Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft
File:                     9PpnFz_1YpCIuXCWGuG-dGldxmE.mft (raw, json)
Hash identifier:          Bc+9dpaDQH3hch4QM/58kS7uIUiVzW9tKzCT9ttdSXk=
Subject key identifier:   56:3F:94:83:CE:8D:74:5B:5B:43:75:A8:98:67:1C:87:3D:CE:3C:6B
Authority key identifier: F4:FA:67:17:3F:F5:62:90:88:B9:70:96:1A:E1:BE:74:69:5D:C6:61
Certificate issuer:       /CN=f4fa67173ff5629088b970961ae1be74695dc661
Certificate serial:       01969E9AD6B6A6ACC35F65E0FBE7DB19F583
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9PpnFz_1YpCIuXCWGuG-dGldxmE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft
Manifest number:          1520
Signing time:             Mon 05 May 2025 04:01:09 +0000
Manifest this update:     Mon 05 May 2025 04:01:09 +0000
Manifest next update:     Tue 06 May 2025 04:01:09 +0000
Files and hashes:         1: 9PpnFz_1YpCIuXCWGuG-dGldxmE.crl (hash: NEm3KylPNXJP4/UkpqtpUfFptyVN/xopSfnE1QnZPX4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9PpnFz_1YpCIuXCWGuG-dGldxmE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 04:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9e:9a:d6:b6:a6:ac:c3:5f:65:e0:fb:e7:db:19:f5:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4fa67173ff5629088b970961ae1be74695dc661
        Validity
            Not Before: May  5 04:01:09 2025 GMT
            Not After : May  6 04:01:09 2025 GMT
        Subject: CN=563f9483ce8d745b5b4375a898671c873dce3c6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:6d:bb:29:36:a1:34:87:6a:4b:41:84:f7:5a:
                    85:42:ce:b1:10:69:bc:d3:2e:28:e4:66:9a:8b:7e:
                    d2:a0:18:29:0e:64:dd:7d:6e:b9:e9:54:e9:64:2a:
                    90:43:6e:ad:c6:8d:a3:19:25:79:1f:6c:ab:0c:a5:
                    77:f1:47:e1:a3:23:af:ad:42:f4:c9:b6:3e:c0:fe:
                    3e:bb:7d:e7:23:9c:78:53:81:84:cd:1e:94:db:af:
                    53:64:7c:f6:82:6e:49:a5:5b:88:1a:b2:ff:e5:b8:
                    04:60:c0:ff:e1:21:7a:ee:b3:8d:27:ea:a1:72:f5:
                    cf:e6:a7:44:b9:14:7f:ab:d5:c6:93:84:eb:ba:b4:
                    85:d2:9e:c0:63:62:08:32:d5:99:7f:3f:cc:5e:12:
                    9f:72:27:af:b9:81:7b:c8:37:c9:e0:09:6c:0f:28:
                    22:e7:2d:1f:5d:05:8e:3c:6d:c1:d3:8e:25:53:6a:
                    e5:b0:7d:ec:da:9d:aa:b8:e1:5e:9d:22:6d:07:4f:
                    9e:05:cf:72:15:1c:e1:9b:d1:38:31:56:48:59:8e:
                    1b:25:d3:8f:4f:50:e2:e0:de:e8:e4:70:e7:a1:35:
                    ca:50:ad:7a:1d:2a:07:90:52:a5:f1:94:27:f3:af:
                    19:ce:25:83:a8:c7:1e:1e:6b:03:40:88:af:24:85:
                    09:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:3F:94:83:CE:8D:74:5B:5B:43:75:A8:98:67:1C:87:3D:CE:3C:6B
