Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
File:                     4HDNq3OhLa82gGsOFgLI2vuQk7s.mft (raw, json)
Hash identifier:          7nLjdUu3pKDbWoclsiZh4m46uEhyHsRcZo4cbhNVABo=
Subject key identifier:   46:94:BD:3F:7E:A2:2B:1D:05:0C:43:4B:DB:7B:CC:51:B5:46:8D:AA
Authority key identifier: E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB
Certificate issuer:       /CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
Certificate serial:       0196BF6FB33ED03B6A17E7670711E7614811
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
Manifest number:          0A7F
Signing time:             Sun 11 May 2025 13:01:30 +0000
Manifest this update:     Sun 11 May 2025 13:01:30 +0000
Manifest next update:     Mon 12 May 2025 13:01:30 +0000
Files and hashes:         1: 4HDNq3OhLa82gGsOFgLI2vuQk7s.crl (hash: Q4M+fWoUEcpqX/Zf58DJ+AHCasgfYqrPRLtEGHFTjrE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:6f:b3:3e:d0:3b:6a:17:e7:67:07:11:e7:61:48:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
        Validity
            Not Before: May 11 13:01:30 2025 GMT
            Not After : May 12 13:01:30 2025 GMT
        Subject: CN=4694bd3f7ea22b1d050c434bdb7bcc51b5468daa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:d9:a8:a6:14:74:f7:bd:91:7d:20:f1:93:d3:
                    6c:1b:11:07:94:9b:38:ef:8d:73:e9:bd:35:49:ef:
                    c7:77:c1:6d:c0:38:44:17:d0:c5:3b:f0:a3:9e:8b:
                    29:a5:6c:dd:86:13:37:8d:f7:e4:55:06:b9:3c:25:
                    b7:e2:17:8a:0b:f6:11:4c:f9:2c:a3:a3:a9:c7:ae:
                    28:31:18:57:4f:21:fd:ab:d5:5a:4f:b7:07:5a:9a:
                    47:72:18:3c:30:e7:33:bb:34:b3:c1:e3:fb:79:0d:
                    e7:52:03:89:ad:31:7c:88:fd:af:fc:5c:82:54:30:
                    f9:61:3a:1e:86:54:19:bb:48:a6:61:87:af:85:fd:
                    51:b2:e3:d9:5e:2b:94:71:8c:47:fd:74:cd:a6:2f:
                    ba:c8:88:ca:82:47:ca:3f:e8:34:d8:4c:4b:a5:db:
                    d4:58:b0:e6:64:ac:de:cb:c5:29:88:d2:02:16:f7:
                    e4:69:3e:4c:e7:e4:d5:02:3b:cf:a1:67:29:77:b6:
                    53:47:e0:db:a1:5a:66:23:3e:49:d8:2d:21:b4:8b:
                    6f:fc:18:6e:14:8b:fd:8a:dd:85:61:9d:8c:5e:a1:
                    fa:00:c1:e3:95:56:47:42:02:40:b3:66:77:3a:b2:
                    4f:41:ab:1c:8a:d7:cb:db:04:72:31:3d:0c:9f:d1:
                    2d:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:94:BD:3F:7E:A2:2B:1D:05:0C:43:4B:DB:7B:CC:51:B5:46:8D:AA
            X509v3 Authority Key Identifier:
                keyid:E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:f9:aa:a4:db:0f:f2:24:f6:08:4e:08:38:bb:ab:b5:b3:0e:
         48:84:28:eb:0e:76:6f:7b:88:fc:f1:a7:7f:ef:0d:52:68:e3:
         fe:a6:d3:46:48:b7:12:fa:27:37:0f:29:d0:1e:cd:93:7a:93:
         7b:0f:91:bf:0b:dc:f4:c2:32:c4:00:7c:77:a0:e9:c6:79:c3:
         86:2a:aa:f3:6d:c8:e2:9a:f2:5c:c6:e6:6d:93:ff:8a:58:fa:
         c5:a4:26:7f:0f:72:a1:10:a2:30:0e:79:98:cc:3d:14:52:33:
         34:79:d0:11:c8:32:cd:ad:16:50:06:d4:03:a0:ee:6d:7e:dc:
         30:4c:06:94:ce:b5:16:72:e3:9c:6e:ee:67:54:62:fd:98:2c:
         c7:a1:57:f6:4b:7d:73:9c:98:ed:88:58:dd:e7:c2:a8:07:d4:
         56:b9:45:b9:a6:c1:60:aa:c9:26:cd:3d:24:f4:7a:15:60:29:
         70:d0:5d:25:3b:2f:f6:77:51:25:d3:ae:20:61:43:36:11:58:
         25:1a:69:63:62:a6:20:0b:39:9d:c5:be:9a:75:06:97:d0:3b:
         d9:ef:97:f9:61:46:2b:95:a5:5c:cb:ac:c4:84:bd:71:f0:16:
         56:c9:dc:1c:02:6b:ec:de:75:0a:1e:03:f8:42:25:90:d6:06:
         f1:79:12:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/b7M+0DtqF+dnBxHnYUgRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNzBjZGFiNzNhMTJkYWYzNjgwNmIwZTE2MDJjOGRhZmI5
MDkzYmIwHhcNMjUwNTExMTMwMTMwWhcNMjUwNTEyMTMwMTMwWjAzMTEwLwYDVQQD
Eyg0Njk0YmQzZjdlYTIyYjFkMDUwYzQzNGJkYjdiY2M1MWI1NDY4ZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdmophR0972RfSDxk9NsGxEHlJs4
741z6b01Se/Hd8FtwDhEF9DFO/CjnosppWzdhhM3jffkVQa5PCW34heKC/YRTPks
o6Opx64oMRhXTyH9q9VaT7cHWppHchg8MOczuzSzweP7eQ3nUgOJrTF8iP2v/FyC
VDD5YToehlQZu0imYYevhf1RsuPZXiuUcYxH/XTNpi+6yIjKgkfKP+g02ExLpdvU
WLDmZKzey8UpiNICFvfkaT5M5+TVAjvPoWcpd7ZTR+DboVpmIz5J2C0htItv/Bhu
FIv9it2FYZ2MXqH6AMHjlVZHQgJAs2Z3OrJPQascitfL2wRyMT0Mn9EtvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEaUvT9+oisdBQxDS9t7zFG1Ro2qMB8GA1UdIwQY
MBaAFOBwzatzoS2vNoBrDhYCyNr7kJO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGIt
OTE2ODgyNmNkMzU1LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGItOTE2ODgyNmNkMzU1
LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs/mqpNsP
8iT2CE4IOLurtbMOSIQo6w52b3uI/PGnf+8NUmjj/qbTRki3EvonNw8p0B7Nk3qT
ew+Rvwvc9MIyxAB8d6DpxnnDhiqq823I4pryXMbmbZP/ilj6xaQmfw9yoRCiMA55
mMw9FFIzNHnQEcgyza0WUAbUA6DubX7cMEwGlM61FnLjnG7uZ1Ri/Zgsx6FX9kt9
c5yY7YhY3efCqAfUVrlFuabBYKrJJs09JPR6FWApcNBdJTsv9ndRJdOuIGFDNhFY
JRppY2KmIAs5ncW+mnUGl9A72e+X+WFGK5WlXMusxIS9cfAWVsncHAJr7N51Ch4D
+EIlkNYG8XkSdA==
-----END CERTIFICATE-----