Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ba6a0f-b9c7-4f40-9e3c-88a4be7a4cb3/1/FMFDiPKGLX4nqH_m9gHjTzRXI04.mft
File:                     FMFDiPKGLX4nqH_m9gHjTzRXI04.mft (raw, json)
Hash identifier:          N0l0daIg332MeFufyen4rM9dyD9mu/hMd8KBpVkMOMI=
Subject key identifier:   F4:71:23:DD:DD:56:E8:B2:2C:38:2B:1E:EF:FF:6C:63:0B:2A:14:3B
Authority key identifier: 14:C1:43:88:F2:86:2D:7E:27:A8:7F:E6:F6:01:E3:4F:34:57:23:4E
Certificate issuer:       /CN=14c14388f2862d7e27a87fe6f601e34f3457234e
Certificate serial:       0196A8B007B91E1EA42EC19903612BAC53A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FMFDiPKGLX4nqH_m9gHjTzRXI04.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/ba6a0f-b9c7-4f40-9e3c-88a4be7a4cb3/1/FMFDiPKGLX4nqH_m9gHjTzRXI04.mft
Manifest number:          09A2
Signing time:             Wed 07 May 2025 03:00:30 +0000
Manifest this update:     Wed 07 May 2025 03:00:30 +0000
Manifest next update:     Thu 08 May 2025 03:00:30 +0000
Files and hashes:         1: FMFDiPKGLX4nqH_m9gHjTzRXI04.crl (hash: hKCTUV0iGXFzYod7DfkQ6gRs2t7exIqTLEJ5Ovbttqs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/ba6a0f-b9c7-4f40-9e3c-88a4be7a4cb3/1/FMFDiPKGLX4nqH_m9gHjTzRXI04.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/ba6a0f-b9c7-4f40-9e3c-88a4be7a4cb3/1/FMFDiPKGLX4nqH_m9gHjTzRXI04.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FMFDiPKGLX4nqH_m9gHjTzRXI04.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 03:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a8:b0:07:b9:1e:1e:a4:2e:c1:99:03:61:2b:ac:53:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14c14388f2862d7e27a87fe6f601e34f3457234e
        Validity
            Not Before: May  7 03:00:30 2025 GMT
            Not After : May  8 03:00:30 2025 GMT
        Subject: CN=f47123dddd56e8b22c382b1eefff6c630b2a143b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:00:c2:89:ca:55:ff:94:10:34:44:70:09:37:
                    7e:19:16:1c:de:7e:a6:7a:7f:8f:a4:b9:97:42:ad:
                    fe:d4:f6:b3:b0:26:cf:99:e0:c3:9a:81:e8:9a:a5:
                    f1:b7:cd:07:ae:cb:90:07:82:02:1e:36:a7:8f:de:
                    6a:f9:72:27:66:1b:31:31:f4:08:69:15:7b:d2:41:
                    66:2b:fb:bd:47:b9:dd:d4:c4:e0:31:3e:ae:81:0f:
                    2b:d7:3e:c1:a1:ca:af:4f:6e:11:45:f5:d7:52:3d:
                    fd:56:f1:58:52:fb:96:fa:ec:3e:90:5a:86:74:f2:
                    2d:39:cf:9e:41:48:b3:b8:8e:b2:d6:d7:7a:ee:e9:
                    e3:e0:8d:7d:71:b6:d9:84:9a:af:cb:dd:49:78:f2:
                    ee:df:86:f1:3c:57:3b:b6:0a:74:f8:6a:d3:07:f3:
                    d3:01:ea:95:cd:d9:85:48:03:e0:c9:f2:41:74:93:
                    f8:3c:cb:a7:dc:c2:06:1f:82:61:e7:eb:42:82:98:
                    d7:85:05:8b:7b:eb:cd:6e:4f:b3:67:28:42:75:0d:
                    0d:16:d3:89:d7:5e:8d:33:63:34:a5:e2:64:cc:5b:
                    bd:dd:9e:42:3f:f3:2c:2f:4e:c2:05:2c:e1:0e:dc:
                    5b:09:23:6d:1c:b9:7d:7d:fe:a6:c2:4e:f4:8e:b4:
                    3b:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:71:23:DD:DD:56:E8:B2:2C:38:2B:1E:EF:FF:6C:63:0B:2A:14:3B
