Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/6e7670-631d-4787-aeda-f1586fbde81a/1/9fqTbNBbJl9g8zNAqMY952gvw18.mft
File:                     9fqTbNBbJl9g8zNAqMY952gvw18.mft (raw, json)
Hash identifier:          LkBYVq4fDvQYRgzZZC8Q1aBPRlKKuXRVrAoXvcoxmDE=
Subject key identifier:   E7:72:3A:01:AF:62:EC:5E:0E:9E:D6:DA:59:A5:5E:8D:45:B3:72:A0
Authority key identifier: F5:FA:93:6C:D0:5B:26:5F:60:F3:33:40:A8:C6:3D:E7:68:2F:C3:5F
Certificate issuer:       /CN=f5fa936cd05b265f60f33340a8c63de7682fc35f
Certificate serial:       019680FD98C0CB26AEA9BB93D51783ED10FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9fqTbNBbJl9g8zNAqMY952gvw18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/6e7670-631d-4787-aeda-f1586fbde81a/1/9fqTbNBbJl9g8zNAqMY952gvw18.mft
Manifest number:          0502
Signing time:             Tue 29 Apr 2025 10:00:24 +0000
Manifest this update:     Tue 29 Apr 2025 10:00:24 +0000
Manifest next update:     Wed 30 Apr 2025 10:00:24 +0000
Files and hashes:         1: 9fqTbNBbJl9g8zNAqMY952gvw18.crl (hash: lNHBehkm8pe8VxiWHr5vhjjdr+kfawWR0nY9hGo5kAY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/6e7670-631d-4787-aeda-f1586fbde81a/1/9fqTbNBbJl9g8zNAqMY952gvw18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/6e7670-631d-4787-aeda-f1586fbde81a/1/9fqTbNBbJl9g8zNAqMY952gvw18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9fqTbNBbJl9g8zNAqMY952gvw18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 10:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:80:fd:98:c0:cb:26:ae:a9:bb:93:d5:17:83:ed:10:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5fa936cd05b265f60f33340a8c63de7682fc35f
        Validity
            Not Before: Apr 29 10:00:24 2025 GMT
            Not After : Apr 30 10:00:24 2025 GMT
        Subject: CN=e7723a01af62ec5e0e9ed6da59a55e8d45b372a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:2a:4a:b1:21:94:59:49:24:f7:ce:42:12:d4:
                    f7:f5:53:18:aa:ca:a9:75:2e:5d:6b:ae:57:95:c7:
                    ac:8b:47:d9:04:d5:01:1a:0d:85:d8:cb:4c:17:9f:
                    f8:6f:52:f0:03:f7:93:96:25:58:65:a2:ec:51:11:
                    8d:d8:84:19:d7:ad:77:22:9e:db:b2:9f:2d:f6:5b:
                    ba:29:33:49:95:12:54:87:cf:a8:f6:9c:05:23:14:
                    1a:b4:94:2b:2f:e0:f0:25:0c:32:42:c4:97:f1:01:
                    bf:6f:28:76:72:09:87:0e:26:2c:0e:ee:19:cc:e3:
                    94:2f:41:45:41:75:cd:b6:29:e6:5d:20:a9:3e:13:
                    ed:ec:6d:63:49:fe:20:e1:db:6f:3a:9f:c0:b5:ce:
                    4a:49:f3:3f:12:6e:85:40:d0:f0:70:9e:42:cf:ba:
                    8b:a7:44:20:bd:03:65:de:d5:7d:e8:42:0e:8a:11:
                    df:cd:8a:89:28:db:29:76:45:f5:fb:3f:ab:80:b3:
                    b5:12:2c:13:fe:62:80:0a:3f:b9:1f:f5:e0:9e:33:
                    e5:ed:43:21:d8:6f:28:cd:61:40:d9:a9:dc:f6:d4:
                    a7:ae:bf:fb:3c:10:0d:6b:4b:30:6a:bc:0d:2a:6b:
                    f7:7d:9a:08:ff:39:84:9a:2d:56:0f:d6:36:c6:38:
                    9b:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:72:3A:01:AF:62:EC:5E:0E:9E:D6:DA:59:A5:5E:8D:45:B3:72:A0
