Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.mft
File:                     4imzfrYwaGsTKDOEcbUtqV0gSRE.mft (raw, json)
Hash identifier:          A92p8okOyAfXpUFl0XNK/LDx1i4VaQ7XrUvBV1/H4nA=
Subject key identifier:   CD:E0:EC:28:58:AB:E3:CA:19:FB:46:64:A6:F3:F8:34:FD:6D:90:DD
Authority key identifier: E2:29:B3:7E:B6:30:68:6B:13:28:33:84:71:B5:2D:A9:5D:20:49:11
Certificate issuer:       /CN=e229b37eb630686b1328338471b52da95d204911
Certificate serial:       0196BD811A07D5F4946ECCD3E8A7C3AC402D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4imzfrYwaGsTKDOEcbUtqV0gSRE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.mft
Manifest number:          0A45
Signing time:             Sun 11 May 2025 04:01:16 +0000
Manifest this update:     Sun 11 May 2025 04:01:16 +0000
Manifest next update:     Mon 12 May 2025 04:01:16 +0000
Files and hashes:         1: 4imzfrYwaGsTKDOEcbUtqV0gSRE.crl (hash: oQB3/CQ8TuRcpIZJ5nlPBcidGSnLokctRiiKvHYwLYg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4imzfrYwaGsTKDOEcbUtqV0gSRE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 04:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:81:1a:07:d5:f4:94:6e:cc:d3:e8:a7:c3:ac:40:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e229b37eb630686b1328338471b52da95d204911
        Validity
            Not Before: May 11 04:01:16 2025 GMT
            Not After : May 12 04:01:16 2025 GMT
        Subject: CN=cde0ec2858abe3ca19fb4664a6f3f834fd6d90dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:c4:0d:2c:f8:85:da:fd:95:be:0f:d9:9c:12:
                    c8:f2:f5:ff:b2:dd:da:9c:7d:b2:9d:a0:b0:d4:6b:
                    12:ac:78:09:c5:be:13:bd:df:62:92:5c:a7:b9:7f:
                    4b:b3:21:88:03:bb:c2:ca:ce:76:15:36:90:ac:6b:
                    01:06:c8:5a:7d:82:d8:0a:f0:90:bc:e3:5a:6d:57:
                    72:e1:58:45:b6:57:11:5a:95:c5:80:73:7a:4a:71:
                    ea:be:35:ef:27:16:6d:3e:38:16:3c:d2:87:6e:b0:
                    7a:8f:d7:d4:8d:15:e9:a5:09:9c:46:0b:42:3b:84:
                    fa:67:6f:37:67:55:94:93:4c:08:ed:02:08:ac:0f:
                    fb:7e:8e:9b:d2:f7:98:29:43:d1:45:3e:c1:52:66:
                    d9:bb:9c:a9:26:4f:83:0b:b3:a8:58:1c:bb:7e:0c:
                    21:5a:bd:06:cf:89:2d:63:23:5b:44:50:c4:82:38:
                    f2:d2:0b:bc:bd:87:50:4d:88:5d:86:74:27:0d:8b:
                    55:ae:52:aa:5a:59:2e:c4:e1:fa:65:5b:df:da:69:
                    2a:d6:28:26:26:a6:31:8b:a1:af:09:26:fa:11:e5:
                    71:12:ce:2a:85:d0:33:79:76:5c:dc:d5:23:79:8e:
                    3e:23:e9:16:ed:13:2b:8f:28:dd:f5:92:28:48:19:
                    44:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:E0:EC:28:58:AB:E3:CA:19:FB:46:64:A6:F3:F8:34:FD:6D:90:DD
