Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/aff4a9-3c5e-4a71-b524-cbc6ccc08932/1/k4EH0RRkaaEaY-X10tfbj28717M.mft
File:                     k4EH0RRkaaEaY-X10tfbj28717M.mft (raw, json)
Hash identifier:          30p10jUtEmdQqa/ZdE9wRmtA19FVyRKm6dRenI45A3k=
Subject key identifier:   99:2B:20:7B:76:FA:B7:1B:17:8C:03:5F:37:94:95:D7:DA:0F:62:61
Authority key identifier: 93:81:07:D1:14:64:69:A1:1A:63:E5:F5:D2:D7:DB:8F:6F:3B:D7:B3
Certificate issuer:       /CN=938107d1146469a11a63e5f5d2d7db8f6f3bd7b3
Certificate serial:       0196CCF355C1044ACA2AEEEB0FB18E5C4648
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k4EH0RRkaaEaY-X10tfbj28717M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/aff4a9-3c5e-4a71-b524-cbc6ccc08932/1/k4EH0RRkaaEaY-X10tfbj28717M.mft
Manifest number:          05A0
Signing time:             Wed 14 May 2025 04:00:21 +0000
Manifest this update:     Wed 14 May 2025 04:00:21 +0000
Manifest next update:     Thu 15 May 2025 04:00:21 +0000
Files and hashes:         1: k4EH0RRkaaEaY-X10tfbj28717M.crl (hash: npzlrZZSvfHrtmnTaNuOQKcgmb4W6CuoIzWDMB/smoQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/aff4a9-3c5e-4a71-b524-cbc6ccc08932/1/k4EH0RRkaaEaY-X10tfbj28717M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/aff4a9-3c5e-4a71-b524-cbc6ccc08932/1/k4EH0RRkaaEaY-X10tfbj28717M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/k4EH0RRkaaEaY-X10tfbj28717M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 04:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cc:f3:55:c1:04:4a:ca:2a:ee:eb:0f:b1:8e:5c:46:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=938107d1146469a11a63e5f5d2d7db8f6f3bd7b3
        Validity
            Not Before: May 14 04:00:21 2025 GMT
            Not After : May 15 04:00:21 2025 GMT
        Subject: CN=992b207b76fab71b178c035f379495d7da0f6261
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:4c:a1:46:a0:e0:a2:35:3d:76:c6:ef:86:44:
                    22:73:9d:21:f4:57:a8:28:b0:a1:ed:b6:c0:10:d9:
                    f3:57:b7:4f:be:47:e4:77:cb:5c:3c:34:d8:f2:3f:
                    d3:72:a4:85:6e:37:5b:32:05:22:7b:3c:e5:9a:36:
                    44:da:74:ac:d8:3a:43:2b:bc:d0:a9:d2:01:1b:55:
                    16:54:81:39:ff:16:7f:51:c3:ff:30:33:d6:7e:aa:
                    80:14:60:46:18:9f:b5:ae:b6:9e:01:bf:9f:e5:82:
                    48:c4:e5:71:ca:84:fe:bb:db:83:27:1e:dc:27:03:
                    59:d9:fa:a8:9c:31:a9:d3:50:94:46:f3:f3:f5:5c:
                    ea:8a:91:ea:ba:23:e2:f3:42:b5:d9:31:b2:7f:e8:
                    33:41:08:6f:94:ce:82:d9:e8:b1:79:a9:6f:c9:39:
                    2f:eb:af:76:ff:e7:8e:4f:e9:16:57:5c:57:af:fc:
                    33:65:46:3d:b8:41:2e:30:86:ca:8a:91:c3:3d:b8:
                    22:98:d2:72:a0:56:64:9a:8d:17:89:67:71:75:a3:
                    56:df:e0:a4:60:a9:a2:c0:51:19:64:2d:e4:d9:0d:
                    80:0f:fb:a3:de:c7:da:1e:be:18:a7:ac:50:2f:77:
                    2b:a4:53:90:01:32:57:d4:d9:cd:03:7d:91:40:64:
                    c0:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:2B:20:7B:76:FA:B7:1B:17:8C:03:5F:37:94:95:D7:DA:0F:62:61
