Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft
File:                     fAMRalBjzm8X_OpTUcneSgxosN0.mft (raw, json)
Hash identifier:          +OK0LtQ5K07ABlXVxBMLRPpLfqK68959ik9ikT4DNqE=
Subject key identifier:   7C:07:ED:D2:B6:EF:FB:F4:BF:48:4E:B9:8E:14:B4:71:A6:0C:91:85
Authority key identifier: 7C:03:11:6A:50:63:CE:6F:17:FC:EA:53:51:C9:DE:4A:0C:68:B0:DD
Certificate issuer:       /CN=7c03116a5063ce6f17fcea5351c9de4a0c68b0dd
Certificate serial:       0196A27756C4F47AD4AF85AC9D974A5E3483
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fAMRalBjzm8X_OpTUcneSgxosN0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft
Manifest number:          09DD
Signing time:             Mon 05 May 2025 22:00:52 +0000
Manifest this update:     Mon 05 May 2025 22:00:52 +0000
Manifest next update:     Tue 06 May 2025 22:00:52 +0000
Files and hashes:         1: fAMRalBjzm8X_OpTUcneSgxosN0.crl (hash: Onz2gn56Knh53/pd3Fpud3NH4hw2pxXRW6UGwYSCI2g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fAMRalBjzm8X_OpTUcneSgxosN0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 18:19:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a2:77:56:c4:f4:7a:d4:af:85:ac:9d:97:4a:5e:34:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c03116a5063ce6f17fcea5351c9de4a0c68b0dd
        Validity
            Not Before: May  5 22:00:52 2025 GMT
            Not After : May  6 22:00:52 2025 GMT
        Subject: CN=7c07edd2b6effbf4bf484eb98e14b471a60c9185
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:35:14:6c:b6:75:d3:73:c4:3b:f1:24:76:eb:
                    08:38:81:ce:53:87:1c:98:fd:36:2c:94:39:7a:5f:
                    7c:11:a2:c1:e9:59:4a:08:fc:21:a8:19:e6:4c:9a:
                    7b:48:c5:fa:c5:be:ae:04:b2:da:68:6a:64:ab:77:
                    6b:e4:d0:e3:d0:e3:dc:9e:1c:45:da:cb:a7:59:07:
                    25:22:99:30:08:de:06:88:de:01:0c:b1:90:59:8b:
                    d1:48:93:90:a6:f9:59:74:6e:21:2c:9f:35:75:90:
                    2f:55:db:63:57:ec:bf:79:04:f3:18:e1:a1:55:99:
                    5d:6a:a0:04:d8:54:f4:dc:63:9d:79:a5:db:28:c3:
                    bd:fd:31:41:34:88:e6:da:b1:d0:07:d3:71:66:ac:
                    8c:da:42:ad:09:80:5d:b3:41:94:c3:19:a2:02:1a:
                    f5:71:29:61:14:c1:9b:08:6f:44:b1:b8:e8:23:57:
                    01:bd:40:7d:6c:81:40:45:32:be:76:ec:32:7f:65:
                    a8:fe:89:ed:98:37:59:e5:ac:a8:f3:2d:88:8a:2b:
                    bc:47:a4:3c:fc:2f:8a:83:35:22:9e:86:b1:d5:23:
                    59:f6:02:63:b7:07:9c:c2:bc:ed:33:26:fd:44:b8:
                    f8:16:c6:d9:75:b0:57:bf:38:a8:d8:41:0e:12:41:
                    79:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:07:ED:D2:B6:EF:FB:F4:BF:48:4E:B9:8E:14:B4:71:A6:0C:91:85
