Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
File:                     IIP4tbYgnefJQAjzM3vjQ2866-Y.mft (raw, json)
Hash identifier:          s/gDg+uSQ1Aqzl99aXxxOpCBfaatoPKK5+CbIlvAY6Y=
Subject key identifier:   14:3D:E2:21:8E:51:31:F5:5B:6F:79:A7:E2:12:D8:C1:A2:D8:74:92
Authority key identifier: 20:83:F8:B5:B6:20:9D:E7:C9:40:08:F3:33:7B:E3:43:6F:3A:EB:E6
Certificate issuer:       /CN=2083f8b5b6209de7c94008f3337be3436f3aebe6
Certificate serial:       0196B4EB46F3D36712D5018B4933C74C6781
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
Manifest number:          0584
Signing time:             Fri 09 May 2025 12:00:40 +0000
Manifest this update:     Fri 09 May 2025 12:00:40 +0000
Manifest next update:     Sat 10 May 2025 12:00:40 +0000
Files and hashes:         1: IIP4tbYgnefJQAjzM3vjQ2866-Y.crl (hash: ozZCnxbvL1NBl9jVIkDaq+78foOVK1qKSgOhLWnD3nk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b4:eb:46:f3:d3:67:12:d5:01:8b:49:33:c7:4c:67:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2083f8b5b6209de7c94008f3337be3436f3aebe6
        Validity
            Not Before: May  9 12:00:40 2025 GMT
            Not After : May 10 12:00:40 2025 GMT
        Subject: CN=143de2218e5131f55b6f79a7e212d8c1a2d87492
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:a4:99:75:dd:81:8a:40:7c:46:be:90:59:9e:
                    8e:38:9b:e0:4c:af:eb:07:6c:69:d1:f6:d6:48:88:
                    bf:54:0b:d8:1d:f6:79:d2:c4:ed:c1:34:87:e4:d1:
                    78:1f:4c:9f:66:5a:3b:65:87:0f:51:53:aa:5f:63:
                    90:bf:5a:3a:81:56:02:ca:4d:bb:3a:72:27:dc:73:
                    39:2a:a7:9c:fb:4c:ac:e2:d6:76:57:cf:a0:9d:27:
                    89:13:6c:a9:65:c6:ce:55:e9:aa:c4:b8:76:02:24:
                    b8:8a:f4:8e:8b:81:68:dd:cb:4b:56:45:09:83:af:
                    99:75:2d:60:8f:2f:e4:c9:0a:01:dd:12:20:6b:62:
                    95:f6:4c:fd:b2:e5:d5:cb:fb:11:35:b2:3f:16:65:
                    68:a4:69:88:cb:ac:37:4e:b3:99:7b:82:4b:5c:de:
                    af:4e:ec:55:e5:fb:b7:7a:1c:73:f8:80:ed:74:84:
                    09:9c:3e:21:d4:5c:a5:dc:1c:c0:28:98:5a:d4:c0:
                    b0:7d:6d:70:1f:b7:a8:39:0c:e4:8f:76:07:32:c3:
                    aa:77:83:f1:bd:e4:14:0b:18:42:f9:f2:73:55:9e:
                    3a:df:52:6d:5a:81:4c:5e:7c:ec:0b:fd:f1:4d:d3:
                    a2:1c:10:6a:bb:38:f2:04:3d:f8:55:6f:c1:7d:8d:
                    27:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:3D:E2:21:8E:51:31:F5:5B:6F:79:A7:E2:12:D8:C1:A2:D8:74:92