            X509v3 Authority Key Identifier:
                keyid:93:81:07:D1:14:64:69:A1:1A:63:E5:F5:D2:D7:DB:8F:6F:3B:D7:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k4EH0RRkaaEaY-X10tfbj28717M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/aff4a9-3c5e-4a71-b524-cbc6ccc08932/1/k4EH0RRkaaEaY-X10tfbj28717M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/aff4a9-3c5e-4a71-b524-cbc6ccc08932/1/k4EH0RRkaaEaY-X10tfbj28717M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:1e:8d:e3:d2:05:77:69:fd:c8:b4:dd:7c:db:2d:3d:e3:68:
         a1:e3:0f:a2:69:a3:7b:aa:dc:63:60:0b:36:b7:f9:d8:3e:e1:
         4b:9e:65:67:5b:93:37:be:06:85:b0:90:21:6c:f8:96:41:fc:
         5e:eb:98:b1:dc:7f:53:76:64:78:ed:64:9e:2b:ff:2c:ff:bf:
         3b:c6:61:2d:2b:04:9a:12:cd:75:16:7c:f1:bd:94:bb:5d:ca:
         a2:15:ce:0e:9b:6e:61:d2:65:0a:51:7f:61:8b:3b:38:48:ea:
         03:47:d7:e4:b6:04:0d:15:86:f1:72:78:8c:5a:7a:f5:12:19:
         54:a9:68:d8:d1:b9:3d:ec:6c:d1:42:35:59:37:09:64:07:19:
         8d:30:e5:50:e2:93:e8:1a:7d:45:36:0f:90:95:36:b0:3b:11:
         ec:fe:e9:36:0e:4b:c4:1a:e6:ac:09:96:e4:36:58:b0:fa:55:
         39:3b:b4:30:17:31:30:6a:8f:a6:90:cc:b7:3f:6c:d7:32:5b:
         20:1e:11:32:52:5c:36:5d:58:94:c2:d1:19:92:11:18:dc:59:
         9d:68:51:3e:ce:0f:3c:d2:7a:30:0f:2c:a6:a4:2d:e2:82:9c:
         25:17:8c:8e:78:8f:0b:ed:90:89:19:8b:6a:f5:eb:5d:4c:8c:
         09:67:30:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbM81XBBErKKu7rD7GOXEZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzODEwN2QxMTQ2NDY5YTExYTYzZTVmNWQyZDdkYjhmNmYz
YmQ3YjMwHhcNMjUwNTE0MDQwMDIxWhcNMjUwNTE1MDQwMDIxWjAzMTEwLwYDVQQD
Eyg5OTJiMjA3Yjc2ZmFiNzFiMTc4YzAzNWYzNzk0OTVkN2RhMGY2MjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUyhRqDgojU9dsbvhkQic50h9Feo
KLCh7bbAENnzV7dPvkfkd8tcPDTY8j/TcqSFbjdbMgUiezzlmjZE2nSs2DpDK7zQ
qdIBG1UWVIE5/xZ/UcP/MDPWfqqAFGBGGJ+1rraeAb+f5YJIxOVxyoT+u9uDJx7c
JwNZ2fqonDGp01CURvPz9VzqipHquiPi80K12TGyf+gzQQhvlM6C2eixealvyTkv
6692/+eOT+kWV1xXr/wzZUY9uEEuMIbKipHDPbgimNJyoFZkmo0XiWdxdaNW3+Ck
YKmiwFEZZC3k2Q2AD/uj3sfaHr4Yp6xQL3crpFOQATJX1NnNA32RQGTABwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJkrIHt2+rcbF4wDXzeUldfaD2JhMB8GA1UdIwQY
MBaAFJOBB9EUZGmhGmPl9dLX249vO9ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazRFSDBSUmthYUVhWS1YMTB0ZmJqMjg3MTdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hZmY0YTktM2M1ZS00YTcxLWI1MjQt
Y2JjNmNjYzA4OTMyLzEvazRFSDBSUmthYUVhWS1YMTB0ZmJqMjg3MTdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hZmY0YTktM2M1ZS00YTcxLWI1MjQtY2JjNmNjYzA4OTMy
LzEvazRFSDBSUmthYUVhWS1YMTB0ZmJqMjg3MTdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMB6N49IF
d2n9yLTdfNstPeNooeMPommje6rcY2ALNrf52D7hS55lZ1uTN74GhbCQIWz4lkH8
XuuYsdx/U3ZkeO1kniv/LP+/O8ZhLSsEmhLNdRZ88b2Uu13KohXODptuYdJlClF/
YYs7OEjqA0fX5LYEDRWG8XJ4jFp69RIZVKlo2NG5Pexs0UI1WTcJZAcZjTDlUOKT
6Bp9RTYPkJU2sDsR7P7pNg5LxBrmrAmW5DZYsPpVOTu0MBcxMGqPppDMtz9s1zJb
IB4RMlJcNl1YlMLRGZIRGNxZnWhRPs4PPNJ6MA8spqQt4oKcJReMjniPC+2QiRmL
avXrXUyMCWcwbQ==
-----END CERTIFICATE-----