Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft
File:                     F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft (raw, json)
Hash identifier:          CuaVYLIXJny1XsdeAiuajHK+xf/IcSpBFLCFqwXTc/Y=
Subject key identifier:   BB:8D:2C:AF:47:AF:2C:AA:5D:2A:17:80:7C:7D:F4:F3:2C:9F:77:3A
Authority key identifier: 17:D8:73:12:06:53:B3:CF:E5:51:72:A9:DC:60:57:E8:CC:D0:CB:5C
Certificate issuer:       /CN=17d873120653b3cfe55172a9dc6057e8ccd0cb5c
Certificate serial:       0196CB059FFC31F8E71A143B0622AFDF9429
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F9hzEgZTs8_lUXKp3GBX6MzQy1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft
Manifest number:          0CDC
Signing time:             Tue 13 May 2025 19:01:05 +0000
Manifest this update:     Tue 13 May 2025 19:01:05 +0000
Manifest next update:     Wed 14 May 2025 19:01:05 +0000
Files and hashes:         1: F9hzEgZTs8_lUXKp3GBX6MzQy1w.crl (hash: znJsE2g5TivG+DgAM58EXMeDd4v2o7JmTW5L5kevDJ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/F9hzEgZTs8_lUXKp3GBX6MzQy1w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 19:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cb:05:9f:fc:31:f8:e7:1a:14:3b:06:22:af:df:94:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17d873120653b3cfe55172a9dc6057e8ccd0cb5c
        Validity
            Not Before: May 13 19:01:05 2025 GMT
            Not After : May 14 19:01:05 2025 GMT
        Subject: CN=bb8d2caf47af2caa5d2a17807c7df4f32c9f773a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:5b:3c:2e:a8:e6:d4:54:82:91:8f:dc:43:2d:
                    3d:e4:40:ed:d0:11:51:21:ce:27:a1:e5:48:01:1f:
                    ab:a6:a7:bc:41:63:7d:67:b1:3a:d2:5e:d9:38:79:
                    7c:cc:07:86:28:c6:9a:7b:d8:64:92:ec:a6:71:f9:
                    9c:e3:ec:2c:92:8c:23:c0:10:c5:26:ad:c7:b9:de:
                    3e:ee:7a:70:6b:e7:21:11:fd:d6:74:32:69:ff:94:
                    bf:50:8c:12:8e:a0:57:05:45:a2:a0:6b:66:3f:41:
                    0b:12:7c:67:94:f2:ac:d0:e0:b4:76:80:68:68:ce:
                    49:41:dd:35:a2:66:4a:9b:5e:04:f6:41:c6:5c:f6:
                    33:a1:22:c5:05:19:4e:ff:f3:ee:c9:eb:eb:33:b7:
                    1b:73:0f:5d:1f:93:39:12:52:9a:b6:bb:86:83:85:
                    9b:40:a7:9b:c2:44:50:6f:47:6c:65:33:64:b0:6a:
                    9a:89:30:2b:1d:3b:7d:b4:ef:cd:fe:22:60:72:b2:
                    a3:f5:8d:9c:27:9e:8e:e4:09:15:6b:24:d1:31:86:
                    eb:58:5b:c2:22:e0:71:4b:c2:16:4f:71:2b:9b:18:
                    1c:16:8c:1d:8c:55:6d:37:11:af:67:78:cd:b3:5a:
                    98:f3:10:85:3a:75:c3:32:fa:e0:82:98:75:81:fe:
                    e6:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:8D:2C:AF:47:AF:2C:AA:5D:2A:17:80:7C:7D:F4:F3:2C:9F:77:3A
