Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
File:                     FLklHG89i7aaegPOrN0q58LIzjc.mft (raw, json)
Hash identifier:          8+RVidQGslwnSrq45dOQNtsh3DT+5o/F5YlNfdxl2fw=
Subject key identifier:   E5:46:01:45:E9:9F:F4:11:37:B8:06:FE:3A:8F:E3:9C:36:CF:76:64
Authority key identifier: 14:B9:25:1C:6F:3D:8B:B6:9A:7A:03:CE:AC:DD:2A:E7:C2:C8:CE:37
Certificate issuer:       /CN=14b9251c6f3d8bb69a7a03ceacdd2ae7c2c8ce37
Certificate serial:       0196BB5AC9A63C07630D755AFB9ED71E20F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
Manifest number:          9D
Signing time:             Sat 10 May 2025 18:00:11 +0000
Manifest this update:     Sat 10 May 2025 18:00:11 +0000
Manifest next update:     Sun 11 May 2025 18:00:11 +0000
Files and hashes:         1: FLklHG89i7aaegPOrN0q58LIzjc.crl (hash: l4K3ISxcsOXLQG4IqXJBf6QQobA7xGNFVU+duIJ3xyo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 18:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:5a:c9:a6:3c:07:63:0d:75:5a:fb:9e:d7:1e:20:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14b9251c6f3d8bb69a7a03ceacdd2ae7c2c8ce37
        Validity
            Not Before: May 10 18:00:11 2025 GMT
            Not After : May 11 18:00:11 2025 GMT
        Subject: CN=e5460145e99ff41137b806fe3a8fe39c36cf7664
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:40:92:34:1d:9f:31:25:e3:22:87:89:ac:83:
                    12:7a:b8:7c:dc:a8:07:05:68:5f:7f:45:41:cf:a2:
                    fa:c0:09:8d:1b:a9:eb:b4:72:8f:c2:c6:12:c2:03:
                    81:1e:d9:a3:1c:93:29:a0:38:be:33:8b:37:92:9f:
                    74:f2:d3:dc:d5:1d:ce:ef:3e:74:78:20:9c:7c:75:
                    1c:f1:90:28:10:42:5d:fd:88:69:97:36:ed:fd:d3:
                    1d:68:1c:2e:71:ab:00:f8:e1:8b:25:12:7a:9f:81:
                    81:f4:f2:05:4d:dd:04:6c:ce:6a:d9:a6:5a:ed:b2:
                    e4:10:ad:81:85:51:9b:52:90:51:1b:83:32:87:ca:
                    f2:c2:9c:f2:c7:30:29:cc:dd:9a:94:27:85:be:b1:
                    39:a5:fe:fe:dc:1b:f1:d8:e7:cb:9f:0a:dd:0b:3f:
                    12:61:ff:3b:a1:50:c2:3c:c8:38:92:4b:c9:c1:16:
                    f6:b8:97:2f:ab:3a:50:6f:89:0d:dd:b2:76:65:93:
                    68:0a:1e:08:d7:c4:2b:8e:a4:a8:a4:18:89:c7:c1:
                    e3:f1:dc:94:fa:6d:f5:7a:7e:4f:40:82:40:ac:5e:
                    3f:8e:c5:bb:ac:10:fe:71:57:59:a5:bc:d0:03:0b:
                    9b:ff:29:89:ae:65:75:7f:c0:81:eb:29:b3:d2:b2:
                    36:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:46:01:45:E9:9F:F4:11:37:B8:06:FE:3A:8F:E3:9C:36:CF:76:64