            X509v3 Authority Key Identifier:
                keyid:14:C1:43:88:F2:86:2D:7E:27:A8:7F:E6:F6:01:E3:4F:34:57:23:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMFDiPKGLX4nqH_m9gHjTzRXI04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ba6a0f-b9c7-4f40-9e3c-88a4be7a4cb3/1/FMFDiPKGLX4nqH_m9gHjTzRXI04.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ba6a0f-b9c7-4f40-9e3c-88a4be7a4cb3/1/FMFDiPKGLX4nqH_m9gHjTzRXI04.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:10:3d:c6:25:8f:7a:74:8e:7a:2d:58:f5:e4:9e:42:65:c7:
         69:00:8b:f4:26:0b:21:63:34:1d:76:a1:91:91:a5:02:ae:b1:
         ad:77:7b:cb:ac:06:9d:53:7b:dc:2a:2f:ec:0e:38:d6:ec:39:
         7e:c8:63:e9:07:52:95:66:fc:92:36:7b:42:b5:2f:cf:c1:4a:
         37:2a:1b:b7:c1:b4:98:47:b3:61:3f:0a:d3:69:ed:66:9d:f6:
         ee:7f:78:2a:dc:97:37:38:d3:aa:ee:1e:40:f4:35:2b:0b:19:
         60:2c:2e:0b:78:40:7b:35:c5:0a:4b:20:93:01:16:35:96:98:
         95:90:a0:21:42:c0:bb:3c:18:85:4b:a4:7f:ba:45:29:e8:86:
         4f:df:0e:08:85:b3:77:70:41:64:65:8e:44:fc:05:82:4d:90:
         33:2b:db:e1:2b:09:9f:dc:f1:56:3c:22:c3:44:09:83:92:af:
         3e:67:28:33:ea:64:49:36:e8:4a:67:ba:95:18:d2:12:64:5c:
         f8:7e:4a:7b:22:f1:ad:70:84:3a:d3:a0:d1:17:d1:54:56:61:
         f3:8e:55:d7:da:f5:e7:c2:22:c1:b8:4c:32:a6:03:c9:a2:b1:
         06:ae:b2:ff:fd:c1:da:e7:25:12:61:bf:9e:12:61:69:ab:ea:
         99:85:6d:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaosAe5Hh6kLsGZA2ErrFOlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YzE0Mzg4ZjI4NjJkN2UyN2E4N2ZlNmY2MDFlMzRmMzQ1
NzIzNGUwHhcNMjUwNTA3MDMwMDMwWhcNMjUwNTA4MDMwMDMwWjAzMTEwLwYDVQQD
EyhmNDcxMjNkZGRkNTZlOGIyMmMzODJiMWVlZmZmNmM2MzBiMmExNDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ADCicpV/5QQNERwCTd+GRYc3n6m
en+PpLmXQq3+1PazsCbPmeDDmoHomqXxt80HrsuQB4ICHjanj95q+XInZhsxMfQI
aRV70kFmK/u9R7nd1MTgMT6ugQ8r1z7BocqvT24RRfXXUj39VvFYUvuW+uw+kFqG
dPItOc+eQUizuI6y1td67unj4I19cbbZhJqvy91JePLu34bxPFc7tgp0+GrTB/PT
AeqVzdmFSAPgyfJBdJP4PMun3MIGH4Jh5+tCgpjXhQWLe+vNbk+zZyhCdQ0NFtOJ
116NM2M0peJkzFu93Z5CP/MsL07CBSzhDtxbCSNtHLl9ff6mwk70jrQ74QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPRxI93dVuiyLDgrHu//bGMLKhQ7MB8GA1UdIwQY
MBaAFBTBQ4jyhi1+J6h/5vYB4080VyNOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk1GRGlQS0dMWDRucUhfbTlnSGpUelJYSTA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iYTZhMGYtYjljNy00ZjQwLTllM2Mt
ODhhNGJlN2E0Y2IzLzEvRk1GRGlQS0dMWDRucUhfbTlnSGpUelJYSTA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9iYTZhMGYtYjljNy00ZjQwLTllM2MtODhhNGJlN2E0Y2Iz
LzEvRk1GRGlQS0dMWDRucUhfbTlnSGpUelJYSTA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHBA9xiWP
enSOei1Y9eSeQmXHaQCL9CYLIWM0HXahkZGlAq6xrXd7y6wGnVN73Cov7A441uw5
fshj6QdSlWb8kjZ7QrUvz8FKNyobt8G0mEezYT8K02ntZp327n94KtyXNzjTqu4e
QPQ1KwsZYCwuC3hAezXFCksgkwEWNZaYlZCgIULAuzwYhUukf7pFKeiGT98OCIWz
d3BBZGWORPwFgk2QMyvb4SsJn9zxVjwiw0QJg5KvPmcoM+pkSTboSme6lRjSEmRc
+H5KeyLxrXCEOtOg0RfRVFZh845V19r158IiwbhMMqYDyaKxBq6y//3B2uclEmG/
nhJhaavqmYVt9w==
-----END CERTIFICATE-----