Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/f16c15-de76-433d-b97f-62f9f446ad01/1/SzgbqgoK3TKp-UFPmyyaWjIlNC4.mft
File:                     SzgbqgoK3TKp-UFPmyyaWjIlNC4.mft (raw, json)
Hash identifier:          82B7UU2qoLhUajQXe3DcVh4wEqGYctbHz7a6+hiftmk=
Subject key identifier:   67:CB:74:59:BF:04:FE:AD:40:98:B4:2B:60:00:EC:AF:7A:AD:B4:BA
Authority key identifier: 4B:38:1B:AA:0A:0A:DD:32:A9:F9:41:4F:9B:2C:9A:5A:32:25:34:2E
Certificate issuer:       /CN=4b381baa0a0add32a9f9414f9b2c9a5a3225342e
Certificate serial:       01968F954720540C88813152AE4326C706F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SzgbqgoK3TKp-UFPmyyaWjIlNC4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/f16c15-de76-433d-b97f-62f9f446ad01/1/SzgbqgoK3TKp-UFPmyyaWjIlNC4.mft
Manifest number:          0DA4
Signing time:             Fri 02 May 2025 06:00:47 +0000
Manifest this update:     Fri 02 May 2025 06:00:47 +0000
Manifest next update:     Sat 03 May 2025 06:00:47 +0000
Files and hashes:         1: SzgbqgoK3TKp-UFPmyyaWjIlNC4.crl (hash: qY4ElUerjNHgPAeU4i3VSBQw8N9Ovcjtm7zgzctCFYg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/f16c15-de76-433d-b97f-62f9f446ad01/1/SzgbqgoK3TKp-UFPmyyaWjIlNC4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/f16c15-de76-433d-b97f-62f9f446ad01/1/SzgbqgoK3TKp-UFPmyyaWjIlNC4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SzgbqgoK3TKp-UFPmyyaWjIlNC4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8f:95:47:20:54:0c:88:81:31:52:ae:43:26:c7:06:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b381baa0a0add32a9f9414f9b2c9a5a3225342e
        Validity
            Not Before: May  2 06:00:47 2025 GMT
            Not After : May  3 06:00:47 2025 GMT
        Subject: CN=67cb7459bf04fead4098b42b6000ecaf7aadb4ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:86:88:ca:86:0b:d1:9d:92:e9:b4:04:bc:57:
                    4d:f0:40:ef:6a:2c:15:f3:9d:ce:6e:55:aa:fb:37:
                    ec:12:cf:6e:2e:2f:ab:e8:ca:3a:04:2b:19:b4:75:
                    b9:bb:bd:24:a8:d8:41:f6:f9:3e:c5:28:8b:3a:87:
                    56:d3:28:47:1d:80:ff:86:31:01:2f:68:01:e3:b4:
                    7a:aa:e2:ea:70:5f:b3:49:1b:f9:ce:e6:c4:29:d0:
                    0f:c6:57:15:4d:a7:8f:59:6b:75:79:c9:52:bd:57:
                    90:b9:64:b8:f8:01:e8:87:b9:92:e7:82:27:4c:03:
                    2d:52:f7:9a:a4:be:9c:9e:35:ea:93:f3:48:0c:cd:
                    30:a0:ff:13:f2:57:2b:38:16:99:47:33:13:f0:dc:
                    89:23:b6:16:66:d7:67:4b:c3:22:c4:b1:cc:98:43:
                    26:aa:95:56:89:a4:c5:e5:1a:23:52:ce:05:86:73:
                    9a:95:79:fa:4a:c3:bc:18:a1:f3:07:cf:57:51:8e:
                    34:f6:9a:4c:cc:f0:b9:ea:54:ca:de:64:c3:1c:b1:
                    a6:c1:0f:93:37:29:28:e9:b6:ea:1a:8b:6b:0b:37:
                    b6:29:16:7e:70:31:8b:f6:31:86:3a:2e:d1:e6:fb:
                    57:d5:26:0b:0e:63:8c:0e:74:49:71:c5:1a:cc:f2:
                    d3:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:CB:74:59:BF:04:FE:AD:40:98:B4:2B:60:00:EC:AF:7A:AD:B4:BA
