Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
File:                     TvMzZvDPXk-oBO730eKSlO6lFIw.mft (raw, json)
Hash identifier:          s1edhmTFx7FSJomQuwjrwzssZ+urBJMsgjiEZpa3Bdo=
Subject key identifier:   D1:73:FE:F8:AC:E0:33:76:F9:C2:F5:E7:BE:DE:55:CA:7B:47:A4:62
Authority key identifier: 4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C
Certificate issuer:       /CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c
Certificate serial:       01969E2C5862233A0A4E74C8487007703B8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
Manifest number:          01BD
Signing time:             Mon 05 May 2025 02:00:28 +0000
Manifest this update:     Mon 05 May 2025 02:00:28 +0000
Manifest next update:     Tue 06 May 2025 02:00:28 +0000
Files and hashes:         1: TvMzZvDPXk-oBO730eKSlO6lFIw.crl (hash: V9uFIPjkqPM5Ygylk+A9R/AgAPaSoI3sD9RmdaJXj3w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9e:2c:58:62:23:3a:0a:4e:74:c8:48:70:07:70:3b:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c
        Validity
            Not Before: May  5 02:00:28 2025 GMT
            Not After : May  6 02:00:28 2025 GMT
        Subject: CN=d173fef8ace03376f9c2f5e7bede55ca7b47a462
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:10:54:24:f1:e7:19:3e:48:86:f8:f5:3a:b9:
                    e8:6e:8d:9d:b5:4c:ea:e7:8b:94:0f:32:aa:eb:12:
                    1f:91:6e:98:74:79:df:91:dc:6c:15:af:ed:37:30:
                    88:d4:f4:4b:2e:06:2c:36:b5:fa:9d:70:7b:e7:cb:
                    5e:88:40:c2:ec:c0:93:87:18:6f:f4:d6:11:c8:f1:
                    6c:fe:04:34:6c:51:b1:c3:b1:6b:88:76:89:99:9c:
                    be:a1:43:8f:31:4c:55:3e:ee:05:7a:70:ef:72:72:
                    c4:4b:41:0e:f4:b1:32:a6:6c:34:5b:0c:90:dc:76:
                    93:5b:f6:92:dc:03:47:19:da:42:e0:85:73:09:57:
                    d8:62:71:46:49:82:38:4f:c7:84:83:33:40:eb:44:
                    64:2a:eb:75:be:e8:3e:74:77:68:dd:e3:ac:58:18:
                    6d:fd:a2:93:7b:69:7e:c9:d0:cc:d7:aa:4f:97:a2:
                    6e:f1:b9:b2:b1:fd:24:63:6f:38:0e:18:7b:63:b9:
                    23:4f:84:fa:b4:20:68:5f:29:86:36:dc:0a:0f:ac:
                    22:df:af:5a:90:6b:91:e7:73:4e:8c:db:c3:82:aa:
                    00:5d:4b:d3:8d:6a:74:7c:d2:96:83:d3:c5:66:ce:
                    d0:c5:d9:4c:44:cc:21:a5:77:27:00:83:44:6b:88:
                    4e:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:73:FE:F8:AC:E0:33:76:F9:C2:F5:E7:BE:DE:55:CA:7B:47:A4:62
            X509v3 Authority Key Identifier:
                keyid:4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:4b:99:15:11:ae:f2:cf:db:d2:67:47:49:b1:06:da:4b:33:
         4d:2d:49:63:7b:2e:e2:db:29:a7:0d:1a:15:5d:96:ac:fe:df:
         f9:76:8d:64:28:6b:8f:34:e8:68:20:2e:d9:9d:41:30:78:c4:
         41:44:c4:8a:47:24:98:fe:09:95:66:9a:92:55:d8:f7:7d:a1:
         23:a9:92:a0:2a:56:d3:25:78:c8:b9:31:f1:23:94:62:f1:80:
         1f:31:41:7d:8d:20:8c:52:87:6e:ab:6f:fb:2f:6b:fd:3c:6e:
         a6:6e:a1:2e:07:8b:ed:15:c2:cd:0d:1a:96:6e:05:9e:25:2a:
         51:80:20:18:e0:27:e4:1a:be:44:10:91:de:0c:a2:27:37:4e:
         31:3b:ec:84:97:29:89:b4:aa:e0:44:68:cd:e1:42:75:e4:19:
         63:2d:fd:55:b8:1e:36:30:c6:c8:64:24:4c:92:f7:e3:a0:7f:
         7e:a7:54:72:d6:e1:16:7a:15:e4:8f:a8:47:bb:89:a4:10:f9:
         99:2c:88:70:fb:68:12:92:cd:a9:11:c7:57:b0:d7:aa:84:c2:
         2d:7c:ef:e5:d4:2b:9e:1f:aa:d5:d2:82:f4:53:b8:68:93:99:
         d0:80:19:0c:5c:0e:39:2e:63:84:0b:24:10:88:66:4b:e2:68:
         e4:6a:1f:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaeLFhiIzoKTnTISHAHcDuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZjMzMzY2ZjBjZjVlNGZhODA0ZWVmN2QxZTI5Mjk0ZWVh
NTE0OGMwHhcNMjUwNTA1MDIwMDI4WhcNMjUwNTA2MDIwMDI4WjAzMTEwLwYDVQQD
EyhkMTczZmVmOGFjZTAzMzc2ZjljMmY1ZTdiZWRlNTVjYTdiNDdhNDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBBUJPHnGT5Ihvj1Ornobo2dtUzq
54uUDzKq6xIfkW6YdHnfkdxsFa/tNzCI1PRLLgYsNrX6nXB758teiEDC7MCThxhv
9NYRyPFs/gQ0bFGxw7FriHaJmZy+oUOPMUxVPu4FenDvcnLES0EO9LEypmw0WwyQ
3HaTW/aS3ANHGdpC4IVzCVfYYnFGSYI4T8eEgzNA60RkKut1vug+dHdo3eOsWBht
/aKTe2l+ydDM16pPl6Ju8bmysf0kY284Dhh7Y7kjT4T6tCBoXymGNtwKD6wi369a
kGuR53NOjNvDgqoAXUvTjWp0fNKWg9PFZs7QxdlMRMwhpXcnAINEa4hOtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNFz/vis4DN2+cL1577eVcp7R6RiMB8GA1UdIwQY
MBaAFE7zM2bwz15PqATu99HikpTupRSMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3Zjct
NmQ5ZjM4NGQyYmMzLzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3ZjctNmQ5ZjM4NGQyYmMz
LzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl0uZFRGu
8s/b0mdHSbEG2kszTS1JY3su4tsppw0aFV2WrP7f+XaNZChrjzToaCAu2Z1BMHjE
QUTEikckmP4JlWaaklXY932hI6mSoCpW0yV4yLkx8SOUYvGAHzFBfY0gjFKHbqtv
+y9r/Txupm6hLgeL7RXCzQ0alm4FniUqUYAgGOAn5Bq+RBCR3gyiJzdOMTvshJcp
ibSq4ERozeFCdeQZYy39VbgeNjDGyGQkTJL346B/fqdUctbhFnoV5I+oR7uJpBD5
mSyIcPtoEpLNqRHHV7DXqoTCLXzv5dQrnh+q1dKC9FO4aJOZ0IAZDFwOOS5jhAsk
EIhmS+Jo5GofMw==
-----END CERTIFICATE-----