            X509v3 Authority Key Identifier:
                keyid:20:83:F8:B5:B6:20:9D:E7:C9:40:08:F3:33:7B:E3:43:6F:3A:EB:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:93:82:08:9f:0d:7c:d8:53:c1:d6:5f:cf:7e:b0:b9:e2:c6:
         a1:7a:24:89:e1:0a:a2:51:2a:45:00:67:95:aa:3b:de:b2:23:
         97:63:0d:e9:d9:c2:8b:ac:e3:f4:de:51:53:f5:21:3c:b9:a6:
         71:87:4f:75:db:2e:11:d4:fb:ed:d9:73:f0:45:35:5e:94:73:
         9f:ae:28:87:12:ef:cc:e8:44:ca:40:e3:5c:ee:0a:2f:6c:23:
         e0:75:7e:77:98:ec:5c:23:50:84:64:05:f5:a1:95:6c:61:1c:
         3a:90:74:4c:25:ee:0a:6b:e7:5b:81:8d:82:f0:bd:64:70:e1:
         a2:19:c1:ee:5d:f8:15:83:b0:b3:ec:f4:03:54:46:8b:72:c1:
         e1:0e:ff:3e:5a:bc:62:0f:0d:1f:bc:25:ce:c4:79:4c:7a:dc:
         9f:b7:7f:84:5c:52:e5:cb:95:b5:af:fa:a4:6b:95:be:71:8e:
         62:0f:90:4a:cf:0c:b7:85:85:2f:7b:0c:14:d3:6c:15:4e:2b:
         da:fd:16:28:fd:42:7a:12:dc:33:2b:21:84:15:07:e9:a5:05:
         87:3f:29:43:74:be:9e:43:20:04:94:80:09:05:90:66:0d:0c:
         52:42:da:fb:2c:7a:36:ed:52:cc:cd:00:d1:76:17:b3:0b:60:
         7c:f8:ef:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa060bz02cS1QGLSTPHTGeBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwODNmOGI1YjYyMDlkZTdjOTQwMDhmMzMzN2JlMzQzNmYz
YWViZTYwHhcNMjUwNTA5MTIwMDQwWhcNMjUwNTEwMTIwMDQwWjAzMTEwLwYDVQQD
EygxNDNkZTIyMThlNTEzMWY1NWI2Zjc5YTdlMjEyZDhjMWEyZDg3NDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqSZdd2BikB8Rr6QWZ6OOJvgTK/r
B2xp0fbWSIi/VAvYHfZ50sTtwTSH5NF4H0yfZlo7ZYcPUVOqX2OQv1o6gVYCyk27
OnIn3HM5Kqec+0ys4tZ2V8+gnSeJE2ypZcbOVemqxLh2AiS4ivSOi4Fo3ctLVkUJ
g6+ZdS1gjy/kyQoB3RIga2KV9kz9suXVy/sRNbI/FmVopGmIy6w3TrOZe4JLXN6v
TuxV5fu3ehxz+IDtdIQJnD4h1Fyl3BzAKJha1MCwfW1wH7eoOQzkj3YHMsOqd4Px
veQUCxhC+fJzVZ4631JtWoFMXnzsC/3xTdOiHBBquzjyBD34VW/BfY0nbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBQ94iGOUTH1W295p+IS2MGi2HSSMB8GA1UdIwQY
MBaAFCCD+LW2IJ3nyUAI8zN740NvOuvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jMDI1ZTUtMzk5YS00Y2U4LWI1ZjAt
YWNiZWYwMThkMDNhLzEvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9jMDI1ZTUtMzk5YS00Y2U4LWI1ZjAtYWNiZWYwMThkMDNh
LzEvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoZOCCJ8N
fNhTwdZfz36wueLGoXokieEKolEqRQBnlao73rIjl2MN6dnCi6zj9N5RU/UhPLmm
cYdPddsuEdT77dlz8EU1XpRzn64ohxLvzOhEykDjXO4KL2wj4HV+d5jsXCNQhGQF
9aGVbGEcOpB0TCXuCmvnW4GNgvC9ZHDhohnB7l34FYOws+z0A1RGi3LB4Q7/Plq8
Yg8NH7wlzsR5THrcn7d/hFxS5cuVta/6pGuVvnGOYg+QSs8Mt4WFL3sMFNNsFU4r
2v0WKP1CehLcMyshhBUH6aUFhz8pQ3S+nkMgBJSACQWQZg0MUkLa+yx6Nu1SzM0A
0XYXswtgfPjvlQ==
-----END CERTIFICATE-----