            X509v3 Authority Key Identifier:
                keyid:14:B9:25:1C:6F:3D:8B:B6:9A:7A:03:CE:AC:DD:2A:E7:C2:C8:CE:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:46:0d:9a:14:1d:eb:cf:e6:f1:f1:14:cd:d0:52:45:9f:73:
         4b:a4:6d:e1:df:e8:54:4a:f8:e5:13:b5:9c:f4:09:e3:b1:f0:
         74:ed:65:10:69:ae:e7:0f:08:14:bd:46:d3:06:86:ca:9f:0a:
         99:72:bd:a8:3b:e9:3e:8b:c4:81:61:63:ba:53:0f:67:ab:d6:
         22:4b:b3:ce:6c:26:1a:71:6e:44:47:c3:4b:90:9e:07:c1:45:
         f9:a2:08:01:29:cb:30:cf:9f:38:f8:9a:01:27:3b:18:03:5c:
         72:05:4c:2d:e9:5d:7d:b6:c5:b5:5c:0e:71:fd:a7:f1:0d:de:
         9e:93:40:ae:ee:20:b6:f4:10:42:05:83:6a:7a:bf:45:f9:cf:
         9c:f3:1e:b4:88:61:70:76:97:30:3e:5c:cc:75:36:73:98:ad:
         ac:c7:ed:61:d0:98:c2:5a:1d:26:7c:b9:39:41:5d:87:eb:bd:
         74:dd:84:e2:c0:17:71:cf:c1:aa:0d:57:34:98:1c:ba:61:03:
         6c:93:b4:9e:0d:8f:d6:a8:6a:3f:dd:cb:03:6d:04:4c:e8:1c:
         30:5f:03:98:39:4c:9a:11:03:f5:58:6c:d3:ce:c0:18:63:ff:
         8b:05:ff:00:9d:6f:dc:e1:5b:ca:c2:0b:b9:db:39:0e:25:a3:
         51:97:ae:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7WsmmPAdjDXVa+57XHiD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YjkyNTFjNmYzZDhiYjY5YTdhMDNjZWFjZGQyYWU3YzJj
OGNlMzcwHhcNMjUwNTEwMTgwMDExWhcNMjUwNTExMTgwMDExWjAzMTEwLwYDVQQD
EyhlNTQ2MDE0NWU5OWZmNDExMzdiODA2ZmUzYThmZTM5YzM2Y2Y3NjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskCSNB2fMSXjIoeJrIMSerh83KgH
BWhff0VBz6L6wAmNG6nrtHKPwsYSwgOBHtmjHJMpoDi+M4s3kp908tPc1R3O7z50
eCCcfHUc8ZAoEEJd/Yhplzbt/dMdaBwucasA+OGLJRJ6n4GB9PIFTd0EbM5q2aZa
7bLkEK2BhVGbUpBRG4Myh8rywpzyxzApzN2alCeFvrE5pf7+3Bvx2OfLnwrdCz8S
Yf87oVDCPMg4kkvJwRb2uJcvqzpQb4kN3bJ2ZZNoCh4I18QrjqSopBiJx8Hj8dyU
+m31en5PQIJArF4/jsW7rBD+cVdZpbzQAwub/ymJrmV1f8CB6ymz0rI2DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOVGAUXpn/QRN7gG/jqP45w2z3ZkMB8GA1UdIwQY
MBaAFBS5JRxvPYu2mnoDzqzdKufCyM43MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9iMzBkNjYtOGZiMC00ZTlkLTk4ZWMt
YzJkOGE1OWIwMGQzLzEvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9iMzBkNjYtOGZiMC00ZTlkLTk4ZWMtYzJkOGE1OWIwMGQz
LzEvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ0YNmhQd
68/m8fEUzdBSRZ9zS6Rt4d/oVEr45RO1nPQJ47HwdO1lEGmu5w8IFL1G0waGyp8K
mXK9qDvpPovEgWFjulMPZ6vWIkuzzmwmGnFuREfDS5CeB8FF+aIIASnLMM+fOPia
ASc7GANccgVMLeldfbbFtVwOcf2n8Q3enpNAru4gtvQQQgWDanq/RfnPnPMetIhh
cHaXMD5czHU2c5itrMftYdCYwlodJny5OUFdh+u9dN2E4sAXcc/Bqg1XNJgcumED
bJO0ng2P1qhqP93LA20ETOgcMF8DmDlMmhED9Vhs087AGGP/iwX/AJ1v3OFbysIL
uds5DiWjUZeu5g==
-----END CERTIFICATE-----