Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft
File:                     b_rHiuobz0OKYe-RUCRI9glkHS0.mft (raw, json)
Hash identifier:          Fmb0BGycyP9IDZoESADATp2iNGumGyK1UclA32ghqdg=
Subject key identifier:   FE:09:5F:2D:FD:A3:44:4D:64:BB:3D:90:3B:02:E1:BB:24:4E:27:22
Authority key identifier: 6F:FA:C7:8A:EA:1B:CF:43:8A:61:EF:91:50:24:48:F6:09:64:1D:2D
Certificate issuer:       /CN=6ffac78aea1bcf438a61ef91502448f609641d2d
Certificate serial:       0196A3C11E9247B75242F3B94C62FC0BFD6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b_rHiuobz0OKYe-RUCRI9glkHS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft
Manifest number:          11B8
Signing time:             Tue 06 May 2025 04:01:04 +0000
Manifest this update:     Tue 06 May 2025 04:01:04 +0000
Manifest next update:     Wed 07 May 2025 04:01:04 +0000
Files and hashes:         1: b_rHiuobz0OKYe-RUCRI9glkHS0.crl (hash: nQ97RLefc7Dl9PrSXg2cGHrG4MZjZr6ShNq+7XfmJis=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b_rHiuobz0OKYe-RUCRI9glkHS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a3:c1:1e:92:47:b7:52:42:f3:b9:4c:62:fc:0b:fd:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ffac78aea1bcf438a61ef91502448f609641d2d
        Validity
            Not Before: May  6 04:01:04 2025 GMT
            Not After : May  7 04:01:04 2025 GMT
        Subject: CN=fe095f2dfda3444d64bb3d903b02e1bb244e2722
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:df:3f:c4:2d:c3:4f:97:ea:1e:4d:0d:17:70:
                    c5:13:bb:8d:54:a9:92:ef:61:dc:05:60:51:c9:c3:
                    32:39:98:9d:09:0d:0e:dd:3b:3a:d7:17:ab:5a:d0:
                    65:75:d5:4b:6d:6c:d0:b0:3b:f3:fb:b5:43:d8:04:
                    a0:d5:e8:bc:ab:27:81:c3:7d:25:d1:fe:ff:95:82:
                    c5:13:cf:70:0d:51:58:ea:f3:bf:b9:e5:15:38:4b:
                    56:0e:32:e2:bb:1c:74:ea:58:e8:ec:b5:e3:bb:84:
                    8c:7c:8f:bb:3f:93:13:1a:5e:7c:0b:f0:b2:32:0f:
                    c2:82:47:df:63:da:74:14:57:5e:39:47:a4:8d:c4:
                    14:11:51:e2:4f:ce:cd:9e:0e:a9:2f:bc:e3:7a:9f:
                    a6:1f:b4:68:e7:a2:0a:43:b6:c3:20:60:25:59:4d:
                    4a:69:f1:0e:fa:07:3f:a7:aa:00:b1:8c:fe:18:7c:
                    d4:69:bf:64:90:a5:6c:d7:10:c0:f4:8b:57:64:fd:
                    c6:9b:c7:93:7f:eb:20:76:a7:d2:ca:ce:dd:50:e9:
                    09:05:c2:94:a1:d1:15:af:c5:0d:93:57:0d:68:70:
                    16:04:41:56:2e:a9:e9:5e:be:9b:2f:68:66:ce:a8:
                    1d:80:25:92:ff:7b:a5:77:36:8b:c5:1f:2e:41:7b:
                    7a:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:09:5F:2D:FD:A3:44:4D:64:BB:3D:90:3B:02:E1:BB:24:4E:27:22
            X509v3 Authority Key Identifier:
