Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
File:                     4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json)
Hash identifier:          0peEoSJDmhAmpB+oLQiIuHR9tHLm3nlilNLQp94rap4=
Subject key identifier:   5C:1B:A5:0C:8A:1F:41:1F:FF:94:7A:54:B6:3F:3B:DF:4A:05:1B:BE
Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Certificate issuer:       /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Certificate serial:       0196D0623B707C5ABA2954F5F0089C4F613D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
Manifest number:          030F
Signing time:             Wed 14 May 2025 20:00:20 +0000
Manifest this update:     Wed 14 May 2025 20:00:20 +0000
Manifest next update:     Thu 15 May 2025 20:00:20 +0000
Files and hashes:         1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: T+hk82fXBkbvHtz3/bbQVJur1VwladJygna9W52Ix48=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 20:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d0:62:3b:70:7c:5a:ba:29:54:f5:f0:08:9c:4f:61:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
        Validity
            Not Before: May 14 20:00:20 2025 GMT
            Not After : May 15 20:00:20 2025 GMT
        Subject: CN=5c1ba50c8a1f411fff947a54b63f3bdf4a051bbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:7f:cd:be:bb:78:2d:eb:b7:d5:f8:5b:64:67:
                    a8:bf:7a:5b:c6:07:18:f5:6f:59:66:93:02:ab:93:
                    95:c3:a5:d0:54:f3:1c:df:fd:d3:00:bd:8b:25:54:
                    f2:ba:ef:f2:da:12:07:ae:b2:ad:69:3b:1c:fe:22:
                    f6:14:7a:de:78:27:7d:2d:4e:d7:0e:01:cd:e3:b2:
                    44:86:7c:d6:a7:2f:d4:0a:ae:9b:9e:89:3f:c3:08:
                    04:c8:f2:8c:4e:31:ff:ca:7b:7b:fc:4d:b8:1d:d8:
                    f7:38:dc:e7:ae:35:aa:d6:04:59:af:fb:eb:85:ad:
                    b5:f5:b7:72:4e:3a:07:b3:90:1e:da:32:9a:3e:70:
                    73:ae:61:34:44:a2:e9:9f:d4:fd:59:4a:0d:6c:b0:
                    c2:55:e8:83:79:68:7d:4e:74:05:35:92:17:52:5b:
                    3a:cf:90:bc:86:41:2e:97:39:8c:f1:b0:af:cc:78:
                    b8:f7:63:86:f6:ff:20:70:c4:53:22:40:6d:aa:7e:
                    5c:57:43:77:9c:67:fa:29:1f:16:a5:dd:6e:50:b5:
                    c9:dc:70:23:e9:f5:d9:e9:57:7c:ec:26:6f:7d:9d:
                    61:e4:89:7f:09:90:8e:2a:25:fa:cd:12:63:a1:ae:
                    94:69:ac:b8:ca:e4:9c:bd:7f:03:01:df:9d:a4:47:
                    0e:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:1B:A5:0C:8A:1F:41:1F:FF:94:7A:54:B6:3F:3B:DF:4A:05:1B:BE
            X509v3 Authority Key Identifier:
                keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:ab:7e:f8:aa:d7:84:6d:3d:44:6b:0c:cb:0b:d7:6e:e7:81:
         ee:eb:03:d0:87:9d:08:f9:17:4a:0b:6d:4d:4d:e9:30:10:91:
         03:3c:10:04:1f:78:1d:40:71:12:9f:81:42:dd:0c:8f:1d:80:
         bf:9d:d1:94:62:25:f7:23:cd:f1:11:c8:37:a6:fd:8d:4c:1b:
         66:25:f2:76:00:34:f6:07:72:35:7f:c1:1c:c0:5d:e3:4b:79:
         00:e7:bc:4e:59:32:0a:ff:21:ba:dd:4e:54:4a:b1:68:1a:27:
         29:a7:5e:95:8d:e6:40:90:b0:ce:a6:69:d8:09:b5:6c:f2:4b:
         a4:07:b4:9a:7b:a7:4c:2d:6d:3e:c6:bd:9e:72:6f:5c:a3:60:
         22:67:d8:e6:b4:27:f0:f8:ed:60:cc:89:f5:bb:30:9f:3c:e3:
         3b:dd:ca:81:d1:03:b8:1f:f3:49:ca:73:f3:b4:fa:34:dd:01:
         8c:57:5a:64:5f:0d:10:b0:59:a5:fd:68:94:db:25:e5:fc:06:
         91:94:9f:d7:8c:0c:0d:ec:db:9f:57:d6:42:a9:05:a1:18:7e:
         22:40:8d:8e:11:0d:e7:47:6a:96:90:83:e2:b4:fd:61:2f:67:
         23:7d:8b:4f:7b:6f:2f:14:9a:b1:ca:28:8a:06:be:56:f8:9a:
         e2:ca:26:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbQYjtwfFq6KVT18AicT2E9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0
MDQ3ZTAwHhcNMjUwNTE0MjAwMDIwWhcNMjUwNTE1MjAwMDIwWjAzMTEwLwYDVQQD
Eyg1YzFiYTUwYzhhMWY0MTFmZmY5NDdhNTRiNjNmM2JkZjRhMDUxYmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3/Nvrt4Leu31fhbZGeov3pbxgcY
9W9ZZpMCq5OVw6XQVPMc3/3TAL2LJVTyuu/y2hIHrrKtaTsc/iL2FHreeCd9LU7X
DgHN47JEhnzWpy/UCq6bnok/wwgEyPKMTjH/ynt7/E24Hdj3ONznrjWq1gRZr/vr
ha219bdyTjoHs5Ae2jKaPnBzrmE0RKLpn9T9WUoNbLDCVeiDeWh9TnQFNZIXUls6
z5C8hkEulzmM8bCvzHi492OG9v8gcMRTIkBtqn5cV0N3nGf6KR8Wpd1uULXJ3HAj
6fXZ6Vd87CZvfZ1h5Il/CZCOKiX6zRJjoa6Uaay4yuScvX8DAd+dpEcOGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFwbpQyKH0Ef/5R6VLY/O99KBRu+MB8GA1UdIwQY
MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt
N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1
LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUqt++KrX
hG09RGsMywvXbueB7usD0IedCPkXSgttTU3pMBCRAzwQBB94HUBxEp+BQt0Mjx2A
v53RlGIl9yPN8RHIN6b9jUwbZiXydgA09gdyNX/BHMBd40t5AOe8TlkyCv8hut1O
VEqxaBonKadelY3mQJCwzqZp2Am1bPJLpAe0mnunTC1tPsa9nnJvXKNgImfY5rQn
8PjtYMyJ9bswnzzjO93KgdEDuB/zScpz87T6NN0BjFdaZF8NELBZpf1olNsl5fwG
kZSf14wMDezbn1fWQqkFoRh+IkCNjhEN50dqlpCD4rT9YS9nI32LT3tvLxSascoo
iga+Vvia4somXQ==
-----END CERTIFICATE-----