Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft
File:                     r4yBlkcmb7yxOeZyqPuaV89Ysog.mft (raw, json)
Hash identifier:          OK3o2N46KoFCVLqoB+Khq+z1L8C1+wtxIEqEHT6l+Zw=
Subject key identifier:   DC:76:40:88:F1:B9:8B:E3:8C:5D:2A:BE:65:F1:92:74:22:26:C5:5D
Authority key identifier: AF:8C:81:96:47:26:6F:BC:B1:39:E6:72:A8:FB:9A:57:CF:58:B2:88
Certificate issuer:       /CN=af8c819647266fbcb139e672a8fb9a57cf58b288
Certificate serial:       0196748BA3C24E651A5C3BCCE349D8593ECE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4yBlkcmb7yxOeZyqPuaV89Ysog.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft
Manifest number:          0320
Signing time:             Sun 27 Apr 2025 00:00:30 +0000
Manifest this update:     Sun 27 Apr 2025 00:00:30 +0000
Manifest next update:     Mon 28 Apr 2025 00:00:30 +0000
Files and hashes:         1: r4yBlkcmb7yxOeZyqPuaV89Ysog.crl (hash: 6z7B+ZSw1JdHWxxWZsUxsr1C0Zuu/ClSsyti9uSRi4w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r4yBlkcmb7yxOeZyqPuaV89Ysog.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:8b:a3:c2:4e:65:1a:5c:3b:cc:e3:49:d8:59:3e:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af8c819647266fbcb139e672a8fb9a57cf58b288
        Validity
            Not Before: Apr 27 00:00:30 2025 GMT
            Not After : Apr 28 00:00:30 2025 GMT
        Subject: CN=dc764088f1b98be38c5d2abe65f192742226c55d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:28:b7:b6:4d:f4:46:55:43:7a:ca:70:ec:b2:
                    90:18:64:7e:a1:35:9a:e0:20:55:f5:d1:2e:d3:4c:
                    7b:82:51:32:09:a0:b7:7f:94:f6:c2:1b:f3:5d:86:
                    12:e5:e6:0b:0d:19:2b:1e:d9:3a:72:cd:b4:99:43:
                    9a:35:9b:b3:c0:c7:8a:7b:e2:3f:4b:cc:1e:74:a8:
                    52:b3:f5:66:26:d7:32:55:95:ca:a6:9a:83:60:6c:
                    60:e7:f2:c9:45:78:47:8e:b1:8d:54:33:4c:0d:37:
                    0c:e3:14:64:05:1e:57:d2:bf:f6:fd:31:b1:8a:c4:
                    dc:ac:f6:4d:2a:3e:33:cb:63:e6:ee:ea:28:ff:a6:
                    89:7a:8e:35:9e:65:b3:23:69:7d:6d:d1:f5:7b:70:
                    52:71:96:b8:a4:3e:2c:97:f9:6e:52:ce:46:f0:81:
                    a1:55:ed:02:55:6f:cf:30:5c:af:f8:2b:66:e9:de:
                    68:7a:9d:e0:d0:cf:b3:92:89:72:de:74:fc:ea:2f:
                    37:92:96:32:c3:7a:18:f2:7c:6b:33:89:ef:17:62:
                    00:26:ff:a9:1d:f4:80:42:d4:54:ff:8b:97:1f:f9:
                    28:83:05:0c:2d:52:64:3f:14:8b:26:8e:62:92:5a:
                    24:5c:77:6d:02:43:a9:5d:8d:37:14:32:63:a8:54:
                    50:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:76:40:88:F1:B9:8B:E3:8C:5D:2A:BE:65:F1:92:74:22:26:C5:5D
            X509v3 Authority Key Identifier:
