Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
File:                     U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft (raw, json)
Hash identifier:          9CdmTgteA64F5ngLK81fgkxyZot9l0xKK+cuRpUsT+w=
Subject key identifier:   EF:63:8D:0C:6D:56:DB:28:4E:7A:3F:7D:9F:26:86:B6:B0:8B:EA:7D
Authority key identifier: 53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E
Certificate issuer:       /CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
Certificate serial:       01967FB4D2A4DA4D0FB09853C401A28A9CBF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
Manifest number:          1511
Signing time:             Tue 29 Apr 2025 04:01:18 +0000
Manifest this update:     Tue 29 Apr 2025 04:01:18 +0000
Manifest next update:     Wed 30 Apr 2025 04:01:18 +0000
Files and hashes:         1: U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl (hash: YIHAlsRKN87T5YDSU7PzK4+Y+uQIwiiuVQThibAG67I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 04:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:b4:d2:a4:da:4d:0f:b0:98:53:c4:01:a2:8a:9c:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
        Validity
            Not Before: Apr 29 04:01:18 2025 GMT
            Not After : Apr 30 04:01:18 2025 GMT
        Subject: CN=ef638d0c6d56db284e7a3f7d9f2686b6b08bea7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:3a:24:90:4b:64:5b:2d:1c:31:01:de:9c:65:
                    1f:a8:37:20:07:9e:9f:01:6d:d9:16:5a:a2:44:f4:
                    78:88:81:92:75:a1:2f:65:08:b1:f4:41:96:1b:7f:
                    41:fc:e7:c8:f6:d4:d0:7a:15:4b:a4:7e:ab:1f:32:
                    f9:2b:9f:a0:b8:dd:57:d0:9e:85:dc:5c:71:e8:4d:
                    d5:ba:87:e1:70:24:ec:da:c9:61:0a:6d:54:09:6e:
                    62:0b:99:a7:bd:22:40:55:27:3f:45:53:f2:bc:82:
                    9d:64:0d:ae:9d:ed:2b:88:9c:e4:0c:b0:89:88:06:
                    25:0d:97:aa:16:a0:68:b7:71:f9:cc:b3:e9:53:3f:
                    45:8e:69:86:d0:4f:8d:11:b2:5a:e2:65:bb:18:ae:
                    22:a4:ce:0e:48:83:20:d6:5b:6e:d6:ad:43:ec:9e:
                    70:b2:68:32:f4:b5:ad:3d:4e:c4:c3:56:2d:c6:b7:
                    fc:63:3f:d9:98:fc:df:e0:50:bd:62:65:a0:a5:fb:
                    e1:6b:af:36:84:38:c4:3a:d3:d3:f7:40:bd:c5:f2:
                    60:15:cd:a2:90:7f:30:9b:c1:37:ce:50:71:d6:43:
                    42:44:b1:bd:95:bb:72:3d:6e:b0:a4:c6:7d:c1:5e:
                    ad:41:b4:83:9c:b8:8d:1c:72:7a:34:c5:2e:76:ba:
                    7b:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:63:8D:0C:6D:56:DB:28:4E:7A:3F:7D:9F:26:86:B6:B0:8B:EA:7D
            X509v3 Authority Key Identifier:
                keyid:53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:3d:58:1a:01:f5:0d:f6:5c:14:05:77:6c:61:80:59:95:df:
         8f:2e:87:c6:e9:cc:00:80:25:e8:b1:0e:48:d5:22:37:34:4d:
         40:64:83:55:ec:a6:15:55:35:c2:03:b5:6d:c9:93:89:98:75:
         b3:2c:95:24:6e:a8:6c:15:f3:fb:d4:ee:e4:d1:c9:de:d2:9f:
         d2:9a:e1:04:df:ac:34:51:b7:3f:c1:af:cf:1b:dd:9c:34:cd:
         0e:16:84:59:c4:0e:44:dc:68:89:be:1d:f2:0e:87:77:56:24:
         7f:03:b6:e6:1d:96:f7:da:29:4b:73:2b:df:67:a9:0e:fe:eb:
         2a:70:ca:6a:db:75:7f:0b:8a:51:e1:9b:a4:41:d2:20:fd:20:
         ab:3a:59:67:8a:03:9b:12:1b:52:51:a0:ff:de:d9:cb:d7:20:
         01:83:85:c7:04:b7:e3:40:2f:05:85:d4:e6:22:84:af:ff:d8:
         ae:98:d6:9d:ee:0b:ed:9e:65:6e:d6:b2:71:05:a5:08:38:e2:
         9c:dc:c3:15:bf:2b:93:a5:92:7f:4b:cf:1d:f4:3a:9d:20:73:
         d6:5f:af:a0:63:cd:44:5b:5c:e8:57:ec:61:ca:8e:2f:52:eb:
         93:c1:e8:29:43:f4:42:8a:59:85:20:15:e3:23:55:93:fc:3b:
         1b:43:e2:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/tNKk2k0PsJhTxAGiipy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOGIwNjJjYjU0MjZmMDBlNjUzNzNlZWY0ZTRjZDhhMWMy
N2Y2OGUwHhcNMjUwNDI5MDQwMTE4WhcNMjUwNDMwMDQwMTE4WjAzMTEwLwYDVQQD
EyhlZjYzOGQwYzZkNTZkYjI4NGU3YTNmN2Q5ZjI2ODZiNmIwOGJlYTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzokkEtkWy0cMQHenGUfqDcgB56f
AW3ZFlqiRPR4iIGSdaEvZQix9EGWG39B/OfI9tTQehVLpH6rHzL5K5+guN1X0J6F
3Fxx6E3VuofhcCTs2slhCm1UCW5iC5mnvSJAVSc/RVPyvIKdZA2une0riJzkDLCJ
iAYlDZeqFqBot3H5zLPpUz9FjmmG0E+NEbJa4mW7GK4ipM4OSIMg1ltu1q1D7J5w
smgy9LWtPU7Ew1Ytxrf8Yz/ZmPzf4FC9YmWgpfvha682hDjEOtPT90C9xfJgFc2i
kH8wm8E3zlBx1kNCRLG9lbtyPW6wpMZ9wV6tQbSDnLiNHHJ6NMUudrp79wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO9jjQxtVtsoTno/fZ8mhrawi+p9MB8GA1UdIwQY
MBaAFFOLBiy1Qm8A5lNz7vTkzYocJ/aOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUt
MjBjOGFiOTI2OTZmLzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUtMjBjOGFiOTI2OTZm
LzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmz1YGgH1
DfZcFAV3bGGAWZXfjy6HxunMAIAl6LEOSNUiNzRNQGSDVeymFVU1wgO1bcmTiZh1
syyVJG6obBXz+9Tu5NHJ3tKf0prhBN+sNFG3P8GvzxvdnDTNDhaEWcQORNxoib4d
8g6Hd1YkfwO25h2W99opS3Mr32epDv7rKnDKatt1fwuKUeGbpEHSIP0gqzpZZ4oD
mxIbUlGg/97Zy9cgAYOFxwS340AvBYXU5iKEr//YrpjWne4L7Z5lbtaycQWlCDji
nNzDFb8rk6WSf0vPHfQ6nSBz1l+voGPNRFtc6FfsYcqOL1Lrk8HoKUP0QopZhSAV
4yNVk/w7G0PiaA==
-----END CERTIFICATE-----