Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d777e6-0e58-4345-b0a4-4cbd22917d65/1/S4UouKy8h0J2SlgajZeaGEKVZj4.mft
File:                     S4UouKy8h0J2SlgajZeaGEKVZj4.mft (raw, json)
Hash identifier:          Yiz+YOTmIOC9xPiQvh7Lq1AqfsLfKCUQLXJvyuDtymQ=
Subject key identifier:   DC:99:78:5B:C1:D7:F8:39:03:F0:08:13:04:98:93:76:9C:FB:71:5E
Authority key identifier: 4B:85:28:B8:AC:BC:87:42:76:4A:58:1A:8D:97:9A:18:42:95:66:3E
Certificate issuer:       /CN=4b8528b8acbc8742764a581a8d979a184295663e
Certificate serial:       0196A0BF4997FE0655577D09F5865C7BA71B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S4UouKy8h0J2SlgajZeaGEKVZj4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/d777e6-0e58-4345-b0a4-4cbd22917d65/1/S4UouKy8h0J2SlgajZeaGEKVZj4.mft
Manifest number:          02D4
Signing time:             Mon 05 May 2025 14:00:12 +0000
Manifest this update:     Mon 05 May 2025 14:00:12 +0000
Manifest next update:     Tue 06 May 2025 14:00:12 +0000
Files and hashes:         1: S4UouKy8h0J2SlgajZeaGEKVZj4.crl (hash: aaMB4N2oS8yCdTMw7R9CyyJdmmYnwv/xVwC0zVsQzwY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/d777e6-0e58-4345-b0a4-4cbd22917d65/1/S4UouKy8h0J2SlgajZeaGEKVZj4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/d777e6-0e58-4345-b0a4-4cbd22917d65/1/S4UouKy8h0J2SlgajZeaGEKVZj4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/S4UouKy8h0J2SlgajZeaGEKVZj4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a0:bf:49:97:fe:06:55:57:7d:09:f5:86:5c:7b:a7:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b8528b8acbc8742764a581a8d979a184295663e
        Validity
            Not Before: May  5 14:00:12 2025 GMT
            Not After : May  6 14:00:12 2025 GMT
        Subject: CN=dc99785bc1d7f83903f00813049893769cfb715e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:04:76:af:e4:45:39:99:7b:db:77:d9:3f:ef:
                    6b:aa:63:e8:f9:06:1b:cd:73:23:7d:04:6f:d2:b1:
                    3f:d3:7e:41:e8:2c:cb:8f:7d:a2:8f:4e:24:41:a9:
                    96:44:15:12:02:46:7c:89:e3:d8:b1:80:9c:ab:14:
                    b3:6d:79:25:45:ed:dc:97:f0:5b:20:0f:82:4a:33:
                    27:34:dd:b0:47:66:9c:90:f7:c9:2c:57:11:b7:62:
                    69:92:47:6b:f2:75:3f:a7:cd:87:32:e1:8b:78:db:
                    ac:42:2d:a4:ea:72:f4:5b:d0:d0:c6:bf:fe:fc:82:
                    cd:d4:db:77:5a:1f:5f:aa:9b:e7:ad:fc:cd:54:6d:
                    22:4e:42:9b:3b:e9:97:be:85:0b:a4:5f:9f:27:dd:
                    36:c1:61:dc:d0:89:6c:47:1c:d8:f8:16:0c:74:cc:
                    7c:50:3e:7f:29:5a:9d:9c:85:34:8f:72:90:67:98:
                    b6:1c:07:a6:72:67:da:26:2a:93:93:ad:f6:9d:4a:
                    dd:b8:10:24:41:95:f1:99:ae:e6:c7:58:0a:da:c6:
                    83:5e:4f:dc:60:46:69:41:1d:19:1f:67:26:53:4d:
                    95:68:0e:7a:be:0e:da:23:30:b1:46:64:a8:7d:9f:
                    3e:ea:ce:a0:c9:16:46:b3:d2:95:fc:b2:e7:56:cc:
                    1f:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:99:78:5B:C1:D7:F8:39:03:F0:08:13:04:98:93:76:9C:FB:71:5E