                keyid:AF:8C:81:96:47:26:6F:BC:B1:39:E6:72:A8:FB:9A:57:CF:58:B2:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4yBlkcmb7yxOeZyqPuaV89Ysog.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:c6:f7:d1:47:2a:46:a8:3d:8c:0d:07:2f:e9:63:3b:45:d9:
         07:72:94:f2:9d:e6:5d:ae:63:e7:f7:ef:21:40:17:ca:c4:41:
         9b:a6:e0:49:97:0a:22:bd:7d:80:0f:4d:56:86:a1:8e:cb:f2:
         ab:10:b4:6a:9e:f5:77:90:ae:af:88:c2:05:75:f5:2d:70:8a:
         d9:83:be:d3:79:e4:a4:5c:92:d2:7a:49:38:2c:69:79:a7:20:
         e4:ac:b2:32:76:1a:4f:2e:5a:8c:c7:bf:f3:97:1d:02:1c:f4:
         a1:8f:23:76:51:97:85:58:a4:ca:15:67:77:88:5c:0f:5a:bf:
         cd:d6:19:00:f3:8f:8f:c6:87:a4:a2:b5:dc:c6:af:27:15:53:
         92:67:35:d4:01:f2:2f:e9:e0:9f:cc:5a:d8:ad:1b:2d:b9:ea:
         43:08:5d:9e:0d:f7:cc:da:14:ac:b8:49:b8:e0:c2:cd:66:12:
         1d:d5:7e:67:23:1d:13:77:0e:f4:9f:e7:bb:98:58:b3:bc:0c:
         ff:e7:06:78:1a:4d:2c:45:f5:2e:d9:ce:30:22:aa:b0:0a:88:
         a7:c7:9a:46:1a:fc:d4:3f:57:30:ed:f0:76:3d:59:be:4b:a7:
         f1:0e:41:dd:ca:3d:39:60:48:cf:e4:b8:96:19:28:d1:6e:c8:
         03:e3:e5:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0i6PCTmUaXDvM40nYWT7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGM4MTk2NDcyNjZmYmNiMTM5ZTY3MmE4ZmI5YTU3Y2Y1
OGIyODgwHhcNMjUwNDI3MDAwMDMwWhcNMjUwNDI4MDAwMDMwWjAzMTEwLwYDVQQD
EyhkYzc2NDA4OGYxYjk4YmUzOGM1ZDJhYmU2NWYxOTI3NDIyMjZjNTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyi3tk30RlVDespw7LKQGGR+oTWa
4CBV9dEu00x7glEyCaC3f5T2whvzXYYS5eYLDRkrHtk6cs20mUOaNZuzwMeKe+I/
S8wedKhSs/VmJtcyVZXKppqDYGxg5/LJRXhHjrGNVDNMDTcM4xRkBR5X0r/2/TGx
isTcrPZNKj4zy2Pm7uoo/6aJeo41nmWzI2l9bdH1e3BScZa4pD4sl/luUs5G8IGh
Ve0CVW/PMFyv+Ctm6d5oep3g0M+zkoly3nT86i83kpYyw3oY8nxrM4nvF2IAJv+p
HfSAQtRU/4uXH/kogwUMLVJkPxSLJo5iklokXHdtAkOpXY03FDJjqFRQWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNx2QIjxuYvjjF0qvmXxknQiJsVdMB8GA1UdIwQY
MBaAFK+MgZZHJm+8sTnmcqj7mlfPWLKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjR5QmxrY21iN3l4T2VaeXFQdWFWODlZc29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC82YmU3YWYtOTdiOC00Nzc3LWJiZGQt
MzAxMTdjMjBiZjQyLzEvcjR5QmxrY21iN3l4T2VaeXFQdWFWODlZc29nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC82YmU3YWYtOTdiOC00Nzc3LWJiZGQtMzAxMTdjMjBiZjQy
LzEvcjR5QmxrY21iN3l4T2VaeXFQdWFWODlZc29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ8b30Ucq
Rqg9jA0HL+ljO0XZB3KU8p3mXa5j5/fvIUAXysRBm6bgSZcKIr19gA9NVoahjsvy
qxC0ap71d5Cur4jCBXX1LXCK2YO+03nkpFyS0npJOCxpeacg5KyyMnYaTy5ajMe/
85cdAhz0oY8jdlGXhVikyhVnd4hcD1q/zdYZAPOPj8aHpKK13MavJxVTkmc11AHy
L+ngn8xa2K0bLbnqQwhdng33zNoUrLhJuODCzWYSHdV+ZyMdE3cO9J/nu5hYs7wM
/+cGeBpNLEX1LtnOMCKqsAqIp8eaRhr81D9XMO3wdj1Zvkun8Q5B3co9OWBIz+S4
lhko0W7IA+PlIw==
-----END CERTIFICATE-----