            X509v3 Authority Key Identifier:
                keyid:4B:38:1B:AA:0A:0A:DD:32:A9:F9:41:4F:9B:2C:9A:5A:32:25:34:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzgbqgoK3TKp-UFPmyyaWjIlNC4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f16c15-de76-433d-b97f-62f9f446ad01/1/SzgbqgoK3TKp-UFPmyyaWjIlNC4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f16c15-de76-433d-b97f-62f9f446ad01/1/SzgbqgoK3TKp-UFPmyyaWjIlNC4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:22:a6:75:52:d0:60:3f:11:cb:ab:5d:ca:af:df:19:7a:30:
         1d:84:c7:cc:bc:59:8d:7f:72:7c:c3:ef:f9:9e:35:36:6a:fb:
         e7:fb:7c:3a:95:f3:75:84:9a:65:37:b0:e5:8b:53:9b:a3:5d:
         d9:c8:42:74:88:f2:66:97:dc:b9:be:f4:5d:b0:fc:e8:b3:e4:
         b5:1d:7b:21:be:49:3b:25:7d:bc:46:04:74:a0:2b:9e:9e:5e:
         40:30:8c:75:74:e3:4d:82:83:01:77:9f:07:68:0f:f3:5e:fb:
         16:bf:a0:18:7d:dc:a4:18:ea:4c:20:38:3c:46:6e:2a:c6:fb:
         70:ba:3e:17:2a:1c:0d:4a:81:ed:24:42:d9:8e:d1:eb:ef:f9:
         2e:29:46:b3:3e:7e:34:20:34:e7:48:20:b7:b5:51:8d:50:37:
         31:35:75:c5:0f:99:25:3c:b9:48:52:a5:f1:82:d7:a4:37:f8:
         96:4f:f4:ac:9e:bc:f0:3a:22:84:70:65:72:78:8f:e8:be:58:
         42:bc:3d:62:b0:f3:93:d6:f8:ca:49:08:7b:c6:6e:ed:1b:7a:
         f3:25:f4:b3:79:8f:c7:6a:d4:2f:65:e2:df:6e:bc:56:5d:84:
         f4:a8:f2:b2:bb:dc:49:5f:da:4c:85:5d:33:9d:58:96:3e:10:
         d4:46:aa:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaPlUcgVAyIgTFSrkMmxwb4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMzgxYmFhMGEwYWRkMzJhOWY5NDE0ZjliMmM5YTVhMzIy
NTM0MmUwHhcNMjUwNTAyMDYwMDQ3WhcNMjUwNTAzMDYwMDQ3WjAzMTEwLwYDVQQD
Eyg2N2NiNzQ1OWJmMDRmZWFkNDA5OGI0MmI2MDAwZWNhZjdhYWRiNGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYaIyoYL0Z2S6bQEvFdN8EDvaiwV
853OblWq+zfsEs9uLi+r6Mo6BCsZtHW5u70kqNhB9vk+xSiLOodW0yhHHYD/hjEB
L2gB47R6quLqcF+zSRv5zubEKdAPxlcVTaePWWt1eclSvVeQuWS4+AHoh7mS54In
TAMtUveapL6cnjXqk/NIDM0woP8T8lcrOBaZRzMT8NyJI7YWZtdnS8MixLHMmEMm
qpVWiaTF5RojUs4FhnOalXn6SsO8GKHzB89XUY409ppMzPC56lTK3mTDHLGmwQ+T
Nyko6bbqGotrCze2KRZ+cDGL9jGGOi7R5vtX1SYLDmOMDnRJccUazPLTSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfLdFm/BP6tQJi0K2AA7K96rbS6MB8GA1UdIwQY
MBaAFEs4G6oKCt0yqflBT5ssmloyJTQuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3pnYnFnb0szVEtwLVVGUG15eWFXaklsTkM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9mMTZjMTUtZGU3Ni00MzNkLWI5N2Yt
NjJmOWY0NDZhZDAxLzEvU3pnYnFnb0szVEtwLVVGUG15eWFXaklsTkM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9mMTZjMTUtZGU3Ni00MzNkLWI5N2YtNjJmOWY0NDZhZDAx
LzEvU3pnYnFnb0szVEtwLVVGUG15eWFXaklsTkM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgyKmdVLQ
YD8Ry6tdyq/fGXowHYTHzLxZjX9yfMPv+Z41Nmr75/t8OpXzdYSaZTew5YtTm6Nd
2chCdIjyZpfcub70XbD86LPktR17Ib5JOyV9vEYEdKArnp5eQDCMdXTjTYKDAXef
B2gP8177Fr+gGH3cpBjqTCA4PEZuKsb7cLo+FyocDUqB7SRC2Y7R6+/5LilGsz5+
NCA050ggt7VRjVA3MTV1xQ+ZJTy5SFKl8YLXpDf4lk/0rJ688DoihHBlcniP6L5Y
Qrw9YrDzk9b4ykkIe8Zu7Rt68yX0s3mPx2rUL2Xi3268Vl2E9KjysrvcSV/aTIVd
M51Ylj4Q1EaqzA==
-----END CERTIFICATE-----