Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
File:                     s1IytLD6jIPU_4wSROhk67yt1os.mft (raw, json)
Hash identifier:          9wxOlRV0H2aUEBV1/AoNVnHDOtHbCer4lRgPJVtwUhI=
Subject key identifier:   D3:D0:28:82:97:77:24:FD:8B:A7:EF:6D:D6:A1:14:E5:5A:B7:5B:DF
Authority key identifier: B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B
Certificate issuer:       /CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
Certificate serial:       0196760C45A51C4788D8A6B9C303B748A297
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
Manifest number:          0F86
Signing time:             Sun 27 Apr 2025 07:00:37 +0000
Manifest this update:     Sun 27 Apr 2025 07:00:37 +0000
Manifest next update:     Mon 28 Apr 2025 07:00:37 +0000
Files and hashes:         1: s1IytLD6jIPU_4wSROhk67yt1os.crl (hash: HAx9kBTlz4ULzz6EbNKfRHarY4+zuBqcTfaHA8KUZSE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:45:a5:1c:47:88:d8:a6:b9:c3:03:b7:48:a2:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
        Validity
            Not Before: Apr 27 07:00:37 2025 GMT
            Not After : Apr 28 07:00:37 2025 GMT
        Subject: CN=d3d02882977724fd8ba7ef6dd6a114e55ab75bdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:76:49:1e:81:2f:22:29:fd:37:16:66:f7:26:
                    83:e3:96:54:9c:d8:df:bb:48:08:47:f9:e0:83:5b:
                    9f:80:a3:77:3c:52:5c:60:04:6d:e8:d0:fa:16:7f:
                    8d:c5:b7:d5:e5:a0:90:f0:a3:e8:fb:49:e7:4e:7e:
                    a3:a0:db:62:5d:dd:b3:b1:79:5b:b4:6f:62:78:35:
                    6a:f0:01:b8:1d:2f:bf:71:30:d3:62:29:a9:5c:d4:
                    27:4b:f6:f6:51:3c:2e:ac:4c:b9:60:39:68:89:55:
                    0c:bb:99:4d:1a:30:9e:d4:1f:86:7a:8f:c4:87:ed:
                    e7:79:14:b8:fa:85:33:f2:a4:10:d1:19:7c:ac:3f:
                    c1:ef:a0:9d:95:ba:c1:51:84:50:26:8b:15:61:3a:
                    2f:5c:f1:5a:fa:30:14:02:31:b1:93:ed:70:8b:5d:
                    9c:89:52:eb:97:aa:d4:f9:76:e6:6f:19:e0:44:45:
                    6a:c2:b7:e2:39:34:f5:8c:b3:da:a6:b1:c9:23:bb:
                    b1:74:d9:60:bd:64:99:3c:c9:4f:87:03:71:7a:40:
                    32:3e:4d:34:a5:71:43:0e:4a:3d:60:48:77:82:f8:
                    0d:34:8c:ff:5b:71:85:2f:46:ef:ad:25:57:b6:7c:
                    7e:f2:39:61:2a:cf:92:cd:aa:2c:79:15:7b:7e:e0:
                    23:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:D0:28:82:97:77:24:FD:8B:A7:EF:6D:D6:A1:14:E5:5A:B7:5B:DF
            X509v3 Authority Key Identifier:
                keyid:B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:76:78:2d:5f:8d:f7:87:79:1d:68:69:bc:24:96:f7:4c:25:
         fc:c4:02:73:24:0f:59:07:07:ca:16:32:12:fc:cc:8a:77:8e:
         5a:d3:93:1c:48:c4:bc:90:54:f0:7b:40:2e:41:fe:96:1f:e6:
         22:b2:b6:72:6c:23:be:33:2e:be:b1:76:fc:64:5e:a9:dd:30:
         01:0f:ec:0c:4d:ea:7a:28:72:d2:e2:09:c5:30:af:c7:1b:d9:
         e3:a0:92:04:40:65:bf:fa:85:f1:83:ab:2c:83:36:98:0c:b7:
         dc:38:fd:27:f4:27:cf:36:03:79:dc:15:a6:3e:b4:5f:43:5c:
         23:e2:c2:91:96:ed:8e:ae:59:7f:16:fb:f2:bf:72:45:cf:98:
         5a:6f:d3:60:92:44:94:f9:f5:8a:65:c0:13:88:9c:32:df:7d:
         e3:f1:3b:e1:30:55:5c:50:a3:83:ab:b1:4d:6f:54:04:65:17:
         8f:aa:cc:63:5c:38:ee:59:40:25:79:e1:53:74:b3:a4:c9:96:
         74:e7:74:d6:a0:ed:98:8a:69:70:dc:63:e8:a1:fe:48:79:e6:
         51:25:d3:6b:ef:70:92:30:b1:e1:e3:2a:c9:3b:47:a0:23:3a:
         83:12:91:23:03:52:a8:25:70:04:48:4f:70:62:f4:c0:e3:14:
         91:44:0f:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DEWlHEeI2Ka5wwO3SKKXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTIzMmI0YjBmYThjODNkNGZmOGMxMjQ0ZTg2NGViYmNh
ZGQ2OGIwHhcNMjUwNDI3MDcwMDM3WhcNMjUwNDI4MDcwMDM3WjAzMTEwLwYDVQQD
EyhkM2QwMjg4Mjk3NzcyNGZkOGJhN2VmNmRkNmExMTRlNTVhYjc1YmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4HZJHoEvIin9NxZm9yaD45ZUnNjf
u0gIR/ngg1ufgKN3PFJcYARt6ND6Fn+NxbfV5aCQ8KPo+0nnTn6joNtiXd2zsXlb
tG9ieDVq8AG4HS+/cTDTYimpXNQnS/b2UTwurEy5YDloiVUMu5lNGjCe1B+Geo/E
h+3neRS4+oUz8qQQ0Rl8rD/B76CdlbrBUYRQJosVYTovXPFa+jAUAjGxk+1wi12c
iVLrl6rU+XbmbxngREVqwrfiOTT1jLPaprHJI7uxdNlgvWSZPMlPhwNxekAyPk00
pXFDDko9YEh3gvgNNIz/W3GFL0bvrSVXtnx+8jlhKs+SzaoseRV7fuAj4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNPQKIKXdyT9i6fvbdahFOVat1vfMB8GA1UdIwQY
MBaAFLNSMrSw+oyD1P+MEkToZOu8rdaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEt
YjkxMjJlNTIxMDU4LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEtYjkxMjJlNTIxMDU4
LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhnZ4LV+N
94d5HWhpvCSW90wl/MQCcyQPWQcHyhYyEvzMineOWtOTHEjEvJBU8HtALkH+lh/m
IrK2cmwjvjMuvrF2/GReqd0wAQ/sDE3qeihy0uIJxTCvxxvZ46CSBEBlv/qF8YOr
LIM2mAy33Dj9J/QnzzYDedwVpj60X0NcI+LCkZbtjq5Zfxb78r9yRc+YWm/TYJJE
lPn1imXAE4icMt994/E74TBVXFCjg6uxTW9UBGUXj6rMY1w47llAJXnhU3SzpMmW
dOd01qDtmIppcNxj6KH+SHnmUSXTa+9wkjCx4eMqyTtHoCM6gxKRIwNSqCVwBEhP
cGL0wOMUkUQPCQ==
-----END CERTIFICATE-----