Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/de37fa-1bd2-47f5-9e2b-ac4c8f19876d/1/4TcnopRRvk3Zkitg0cWW6Aaplfs.mft
File:                     4TcnopRRvk3Zkitg0cWW6Aaplfs.mft (raw, json)
Hash identifier:          kPgZNEENdD9Y5gYONQ938Yhi5Sn7/VEBjJmETgW+5sU=
Subject key identifier:   A9:D4:6E:5A:55:B8:17:E5:7B:6F:6C:48:3A:49:C8:1D:E9:EB:B7:7C
Authority key identifier: E1:37:27:A2:94:51:BE:4D:D9:92:2B:60:D1:C5:96:E8:06:A9:95:FB
Certificate issuer:       /CN=e13727a29451be4dd9922b60d1c596e806a995fb
Certificate serial:       0196A2770380E554D8AE31FBCDF1E4A53A56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4TcnopRRvk3Zkitg0cWW6Aaplfs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/de37fa-1bd2-47f5-9e2b-ac4c8f19876d/1/4TcnopRRvk3Zkitg0cWW6Aaplfs.mft
Manifest number:          1522
Signing time:             Mon 05 May 2025 22:00:30 +0000
Manifest this update:     Mon 05 May 2025 22:00:30 +0000
Manifest next update:     Tue 06 May 2025 22:00:30 +0000
Files and hashes:         1: 4TcnopRRvk3Zkitg0cWW6Aaplfs.crl (hash: AjFn+wj5p40fNANxoPqAMQDPUOaoZP7bF4gv3CBFSr0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7e/de37fa-1bd2-47f5-9e2b-ac4c8f19876d/1/4TcnopRRvk3Zkitg0cWW6Aaplfs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7e/de37fa-1bd2-47f5-9e2b-ac4c8f19876d/1/4TcnopRRvk3Zkitg0cWW6Aaplfs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4TcnopRRvk3Zkitg0cWW6Aaplfs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 18:19:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a2:77:03:80:e5:54:d8:ae:31:fb:cd:f1:e4:a5:3a:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e13727a29451be4dd9922b60d1c596e806a995fb
        Validity
            Not Before: May  5 22:00:30 2025 GMT
            Not After : May  6 22:00:30 2025 GMT
        Subject: CN=a9d46e5a55b817e57b6f6c483a49c81de9ebb77c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:3c:5a:fb:01:09:f3:c3:b8:35:d1:95:78:3a:
                    ca:91:22:de:92:58:72:f6:96:df:72:f8:2a:fa:a9:
                    0f:4c:11:f7:0b:ea:f6:64:b4:12:e5:94:7b:1e:7c:
                    44:50:aa:87:c7:43:1c:cc:7c:ed:71:d0:5a:2b:85:
                    37:01:96:1c:b8:d7:6d:d4:fa:16:6e:23:02:fd:a1:
                    14:bc:62:1d:4f:64:ba:91:a9:ef:d3:59:30:50:f5:
                    c6:70:79:16:66:2c:51:67:cc:42:1e:4c:8f:5d:f9:
                    cd:82:5d:a8:4b:3f:06:21:26:f2:a7:c5:a6:20:ad:
                    dc:67:da:64:8d:00:b7:8d:9c:cf:b9:37:df:da:ee:
                    35:cd:ca:1d:64:34:0d:60:96:32:91:5e:e7:e2:5e:
                    d5:69:13:58:1e:94:ce:6a:fe:b8:f0:d7:21:e1:cd:
                    64:45:79:4b:01:7b:77:71:e1:24:d9:76:3f:40:99:
                    fb:fa:ed:97:6f:80:a0:c2:e0:af:96:8f:3d:bb:cb:
                    83:8c:a6:fe:7a:6d:2a:fa:8c:e7:f0:43:40:1d:da:
                    c8:44:25:7d:10:95:03:f6:0e:c0:7f:38:87:75:d5:
                    21:4b:d4:1c:32:98:31:67:35:77:ce:65:af:55:d0:
                    03:51:a7:a6:58:72:0f:81:5e:61:b8:2a:7d:ed:a7:
                    c6:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:D4:6E:5A:55:B8:17:E5:7B:6F:6C:48:3A:49:C8:1D:E9:EB:B7:7C
