Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
File:                     4HDNq3OhLa82gGsOFgLI2vuQk7s.mft (raw, json)
Hash identifier:          IThIqfj7RR8CZ3fMCMvj+Pjal0Mkc/mi69TwnrrGWSQ=
Subject key identifier:   EC:86:D0:A0:BE:35:DC:9B:7A:65:75:F7:B8:36:21:AC:3F:A9:68:EC
Authority key identifier: E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB
Certificate issuer:       /CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
Certificate serial:       0197B89068E1C4BC3EB79D42126F5C356145
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
Manifest number:          0B00
Signing time:             Sat 28 Jun 2025 22:02:41 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:41 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:41 +0000
Files and hashes:         1: 4HDNq3OhLa82gGsOFgLI2vuQk7s.crl (hash: OTWDScsvOf/zeu2Kwd/k3MJu0vYbiyfxNU7IQ1oz6m0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:68:e1:c4:bc:3e:b7:9d:42:12:6f:5c:35:61:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
        Validity
            Not Before: Jun 28 22:02:41 2025 GMT
            Not After : Jun 29 22:02:41 2025 GMT
        Subject: CN=ec86d0a0be35dc9b7a6575f7b83621ac3fa968ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:c7:45:ad:e1:9e:6e:5e:2c:46:4d:be:11:66:
                    d0:7b:46:b4:88:c0:93:d1:31:36:90:e5:12:3e:f6:
                    4d:d1:e6:2f:90:e7:02:8c:80:6f:0a:d2:27:be:c1:
                    9d:a7:a2:1d:96:51:26:0e:0f:ee:1b:b9:1d:36:5e:
                    0e:e3:17:b5:3d:85:66:8b:71:71:66:eb:a2:42:1c:
                    ba:2a:7d:62:4e:24:d1:7e:75:af:2d:6d:98:69:25:
                    50:e3:8e:48:34:3b:87:39:7e:97:8e:e9:f6:98:22:
                    bd:07:c2:3f:99:59:dc:4b:ca:4c:ed:1f:91:26:48:
                    7b:0b:32:b1:37:df:74:71:d7:dd:88:2d:f4:e5:1e:
                    e2:e3:e0:a5:90:61:4e:3f:32:df:41:91:56:8d:eb:
                    2f:42:e9:92:00:7b:5f:be:a8:26:e4:22:5c:f1:1e:
                    e7:81:ac:ce:c2:22:ab:3f:d6:71:04:f3:93:66:9d:
                    58:9e:21:e1:5e:29:ad:5a:e1:07:0d:a9:c3:7d:1a:
                    fd:37:3e:db:0e:24:60:96:69:5b:f0:c9:11:55:d8:
                    db:5a:f6:f9:80:02:32:35:64:d9:e9:40:89:e0:ae:
                    7e:df:f1:24:2c:07:98:7c:84:6e:68:bd:d7:4b:e3:
                    68:d6:92:9c:1f:c5:c8:a8:d6:96:50:20:50:a7:66:
                    27:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:86:D0:A0:BE:35:DC:9B:7A:65:75:F7:B8:36:21:AC:3F:A9:68:EC
            X509v3 Authority Key Identifier:
                keyid:E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:98:e6:a1:cc:2e:81:32:1e:0a:86:3d:ac:d8:ce:f7:3d:56:
         7d:e6:6e:9c:62:91:f9:a5:41:3b:2b:cf:0e:4d:de:ed:1b:16:
         86:6a:88:cf:1b:f9:8f:ba:4b:52:d5:27:e7:de:5d:03:bd:ce:
         ac:24:5f:a6:9d:89:99:b4:b1:13:2a:9f:d5:d5:81:9f:f8:40:
         1c:37:72:f3:0f:e8:28:57:3c:65:46:1d:2e:89:29:a0:17:ec:
         63:99:c5:f9:8e:79:97:44:e6:6f:96:d7:fd:e2:d6:5a:b6:2a:
         64:d0:f0:d6:1d:6b:5a:6a:36:71:f3:44:28:38:fe:22:35:8b:
         5f:27:88:2d:35:0d:d6:2f:1c:31:54:ac:06:65:62:8f:3e:98:
         1d:61:b9:d1:d9:ee:ba:4b:c4:d6:d8:56:fd:9d:4f:fd:f0:9e:
         f4:db:12:b1:14:d8:85:11:cb:3d:ba:18:20:f6:a3:8f:2a:f1:
         7e:15:76:c6:dc:92:69:ab:7d:f7:dd:8e:36:e3:9f:16:b2:b6:
         63:0b:5b:83:b2:6a:97:03:8a:32:54:00:05:1e:79:c0:90:c8:
         17:7a:da:06:49:38:cf:47:21:a6:f3:2b:76:6e:39:56:f2:47:
         20:7f:5c:9f:8b:eb:c1:07:c8:b3:5a:eb:9d:6b:f8:fc:92:8f:
         44:aa:c5:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kGjhxLw+t51CEm9cNWFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNzBjZGFiNzNhMTJkYWYzNjgwNmIwZTE2MDJjOGRhZmI5
MDkzYmIwHhcNMjUwNjI4MjIwMjQxWhcNMjUwNjI5MjIwMjQxWjAzMTEwLwYDVQQD
EyhlYzg2ZDBhMGJlMzVkYzliN2E2NTc1ZjdiODM2MjFhYzNmYTk2OGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcdFreGebl4sRk2+EWbQe0a0iMCT
0TE2kOUSPvZN0eYvkOcCjIBvCtInvsGdp6IdllEmDg/uG7kdNl4O4xe1PYVmi3Fx
ZuuiQhy6Kn1iTiTRfnWvLW2YaSVQ445INDuHOX6Xjun2mCK9B8I/mVncS8pM7R+R
Jkh7CzKxN990cdfdiC305R7i4+ClkGFOPzLfQZFWjesvQumSAHtfvqgm5CJc8R7n
gazOwiKrP9ZxBPOTZp1YniHhXimtWuEHDanDfRr9Nz7bDiRglmlb8MkRVdjbWvb5
gAIyNWTZ6UCJ4K5+3/EkLAeYfIRuaL3XS+No1pKcH8XIqNaWUCBQp2YnQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOyG0KC+NdybemV197g2Iaw/qWjsMB8GA1UdIwQY
MBaAFOBwzatzoS2vNoBrDhYCyNr7kJO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGIt
OTE2ODgyNmNkMzU1LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGItOTE2ODgyNmNkMzU1
LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtZjmocwu
gTIeCoY9rNjO9z1WfeZunGKR+aVBOyvPDk3e7RsWhmqIzxv5j7pLUtUn595dA73O
rCRfpp2JmbSxEyqf1dWBn/hAHDdy8w/oKFc8ZUYdLokpoBfsY5nF+Y55l0Tmb5bX
/eLWWrYqZNDw1h1rWmo2cfNEKDj+IjWLXyeILTUN1i8cMVSsBmVijz6YHWG50dnu
ukvE1thW/Z1P/fCe9NsSsRTYhRHLPboYIPajjyrxfhV2xtySaat9992ONuOfFrK2
Ywtbg7JqlwOKMlQABR55wJDIF3raBkk4z0chpvMrdm45VvJHIH9cn4vrwQfIs1rr
nWv4/JKPRKrFuQ==
-----END CERTIFICATE-----