            X509v3 Authority Key Identifier:
                keyid:4B:85:28:B8:AC:BC:87:42:76:4A:58:1A:8D:97:9A:18:42:95:66:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S4UouKy8h0J2SlgajZeaGEKVZj4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d777e6-0e58-4345-b0a4-4cbd22917d65/1/S4UouKy8h0J2SlgajZeaGEKVZj4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d777e6-0e58-4345-b0a4-4cbd22917d65/1/S4UouKy8h0J2SlgajZeaGEKVZj4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:91:fd:55:50:71:49:3e:4b:82:c0:9d:2e:c3:08:46:02:9c:
         5d:fb:3f:3c:12:97:8b:b9:9e:23:c6:6c:4e:f5:1b:0a:bf:36:
         53:94:81:08:1e:bd:37:ee:be:65:59:bc:e5:f4:63:d6:71:3b:
         6e:3a:1a:5c:d0:7a:b1:d6:68:4d:0a:bc:95:33:53:d3:a1:41:
         d5:09:6d:bd:9b:99:f8:c0:f6:c3:ff:78:60:1f:e3:c8:ad:d0:
         c2:5c:ab:45:b2:c9:f5:7e:23:64:ba:ca:5d:16:86:17:e8:70:
         10:6e:5c:2b:a8:2c:dd:be:3e:06:c0:81:9e:c5:b5:9d:82:b2:
         c5:26:94:e4:03:e2:f2:86:28:6c:d7:00:f1:84:26:2f:7f:ea:
         8b:e1:b9:ae:8c:31:de:51:c7:76:63:11:77:a3:e6:a7:a2:b4:
         a9:ae:ba:11:55:41:a7:58:f4:26:be:88:9b:72:70:a4:d3:73:
         a1:ff:0d:4d:6e:09:bd:bc:4a:45:58:b7:4c:ee:e9:a7:c8:60:
         93:cf:5c:37:76:ee:d5:27:04:e3:3f:29:56:96:6b:2c:84:51:
         e2:d3:31:b2:7d:91:c7:3a:1f:cc:67:7b:80:b0:2a:9c:6c:d9:
         60:ae:0b:76:d8:48:5e:d0:8d:78:4c:b3:a9:dc:f6:80:1d:40:
         bc:75:8c:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZagv0mX/gZVV30J9YZce6cbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiODUyOGI4YWNiYzg3NDI3NjRhNTgxYThkOTc5YTE4NDI5
NTY2M2UwHhcNMjUwNTA1MTQwMDEyWhcNMjUwNTA2MTQwMDEyWjAzMTEwLwYDVQQD
EyhkYzk5Nzg1YmMxZDdmODM5MDNmMDA4MTMwNDk4OTM3NjljZmI3MTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gR2r+RFOZl723fZP+9rqmPo+QYb
zXMjfQRv0rE/035B6CzLj32ij04kQamWRBUSAkZ8iePYsYCcqxSzbXklRe3cl/Bb
IA+CSjMnNN2wR2ackPfJLFcRt2Jpkkdr8nU/p82HMuGLeNusQi2k6nL0W9DQxr/+
/ILN1Nt3Wh9fqpvnrfzNVG0iTkKbO+mXvoULpF+fJ902wWHc0IlsRxzY+BYMdMx8
UD5/KVqdnIU0j3KQZ5i2HAemcmfaJiqTk632nUrduBAkQZXxma7mx1gK2saDXk/c
YEZpQR0ZH2cmU02VaA56vg7aIzCxRmSofZ8+6s6gyRZGs9KV/LLnVswfGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNyZeFvB1/g5A/AIEwSYk3ac+3FeMB8GA1UdIwQY
MBaAFEuFKLisvIdCdkpYGo2XmhhClWY+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzRVb3VLeThoMEoyU2xnYWpaZWFHRUtWWmo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kNzc3ZTYtMGU1OC00MzQ1LWIwYTQt
NGNiZDIyOTE3ZDY1LzEvUzRVb3VLeThoMEoyU2xnYWpaZWFHRUtWWmo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kNzc3ZTYtMGU1OC00MzQ1LWIwYTQtNGNiZDIyOTE3ZDY1
LzEvUzRVb3VLeThoMEoyU2xnYWpaZWFHRUtWWmo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATZH9VVBx
ST5LgsCdLsMIRgKcXfs/PBKXi7meI8ZsTvUbCr82U5SBCB69N+6+ZVm85fRj1nE7
bjoaXNB6sdZoTQq8lTNT06FB1QltvZuZ+MD2w/94YB/jyK3QwlyrRbLJ9X4jZLrK
XRaGF+hwEG5cK6gs3b4+BsCBnsW1nYKyxSaU5APi8oYobNcA8YQmL3/qi+G5rowx
3lHHdmMRd6Pmp6K0qa66EVVBp1j0Jr6Im3JwpNNzof8NTW4JvbxKRVi3TO7pp8hg
k89cN3bu1ScE4z8pVpZrLIRR4tMxsn2RxzofzGd7gLAqnGzZYK4LdthIXtCNeEyz
qdz2gB1AvHWMnA==
-----END CERTIFICATE-----