Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
File:                     f1HfHfTohn5B5ef5Lef50foMFU0.mft (raw, json)
Hash identifier:          oDboXCPlbgK8rQxjxN4gvvigc/kT5TfebF7hMOV7Ms4=
Subject key identifier:   F4:E9:3A:47:10:16:B1:22:93:A2:B1:5A:56:7E:B6:92:EB:08:90:A8
Authority key identifier: 7F:51:DF:1D:F4:E8:86:7E:41:E5:E7:F9:2D:E7:F9:D1:FA:0C:15:4D
Certificate issuer:       /CN=7f51df1df4e8867e41e5e7f92de7f9d1fa0c154d
Certificate serial:       0196A2E4A1D33378AFC7A5D82BD36E37BA00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
Manifest number:          0A0B
Signing time:             Tue 06 May 2025 00:00:14 +0000
Manifest this update:     Tue 06 May 2025 00:00:14 +0000
Manifest next update:     Wed 07 May 2025 00:00:14 +0000
Files and hashes:         1: f1HfHfTohn5B5ef5Lef50foMFU0.crl (hash: RsoJc9DrXY4o2qoVofTW7ON0JFf63nBh/gXYxkvgtQA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 18:19:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a2:e4:a1:d3:33:78:af:c7:a5:d8:2b:d3:6e:37:ba:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f51df1df4e8867e41e5e7f92de7f9d1fa0c154d
        Validity
            Not Before: May  6 00:00:14 2025 GMT
            Not After : May  7 00:00:14 2025 GMT
        Subject: CN=f4e93a471016b12293a2b15a567eb692eb0890a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:62:c4:66:f2:f6:24:7a:59:51:35:9d:d0:82:
                    ee:48:6e:1d:b6:a9:0e:37:6f:ab:01:16:6a:7a:27:
                    04:23:31:0f:73:fc:bd:06:49:37:62:d6:e4:74:d5:
                    b8:e7:f3:75:f9:84:2d:f8:98:c5:a9:6f:d7:35:36:
                    f7:e5:d9:27:25:e7:1c:01:d4:a9:02:63:0b:b3:b5:
                    80:94:96:06:8e:a8:ea:68:72:e6:12:19:fa:3b:05:
                    73:60:be:36:c8:95:67:b5:94:dc:3f:77:75:70:de:
                    3e:5a:a9:40:0f:7d:18:72:b1:ec:87:f6:14:b2:db:
                    eb:46:3d:ea:2c:26:b6:c6:a0:50:98:20:9e:2d:0f:
                    70:09:4d:2c:ef:64:e7:1e:cf:94:49:23:8e:98:3e:
                    29:1a:c6:b6:f6:33:e6:7e:0c:88:e7:b0:83:6d:75:
                    76:48:49:bf:42:ad:9f:94:36:85:d5:a4:26:2f:71:
                    8a:e0:49:13:58:30:ed:b5:15:04:63:68:c0:89:88:
                    d9:e4:fc:59:52:e0:f1:80:fa:e4:ca:bd:3b:d4:fd:
                    c6:ca:d0:76:48:0f:5f:e8:1f:94:54:4c:37:28:46:
                    bf:27:4a:e0:9a:7e:d1:ef:db:e2:98:10:fd:b8:70:
                    48:66:74:9b:b6:b8:73:43:ba:ff:94:7d:26:5c:32:
                    84:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:E9:3A:47:10:16:B1:22:93:A2:B1:5A:56:7E:B6:92:EB:08:90:A8