            X509v3 Authority Key Identifier:
                keyid:E1:37:27:A2:94:51:BE:4D:D9:92:2B:60:D1:C5:96:E8:06:A9:95:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4TcnopRRvk3Zkitg0cWW6Aaplfs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/de37fa-1bd2-47f5-9e2b-ac4c8f19876d/1/4TcnopRRvk3Zkitg0cWW6Aaplfs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/de37fa-1bd2-47f5-9e2b-ac4c8f19876d/1/4TcnopRRvk3Zkitg0cWW6Aaplfs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:f0:03:c3:17:43:20:e2:a5:ce:bd:a3:81:90:95:bb:47:f1:
         c5:5b:f4:3e:21:ee:4b:e5:1b:16:5a:15:9d:37:db:17:a0:b0:
         a3:30:fa:cf:af:ec:e1:ea:6b:01:21:bd:f0:21:7c:ea:5e:31:
         d6:0f:8b:1c:4b:21:b4:a5:e6:a0:db:3d:ae:43:ad:02:05:00:
         a5:07:58:51:5f:6d:b4:ad:12:80:75:9a:e6:56:02:0d:09:d9:
         ee:d8:d2:60:7b:62:dc:fa:06:58:4e:8b:9a:71:99:35:85:74:
         ba:20:4b:61:5c:8e:2f:9b:b5:11:73:4a:a4:7a:29:85:0c:7d:
         a8:9b:7a:68:6e:ab:e4:0c:12:fb:04:05:eb:30:cd:e3:0d:c8:
         eb:50:1f:25:bb:7c:fa:8c:7a:4f:47:7d:dd:80:2e:4c:6b:4b:
         72:86:c7:7b:27:ae:f1:bf:17:f6:82:b7:13:ca:a0:b4:65:79:
         15:72:8f:e2:32:7a:9d:f0:b8:a7:88:2c:37:5d:37:a0:2c:ee:
         df:98:ca:b6:84:f3:36:fc:d8:0f:1c:f1:2f:c9:a9:24:2e:21:
         c6:09:01:c9:6c:a1:50:f2:3f:63:ab:a0:9e:23:c6:23:2b:80:
         cd:90:ac:f7:6a:bf:4b:17:a2:57:4e:20:ac:de:dc:f0:82:48:
         9c:a3:ec:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaidwOA5VTYrjH7zfHkpTpWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMzcyN2EyOTQ1MWJlNGRkOTkyMmI2MGQxYzU5NmU4MDZh
OTk1ZmIwHhcNMjUwNTA1MjIwMDMwWhcNMjUwNTA2MjIwMDMwWjAzMTEwLwYDVQQD
EyhhOWQ0NmU1YTU1YjgxN2U1N2I2ZjZjNDgzYTQ5YzgxZGU5ZWJiNzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTxa+wEJ88O4NdGVeDrKkSLeklhy
9pbfcvgq+qkPTBH3C+r2ZLQS5ZR7HnxEUKqHx0MczHztcdBaK4U3AZYcuNdt1PoW
biMC/aEUvGIdT2S6kanv01kwUPXGcHkWZixRZ8xCHkyPXfnNgl2oSz8GISbyp8Wm
IK3cZ9pkjQC3jZzPuTff2u41zcodZDQNYJYykV7n4l7VaRNYHpTOav648Nch4c1k
RXlLAXt3ceEk2XY/QJn7+u2Xb4CgwuCvlo89u8uDjKb+em0q+ozn8ENAHdrIRCV9
EJUD9g7AfziHddUhS9QcMpgxZzV3zmWvVdADUaemWHIPgV5huCp97afG3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKnUblpVuBfle29sSDpJyB3p67d8MB8GA1UdIwQY
MBaAFOE3J6KUUb5N2ZIrYNHFlugGqZX7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFRjbm9wUlJ2azNaa2l0ZzBjV1c2QWFwbGZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kZTM3ZmEtMWJkMi00N2Y1LTllMmIt
YWM0YzhmMTk4NzZkLzEvNFRjbm9wUlJ2azNaa2l0ZzBjV1c2QWFwbGZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kZTM3ZmEtMWJkMi00N2Y1LTllMmItYWM0YzhmMTk4NzZk
LzEvNFRjbm9wUlJ2azNaa2l0ZzBjV1c2QWFwbGZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATPADwxdD
IOKlzr2jgZCVu0fxxVv0PiHuS+UbFloVnTfbF6CwozD6z6/s4eprASG98CF86l4x
1g+LHEshtKXmoNs9rkOtAgUApQdYUV9ttK0SgHWa5lYCDQnZ7tjSYHti3PoGWE6L
mnGZNYV0uiBLYVyOL5u1EXNKpHophQx9qJt6aG6r5AwS+wQF6zDN4w3I61AfJbt8
+ox6T0d93YAuTGtLcobHeyeu8b8X9oK3E8qgtGV5FXKP4jJ6nfC4p4gsN103oCzu
35jKtoTzNvzYDxzxL8mpJC4hxgkByWyhUPI/Y6ugniPGIyuAzZCs92q/SxeiV04g
rN7c8IJInKPssA==
-----END CERTIFICATE-----