Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
File:                     FYi9izG5XpysnzgSjZW4UvA9V4Q.mft (raw, json)
Hash identifier:          teKmIBJt3I6DFeNoYRHZkadaE67vgGMHXQc6B1k9X88=
Subject key identifier:   42:3C:46:EC:C3:3F:D5:F2:1B:30:63:AA:96:51:C2:EF:7B:38:A6:D4
Authority key identifier: 15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84
Certificate issuer:       /CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
Certificate serial:       0196C916A1FAA8D3BD0CDEADFA3831556E15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
Manifest number:          1537
Signing time:             Tue 13 May 2025 10:00:25 +0000
Manifest this update:     Tue 13 May 2025 10:00:25 +0000
Manifest next update:     Wed 14 May 2025 10:00:25 +0000
Files and hashes:         1: FYi9izG5XpysnzgSjZW4UvA9V4Q.crl (hash: OjOCkAMjULX6xp0h7JVYZzQfpnRThq8ubEf+4zjLpn4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 10:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c9:16:a1:fa:a8:d3:bd:0c:de:ad:fa:38:31:55:6e:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
        Validity
            Not Before: May 13 10:00:25 2025 GMT
            Not After : May 14 10:00:25 2025 GMT
        Subject: CN=423c46ecc33fd5f21b3063aa9651c2ef7b38a6d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:30:61:b3:09:ef:b7:0a:9b:e8:08:6f:ec:de:
                    b0:bb:84:f2:74:a5:1d:49:8f:f4:6d:f9:50:bd:fa:
                    1e:86:02:c2:ed:38:40:df:21:f8:61:3a:53:6f:0b:
                    f5:ed:fd:12:ff:9c:07:5b:2d:e3:0b:b4:76:f6:99:
                    00:2c:2e:61:67:92:3c:09:9e:e9:1f:f2:8d:fe:b4:
                    c0:28:5d:c9:7f:0a:78:7a:cb:21:7d:a2:4f:fd:ab:
                    0c:cb:f6:50:6c:ff:0e:90:4e:22:18:b9:8b:1d:02:
                    e5:c8:6d:d5:4d:fe:8c:52:63:fe:24:e5:84:12:64:
                    98:69:20:2f:82:ab:bf:46:9d:61:cd:dd:5c:ed:f1:
                    6c:b1:41:eb:0a:83:7f:b4:06:39:99:8a:84:e4:4b:
                    15:1f:4a:ec:95:d1:a1:ef:2f:3b:69:63:09:63:7f:
                    78:84:39:5a:e4:8a:57:b4:8c:fe:2e:a8:ca:72:2e:
                    c3:5d:d9:76:a6:c4:40:32:11:1e:fd:85:bb:4d:be:
                    59:14:6b:1b:11:23:ff:37:c9:9a:85:0f:38:81:32:
                    7f:4c:18:3f:45:16:cc:93:b8:05:40:aa:b1:09:a9:
                    59:fc:e7:4d:7f:8e:ec:44:89:e6:a5:df:bb:1d:09:
                    69:1e:db:f6:5c:ab:a5:68:40:f3:e5:e5:ed:ce:17:
                    a3:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:3C:46:EC:C3:3F:D5:F2:1B:30:63:AA:96:51:C2:EF:7B:38:A6:D4
            X509v3 Authority Key Identifier:
                keyid:15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:77:87:af:c1:fd:e6:e9:e6:fa:94:78:8e:5a:64:bc:40:b5:
         e5:34:ba:3e:6a:00:d2:c4:3f:3a:de:d8:38:8d:a5:9d:07:ad:
         90:99:0c:8a:6f:b0:4d:cc:69:3f:1d:81:f2:e2:7a:1d:0c:fc:
         dd:ea:4a:21:63:93:2b:a2:c7:f2:e0:db:3f:93:92:b7:dd:53:
         3b:48:d1:77:1f:a6:9a:92:76:82:23:88:51:22:85:cf:98:a3:
         be:8a:e1:c2:02:ba:a9:f0:aa:69:55:9d:7a:66:c3:ed:64:1d:
         91:6d:5e:34:8b:dc:8e:62:2f:8c:2a:a2:bc:46:39:c7:76:c4:
         99:3f:e5:29:72:25:a7:3c:67:94:ef:8d:5e:f0:0c:ff:ff:41:
         61:1e:6b:db:0a:cf:e8:e3:36:42:70:6d:46:2f:bc:cd:57:f0:
         38:a0:22:7e:93:2a:c5:fb:07:97:9e:94:0a:f5:ae:8c:39:15:
         3f:25:0b:3a:c9:fb:8c:2f:10:d8:2a:cb:9f:48:21:eb:6c:5a:
         df:f5:ca:f5:1c:dd:2e:c9:11:91:a9:fe:39:06:86:16:71:f2:
         b9:ce:47:ec:11:7c:32:d5:a3:5c:01:7a:a1:6d:38:88:88:03:
         85:ec:ce:ee:cd:8f:e7:a7:0a:fd:46:1a:1a:39:f3:3c:22:ca:
         87:b2:5a:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbJFqH6qNO9DN6t+jgxVW4VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ODhiZDhiMzFiOTVlOWNhYzlmMzgxMjhkOTViODUyZjAz
ZDU3ODQwHhcNMjUwNTEzMTAwMDI1WhcNMjUwNTE0MTAwMDI1WjAzMTEwLwYDVQQD
Eyg0MjNjNDZlY2MzM2ZkNWYyMWIzMDYzYWE5NjUxYzJlZjdiMzhhNmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjBhswnvtwqb6Ahv7N6wu4TydKUd
SY/0bflQvfoehgLC7ThA3yH4YTpTbwv17f0S/5wHWy3jC7R29pkALC5hZ5I8CZ7p
H/KN/rTAKF3Jfwp4esshfaJP/asMy/ZQbP8OkE4iGLmLHQLlyG3VTf6MUmP+JOWE
EmSYaSAvgqu/Rp1hzd1c7fFssUHrCoN/tAY5mYqE5EsVH0rsldGh7y87aWMJY394
hDla5IpXtIz+LqjKci7DXdl2psRAMhEe/YW7Tb5ZFGsbESP/N8mahQ84gTJ/TBg/
RRbMk7gFQKqxCalZ/OdNf47sRInmpd+7HQlpHtv2XKulaEDz5eXtzhejJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEI8RuzDP9XyGzBjqpZRwu97OKbUMB8GA1UdIwQY
MBaAFBWIvYsxuV6crJ84Eo2VuFLwPVeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYt
YjVhZTgzOWYzMGUyLzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYtYjVhZTgzOWYzMGUy
LzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq3eHr8H9
5unm+pR4jlpkvEC15TS6PmoA0sQ/Ot7YOI2lnQetkJkMim+wTcxpPx2B8uJ6HQz8
3epKIWOTK6LH8uDbP5OSt91TO0jRdx+mmpJ2giOIUSKFz5ijvorhwgK6qfCqaVWd
embD7WQdkW1eNIvcjmIvjCqivEY5x3bEmT/lKXIlpzxnlO+NXvAM//9BYR5r2wrP
6OM2QnBtRi+8zVfwOKAifpMqxfsHl56UCvWujDkVPyULOsn7jC8Q2CrLn0gh62xa
3/XK9RzdLskRkan+OQaGFnHyuc5H7BF8MtWjXAF6oW04iIgDhezO7s2P56cK/UYa
GjnzPCLKh7JalA==
-----END CERTIFICATE-----