            X509v3 Authority Key Identifier:
                keyid:17:D8:73:12:06:53:B3:CF:E5:51:72:A9:DC:60:57:E8:CC:D0:CB:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9hzEgZTs8_lUXKp3GBX6MzQy1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:12:2a:a0:a8:c4:9d:7c:b4:4d:05:3b:38:3d:e9:5c:48:09:
         1a:0a:f0:08:68:59:7a:90:a4:6d:b3:93:56:ff:45:95:d6:05:
         fc:a5:39:11:a8:e0:97:a9:1c:0d:08:02:11:0b:20:b2:b5:11:
         c4:de:84:1c:72:ef:2c:10:2e:27:51:f5:50:b8:7c:74:ad:ca:
         74:90:af:2a:ff:4f:ba:ee:a2:21:9c:70:05:6a:57:60:a8:8b:
         ab:0c:d5:c1:d6:40:95:19:2d:27:5f:05:7e:70:2c:a2:21:82:
         63:c3:46:06:de:7f:e9:be:7c:94:ef:d1:96:c2:01:83:84:9f:
         59:b3:08:b5:3b:a1:34:bd:11:1d:31:42:87:0a:c5:f5:8a:c4:
         28:08:e8:c4:fe:89:09:80:c4:d0:47:4c:76:df:22:7d:3b:da:
         f2:28:db:11:44:36:e7:0e:0c:cf:2a:7d:25:9f:88:8c:ba:ea:
         14:22:bd:1f:78:23:32:ac:5a:48:cb:0d:e9:c8:ea:bf:bc:57:
         ef:27:38:cc:94:30:de:a4:ee:36:95:0d:79:1b:1f:5d:d2:ce:
         73:c6:f0:5b:e0:2d:e9:41:7d:a8:09:19:8f:d6:3d:2d:16:1f:
         38:04:88:bc:4c:6a:06:56:5a:9f:00:96:5a:9b:e4:e7:bd:d5:
         76:b2:af:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbLBZ/8MfjnGhQ7BiKv35QpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDg3MzEyMDY1M2IzY2ZlNTUxNzJhOWRjNjA1N2U4Y2Nk
MGNiNWMwHhcNMjUwNTEzMTkwMTA1WhcNMjUwNTE0MTkwMTA1WjAzMTEwLwYDVQQD
EyhiYjhkMmNhZjQ3YWYyY2FhNWQyYTE3ODA3YzdkZjRmMzJjOWY3NzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFs8Lqjm1FSCkY/cQy095EDt0BFR
Ic4noeVIAR+rpqe8QWN9Z7E60l7ZOHl8zAeGKMaae9hkkuymcfmc4+wskowjwBDF
Jq3Hud4+7npwa+chEf3WdDJp/5S/UIwSjqBXBUWioGtmP0ELEnxnlPKs0OC0doBo
aM5JQd01omZKm14E9kHGXPYzoSLFBRlO//PuyevrM7cbcw9dH5M5ElKatruGg4Wb
QKebwkRQb0dsZTNksGqaiTArHTt9tO/N/iJgcrKj9Y2cJ56O5AkVayTRMYbrWFvC
IuBxS8IWT3ErmxgcFowdjFVtNxGvZ3jNs1qY8xCFOnXDMvrggph1gf7mVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLuNLK9HryyqXSoXgHx99PMsn3c6MB8GA1UdIwQY
MBaAFBfYcxIGU7PP5VFyqdxgV+jM0MtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjloekVnWlRzOF9sVVhLcDNHQlg2TXpReTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82NWVhMzItNmZkMy00Yzg1LTkyZDYt
YjAwYzFjMTQ1ZmU3LzEvRjloekVnWlRzOF9sVVhLcDNHQlg2TXpReTF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82NWVhMzItNmZkMy00Yzg1LTkyZDYtYjAwYzFjMTQ1ZmU3
LzEvRjloekVnWlRzOF9sVVhLcDNHQlg2TXpReTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWhIqoKjE
nXy0TQU7OD3pXEgJGgrwCGhZepCkbbOTVv9FldYF/KU5Eajgl6kcDQgCEQsgsrUR
xN6EHHLvLBAuJ1H1ULh8dK3KdJCvKv9Puu6iIZxwBWpXYKiLqwzVwdZAlRktJ18F
fnAsoiGCY8NGBt5/6b58lO/RlsIBg4SfWbMItTuhNL0RHTFChwrF9YrEKAjoxP6J
CYDE0EdMdt8ifTva8ijbEUQ25w4Mzyp9JZ+IjLrqFCK9H3gjMqxaSMsN6cjqv7xX
7yc4zJQw3qTuNpUNeRsfXdLOc8bwW+At6UF9qAkZj9Y9LRYfOASIvExqBlZanwCW
Wpvk573VdrKvfg==
-----END CERTIFICATE-----