            X509v3 Authority Key Identifier:
                keyid:7C:03:11:6A:50:63:CE:6F:17:FC:EA:53:51:C9:DE:4A:0C:68:B0:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fAMRalBjzm8X_OpTUcneSgxosN0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:a3:f8:48:f6:b5:a9:3f:9f:02:c8:4a:d8:0c:e4:b8:71:ac:
         ac:ba:69:13:51:0f:8f:29:73:08:74:2e:16:6d:84:21:b3:2e:
         35:e2:08:30:c1:6d:b5:80:f2:75:66:ea:d0:f1:0f:b0:92:1d:
         c2:d9:f4:5d:9d:90:ac:a6:f7:ec:db:3a:b2:a9:b3:9a:27:f0:
         30:da:28:f3:85:eb:1d:39:30:20:43:7f:0a:d9:76:0a:91:42:
         79:e5:81:d2:c7:6f:b9:5f:4d:e3:07:01:e9:28:6c:a7:c8:3d:
         2a:53:48:a7:fb:0b:25:22:eb:bd:c5:ba:75:06:7a:65:95:33:
         b7:ce:0e:a0:20:20:f9:f0:ff:0a:b1:8c:cf:fa:d3:2b:ca:43:
         20:4e:c1:35:72:63:2b:b7:9c:20:3b:04:e3:d0:f3:a8:e3:d4:
         5f:e0:ef:ef:45:57:57:3d:e8:b5:8f:f2:52:1d:f8:11:42:0f:
         2f:54:5b:b3:ca:cb:f1:9f:2e:db:4e:84:44:d3:a9:6d:26:24:
         a2:5d:51:fc:d0:f1:02:c8:6e:78:5f:e7:ff:85:b7:90:2e:5c:
         e0:30:a5:0f:90:93:ea:4a:ba:df:97:43:f9:fe:5f:3e:43:23:
         bd:88:49:68:c9:b4:22:c8:c9:06:f1:d9:84:b7:f6:bd:86:f6:
         b8:d2:ee:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaid1bE9HrUr4WsnZdKXjSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjMDMxMTZhNTA2M2NlNmYxN2ZjZWE1MzUxYzlkZTRhMGM2
OGIwZGQwHhcNMjUwNTA1MjIwMDUyWhcNMjUwNTA2MjIwMDUyWjAzMTEwLwYDVQQD
Eyg3YzA3ZWRkMmI2ZWZmYmY0YmY0ODRlYjk4ZTE0YjQ3MWE2MGM5MTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TUUbLZ103PEO/EkdusIOIHOU4cc
mP02LJQ5el98EaLB6VlKCPwhqBnmTJp7SMX6xb6uBLLaaGpkq3dr5NDj0OPcnhxF
2sunWQclIpkwCN4GiN4BDLGQWYvRSJOQpvlZdG4hLJ81dZAvVdtjV+y/eQTzGOGh
VZldaqAE2FT03GOdeaXbKMO9/TFBNIjm2rHQB9NxZqyM2kKtCYBds0GUwxmiAhr1
cSlhFMGbCG9EsbjoI1cBvUB9bIFARTK+duwyf2Wo/ontmDdZ5ayo8y2Iiiu8R6Q8
/C+KgzUinoax1SNZ9gJjtwecwrztMyb9RLj4FsbZdbBXvzio2EEOEkF5cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHwH7dK27/v0v0hOuY4UtHGmDJGFMB8GA1UdIwQY
MBaAFHwDEWpQY85vF/zqU1HJ3koMaLDdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkFNUmFsQmp6bThYX09wVFVjbmVTZ3hvc04wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80YmRjNGQtMDg5OS00NzA5LTk0MjQt
ODkxYjQ1NWMyYzUzLzEvZkFNUmFsQmp6bThYX09wVFVjbmVTZ3hvc04wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80YmRjNGQtMDg5OS00NzA5LTk0MjQtODkxYjQ1NWMyYzUz
LzEvZkFNUmFsQmp6bThYX09wVFVjbmVTZ3hvc04wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFKP4SPa1
qT+fAshK2AzkuHGsrLppE1EPjylzCHQuFm2EIbMuNeIIMMFttYDydWbq0PEPsJId
wtn0XZ2QrKb37Ns6sqmzmifwMNoo84XrHTkwIEN/Ctl2CpFCeeWB0sdvuV9N4wcB
6Shsp8g9KlNIp/sLJSLrvcW6dQZ6ZZUzt84OoCAg+fD/CrGMz/rTK8pDIE7BNXJj
K7ecIDsE49DzqOPUX+Dv70VXVz3otY/yUh34EUIPL1Rbs8rL8Z8u206ERNOpbSYk
ol1R/NDxAshueF/n/4W3kC5c4DClD5CT6kq635dD+f5fPkMjvYhJaMm0IsjJBvHZ
hLf2vYb2uNLudg==
-----END CERTIFICATE-----