            X509v3 Authority Key Identifier:
                keyid:F4:FA:67:17:3F:F5:62:90:88:B9:70:96:1A:E1:BE:74:69:5D:C6:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9PpnFz_1YpCIuXCWGuG-dGldxmE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:2c:f5:b8:c6:35:05:8f:ef:49:27:50:44:7e:11:82:81:e7:
         1d:93:55:48:9c:94:c1:d4:47:c5:bd:94:27:64:7f:b9:4b:41:
         cf:da:31:bf:26:a2:9d:9b:37:af:a9:ab:c8:6c:9a:14:50:ed:
         b0:77:bc:37:eb:a5:33:d3:58:58:94:ed:74:b4:34:e7:1c:d3:
         04:26:87:b1:44:b0:53:91:a4:ad:71:82:84:78:2e:1f:64:be:
         71:13:08:58:0c:64:e8:1a:1f:c7:9a:a1:b7:d2:88:24:68:e2:
         2f:3b:70:d0:47:23:7c:df:98:1c:c2:9f:77:b2:69:cf:ce:6e:
         e3:34:2c:1c:25:90:dd:93:51:1e:cd:8a:76:22:34:d1:1f:7c:
         4f:e3:f4:12:b6:c1:1d:5e:96:f1:04:0f:4b:d6:99:5a:01:e9:
         94:b6:05:4f:b0:03:88:3c:11:28:d6:a6:d8:98:e7:85:90:4e:
         d5:54:5c:71:b3:15:61:b2:7b:d2:25:69:78:be:c9:9c:2d:c4:
         98:a4:4f:1a:63:6e:f5:25:1f:13:ca:20:a1:d4:87:6e:be:ea:
         9e:44:5b:de:c4:0d:62:02:bb:2d:45:3b:56:a2:0c:65:91:a5:
         5a:f6:25:42:6e:2a:77:62:54:fb:a5:de:1d:e9:6a:68:d8:aa:
         92:b5:91:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaemta2pqzDX2Xg++fbGfWDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZmE2NzE3M2ZmNTYyOTA4OGI5NzA5NjFhZTFiZTc0Njk1
ZGM2NjEwHhcNMjUwNTA1MDQwMTA5WhcNMjUwNTA2MDQwMTA5WjAzMTEwLwYDVQQD
Eyg1NjNmOTQ4M2NlOGQ3NDViNWI0Mzc1YTg5ODY3MWM4NzNkY2UzYzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyG27KTahNIdqS0GE91qFQs6xEGm8
0y4o5Gaai37SoBgpDmTdfW656VTpZCqQQ26txo2jGSV5H2yrDKV38UfhoyOvrUL0
ybY+wP4+u33nI5x4U4GEzR6U269TZHz2gm5JpVuIGrL/5bgEYMD/4SF67rONJ+qh
cvXP5qdEuRR/q9XGk4TrurSF0p7AY2IIMtWZfz/MXhKfcievuYF7yDfJ4AlsDygi
5y0fXQWOPG3B044lU2rlsH3s2p2quOFenSJtB0+eBc9yFRzhm9E4MVZIWY4bJdOP
T1Di4N7o5HDnoTXKUK16HSoHkFKl8ZQn868ZziWDqMceHmsDQIivJIUJ/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFY/lIPOjXRbW0N1qJhnHIc9zjxrMB8GA1UdIwQY
MBaAFPT6Zxc/9WKQiLlwlhrhvnRpXcZhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVBwbkZ6XzFZcENJdVhDV0d1Ry1kR2xkeG1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi82ODRkZjQtNzI1Ny00Y2NhLTgyNGUt
ZDg1ZWJjNWVhOThkLzEvOVBwbkZ6XzFZcENJdVhDV0d1Ry1kR2xkeG1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi82ODRkZjQtNzI1Ny00Y2NhLTgyNGUtZDg1ZWJjNWVhOThk
LzEvOVBwbkZ6XzFZcENJdVhDV0d1Ry1kR2xkeG1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVyz1uMY1
BY/vSSdQRH4RgoHnHZNVSJyUwdRHxb2UJ2R/uUtBz9oxvyainZs3r6mryGyaFFDt
sHe8N+ulM9NYWJTtdLQ05xzTBCaHsUSwU5GkrXGChHguH2S+cRMIWAxk6Bofx5qh
t9KIJGjiLztw0EcjfN+YHMKfd7Jpz85u4zQsHCWQ3ZNRHs2KdiI00R98T+P0ErbB
HV6W8QQPS9aZWgHplLYFT7ADiDwRKNam2JjnhZBO1VRccbMVYbJ70iVpeL7JnC3E
mKRPGmNu9SUfE8ogodSHbr7qnkRb3sQNYgK7LUU7VqIMZZGlWvYlQm4qd2JU+6Xe
HelqaNiqkrWRAg==
-----END CERTIFICATE-----