e3:a9:
                    c0:b8:c8:0e:04:d9:99:ee:3d:b2:52:8d:dc:31:47:
                    38:d6:83:25:30:13:02:69:b0:b3:43:c1:1e:e6:03:
                    02:d6:46:e6:ab:36:fe:c5:6a:e9:f1:cf:ae:fa:c8:
                    6e:59:e2:42:7e:2e:05:8e:54:99:54:21:e5:f5:b9:
                    9b:46:59:28:ec:26:bf:e2:42:28:88:c3:c4:04:de:
                    12:da:39:2f:49:9d:84:04:32:14:dd:aa:b3:73:3e:
                    98:cd:cb:ff:7d:d1:4f:fc:4a:0e:7b:06:30:a1:35:
                    57:eb:ef:fc:83:b6:b8:ec:39:8f:f9:d5:c2:08:99:
                    df:0d:3c:c1:e9:9e:f8:26:4d:c6:e7:60:16:67:bb:
                    de:5f:12:df:7b:9b:5b:04:8e:e1:b4:2b:80:3c:24:
                    94:54:d0:dd:5f:b2:ef:95:59:57:52:14:ba:ca:ba:
                    16:d2:20:df:f3:bb:e8:f6:9d:bc:37:c1:15:1e:5a:
                    24:18:8c:81:74:7b:db:8f:d2:4b:74:54:d2:2a:00:
                    08:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:81:C2:D3:E8:91:26:CB:3B:FC:74:71:E1:9C:AD:CD:4E:A2:96:E3
            X509v3 Authority Key Identifier:
                keyid:AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:5c:af:11:92:9a:51:a0:a7:b0:3a:86:1d:39:dd:40:c0:a6:
         41:9a:5a:df:dd:aa:4b:97:77:59:d3:0e:fc:52:93:20:33:20:
         a4:9a:d9:74:27:8d:3a:fd:86:0d:67:2d:e4:b6:d3:6f:e4:4b:
         e0:0c:b3:47:04:07:48:0c:b5:fb:3e:0c:58:f6:77:b0:ff:d0:
         8f:71:e9:2b:90:49:88:87:73:b8:8f:fb:0b:c8:b6:86:f1:a5:
         87:63:4b:00:ef:40:77:18:12:cd:70:cb:87:79:d1:a1:37:e9:
         0a:5b:57:21:21:9b:d9:2b:ab:c7:9c:06:9f:60:b2:20:47:2c:
         9e:80:b1:fb:20:5d:43:df:51:0a:01:e3:3f:63:b7:23:32:ff:
         30:73:1c:54:8b:23:52:35:a0:f2:a4:b1:30:81:7b:a4:6e:25:
         b0:58:cd:e5:95:c0:b2:7b:b7:8f:76:77:af:02:13:29:f1:ff:
         8d:49:8c:6e:5a:ce:4f:46:5b:d4:ea:23:96:b4:cb:30:9d:04:
         fa:6f:77:05:82:18:cc:ed:e5:be:37:44:b3:1a:03:d1:be:35:
         a4:a0:00:0c:14:dd:ce:8a:40:37:1d:03:46:dc:e9:e3:b3:52:
         4c:d9:4d:4b:55:df:0a:35:2b:70:6e:0a:cf:33:97:96:71:fc:
         5f:35:69:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+5TO9G8uiX1xG3yp4MkaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODJhMDk3YTI4YTZiNmE2OTlkOGQ2YWJlNGRjYjk1YmIx
OTgzMzAwHhcNMjUwNDI3MTYwMTM4WhcNMjUwNDI4MTYwMTM4WjAzMTEwLwYDVQQD
Eyg5MDgxYzJkM2U4OTEyNmNiM2JmYzc0NzFlMTljYWRjZDRlYTI5NmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Rb9q0OyDtQYqQn/paYqxcmKn857
Eilu4qSbuUHFwPkIo6wOuwn5s9cmYVKyab1IZO/ntZcKg+Hh46nAuMgOBNmZ7j2y
Uo3cMUc41oMlMBMCabCzQ8Ee5gMC1kbmqzb+xWrp8c+u+shuWeJCfi4FjlSZVCHl
9bmbRlko7Ca/4kIoiMPEBN4S2jkvSZ2EBDIU3aqzcz6Yzcv/fdFP/EoOewYwoTVX
6+/8g7a47DmP+dXCCJnfDTzB6Z74Jk3G52AWZ7veXxLfe5tbBI7htCuAPCSUVNDd
X7LvlVlXUhS6yroW0iDf87vo9p28N8EVHlokGIyBdHvbj9JLdFTSKgAIqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJCBwtPokSbLO/x0ceGcrc1OopbjMB8GA1UdIwQY
MBaAFK+CoJeiimtqaZ2Nar5Ny5W7GYMwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMt
ZmFhOGI3MThiNmNiLzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMtZmFhOGI3MThiNmNi
LzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbVyvEZKa
UaCnsDqGHTndQMCmQZpa392qS5d3WdMO/FKTIDMgpJrZdCeNOv2GDWct5LbTb+RL
4AyzRwQHSAy1+z4MWPZ3sP/Qj3HpK5BJiIdzuI/7C8i2hvGlh2NLAO9AdxgSzXDL
h3nRoTfpCltXISGb2Surx5wGn2CyIEcsnoCx+yBdQ99RCgHjP2O3IzL/MHMcVIsj
UjWg8qSxMIF7pG4lsFjN5ZXAsnu3j3Z3rwITKfH/jUmMblrOT0Zb1OojlrTLMJ0E
+m93BYIYzO3lvjdEsxoD0b41pKAADBTdzopANx0DRtzp47NSTNlNS1XfCjUrcG4K
zzOXlnH8XzVpgg==
-----END CERTIFICATE-----