            X509v3 Authority Key Identifier:
                keyid:F5:FA:93:6C:D0:5B:26:5F:60:F3:33:40:A8:C6:3D:E7:68:2F:C3:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fqTbNBbJl9g8zNAqMY952gvw18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/6e7670-631d-4787-aeda-f1586fbde81a/1/9fqTbNBbJl9g8zNAqMY952gvw18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/6e7670-631d-4787-aeda-f1586fbde81a/1/9fqTbNBbJl9g8zNAqMY952gvw18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:24:54:61:2e:27:94:62:58:e3:d6:3f:02:f5:e5:ee:26:ae:
         be:2f:d6:68:34:29:ac:e8:cc:fa:cd:47:14:42:fe:24:36:61:
         92:5e:74:81:e9:b3:ef:38:9e:d5:2f:48:11:f2:8c:60:6b:ea:
         c6:6d:bf:d1:e9:38:cf:4c:42:cb:27:3e:c8:a7:17:28:59:aa:
         f4:19:9d:10:a6:0f:3a:17:77:4f:5a:12:3e:d6:50:0e:74:20:
         a6:35:64:20:ef:cb:08:22:78:ac:9e:3b:22:21:df:da:62:cc:
         fb:9b:f4:48:74:8f:39:f6:22:08:f1:c5:a6:21:51:71:f9:55:
         3e:f7:86:bc:0f:de:ea:eb:ee:7f:fd:a0:95:68:00:ac:cb:51:
         16:d2:8b:61:0f:c0:0e:85:55:98:ee:8b:b4:6f:11:38:d0:db:
         d3:93:49:6e:f1:77:2f:12:91:1d:09:08:3d:65:43:3a:cc:f5:
         dd:7e:ab:5d:8f:83:7f:45:83:a0:ec:3a:43:4a:82:0e:88:b2:
         38:d1:8a:f3:b3:b1:e1:59:d6:72:dd:90:b3:0d:59:39:47:1f:
         a1:87:16:e0:cb:1f:c7:bb:c3:6d:77:19:1d:0c:23:11:93:e3:
         f3:92:34:3a:bc:41:1a:0b:d6:5b:0a:f9:08:0f:ad:e5:13:67:
         9a:49:fe:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaA/ZjAyyauqbuT1ReD7RD6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmE5MzZjZDA1YjI2NWY2MGYzMzM0MGE4YzYzZGU3Njgy
ZmMzNWYwHhcNMjUwNDI5MTAwMDI0WhcNMjUwNDMwMTAwMDI0WjAzMTEwLwYDVQQD
EyhlNzcyM2EwMWFmNjJlYzVlMGU5ZWQ2ZGE1OWE1NWU4ZDQ1YjM3MmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCpKsSGUWUkk985CEtT39VMYqsqp
dS5da65Xlcesi0fZBNUBGg2F2MtMF5/4b1LwA/eTliVYZaLsURGN2IQZ1613Ip7b
sp8t9lu6KTNJlRJUh8+o9pwFIxQatJQrL+DwJQwyQsSX8QG/byh2cgmHDiYsDu4Z
zOOUL0FFQXXNtinmXSCpPhPt7G1jSf4g4dtvOp/Atc5KSfM/Em6FQNDwcJ5Cz7qL
p0QgvQNl3tV96EIOihHfzYqJKNspdkX1+z+rgLO1EiwT/mKACj+5H/XgnjPl7UMh
2G8ozWFA2anc9tSnrr/7PBANa0swarwNKmv3fZoI/zmEmi1WD9Y2xjibgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOdyOgGvYuxeDp7W2lmlXo1Fs3KgMB8GA1UdIwQY
MBaAFPX6k2zQWyZfYPMzQKjGPedoL8NfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZxVGJOQmJKbDlnOHpOQXFNWTk1Mmd2dzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC82ZTc2NzAtNjMxZC00Nzg3LWFlZGEt
ZjE1ODZmYmRlODFhLzEvOWZxVGJOQmJKbDlnOHpOQXFNWTk1Mmd2dzE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC82ZTc2NzAtNjMxZC00Nzg3LWFlZGEtZjE1ODZmYmRlODFh
LzEvOWZxVGJOQmJKbDlnOHpOQXFNWTk1Mmd2dzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjyRUYS4n
lGJY49Y/AvXl7iauvi/WaDQprOjM+s1HFEL+JDZhkl50gemz7zie1S9IEfKMYGvq
xm2/0ek4z0xCyyc+yKcXKFmq9BmdEKYPOhd3T1oSPtZQDnQgpjVkIO/LCCJ4rJ47
IiHf2mLM+5v0SHSPOfYiCPHFpiFRcflVPveGvA/e6uvuf/2glWgArMtRFtKLYQ/A
DoVVmO6LtG8RONDb05NJbvF3LxKRHQkIPWVDOsz13X6rXY+Df0WDoOw6Q0qCDoiy
ONGK87Ox4VnWct2Qsw1ZOUcfoYcW4Msfx7vDbXcZHQwjEZPj85I0OrxBGgvWWwr5
CA+t5RNnmkn+jw==
-----END CERTIFICATE-----