            X509v3 Authority Key Identifier:
                keyid:7F:51:DF:1D:F4:E8:86:7E:41:E5:E7:F9:2D:E7:F9:D1:FA:0C:15:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:2a:8b:4c:d9:c6:bf:c8:76:c0:9a:5a:02:04:f1:d9:82:57:
         b6:d1:82:07:37:88:33:78:23:73:aa:2d:62:10:69:93:9f:d5:
         5a:61:07:d6:03:44:9f:fd:58:e8:a6:07:96:2c:3c:4c:ea:53:
         93:dc:99:62:68:8c:5d:e3:7b:ea:bf:5c:c9:1e:6d:69:c5:48:
         c9:5d:5b:0f:f5:dc:24:43:d6:59:99:b6:19:21:f1:b0:fa:44:
         5b:4c:83:f0:53:19:17:eb:a0:ec:0b:bb:6d:01:68:47:3a:35:
         22:d3:66:26:df:5c:4c:05:0f:94:98:7d:3b:ac:fb:f9:37:10:
         09:94:36:58:fb:c1:d3:3b:aa:d1:6c:c8:96:e9:27:99:c5:4f:
         96:3b:60:55:65:00:16:1a:c1:46:2c:af:0f:1c:ba:ed:06:b8:
         d1:32:f1:e4:9d:7c:37:99:85:d5:24:21:ae:a4:81:b9:8a:78:
         76:c4:56:c1:bb:ca:f0:d8:a3:c3:2a:6e:38:0a:a8:ae:29:8e:
         73:9b:5d:f4:3b:7e:51:30:32:37:9f:ff:d9:0f:bc:c3:08:bc:
         07:23:eb:12:49:de:d5:a3:68:94:cb:6a:4d:a7:df:e7:76:fe:
         1c:38:5e:c3:db:1a:77:11:5a:e2:65:30:26:f1:28:eb:0a:c9:
         9d:a2:84:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZai5KHTM3ivx6XYK9NuN7oAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTFkZjFkZjRlODg2N2U0MWU1ZTdmOTJkZTdmOWQxZmEw
YzE1NGQwHhcNMjUwNTA2MDAwMDE0WhcNMjUwNTA3MDAwMDE0WjAzMTEwLwYDVQQD
EyhmNGU5M2E0NzEwMTZiMTIyOTNhMmIxNWE1NjdlYjY5MmViMDg5MGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGLEZvL2JHpZUTWd0ILuSG4dtqkO
N2+rARZqeicEIzEPc/y9Bkk3YtbkdNW45/N1+YQt+JjFqW/XNTb35dknJeccAdSp
AmMLs7WAlJYGjqjqaHLmEhn6OwVzYL42yJVntZTcP3d1cN4+WqlAD30YcrHsh/YU
stvrRj3qLCa2xqBQmCCeLQ9wCU0s72TnHs+USSOOmD4pGsa29jPmfgyI57CDbXV2
SEm/Qq2flDaF1aQmL3GK4EkTWDDttRUEY2jAiYjZ5PxZUuDxgPrkyr071P3GytB2
SA9f6B+UVEw3KEa/J0rgmn7R79vimBD9uHBIZnSbtrhzQ7r/lH0mXDKE/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPTpOkcQFrEik6KxWlZ+tpLrCJCoMB8GA1UdIwQY
MBaAFH9R3x306IZ+QeXn+S3n+dH6DBVNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81ZTczMWYtNTI4Yi00ZTAyLWFkNjgt
NmQ5MDM1YWYxNTM1LzEvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81ZTczMWYtNTI4Yi00ZTAyLWFkNjgtNmQ5MDM1YWYxNTM1
LzEvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEiqLTNnG
v8h2wJpaAgTx2YJXttGCBzeIM3gjc6otYhBpk5/VWmEH1gNEn/1Y6KYHliw8TOpT
k9yZYmiMXeN76r9cyR5tacVIyV1bD/XcJEPWWZm2GSHxsPpEW0yD8FMZF+ug7Au7
bQFoRzo1ItNmJt9cTAUPlJh9O6z7+TcQCZQ2WPvB0zuq0WzIluknmcVPljtgVWUA
FhrBRiyvDxy67Qa40TLx5J18N5mF1SQhrqSBuYp4dsRWwbvK8NijwypuOAqorimO
c5td9Dt+UTAyN5//2Q+8wwi8ByPrEkne1aNolMtqTaff53b+HDhew9sadxFa4mUw
JvEo6wrJnaKEaA==
-----END CERTIFICATE-----