            X509v3 Authority Key Identifier:
                keyid:E2:29:B3:7E:B6:30:68:6B:13:28:33:84:71:B5:2D:A9:5D:20:49:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4imzfrYwaGsTKDOEcbUtqV0gSRE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:92:bd:5e:20:e1:8b:7f:52:0b:22:5f:1d:23:33:8c:7c:fa:
         70:fc:0c:00:91:69:cd:63:ea:a9:c8:e3:63:02:12:bd:d9:95:
         00:c6:cd:4c:40:5c:80:c1:26:9a:4c:1c:9e:6e:85:25:fd:73:
         23:26:96:9f:ed:54:5f:62:69:aa:c9:dc:00:26:82:e4:5b:c7:
         41:5d:a0:8d:28:7d:2b:c1:85:40:71:f5:91:74:cd:d1:02:c7:
         f2:7e:d3:72:e4:f4:22:4a:6b:ee:c5:9f:75:06:7d:fa:eb:fa:
         89:fe:c4:12:e8:32:76:27:18:c7:8b:d6:24:46:fa:9c:eb:a4:
         3a:bc:7b:54:0a:e8:c8:a4:0c:82:fb:54:37:69:40:84:9e:f0:
         d0:df:ab:d9:30:6c:5b:95:53:cb:82:e7:d7:52:c9:f8:35:3e:
         08:b8:3e:3f:cd:53:cb:83:1a:e2:51:ab:6a:80:f6:1e:c6:b7:
         0d:51:a3:44:c1:b3:a0:96:55:d5:a2:ee:6f:1d:da:60:52:9e:
         63:3c:b3:7e:48:88:ed:21:22:80:49:a6:b7:e9:2c:59:86:65:
         f0:1d:c3:09:a1:68:c2:08:72:ac:56:0e:d2:91:7c:3d:f9:ba:
         94:19:cf:29:ce:2d:92:45:45:64:04:5e:1e:7d:0e:0e:e7:ba:
         b2:86:2f:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa9gRoH1fSUbszT6KfDrEAtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMjliMzdlYjYzMDY4NmIxMzI4MzM4NDcxYjUyZGE5NWQy
MDQ5MTEwHhcNMjUwNTExMDQwMTE2WhcNMjUwNTEyMDQwMTE2WjAzMTEwLwYDVQQD
EyhjZGUwZWMyODU4YWJlM2NhMTlmYjQ2NjRhNmYzZjgzNGZkNmQ5MGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8QNLPiF2v2Vvg/ZnBLI8vX/st3a
nH2ynaCw1GsSrHgJxb4Tvd9iklynuX9LsyGIA7vCys52FTaQrGsBBshafYLYCvCQ
vONabVdy4VhFtlcRWpXFgHN6SnHqvjXvJxZtPjgWPNKHbrB6j9fUjRXppQmcRgtC
O4T6Z283Z1WUk0wI7QIIrA/7fo6b0veYKUPRRT7BUmbZu5ypJk+DC7OoWBy7fgwh
Wr0Gz4ktYyNbRFDEgjjy0gu8vYdQTYhdhnQnDYtVrlKqWlkuxOH6ZVvf2mkq1igm
JqYxi6GvCSb6EeVxEs4qhdAzeXZc3NUjeY4+I+kW7RMrjyjd9ZIoSBlEUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM3g7ChYq+PKGftGZKbz+DT9bZDdMB8GA1UdIwQY
MBaAFOIps362MGhrEygzhHG1LaldIEkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGltemZyWXdhR3NUS0RPRWNiVXRxVjBnU1JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83NDUwMjQtOWUzNy00NzkwLTg2YWMt
N2RlOGQ4YzJlOTMwLzEvNGltemZyWXdhR3NUS0RPRWNiVXRxVjBnU1JFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83NDUwMjQtOWUzNy00NzkwLTg2YWMtN2RlOGQ4YzJlOTMw
LzEvNGltemZyWXdhR3NUS0RPRWNiVXRxVjBnU1JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM5K9XiDh
i39SCyJfHSMzjHz6cPwMAJFpzWPqqcjjYwISvdmVAMbNTEBcgMEmmkwcnm6FJf1z
IyaWn+1UX2JpqsncACaC5FvHQV2gjSh9K8GFQHH1kXTN0QLH8n7TcuT0Ikpr7sWf
dQZ9+uv6if7EEugydicYx4vWJEb6nOukOrx7VAroyKQMgvtUN2lAhJ7w0N+r2TBs
W5VTy4Ln11LJ+DU+CLg+P81Ty4Ma4lGraoD2Hsa3DVGjRMGzoJZV1aLubx3aYFKe
YzyzfkiI7SEigEmmt+ksWYZl8B3DCaFowghyrFYO0pF8Pfm6lBnPKc4tkkVFZARe
Hn0ODue6soYvzw==
-----END CERTIFICATE-----