                keyid:6F:FA:C7:8A:EA:1B:CF:43:8A:61:EF:91:50:24:48:F6:09:64:1D:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_rHiuobz0OKYe-RUCRI9glkHS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:ee:7e:e2:af:83:fe:b9:19:25:dc:e5:42:7b:53:59:8f:c7:
         5a:e8:ef:ac:e1:f3:06:2e:aa:32:3a:81:23:84:e4:08:0b:bb:
         6c:ff:dd:e5:ff:2f:c0:4a:a2:74:fc:5e:39:b2:2d:19:08:2b:
         41:65:30:22:3a:a8:ad:f9:ed:8b:7b:c2:47:e9:1b:9d:9e:2e:
         b1:05:b0:ef:27:15:fe:3a:cd:a2:f0:8d:64:93:58:a3:5b:a5:
         e3:4f:3c:c3:1e:b6:ea:33:89:37:9f:f0:af:7b:64:e7:1b:16:
         de:e8:17:ec:6f:61:6b:f9:6e:68:6c:80:09:e6:7a:7f:2e:ad:
         77:0a:12:cd:75:c7:16:df:04:ff:29:39:dd:d1:c9:80:65:26:
         51:7c:74:af:8d:fa:d5:7f:12:5e:ec:e2:cf:1f:ce:a8:20:94:
         77:3e:17:2e:8e:b9:d0:95:3c:3c:ba:b5:5b:10:c4:61:40:21:
         a9:f9:18:86:49:dc:ca:96:a9:97:64:0e:00:08:64:71:75:6c:
         fd:21:7a:a0:7a:80:82:36:11:87:4a:29:55:33:31:74:97:b2:
         e4:7c:53:ed:2e:24:0c:20:54:db:32:97:de:2f:c0:43:20:34:
         2c:b0:6d:41:d1:36:a4:41:d8:4f:6f:c9:30:53:62:00:5c:d7:
         83:0b:6a:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZajwR6SR7dSQvO5TGL8C/1vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZmFjNzhhZWExYmNmNDM4YTYxZWY5MTUwMjQ0OGY2MDk2
NDFkMmQwHhcNMjUwNTA2MDQwMTA0WhcNMjUwNTA3MDQwMTA0WjAzMTEwLwYDVQQD
EyhmZTA5NWYyZGZkYTM0NDRkNjRiYjNkOTAzYjAyZTFiYjI0NGUyNzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+98/xC3DT5fqHk0NF3DFE7uNVKmS
72HcBWBRycMyOZidCQ0O3Ts61xerWtBlddVLbWzQsDvz+7VD2ASg1ei8qyeBw30l
0f7/lYLFE89wDVFY6vO/ueUVOEtWDjLiuxx06ljo7LXju4SMfI+7P5MTGl58C/Cy
Mg/CgkffY9p0FFdeOUekjcQUEVHiT87Nng6pL7zjep+mH7Ro56IKQ7bDIGAlWU1K
afEO+gc/p6oAsYz+GHzUab9kkKVs1xDA9ItXZP3Gm8eTf+sgdqfSys7dUOkJBcKU
odEVr8UNk1cNaHAWBEFWLqnpXr6bL2hmzqgdgCWS/3uldzaLxR8uQXt6XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP4JXy39o0RNZLs9kDsC4bskTiciMB8GA1UdIwQY
MBaAFG/6x4rqG89DimHvkVAkSPYJZB0tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl9ySGl1b2J6ME9LWWUtUlVDUkk5Z2xrSFMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi85OGU2YTktMDRkNS00NWEwLTk3MTAt
MGMzNDM1MTNhZGUzLzEvYl9ySGl1b2J6ME9LWWUtUlVDUkk5Z2xrSFMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi85OGU2YTktMDRkNS00NWEwLTk3MTAtMGMzNDM1MTNhZGUz
LzEvYl9ySGl1b2J6ME9LWWUtUlVDUkk5Z2xrSFMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeO5+4q+D
/rkZJdzlQntTWY/HWujvrOHzBi6qMjqBI4TkCAu7bP/d5f8vwEqidPxeObItGQgr
QWUwIjqorfnti3vCR+kbnZ4usQWw7ycV/jrNovCNZJNYo1ul4088wx626jOJN5/w
r3tk5xsW3ugX7G9ha/luaGyACeZ6fy6tdwoSzXXHFt8E/yk53dHJgGUmUXx0r436
1X8SXuzizx/OqCCUdz4XLo650JU8PLq1WxDEYUAhqfkYhkncypapl2QOAAhkcXVs
/SF6oHqAgjYRh0opVTMxdJey5HxT7S4kDCBU2zKX3i/AQyA0LLBtQdE2pEHYT2/J
MFNiAFzXgwtqcA==
-----END CERTIFICATE-----